patch 9.0.1847: [security] potential oob write in do_addsub()

author Christian Brabandt <cb@256bit.org>

Sat, 2 Sep 2023 17:43:33 +0000 (19:43 +0200)

committer Christian Brabandt <cb@256bit.org>

Sat, 2 Sep 2023 17:43:33 +0000 (19:43 +0200)
author Christian Brabandt <cb@256bit.org>
Sat, 2 Sep 2023 17:43:33 +0000 (19:43 +0200)
committer Christian Brabandt <cb@256bit.org>
Sat, 2 Sep 2023 17:43:33 +0000 (19:43 +0200)
diff --git a/src/ops.c b/src/ops.c

index d46a049fe4e790715fb79f1164f8f650bd368e25..f4524d3d7b12884c6926cf79cbd2eade11d7269b 100644 (file)
--- a/src/ops.c
+++ b/src/ops.c
@@ -2919,7 +2919,7 @@ do_addsub(
             for (bit = bits; bit > 0; bit--)
                 if ((n >> (bit - 1)) & 0x1) break;
  
-           for (i = 0; bit > 0; bit--)
+           for (i = 0; bit > 0 && i < (NUMBUFLEN - 1); bit--)
                 buf2[i++] = ((n >> (bit - 1)) & 0x1) ? '1' : '0';
  
             buf2[i] = '\0';
diff --git a/src/version.c b/src/version.c

index 5cde7c18552595405b8792a9df59112fbf69604c..c638a107e30f1b2beac321fca6b8d532c81063b3 100644 (file)
--- a/src/version.c
+++ b/src/version.c
@@ -699,6 +699,8 @@ static char *(features[]) =
  
  static int included_patches[] =
  {   /* Add new patch number below this line */
+/**/
+    1847,
  /**/
      1846,
  /**/
author	Christian Brabandt <cb@256bit.org>
	Sat, 2 Sep 2023 17:43:33 +0000 (19:43 +0200)
committer	Christian Brabandt <cb@256bit.org>
	Sat, 2 Sep 2023 17:43:33 +0000 (19:43 +0200)
src/ops.c		patch \| blob \| blame \| history
src/version.c		patch \| blob \| blame \| history