pkgs/tools/graphics/zbar/0.23.92-CVE-2023-40890.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

Simple bounds checks for CVE-2023-40890

--- a/zbar/decoder/databar.c
+++ b/zbar/decoder/databar.c
@@ -23,6 +23,8 @@
 
 #include <config.h>
 #include <zbar.h>
+#include <stdlib.h>
+#include <stdio.h>
 
 #ifdef DEBUG_DATABAR
 # define DEBUG_LEVEL (DEBUG_DATABAR)
@@ -691,6 +693,12 @@ lookup_sequence (databar_segment_t *seg,
             fixed = -1;
         s <<= 1;
         dbprintf(2, "%x", s);
+
+        if (i > 20) {
+            fprintf(stderr, "Bug: Out-of-bounds condition detected\n");
+            exit(99);
+        }
+
         seq[i++] = s++;
         seq[i++] = s;
     }