diff options
Diffstat (limited to 'meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch')
-rw-r--r-- | meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch b/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch deleted file mode 100644 index 455eafc492..0000000000 --- a/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch +++ /dev/null @@ -1,49 +0,0 @@ -From e0a1add063a657b98611c94debb3631b8ffa36fe Mon Sep 17 00:00:00 2001 -From: Junling Zheng <zhengjunling@huawei.com> -Date: Fri, 24 Apr 2015 11:24:04 +0800 -Subject: [PATCH] Fix possible buffer overrun with invalid UTF-8 - -An out of bounds read access in the UTF-8 decoding can be triggered with -a malformed file in the tool less. The access happens in the function -is_utf8_well_formed due to a truncated multibyte character in the sample -file. - -The bug does not crash less, it can only be made visible by running less -with valgrind or compiling it with Address Sanitizer. - -Version 475 of less contains a fix for this issue. The file version.c -contains some entry mentioning this issue (without any credit): - - - v475 3/2/15 Fix possible buffer overrun with invalid UTF-8 - -The fix is in the file line.c. We derive this patch from: - -https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html - -Thank Claire Robinson for validating it on Mageia 4 i586. Refer to: - -https://bugs.mageia.org/show_bug.cgi?id=15567 - -Upstream Status: Backported - -Signed-off-by: Junling Zheng <zhengjunling@huawei.com> ---- - line.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/line.c b/line.c -index 89495a3..474be2c 100644 ---- a/line.c -+++ b/line.c -@@ -807,7 +807,7 @@ pappend(c, pos) - mbc_buf[mbc_buf_index++] = c; - if (mbc_buf_index < mbc_buf_len) - return (0); -- if (is_utf8_well_formed(mbc_buf)) -+ if (is_utf8_well_formed(mbc_buf, mbc_buf_index)) - r = do_append(get_wchar(mbc_buf), mbc_buf, mbc_pos); - else - /* Complete, but not shortest form, sequence. */ --- -1.9.1 - |