projects / product / upstream / cpio.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 939931c) | patch
[CVE-2010-0624] checking the returned amount of data and bail out when it is more... 47/254647/1 submit/tizen_base/20210309.041845
authorJinWang An <jinwang.an@samsung.com>
Fri, 5 Mar 2021 12:12:59 +0000 (21:12 +0900)
committerJinWang An <jinwang.an@samsung.com>
Fri, 5 Mar 2021 12:17:48 +0000 (21:17 +0900)
commitb32b9e72386090dfb6edbad0b62ea0d87e0f27c3
treee53fab22be759a323d5434729d63eb2c9197fcaetree | snapshot
parent939931cd5aa5c9c9111142b7e034ae14f0229924commit | diff
[CVE-2010-0624] checking the returned amount of data and bail out when it is more than what we requested.

The rmt client in GNU cpio could have a heap overflow when a malicious
remote tape service returns deliberately crafted packets containing
more data than requested.

PR: gnu/145010
Submitted by: naddy
Reviewed by: imp
MFC after: immediately
Security: CVE-2010-0624

Change-Id: I489741e2faefd9353307a571a6a32c1e249f4488
Signed-off-by: JinWang An <jinwang.an@samsung.com>
lib/rtapelib.c diff | blob | history
Domain: System / Base;