git Service of IN-Ulm e.V. Explore Help
Sign In
cbiedl
/
file
1
0
Fork 0
Files Pull Requests 0 Wiki
Tree: ad68cc127c
Branches Tags
file
/
debian
/
patches
/
CVE-2014-3710.patch

CVE-2014-3710.patch 588 B
History Raw

123456789101112131415161718192021222324 
  1. Subject: Fix note bounds reading, Francisco Alonso / Red Hat
    2. 

  2. ID: CVE-2014-3710
    3. 

  3. Author: Christos Zoulas <christos@zoulas.com>
    4. 

  4. Date: Fri Oct 17 15:49:00 2014 +0000
    5. 

  5. Origin:
    6. 

  6.     commit 39c7ac1106be844a5296d3eb5971946cc09ffda0
    7. 

  7. Last-Update: 2014-11-09
    8. 

  8. 

  9. --- a/src/readelf.c
    10. 

  10. +++ b/src/readelf.c
    11. 

  11. @@ -477,6 +477,13 @@
    12. 

  12.  	uint32_t namesz, descsz;
    13. 

  13.  	unsigned char *nbuf = CAST(unsigned char *, vbuf);
    14. 

  14.  
    15. 

  15. +	if (xnh_sizeof + offset > size) {
    16. 

  16. +		/*
    17. 

  17. +		 * We're out of note headers.
    18. 

  18. +		 */
    19. 

  19. +		return xnh_sizeof + offset;
    20. 

  20. +	}
    21. 

  21. +
    22. 

  22.  	(void)memcpy(xnh_addr, &nbuf[offset], xnh_sizeof);
    23. 

  23.  	offset += xnh_sizeof;
    24. 

  24.  
    25.