blob: 848139b7e35a7165cf4598333499f0a5032ec185 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
From 690313a061f7a4fa614ec5cc8368b4f2284e059b Mon Sep 17 00:00:00 2001
From: "K.Kosako" <kosako@sofnec.co.jp>
Date: Tue, 23 May 2017 10:28:58 +0900
Subject: [PATCH] fix #57 : DATA_ENSURE() check must be before data access
---
regexec.c | 5 -----
1 file changed, 5 deletions(-)
--- end of original header
CVE: CVE-2017-9224
Context modified so that patch applies for version 2.4.1.
Upstream-Status: Pending
Signed-off-by: Joe Slater <joe.slater@windriver.com>
diff --git a/regexec.c b/regexec.c
index 35fef11..d4e577d 100644
--- a/regexec.c
+++ b/regexec.c
@@ -1473,14 +1473,9 @@ match_at(regex_t* reg, const UChar* str, const UChar* end,
NEXT;
CASE(OP_EXACT1) MOP_IN(OP_EXACT1);
-#if 0
DATA_ENSURE(1);
if (*p != *s) goto fail;
p++; s++;
-#endif
- if (*p != *s++) goto fail;
- DATA_ENSURE(0);
- p++;
MOP_OUT;
break;
--
1.7.9.5
|
