[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [libextractor] 05/06: fix looping in nsfe extractor for pro
From: |
gnunet |
Subject: |
[GNUnet-SVN] [libextractor] 05/06: fix looping in nsfe extractor for problematic chunksize in input file |
Date: |
Fri, 13 Oct 2017 12:37:45 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository libextractor.
commit ffab889c1710c7646af9ed360c796a2a0a619efc
Author: Christian Grothoff <address@hidden>
AuthorDate: Fri Oct 13 12:27:31 2017 +0200
fix looping in nsfe extractor for problematic chunksize in input file
---
ChangeLog | 3 +++
src/plugins/nsfe_extractor.c | 4 ++--
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index ec2ebb21..73220830 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+Fri Oct 13 12:27:38 CEST 2017
+ Protect against problematic integer offset in NSFE plugin found by Leon
Zhao. -CG
+
Fri Oct 13 12:15:35 CEST 2017
Protect against integer overflows in PNG plugin found by Leon Zhao. -CG
diff --git a/src/plugins/nsfe_extractor.c b/src/plugins/nsfe_extractor.c
index bde13153..6a8be86e 100644
--- a/src/plugins/nsfe_extractor.c
+++ b/src/plugins/nsfe_extractor.c
@@ -373,9 +373,9 @@ EXTRACTOR_nsfe_extract_method (struct
EXTRACTOR_ExtractContext *ec)
8))
break;
chunksize = nsfeuint (data);
- if (off + chunksize + 8 <= off)
+ if (off + chunksize + 8LLU <= off)
break; /* protect against looping */
- off += 8 + chunksize;
+ off += 8LLU + chunksize;
if (0 == memcmp (data + 4, "INFO", 4))
ret = info_extract (ec, chunksize);
else if (0 == memcmp (data + 4, "auth", 4))
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [libextractor] branch master updated (25da5822 -> 38e89335), gnunet, 2017/10/13
- [GNUnet-SVN] [libextractor] 01/06: fix integer overflow in PNG plugin as reported by Leon Zhao on the mailinglist, gnunet, 2017/10/13
- [GNUnet-SVN] [libextractor] 04/06: modify gitignore, gnunet, 2017/10/13
- [GNUnet-SVN] [libextractor] 03/06: eliminate compiler warning, gnunet, 2017/10/13
- [GNUnet-SVN] [libextractor] 06/06: fix for NSF plugin's NPE reported by Leon Zhao, gnunet, 2017/10/13
- [GNUnet-SVN] [libextractor] 02/06: eliminate compiler warning, gnunet, 2017/10/13
- [GNUnet-SVN] [libextractor] 05/06: fix looping in nsfe extractor for problematic chunksize in input file,
gnunet <=