Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
107
Merge Requests
107
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Jobs
Commits
Open sidebar
nexedi
slapos
Commits
a59aa23b
Commit
a59aa23b
authored
Feb 06, 2020
by
Jérome Perrin
1
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
component/file: use a local copy of the patch
It no longer exist at this URL
parent
89c7e77a
Pipeline
#7833
running with stage
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
39 additions
and
1 deletion
+39
-1
component/file/buildout.cfg
component/file/buildout.cfg
+1
-1
component/file/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch
...he-number-of-elements-in-a-vector-found-by-oss-fuzz.patch
+38
-0
No files found.
component/file/buildout.cfg
View file @
a59aa23b
...
...
@@ -21,4 +21,4 @@ environment =
patch-binary = ${patch:location}/bin/patch
patch-options = -p1
patches =
https://sources.debian.org/data/main/f/file/1:5.37-6/debian/patches
/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch#fb6f7d32ce89573bf4b4b302c812e394
${:_profile_base_location_}
/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch#fb6f7d32ce89573bf4b4b302c812e394
component/file/cherry-pick.FILE5_37-67-g46a8443f.limit-the-number-of-elements-in-a-vector-found-by-oss-fuzz.patch
0 → 100644
View file @
a59aa23b
Subject: Limit the number of elements in a vector (found by oss-fuzz)
Origin: FILE5_37-67-g46a8443f <https://github.com/file/file/commit/FILE5_37-67-g46a8443f>
Upstream-Author: Christos Zoulas <christos@zoulas.com>
Date: Mon Aug 26 14:31:39 2019 +0000
--- a/src/cdf.c
+++ b/src/cdf.c
@@ -1013,8 +1013,9 @@
goto out;
}
nelements = CDF_GETUINT32(q, 1);
- if (nelements == 0) {
- DPRINTF(("CDF_VECTOR with nelements == 0\n"));
+ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
+ DPRINTF(("CDF_VECTOR with nelements == %"
+ SIZE_T_FORMAT "u\n", nelements));
goto out;
}
slen = 2;
@@ -1056,8 +1057,6 @@
goto out;
inp += nelem;
}
- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
- nelements));
for (j = 0; j < nelements && i < sh.sh_properties;
j++, i++)
{
--- a/src/cdf.h
+++ b/src/cdf.h
@@ -48,6 +48,7 @@
typedef int32_t cdf_secid_t;
#define CDF_LOOP_LIMIT 10000
+#define CDF_ELEMENT_LIMIT 100000
#define CDF_SECID_NULL 0
#define CDF_SECID_FREE -1
Jérome Perrin
@jerome
mentioned in commit
5c74a799
·
Feb 06, 2020
mentioned in commit
5c74a799
mentioned in commit 5c74a799f425df5e07db0a796b339f55fed4ad5d
Toggle commit list
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment