aboutsummaryrefslogtreecommitdiffstats
path: root/main/hunspell/CVE-2019-16707.patch
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2020-01-06 11:56:05 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2020-01-06 12:57:47 +0100
commit433facdd60c83bd55e06cb8f5be42c9d65e61f96 (patch)
treede01ded3ef854dfca5e64c109ec511b68077d5ee /main/hunspell/CVE-2019-16707.patch
parent9aea0e8939dda7342fd86c42cde3efaaf75003e3 (diff)
downloadaports-433facdd60c83bd55e06cb8f5be42c9d65e61f96.tar.gz
aports-433facdd60c83bd55e06cb8f5be42c9d65e61f96.tar.bz2
aports-433facdd60c83bd55e06cb8f5be42c9d65e61f96.tar.xz
main/hunspell: fix CVE-2019-16707
fixes #11101
Diffstat (limited to 'main/hunspell/CVE-2019-16707.patch')
-rw-r--r--main/hunspell/CVE-2019-16707.patch22
1 files changed, 22 insertions, 0 deletions
diff --git a/main/hunspell/CVE-2019-16707.patch b/main/hunspell/CVE-2019-16707.patch
new file mode 100644
index 0000000000..649eef5b29
--- /dev/null
+++ b/main/hunspell/CVE-2019-16707.patch
@@ -0,0 +1,22 @@
+From ac938e2ecb48ab4dd21298126c7921689d60571b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
+Date: Tue, 12 Nov 2019 20:03:15 +0000
+Subject: [PATCH] invalid read memory access #624
+
+---
+ src/hunspell/suggestmgr.cxx | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/hunspell/suggestmgr.cxx b/src/hunspell/suggestmgr.cxx
+index dba084e9..c23f165a 100644
+--- a/src/hunspell/suggestmgr.cxx
++++ b/src/hunspell/suggestmgr.cxx
+@@ -2040,7 +2040,7 @@ int SuggestMgr::leftcommonsubstring(
+ int l2 = su2.size();
+ // decapitalize dictionary word
+ if (complexprefixes) {
+- if (su1[l1 - 1] == su2[l2 - 1])
++ if (l1 && l2 && su1[l1 - 1] == su2[l2 - 1])
+ return 1;
+ } else {
+ unsigned short idx = su2.empty() ? 0 : (su2[0].h << 8) + su2[0].l;