From 9c986353e420ead6e706262bf204d6e03322c300 Mon Sep 17 00:00:00 2001 From: Andreas Gruenbacher Date: Fri, 17 Aug 2018 13:35:40 +0200 Subject: [PATCH] Fix swapping fake lines in pch_swap * src/pch.c (pch_swap): Fix swapping p_bfake and p_efake when there is a blank line in the middle of a context-diff hunk: that empty line stays in the middle of the hunk and isn't swapped. Fixes: https://savannah.gnu.org/bugs/index.php?53133 Signed-off-by: Andreas Gruenbacher Upstream-Status: Backport [https://git.savannah.gnu.org/git/patch.git] CVE: CVE-2018-6952 Signed-off-by: Hongxu Jia --- src/pch.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pch.c b/src/pch.c index e92bc64..a500ad9 100644 --- a/src/pch.c +++ b/src/pch.c @@ -2122,7 +2122,7 @@ pch_swap (void) } if (p_efake >= 0) { /* fix non-freeable ptr range */ if (p_efake <= i) - n = p_end - i + 1; + n = p_end - p_ptrn_lines; else n = -i; p_efake += n; -- 2.10.2