diff options
| author | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2022-01-25 22:07:13 -0500 |
|---|---|---|
| committer | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2022-01-25 22:07:13 -0500 |
| commit | 1a5302435ff0d2822b823f5a6fe01faa7a85c629 (patch) | |
| tree | ac7810c88b560532f22d2bab2e59609cd7305c21 /gnu/packages/patches/glib-CVE-2021-27219-05.patch | |
| parent | 3ff2ac4980dacf10087e4b42bd9fbc490591900c (diff) | |
| parent | 070b8a893febd6e7d8b2b7c8c4dcebacf7845aa9 (diff) | |
| download | guix-1a5302435ff0d2822b823f5a6fe01faa7a85c629.tar.gz | |
Merge branch 'master' into staging.
With "conflicts" solved (all in favor of master except git) in: gnu/local.mk gnu/packages/databases.scm gnu/packages/glib.scm gnu/packages/gnome.scm gnu/packages/gnupg.scm gnu/packages/gnuzilla.scm gnu/packages/graphics.scm gnu/packages/gstreamer.scm gnu/packages/gtk.scm gnu/packages/linux.scm gnu/packages/machine-learning.scm gnu/packages/networking.scm gnu/packages/polkit.scm gnu/packages/pulseaudio.scm gnu/packages/rpc.scm gnu/packages/rust.scm gnu/packages/version-control.scm gnu/packages/w3m.scm
Diffstat (limited to 'gnu/packages/patches/glib-CVE-2021-27219-05.patch')
| -rw-r--r-- | gnu/packages/patches/glib-CVE-2021-27219-05.patch | 47 |
1 files changed, 0 insertions, 47 deletions
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-05.patch b/gnu/packages/patches/glib-CVE-2021-27219-05.patch deleted file mode 100644 index 62bce1b188..0000000000 --- a/gnu/packages/patches/glib-CVE-2021-27219-05.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 0cbad673215ec8a049b7fe2ff44b0beed31b376e Mon Sep 17 00:00:00 2001 -From: Philip Withnall <pwithnall@endlessos.org> -Date: Thu, 4 Feb 2021 16:12:24 +0000 -Subject: [PATCH 05/11] gwinhttpfile: Avoid arithmetic overflow when - calculating a size -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The members of `URL_COMPONENTS` (`winhttp_file->url`) are `DWORD`s, i.e. -32-bit unsigned integers. Adding to and multiplying them may cause them -to overflow the unsigned integer bounds, even if the result is passed to -`g_memdup2()` which accepts a `gsize`. - -Cast the `URL_COMPONENTS` members to `gsize` first to ensure that the -arithmetic is done in terms of `gsize`s rather than unsigned integers. - -Spotted by Sebastian Dröge. - -Signed-off-by: Philip Withnall <pwithnall@endlessos.org> -Helps: #2319 ---- - gio/win32/gwinhttpfile.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/gio/win32/gwinhttpfile.c b/gio/win32/gwinhttpfile.c -index 040ee8564..246ec0578 100644 ---- a/gio/win32/gwinhttpfile.c -+++ b/gio/win32/gwinhttpfile.c -@@ -394,10 +394,10 @@ g_winhttp_file_resolve_relative_path (GFile *file, - child = g_object_new (G_TYPE_WINHTTP_FILE, NULL); - child->vfs = winhttp_file->vfs; - child->url = winhttp_file->url; -- child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, (winhttp_file->url.dwSchemeLength+1)*2); -- child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, (winhttp_file->url.dwHostNameLength+1)*2); -- child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, (winhttp_file->url.dwUserNameLength+1)*2); -- child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, (winhttp_file->url.dwPasswordLength+1)*2); -+ child->url.lpszScheme = g_memdup2 (winhttp_file->url.lpszScheme, ((gsize) winhttp_file->url.dwSchemeLength + 1) * 2); -+ child->url.lpszHostName = g_memdup2 (winhttp_file->url.lpszHostName, ((gsize) winhttp_file->url.dwHostNameLength + 1) * 2); -+ child->url.lpszUserName = g_memdup2 (winhttp_file->url.lpszUserName, ((gsize) winhttp_file->url.dwUserNameLength + 1) * 2); -+ child->url.lpszPassword = g_memdup2 (winhttp_file->url.lpszPassword, ((gsize) winhttp_file->url.dwPasswordLength + 1) * 2); - child->url.lpszUrlPath = wnew_path; - child->url.dwUrlPathLength = wcslen (wnew_path); - child->url.lpszExtraInfo = NULL; --- -2.30.1 - |