ash: expand: Fix buffer overflow in expandmeta - forks/busybox

diff options

author	Denys Vlasenko <vda.linux@googlemail.com>	2018-04-14 14:50:47 +0200
committer	Denys Vlasenko <vda.linux@googlemail.com>	2018-04-14 14:50:47 +0200
commit	d5f5045b43bd7a55402dfcecde511a2c207d07b7 (patch)
tree	9e57ed30cf4918a5e205b964ce7dd5d15b295590 /editors/patch.c
parent	0dd3be8c0933d5649152b6019b975876e804e22a (diff)
download	busybox-d5f5045b43bd7a55402dfcecde511a2c207d07b7.tar.gz

ash: expand: Fix buffer overflow in expandmeta

Upstream commit: Date: Sun, 25 Mar 2018 16:38:00 +0800 expand: Fix buffer overflow in expandmeta The native version of expandmeta allocates a buffer that may be overrun for two reasons. First of all the size is 1 byte too small but this is normally hidden because the minimum size is rounded up to 2048 bytes. Secondly, if the directory level is deep enough, any buffer can be overrun. This patch fixes both problems by calling realloc when necessary. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> function old new delta expmeta 517 635 +118 expandarg 990 996 +6 mklocal 288 290 +2 ------------------------------------------------------------------------------ (add/remove: 0/0 grow/shrink: 3/0 up/down: 126/0) Total: 126 bytes Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

Diffstat (limited to 'editors/patch.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: