diff options
Diffstat (limited to 'net-dns/libidn/files/libidn-1.33-CVE-2017-14062.patch')
-rw-r--r-- | net-dns/libidn/files/libidn-1.33-CVE-2017-14062.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/net-dns/libidn/files/libidn-1.33-CVE-2017-14062.patch b/net-dns/libidn/files/libidn-1.33-CVE-2017-14062.patch index 2ddf3fdd6be2..5c2e0a91b2e3 100644 --- a/net-dns/libidn/files/libidn-1.33-CVE-2017-14062.patch +++ b/net-dns/libidn/files/libidn-1.33-CVE-2017-14062.patch @@ -30,3 +30,48 @@ index 86819a7..49250a1 100644 -- 1.9.1 +From 6c8a9375641ca283b50f9680c90dcd57f9c44798 Mon Sep 17 00:00:00 2001 +From: =?utf8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de> +Date: Wed, 4 Oct 2017 15:22:43 +0200 +Subject: [PATCH] lib/punycode.c (decode_digit): Really fix integer overflow + +The fix in commit e9e81b8063b095b02cf104bb992fa9bf9515b9d8 +was incomplete. + +Reported-by: Christian Weisgerber +--- + lib/punycode.c | 4 ++-- + tests/tst_idna.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/lib/punycode.c b/lib/punycode.c +index 49250a1..d475b6d 100644 +--- a/lib/punycode.c ++++ b/lib/punycode.c +@@ -91,8 +91,8 @@ enum + static unsigned + decode_digit (int cp) + { +- return (unsigned) cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 : +- cp - 97 < 26 ? cp - 97 : base; ++ return (unsigned) (cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 : ++ cp - 97 < 26 ? cp - 97 : base); + } + + /* encode_digit(d,flag) returns the basic code point whose value */ +diff --git a/tests/tst_idna.c b/tests/tst_idna.c +index 4ac046f..7fb58b9 100644 +--- a/tests/tst_idna.c ++++ b/tests/tst_idna.c +@@ -211,7 +211,7 @@ static const struct idna idna[] = { + 'x', 'n', '-', '-', 'f', 'o', 0x3067}, + IDNA_ACE_PREFIX "too long too long too long too long too long too " + "long too long too long too long too long ", 0, +- IDNA_CONTAINS_ACE_PREFIX, IDNA_PUNYCODE_ERROR} ++ IDNA_CONTAINS_ACE_PREFIX, IDNA_INVALID_LENGTH} + }; + + void +-- +1.9.1 + |