Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/tcsh/patches/010.out-of-bounds.patch
author Rich Burridge <rich.burridge@oracle.com>
Tue, 02 May 2017 17:33:26 -0700
changeset 7964 d9801318ed3d
parent 7462 b70b1d023c26
permissions -rw-r--r--
25981468 Build ilmbase and openexr with the GNU compilers

Fix out of bounds read (Brooks Davis)
(reproduce by starting tcsh and hitting tab at the prompt)

See:
http://mx.gw.com/pipermail/tcsh-bugs/2016-December/001103.html
for more details.

Upstream fix at:
https://github.com/tcsh-org/tcsh/commit/6a542dc4fb2ba26518a47e9b3a9bcd6a91b94596

--- tcsh-6.19.00/ed.chared.c.orig	2016-12-07 06:26:09.076227132 +0000
+++ tcsh-6.19.00/ed.chared.c	2016-12-07 06:26:41.976633276 +0000
@@ -750,7 +750,7 @@
     /*
      * If we found a history character, go expand it.
      */
-    if (HIST != '\0' && *p == HIST)
+    if (p >= InputBuf && HIST != '\0' && *p == HIST)
 	nr_exp = c_excl(p);
     else
         nr_exp = 0;
upstream/oracle/userland-gate