diff options
Diffstat (limited to 'pkgs/tools/archivers/cpio/CVE-2016-2037-out-of-bounds-write.patch')
-rw-r--r-- | pkgs/tools/archivers/cpio/CVE-2016-2037-out-of-bounds-write.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/pkgs/tools/archivers/cpio/CVE-2016-2037-out-of-bounds-write.patch b/pkgs/tools/archivers/cpio/CVE-2016-2037-out-of-bounds-write.patch deleted file mode 100644 index 90ddeff9790..00000000000 --- a/pkgs/tools/archivers/cpio/CVE-2016-2037-out-of-bounds-write.patch +++ /dev/null @@ -1,29 +0,0 @@ -diff --git a/src/copyin.c b/src/copyin.c -index cde911e..032d35f 100644 ---- a/src/copyin.c -+++ b/src/copyin.c -@@ -1385,6 +1385,8 @@ process_copy_in () - break; - } - -+ if (file_hdr.c_namesize <= 1) -+ file_hdr.c_name = xrealloc(file_hdr.c_name, 2); - cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag, - false); - -diff --git a/src/util.c b/src/util.c -index 6ff6032..2763ac1 100644 ---- a/src/util.c -+++ b/src/util.c -@@ -1411,7 +1411,10 @@ set_file_times (int fd, - } - - /* Do we have to ignore absolute paths, and if so, does the filename -- have an absolute path? */ -+ have an absolute path? -+ Before calling this function make sure that the allocated NAME buffer has -+ capacity at least 2 bytes to allow us to store the "." string inside. */ -+ - void - cpio_safer_name_suffix (char *name, bool link_target, bool absolute_names, - bool strip_leading_dots) |