summaryrefslogtreecommitdiffstats
path: root/package/libxslt/0001-Fix-heap-overread-in-xsltFormatNumberConversion.patch
diff options
context:
space:
mode:
Diffstat (limited to 'package/libxslt/0001-Fix-heap-overread-in-xsltFormatNumberConversion.patch')
-rw-r--r--package/libxslt/0001-Fix-heap-overread-in-xsltFormatNumberConversion.patch35
1 files changed, 0 insertions, 35 deletions
diff --git a/package/libxslt/0001-Fix-heap-overread-in-xsltFormatNumberConversion.patch b/package/libxslt/0001-Fix-heap-overread-in-xsltFormatNumberConversion.patch
deleted file mode 100644
index 1ad494a6c0..0000000000
--- a/package/libxslt/0001-Fix-heap-overread-in-xsltFormatNumberConversion.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From eb1030de31165b68487f288308f9d1810fed6880 Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer <wellnhofer@aevum.de>
-Date: Fri, 10 Jun 2016 14:23:58 +0200
-Subject: [PATCH] Fix heap overread in xsltFormatNumberConversion
-
-An empty decimal-separator could cause a heap overread. This can be
-exploited to leak a couple of bytes after the buffer that holds the
-pattern string.
-
-Found with afl-fuzz and ASan.
-
-Signed-off-by: Baruch Siach <baruch@tkos.co.il>
----
-Patch status: upstream commit eb1030de311
-
- libxslt/numbers.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/libxslt/numbers.c b/libxslt/numbers.c
-index d1549b46ca26..e78c46b6357b 100644
---- a/libxslt/numbers.c
-+++ b/libxslt/numbers.c
-@@ -1090,7 +1090,8 @@ xsltFormatNumberConversion(xsltDecimalFormatPtr self,
- }
-
- /* We have finished the integer part, now work on fraction */
-- if (xsltUTF8Charcmp(the_format, self->decimalPoint) == 0) {
-+ if ( (*the_format != 0) &&
-+ (xsltUTF8Charcmp(the_format, self->decimalPoint) == 0) ) {
- format_info.add_decimal = TRUE;
- the_format += xsltUTF8Size(the_format); /* Skip over the decimal */
- }
---
-2.10.2
-
OpenPOWER on IntegriCloud