From 2bc2b430bc4c1a9a0bfd1c01da68bd53bf7da052 Mon Sep 17 00:00:00 2001 From: CoprDistGit Date: Sun, 10 Sep 2023 03:05:12 +0000 Subject: automatic import of rpm --- ...id-reading-out-of-bounds-of-the-i18ntable.patch | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 backport-Avoid-reading-out-of-bounds-of-the-i18ntable.patch (limited to 'backport-Avoid-reading-out-of-bounds-of-the-i18ntable.patch') diff --git a/backport-Avoid-reading-out-of-bounds-of-the-i18ntable.patch b/backport-Avoid-reading-out-of-bounds-of-the-i18ntable.patch new file mode 100644 index 0000000..d237fa5 --- /dev/null +++ b/backport-Avoid-reading-out-of-bounds-of-the-i18ntable.patch @@ -0,0 +1,29 @@ +From db8fc1057e38839adc04e263fe255ce86cab9fa7 Mon Sep 17 00:00:00 2001 +From: Demi Marie Obenour +Date: Sat, 12 Feb 2022 13:46:28 -0500 +Subject: [PATCH] Avoid reading out of bounds of the i18ntable + +If the i18ntable was smaller than the i18nstring entry an out of bounds +read could result. This should not happen in a valid package, but even +if RPM rejected such packages during load, this situation could still +result as a result of usage of the RPM API. +--- + lib/header.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/header.c b/lib/header.c +index 098ea5d..c939006 100644 +--- a/lib/header.c ++++ b/lib/header.c +@@ -1311,7 +1311,7 @@ static int copyI18NEntry(Header h, indexEntry entry, rpmtd td, + + /* For each entry in the header ... */ + for (langNum = 0, t = table->data, ed = entry->data; +- langNum < entry->info.count; ++ langNum < entry->info.count && langNum < table->info.count; + langNum++, t += strlen(t) + 1, ed += strlen(ed) + 1) { + + int match = headerMatchLocale(t, l, le); +-- +1.8.3.1 + -- cgit v1.2.3