|
@@ -1,24 +0,0 @@
|
|
|
-Subject: Integer overflow in the cdf_read_property_info function allows remote attackers to cause a denial of service
|
|
|
-ID: CVE-2014-3587
|
|
|
-Author: Christos Zoulas <christos@zoulas.com>
|
|
|
-Date: Thu Aug 7 09:38:35 2014 +0000
|
|
|
-Origin:
|
|
|
-commit 0641e56be1af003aa02c7c6b0184466540637233
|
|
|
-Debian-Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
|
|
|
-Last-Update: 2014-09-07
|
|
|
-
|
|
|
- Prevent wrap around (Remi Collet at redhat)
|
|
|
-
|
|
|
---- a/src/cdf.c
|
|
|
-+++ b/src/cdf.c
|
|
|
-@@ -824,6 +824,10 @@ cdf_read_property_info(const cdf_stream_
|
|
|
- q = (const uint8_t *)(const void *)
|
|
|
- ((const char *)(const void *)p + ofs
|
|
|
- - 2 * sizeof(uint32_t));
|
|
|
-+ if (q < p) {
|
|
|
-+ DPRINTF(("Wrapped around %p < %p\n", q, p));
|
|
|
-+ goto out;
|
|
|
-+ }
|
|
|
- if (q > e) {
|
|
|
- DPRINTF(("Ran of the end %p > %p\n", q, e));
|
|
|
- goto out;
|