diff options
Diffstat (limited to 'meta/recipes-support/curl/curl/CVE-2018-16842.patch')
-rw-r--r-- | meta/recipes-support/curl/curl/CVE-2018-16842.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2018-16842.patch b/meta/recipes-support/curl/curl/CVE-2018-16842.patch new file mode 100644 index 0000000000..82e7557063 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2018-16842.patch @@ -0,0 +1,35 @@ +From 0e4a6058b130f07cfa52fde8a3cb6f2abfe4c700 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Thu, 1 Nov 2018 15:30:56 +0800 +Subject: [PATCH] voutf: fix bad arethmetic when outputting warnings to stderr + +CVE-2018-16842 +Reported-by: Brian Carpenter +Bug: https://curl.haxx.se/docs/CVE-2018-16842.html + +Upstream-Status: Backport [https://github.com/curl/curl/commit +/d530e92f59ae9bb2d47066c3c460b25d2ffeb211] + +CVE: CVE-2018-16842 + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + src/tool_msgs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/tool_msgs.c b/src/tool_msgs.c +index 9cce806..05bec39 100644 +--- a/src/tool_msgs.c ++++ b/src/tool_msgs.c +@@ -67,7 +67,7 @@ static void voutf(struct GlobalConfig *config, + (void)fwrite(ptr, cut + 1, 1, config->errors); + fputs("\n", config->errors); + ptr += cut + 1; /* skip the space too */ +- len -= cut; ++ len -= cut + 1; + } + else { + fputs(ptr, config->errors); +-- +2.7.4 + |