blob: 84e8ddcca72f20387925366cf130e88931641c87 [file] [log] [blame]
Patrick Williamsc124f4f2015-09-15 14:41:29 -05001From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001
2From: Li xin <lixin.fnst@cn.fujitsu.com>
3Date: Wed, 21 Jan 2015 09:33:38 +0900
4Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix
5
6this patch is from:
7 https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
8
9Upstream-Status: Backport
10
11Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
12---
13 libelf/elf_begin.c | 7 ++-----
14 1 file changed, 2 insertions(+), 5 deletions(-)
15
16diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
17index e46add3..e83ba35 100644
18--- a/libelf/elf_begin.c
19+++ b/libelf/elf_begin.c
20@@ -736,11 +736,8 @@ read_long_names (Elf *elf)
21 break;
22
23 /* NUL-terminate the string. */
24- *runp = '\0';
25-
26- /* Skip the NUL byte and the \012. */
27- runp += 2;
28-
29+ *runp++ = '\0';
30+
31 /* A sanity check. Somebody might have generated invalid
32 archive. */
33 if (runp >= newp + len)
34--
351.8.4.2
36