summary refs log tree commit diff
path: root/gnu/packages/patches/icu4c-CVE-2014-6585.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/icu4c-CVE-2014-6585.patch')
-rw-r--r--gnu/packages/patches/icu4c-CVE-2014-6585.patch21
1 files changed, 21 insertions, 0 deletions
diff --git a/gnu/packages/patches/icu4c-CVE-2014-6585.patch b/gnu/packages/patches/icu4c-CVE-2014-6585.patch
new file mode 100644
index 0000000000..d21a0d0ba1
--- /dev/null
+++ b/gnu/packages/patches/icu4c-CVE-2014-6585.patch
@@ -0,0 +1,21 @@
+Copied from Debian.
+
+description: out-of-bounds read
+origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6585
+
+--- a/source/layout/LETableReference.h
++++ b/source/layout/LETableReference.h
+@@ -322,7 +322,12 @@ LE_TRACE_TR("INFO: new RTAO")
+   }
+   
+   const T& operator()(le_uint32 i, LEErrorCode &success) const {
+-    return *getAlias(i,success);
++    const T *ret = getAlias(i,success);
++    if (LE_FAILURE(success) || ret==NULL) {
++      return *(new T());
++    } else {
++      return *ret;
++    }
+   }
+ 
+   size_t getOffsetFor(le_uint32 i, LEErrorCode &success) const {
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-02-17 14:59:04 +0000