Check for end-of-string when parsing a stringlist field.
Problem and fix originally reported by Kentaro Oda to the mad-dev mailing list. See http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-2109 for some more info.
This commit is contained in:
parent
1eeb2a6235
commit
27726a7d0c
3 changed files with 20 additions and 3 deletions
|
@ -1,8 +1,8 @@
|
|||
# $NetBSD: Makefile,v 1.21 2007/07/01 15:57:16 heinz Exp $
|
||||
# $NetBSD: Makefile,v 1.22 2008/05/20 13:31:39 simonb Exp $
|
||||
#
|
||||
|
||||
DISTNAME= libid3tag-0.15.1b
|
||||
PKGREVISION= 1
|
||||
PKGREVISION= 2
|
||||
CATEGORIES= audio
|
||||
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=mad/}
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
$NetBSD: distinfo,v 1.3 2005/02/23 20:39:47 agc Exp $
|
||||
$NetBSD: distinfo,v 1.4 2008/05/20 13:31:39 simonb Exp $
|
||||
|
||||
SHA1 (libid3tag-0.15.1b.tar.gz) = 4d867e8a8436e73cd7762fe0e85958e35f1e4306
|
||||
RMD160 (libid3tag-0.15.1b.tar.gz) = 31a69b8ad7684aefdb675acc8ebf89bd6f432095
|
||||
Size (libid3tag-0.15.1b.tar.gz) = 338143 bytes
|
||||
SHA1 (patch-aa) = 2103523de3b2703479bba578eb002b33ffff88b0
|
||||
SHA1 (patch-ab) = 62325c79206726233ec3e327fb4ac05023252e3f
|
||||
|
|
16
audio/libid3tag/patches/patch-ab
Normal file
16
audio/libid3tag/patches/patch-ab
Normal file
|
@ -0,0 +1,16 @@
|
|||
$NetBSD: patch-ab,v 1.1 2008/05/20 13:31:39 simonb Exp $
|
||||
|
||||
Fix for initite loop bug in libid3tag-0.15.0b.
|
||||
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2008-2109
|
||||
|
||||
--- field.c.orig 2004-01-23 20:41:32.000000000 +1100
|
||||
+++ field.c
|
||||
@@ -291,7 +291,7 @@ int id3_field_parse(union id3_field *fie
|
||||
|
||||
end = *ptr + length;
|
||||
|
||||
- while (end - *ptr > 0) {
|
||||
+ while (end - *ptr > 0 && **ptr != '\0') {
|
||||
ucs4 = id3_parse_string(ptr, end - *ptr, *encoding, 0);
|
||||
if (ucs4 == 0)
|
||||
goto fail;
|
Loading…
Reference in a new issue