blob: beade79eef4b85e98376a44f0a444a2c81d6b5fc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
From 9daf042fd7bb19e93388d89d9686a2fa4496f382 Mon Sep 17 00:00:00 2001
From: Chris Liddell <chris.liddell@artifex.com>
Date: Mon, 24 Aug 2020 09:24:31 +0100
Subject: [PATCH] Coverity 361429: move "break" to correct place.
We had to add the outputfile to the "control" file permission list (as well
as write), but for the "pipe" case, I accidentally added the call after the
break out of loop that checks for a pipe.
CVE: CVE-2021-3781
Upstream-Status: Backport:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;f=base/gslibctx.c;h=9daf042fd7bb19e93388d89d9686a2fa4496f382
Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com>
---
base/gslibctx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/base/gslibctx.c b/base/gslibctx.c
index ff8fc895e..63dfbe2e0 100644
--- a/base/gslibctx.c
+++ b/base/gslibctx.c
@@ -668,10 +668,10 @@ gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname)
code = gs_add_control_path(mem, gs_permit_file_writing, f);
if (code < 0)
return code;
- break;
code = gs_add_control_path(mem, gs_permit_file_control, f);
if (code < 0)
return code;
+ break;
}
if (!IS_WHITESPACE(f[i]))
break;
--
2.25.1
|
