| From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001 |
| From: Li xin <lixin.fnst@cn.fujitsu.com> |
| Date: Wed, 21 Jan 2015 09:33:38 +0900 |
| Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix |
| |
| this patch is from: |
| https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e |
| |
| Upstream-Status: Backport |
| CVE: CVE-2014-9447 |
| |
| Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> |
| --- |
| libelf/elf_begin.c | 7 ++----- |
| 1 file changed, 2 insertions(+), 5 deletions(-) |
| |
| diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c |
| index e46add3..e83ba35 100644 |
| --- a/libelf/elf_begin.c |
| +++ b/libelf/elf_begin.c |
| @@ -736,11 +736,8 @@ read_long_names (Elf *elf) |
| break; |
| |
| /* NUL-terminate the string. */ |
| - *runp = '\0'; |
| - |
| - /* Skip the NUL byte and the \012. */ |
| - runp += 2; |
| - |
| + *runp++ = '\0'; |
| + |
| /* A sanity check. Somebody might have generated invalid |
| archive. */ |
| if (runp >= newp + len) |
| -- |
| 1.8.4.2 |
| |