sysutils/file: patch for CVE-2018-10360

To: pkgsrc-users%netbsd.org@localhost
Subject: sysutils/file: patch for CVE-2018-10360
From: Matthias Ferdinand <mf+ml.pkgsrc-users%netzwerkagentursaarland.de@localhost>
Date: Fri, 29 Jun 2018 19:08:23 +0200

Hello,

attached is a patch for CVE-2018-10360 (from
https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22,
without changing RCSID)

Regards
Matthias Ferdinand

$NetBSD$

apply https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22
against https://nvd.nist.gov/vuln/detail/CVE-2018-10360

    ...
    The do_core_note function in readelf.c in libmagic.a in file
    5.33 allows remote attackers to cause a denial of service
    (out-of-bounds read and application crash) via a crafted ELF
    file.
    ...

--- src/readelf.c.orig	2017-08-27 07:55:02.000000000 +0000
+++ src/readelf.c
@@ -824,7 +824,8 @@ do_core_note(struct magic_set *ms, unsig
 
 				cname = (unsigned char *)
 				    &nbuf[doff + prpsoffsets(i)];
-				for (cp = cname; *cp && isprint(*cp); cp++)
+				for (cp = cname; cp < nbuf + size && *cp
+				    && isprint(*cp); cp++)
 					continue;
 				/*
 				 * Linux apparently appends a space at the end

Follow-Ups:
- Re: sysutils/file: patch for CVE-2018-10360
  - From: Benny Siegert

Prev by Date: Re: Errors building Xen - gcc48 failure
Next by Date: Re: sysutils/file: patch for CVE-2018-10360
Previous by Thread: python build failure on ubuntu
Next by Thread: Re: sysutils/file: patch for CVE-2018-10360
Indexes:

Home | Main Index | Thread Index | Old Index