| Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 1 | From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001 |
| 2 | From: Li xin <lixin.fnst@cn.fujitsu.com> |
| 3 | Date: Wed, 21 Jan 2015 09:33:38 +0900 |
| 4 | Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix |
| 5 | |
| 6 | this patch is from: |
| 7 | https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e |
| 8 | |
| 9 | Upstream-Status: Backport |
| Patrick Williams | d8c66bc | 2016-06-20 12:57:21 -0500 | [diff] [blame] | 10 | CVE: CVE-2014-9447 |
| Patrick Williams | c124f4f | 2015-09-15 14:41:29 -0500 | [diff] [blame] | 11 | |
| 12 | Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> |
| 13 | --- |
| 14 | libelf/elf_begin.c | 7 ++----- |
| 15 | 1 file changed, 2 insertions(+), 5 deletions(-) |
| 16 | |
| 17 | diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c |
| 18 | index e46add3..e83ba35 100644 |
| 19 | --- a/libelf/elf_begin.c |
| 20 | +++ b/libelf/elf_begin.c |
| 21 | @@ -736,11 +736,8 @@ read_long_names (Elf *elf) |
| 22 | break; |
| 23 | |
| 24 | /* NUL-terminate the string. */ |
| 25 | - *runp = '\0'; |
| 26 | - |
| 27 | - /* Skip the NUL byte and the \012. */ |
| 28 | - runp += 2; |
| 29 | - |
| 30 | + *runp++ = '\0'; |
| 31 | + |
| 32 | /* A sanity check. Somebody might have generated invalid |
| 33 | archive. */ |
| 34 | if (runp >= newp + len) |
| 35 | -- |
| 36 | 1.8.4.2 |
| 37 | |