mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-23 07:22:33 +00:00
dc1b578a4c
This fixes the following security problems: * CVE-2018-14618: NTLM password overflow via integer overflow * CVE-2018-16839: SASL password overflow via integer overflow * CVE-2018-16840: use-after-free in handle close * CVE-2018-16842: warning message out-of-buffer read * CVE-2019-3823: SMTP end-of-response out-of-bounds read * CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow * CVE-2018-16890: NTLM type-2 out-of-bounds buffer read Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
24 lines
751 B
Diff
24 lines
751 B
Diff
From d530e92f59ae9bb2d47066c3c460b25d2ffeb211 Mon Sep 17 00:00:00 2001
|
|
From: Daniel Stenberg <daniel@haxx.se>
|
|
Date: Sun, 28 Oct 2018 01:33:23 +0200
|
|
Subject: [PATCH] voutf: fix bad arethmetic when outputting warnings to stderr
|
|
|
|
CVE-2018-16842
|
|
Reported-by: Brian Carpenter
|
|
Bug: https://curl.haxx.se/docs/CVE-2018-16842.html
|
|
---
|
|
src/tool_msgs.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
--- a/src/tool_msgs.c
|
|
+++ b/src/tool_msgs.c
|
|
@@ -67,7 +67,7 @@ static void voutf(struct GlobalConfig *c
|
|
(void)fwrite(ptr, cut + 1, 1, config->errors);
|
|
fputs("\n", config->errors);
|
|
ptr += cut + 1; /* skip the space too */
|
|
- len -= cut;
|
|
+ len -= cut + 1;
|
|
}
|
|
else {
|
|
fputs(ptr, config->errors);
|