c037a0f7ce
WARNING: CVE-2015-4473 may not be fully addressed here, because I was unable to backport some of the patches (for upstream bugs 1182711 and 1146213). I was also unable to backport CVE-2015-4484 (upstream bug 1171540) and CVE-2015-4487 (upstream bug 1171603). I was unable to find any commit in the upstream repository that claims to address bug 1105914 (CVE-2015-4478). * gnu/packages/patches/icecat-CVE-2015-4473-partial.patch, gnu/packages/patches/icecat-CVE-2015-4482.patch, gnu/packages/patches/icecat-CVE-2015-4488.patch, gnu/packages/patches/icecat-CVE-2015-4489.patch, gnu/packages/patches/icecat-CVE-2015-4491.patch, gnu/packages/patches/icecat-CVE-2015-4492.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/gnuzilla.scm (icecat)[source]: Add patches.
28 lines
823 B
Diff
28 lines
823 B
Diff
From 932a017c745d40d661602f6145c95c9226d8450d Mon Sep 17 00:00:00 2001
|
|
From: Stephen Pohl <spohl.mozilla.bugs@gmail.com>
|
|
Date: Sat, 18 Jul 2015 18:42:15 -0700
|
|
Subject: [PATCH] Bug 1184500 - Improve handling of index names in MAR files.
|
|
r=rstrong, a=lmandel
|
|
|
|
---
|
|
modules/libmar/src/mar_read.c | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
diff --git a/modules/libmar/src/mar_read.c b/modules/libmar/src/mar_read.c
|
|
index c647370..2013b0f 100644
|
|
--- a/modules/libmar/src/mar_read.c
|
|
+++ b/modules/libmar/src/mar_read.c
|
|
@@ -96,6 +96,10 @@ static int mar_consume_index(MarFile *mar, char **buf, const char *buf_end) {
|
|
++(*buf);
|
|
}
|
|
namelen = (*buf - name);
|
|
+ /* must ensure that namelen is valid */
|
|
+ if (namelen < 0) {
|
|
+ return -1;
|
|
+ }
|
|
/* consume null byte */
|
|
if (*buf == buf_end)
|
|
return -1;
|
|
--
|
|
2.4.3
|
|
|