gnu/packages/patches/icecat-CVE-2015-4482.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

From 932a017c745d40d661602f6145c95c9226d8450d Mon Sep 17 00:00:00 2001
From: Stephen Pohl <spohl.mozilla.bugs@gmail.com>
Date: Sat, 18 Jul 2015 18:42:15 -0700
Subject: [PATCH] Bug 1184500 - Improve handling of index names in MAR files.
 r=rstrong, a=lmandel

---
 modules/libmar/src/mar_read.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/libmar/src/mar_read.c b/modules/libmar/src/mar_read.c
index c647370..2013b0f 100644
--- a/modules/libmar/src/mar_read.c
+++ b/modules/libmar/src/mar_read.c
@@ -96,6 +96,10 @@ static int mar_consume_index(MarFile *mar, char **buf, const char *buf_end) {
     ++(*buf);
   }
   namelen = (*buf - name);
+  /* must ensure that namelen is valid */
+  if (namelen < 0) {
+    return -1;
+  }
   /* consume null byte */
   if (*buf == buf_end)
     return -1;
-- 
2.4.3