Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.2
libssh
0003-CVE-2012-4562-Fix-a-possible-infinite-loop...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0003-CVE-2012-4562-Fix-a-possible-infinite-loop-in-buffer.patch of Package libssh
From 1699adfa036ffc66c62fdbb784610445cbebfc6e Mon Sep 17 00:00:00 2001 From: Andreas Schneider <asn@cryptomilk.org> Date: Fri, 12 Oct 2012 11:35:20 +0200 Subject: [PATCH 03/13] CVE-2012-4562: Fix a possible infinite loop in buffer_reinit(). If needed is bigger than the highest power of two or a which fits in an integer we will loop forever. Signed-off-by: Andreas Schneider <asn@cryptomilk.org> --- src/buffer.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) --- libssh-0.3.4/libssh/buffer.c.orig 2012-12-19 17:22:37.461200274 +0100 +++ libssh-0.3.4/libssh/buffer.c 2012-12-19 17:23:41.783367554 +0100 @@ -71,11 +71,14 @@ } static int realloc_buffer(struct buffer_struct *buffer, int needed) { - int smallest = 1; - char *new = NULL; + size_t smallest = 1; + char *new; /* Find the smallest power of two which is greater or equal to needed */ while(smallest <= needed) { - smallest <<= 1; + if (smallest == 0) { + return -1; + } + smallest <<= 1; } needed = smallest; new = realloc(buffer->data, needed);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor