summaryrefslogtreecommitdiffstats
path: root/main/libc0.9.32/0001-config-parser-fix-memory-corruption.patch
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2010-08-06 09:04:49 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2010-08-06 11:37:20 +0000
commit6456133f3fb46ce389b47db2718dd50f5ec1ed60 (patch)
treefa12d8d1366aec85e2e59a88d0139e95538d22bc /main/libc0.9.32/0001-config-parser-fix-memory-corruption.patch
parent3a138c7fc3c38433f75cf3d44a4a78d80a6da705 (diff)
main/libc0.9.32: new snapshot
has most of our fixes and fixes for new bugs
Diffstat (limited to 'main/libc0.9.32/0001-config-parser-fix-memory-corruption.patch')
-rw-r--r--main/libc0.9.32/0001-config-parser-fix-memory-corruption.patch45
1 files changed, 45 insertions, 0 deletions
diff --git a/main/libc0.9.32/0001-config-parser-fix-memory-corruption.patch b/main/libc0.9.32/0001-config-parser-fix-memory-corruption.patch
new file mode 100644
index 00000000000..58acfb4234b
--- /dev/null
+++ b/main/libc0.9.32/0001-config-parser-fix-memory-corruption.patch
@@ -0,0 +1,45 @@
+From 80bcb7a4806b27397629cf2e6bcbb7e8a0c5db5b Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Fri, 6 Aug 2010 11:29:38 +0300
+Subject: [PATCH] config parser: fix memory corruption
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+fgets will happily write over allocated area limits. Adjusted the
+buffer size according to how much is already read.
+
+Also increase the maximum default line length, as 80 is slightly
+small. It might be better if bb_get_chunk_with_continuation would
+reallocate the line buffer if it was not user given.
+
+Signed-off-by: Timo Teräs <timo.teras@iki.fi>
+---
+ libc/misc/internals/parse_config.c | 4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/libc/misc/internals/parse_config.c b/libc/misc/internals/parse_config.c
+index cbb6ef7..8404d80 100644
+--- a/libc/misc/internals/parse_config.c
++++ b/libc/misc/internals/parse_config.c
+@@ -60,7 +60,7 @@ static off_t bb_get_chunk_with_continuation(parser_t* parsr)
+ char *chp;
+
+ while (1) {
+- if (fgets(parsr->line + pos, parsr->line_len, parsr->fp) == NULL) {
++ if (fgets(parsr->line + pos, parsr->line_len - pos, parsr->fp) == NULL) {
+ memset(parsr->line, 0, parsr->line_len);
+ pos = -1;
+ break;
+@@ -179,7 +179,7 @@ int attribute_hidden FAST_FUNC config_read(parser_t *parser, char ***tokens,
+ again:
+ if (parser->data == NULL) {
+ if (parser->line_len == 0)
+- parser->line_len = 81;
++ parser->line_len = 161;
+ if (parser->data_len == 0)
+ parser->data_len += 1 + ntokens * sizeof(char *);
+ parser->data = realloc(parser->data,
+--
+1.7.0.4
+