[gentoo-commits] gentoo commit in src/patchsets/glibc/2.21: 00_all_0019-Fix-read-past-end-of-pattern-in-fnmatch-bug-18032.patch

Mon, 20 Jul 2015 20:49:33 -0700 

vapier      15/07/21 03:48:41

  Added:               
                        
00_all_0019-Fix-read-past-end-of-pattern-in-fnmatch-bug-18032.patch
  Log:
  fix from upstream for buffer overflow (read past end of buffer) in 
internal_fnmatch #541542

Revision  Changes    Path
1.1                  
src/patchsets/glibc/2.21/00_all_0019-Fix-read-past-end-of-pattern-in-fnmatch-bug-18032.patch

file : 
http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.21/00_all_0019-Fix-read-past-end-of-pattern-in-fnmatch-bug-18032.patch?rev=1.1&view=markup
plain: 
http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.21/00_all_0019-Fix-read-past-end-of-pattern-in-fnmatch-bug-18032.patch?rev=1.1&content-type=text/plain

Index: 00_all_0019-Fix-read-past-end-of-pattern-in-fnmatch-bug-18032.patch
===================================================================
>From 5af500db3c6abef8810253e51d428b406f24320d Mon Sep 17 00:00:00 2001
From: Andreas Schwab <[email protected]>
Date: Thu, 26 Feb 2015 14:55:24 +0100
Subject: [PATCH] Fix read past end of pattern in fnmatch (bug 18032)

(cherry picked from commit 4a28f4d55a6cc33474c0792fe93b5942d81bf185)
(cherry picked from commit fe7b1136e5753c85b3ccc8395dfc66b82052d73c)
---
 posix/fnmatch_loop.c | 5 ++---
 posix/tst-fnmatch3.c | 8 +++++---
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/posix/fnmatch_loop.c b/posix/fnmatch_loop.c
index c0cb2fc..72c5d8f 100644
--- a/posix/fnmatch_loop.c
+++ b/posix/fnmatch_loop.c
@@ -945,14 +945,13 @@ FCT (pattern, string, string_end, no_leading_period, 
flags, ends, alloca_used)
                  }
                else if (c == L('[') && *p == L('.'))
                  {
-                   ++p;
                    while (1)
                      {
                        c = *++p;
-                       if (c == '\0')
+                       if (c == L('\0'))
                          return FNM_NOMATCH;
 
-                       if (*p == L('.') && p[1] == L(']'))
+                       if (c == L('.') && p[1] == L(']'))
                          break;
                      }
                    p += 2;
diff --git a/posix/tst-fnmatch3.c b/posix/tst-fnmatch3.c
index d27a557..75bc00a 100644
--- a/posix/tst-fnmatch3.c
+++ b/posix/tst-fnmatch3.c
@@ -21,9 +21,11 @@
 int
 do_test (void)
 {
-  const char *pattern = "[[:alpha:]'[:alpha:]\0]";
-
-  return fnmatch (pattern, "a", 0) != FNM_NOMATCH;
+  if (fnmatch ("[[:alpha:]'[:alpha:]\0]", "a", 0) != FNM_NOMATCH)
+    return 1;
+  if (fnmatch ("[a[.\0.]]", "a", 0) != FNM_NOMATCH)
+    return 1;
+  return 0;
 }
 
 #define TEST_FUNCTION do_test ()
-- 
2.4.4

Reply via email to