sys-apps/file/files/file-5.33-CVE-2018-10360.patch - mirrors/cros/chromiumos/overlays/portage-stable - Git at Google

 Avoid reading past the end of buffer

 CVE-2018-10360

 https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22

 --- a/src/readelf.c
 +++ b/src/readelf.c
 @@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type,

  				cname = (unsigned char *)
  				    &nbuf[doff + prpsoffsets(i)];
 -				for (cp = cname; *cp && isprint(*cp); cp++)
 +				for (cp = cname; cp < nbuf + size && *cp
 +				    && isprint(*cp); cp++)
  					continue;
  				/*
  				 * Linux apparently appends a space at the end
	Avoid reading past the end of buffer

	CVE-2018-10360

	https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22

	--- a/src/readelf.c
	+++ b/src/readelf.c
	@@ -842,7 +842,8 @@ do_core_note(struct magic_set ms, unsigned char nbuf, uint32_t type,

	cname = (unsigned char *)
	&nbuf[doff + prpsoffsets(i)];
	- for (cp = cname; cp && isprint(cp); cp++)
	+ for (cp = cname; cp < nbuf + size && *cp
	+ && isprint(*cp); cp++)
	continue;
	/*
	* Linux apparently appends a space at the end