diff options
Diffstat (limited to 'gnu/packages/patches/ytnef-CVE-2021-3404.patch')
| -rw-r--r-- | gnu/packages/patches/ytnef-CVE-2021-3404.patch | 30 |
1 files changed, 0 insertions, 30 deletions
diff --git a/gnu/packages/patches/ytnef-CVE-2021-3404.patch b/gnu/packages/patches/ytnef-CVE-2021-3404.patch deleted file mode 100644 index e991d6aff1..0000000000 --- a/gnu/packages/patches/ytnef-CVE-2021-3404.patch +++ /dev/null @@ -1,30 +0,0 @@ -From f9ff4a203b8c155d51a208cadadb62f224fba715 Mon Sep 17 00:00:00 2001 -From: Oliver Giles <ohw.giles@gmail.com> -Date: Mon, 1 Feb 2021 10:18:17 +1300 -Subject: [PATCH] Ensure the size of the version field is 4 bytes - -A corrupted version field size can cause TNEFVersion to access outside -of allocated memory. Check the version is the expected size and raise -an error if not. - -Resolves: #86 -Reported-by: jasperla ---- - lib/ytnef.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/lib/ytnef.c b/lib/ytnef.c -index b148719..ffede44 100644 ---- a/lib/ytnef.c -+++ b/lib/ytnef.c -@@ -335,6 +335,10 @@ int TNEFRendData STD_ARGLIST { - int TNEFVersion STD_ARGLIST { - WORD major; - WORD minor; -+ if (size != 2 * sizeof(WORD)) { -+ printf("Incorrect size of version field, suspected corruption\n"); -+ return -1; -+ } - minor = SwapWord((BYTE*)data, size); - major = SwapWord((BYTE*)data + 2, size - 2); - |