projects / librecmc / package-feed.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fresh pull from upstream (stable) package feed
[librecmc/package-feed.git] / libs / libxslt / patches / 0018-Fix-buffer-overflow-in-exsltDateFormat.patch
1 From 5d0c6565bab5b9b7efceb33b626916d22b4101a7 Mon Sep 17 00:00:00 2001
2 From: Nick Wellnhofer <wellnhofer@aevum.de>
3 Date: Thu, 28 Apr 2016 17:34:27 +0200
4 Subject: [PATCH] Fix buffer overflow in exsltDateFormat
5
6 Long years can overflow a stack-based buffer on 64-bit platforms by
7 up to four bytes.
8
9 Thanks to Nicolas Gregoire for the report.
10
11 Fixes bug #765380:
12
13 https://bugzilla.gnome.org/show_bug.cgi?id=765380
14 ---
15  libexslt/date.c | 2 +-
16  1 file changed, 1 insertion(+), 1 deletion(-)
17
18 diff --git a/libexslt/date.c b/libexslt/date.c
19 index 272c61b..12c9919 100644
20 --- a/libexslt/date.c
21 +++ b/libexslt/date.c
22 @@ -1283,7 +1283,7 @@ exsltDateFormat (const exsltDateValPtr dt)
23      }
24  
25      if (dt->type & XS_GYEAR) {
26 -        xmlChar buf[20], *cur = buf;
27 +        xmlChar buf[100], *cur = buf;
28  
29          FORMAT_GYEAR(dt->value.date.year, cur);
30          if (dt->type == XS_GYEARMONTH) {
31 -- 
32 2.8.1
33
Unnamed repository; edit this file 'description' to name the repository.