mirror of
https://github.com/freebsd/freebsd-src
synced 2024-07-22 18:56:38 +00:00
Fix bspatch heap overflow vulnerability.
Obtained from: Chromium Reported by: Lu Tung-Pin Security: FreeBSD-SA-16:25.bspatch
This commit is contained in:
parent
ae1b731b5d
commit
2c8d04d022
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=303298
|
@ -163,6 +163,10 @@ int main(int argc,char * argv[])
|
|||
ctrl[i]=offtin(buf);
|
||||
}
|
||||
|
||||
/* Sanity-check */
|
||||
if ((ctrl[0] < 0) || (ctrl[1] < 0))
|
||||
errx(1,"Corrupt patch\n");
|
||||
|
||||
/* Sanity-check */
|
||||
if(newpos+ctrl[0]>newsize)
|
||||
errx(1,"Corrupt patch\n");
|
||||
|
|
Loading…
Reference in a new issue