Mercurial Mercurial > upstream > oracle > userland-gate / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/curl/patches/015-CVE-2016-8617.patch
branchs11u3-sru
changeset 7654 61774c5d9189
equal deleted inserted replaced
7653:02748c64c0e3 7654:61774c5d9189 
       
     1 From 3599341dd611303ee9544839d30f603f606d1082 Mon Sep 17 00:00:00 2001
 
       
     2 From: Daniel Stenberg <[email protected]>
 
       
     3 Date: Wed, 28 Sep 2016 00:05:12 +0200
 
       
     4 Subject: [PATCH] base64: check for integer overflow on large input
 
       
     5 
       
     6 CVE-2016-8617
 
       
     7 
       
     8 Bug: https://curl.haxx.se/docs/adv_20161102C.html
 
       
     9 Reported-by: Cure53
 
       
    10 ---
 
       
    11  lib/base64.c | 5 +++++
 
       
    12  1 file changed, 5 insertions(+)
 
       
    13 
       
    14 --- lib/base64.c
 
       
    15 +++ lib/base64.c
 
       
    16 @@ -188,10 +188,15 @@ static CURLcode base64_encode(const char *table64,
 
       
    17    *outlen = 0;
 
       
    18  
       
    19    if(0 == insize)
 
       
    20      insize = strlen(indata);
 
       
    21  
       
    22 +#if SIZEOF_SIZE_T == 4
 
       
    23 +  if(insize > UINT_MAX/4)
 
       
    24 +    return CURLE_OUT_OF_MEMORY;
 
       
    25 +#endif
 
       
    26 +
 
       
    27    base64data = output = malloc(insize*4/3+4);
 
       
    28    if(NULL == output)
 
       
    29      return CURLE_OUT_OF_MEMORY;
 
       
    30  
       
    31    /*
 
       
    32 -- 
       
    33 2.9.3
 
       
    34
upstream/oracle/userland-gate