review.tizen.org Git - product/upstream/cpio.git/commit

projects / product / upstream / cpio.git / commit

author	Bruno Haible <bruno@clisp.org>
	Sun, 23 Sep 2018 12:13:52 +0000 (14:13 +0200)
committer	DongHun Kwak <dh0128.kwak@samsung.com>
	Thu, 4 Feb 2021 00:35:18 +0000 (09:35 +0900)
commit	939931cd5aa5c9c9111142b7e034ae14f0229924
tree	bb3dfcbd39470df4b2c215581eeae3c8ad7e90cd	tree \| snapshot
parent	d50bdfaeb15c61da84923ed9ba74644c5b2a1bc3	commit \| diff

[CVE-2018-17942] vasnprintf: Fix heap memory overrun bug.

Reported by Ben Pfaff <blp@cs.stanford.edu> in
<https://lists.gnu.org/archive/html/bug-gnulib/2018-09/msg00107.html>.

* lib/vasnprintf.c (convert_to_decimal): Allocate one more byte of
memory.

Change-Id: I3e78111a16ac31b690caa29c1dfbb1cb7262ecd1
Signed-off-by: DongHun Kwak <dh0128.kwak@samsung.com>

lib/vasnprintf.c

diff | blob | history

Domain: System / Base;

RSS Atom