diff options
Diffstat (limited to 'debian')
-rw-r--r-- | debian/patches/040_libwc-overflow.patch | 29 | ||||
-rw-r--r-- | debian/patches/series | 1 |
2 files changed, 30 insertions, 0 deletions
diff --git a/debian/patches/040_libwc-overflow.patch b/debian/patches/040_libwc-overflow.patch new file mode 100644 index 0000000..ab6fd8b --- /dev/null +++ b/debian/patches/040_libwc-overflow.patch @@ -0,0 +1,29 @@ +Subject: Prevent unintentional integer overflow in libwc +Author: Tatsuya Kinoshita <tats@debian.org> + +diff --git a/libwc/utf7.c b/libwc/utf7.c +index 44a3330..874bc3d 100644 +--- a/libwc/utf7.c ++++ b/libwc/utf7.c +@@ -73,7 +73,7 @@ wc_conv_from_utf7(Str is, wc_ces ces) + ; + if (p == ep) + return is; +- os = Strnew_size(is->length * 4 / 3); ++ os = Strnew_size(is->length + is->length / 3); + if (p > sp) + Strcat_charp_n(os, is->ptr, (int)(p - sp)); + +diff --git a/libwc/utf8.c b/libwc/utf8.c +index e523139..c878499 100644 +--- a/libwc/utf8.c ++++ b/libwc/utf8.c +@@ -150,7 +150,7 @@ wc_conv_from_utf8(Str is, wc_ces ces) + ; + if (p == ep) + return is; +- os = Strnew_size(is->length * 4 / 3); ++ os = Strnew_size(is->length + is->length / 3); + if (p > sp) + Strcat_charp_n(os, is->ptr, (int)(p - sp)); + diff --git a/debian/patches/series b/debian/patches/series index b829509..043b91c 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,3 +1,4 @@ 010_section.patch 020_ssl-ca.patch 030_str-overflow.patch +040_libwc-overflow.patch |