|
|
|
# --- SDE-COPYRIGHT-NOTE-BEGIN ---
|
|
|
|
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
|
|
|
|
#
|
|
|
|
# Filename: package/.../gv/CVE-2006-5864.patch
|
|
|
|
# Copyright (C) 2006 The OpenSDE Project
|
|
|
|
#
|
|
|
|
# More information can be found in the files COPYING and README.
|
|
|
|
#
|
|
|
|
# This patch file is dual-licensed. It is available under the license the
|
|
|
|
# patched project is licensed under, as long as it is an OpenSource license
|
|
|
|
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
|
|
|
|
# of the GNU General Public License as published by the Free Software
|
|
|
|
# Foundation; either version 2 of the License, or (at your option) any later
|
|
|
|
# version.
|
|
|
|
# --- SDE-COPYRIGHT-NOTE-END ---
|
|
|
|
|
|
|
|
CVE-2006-5864 from submaster by daja77
|
|
|
|
https://www.rocklinux.net/submaster/index.websplb?mode=patch&uid=2006112114050583380
|
|
|
|
|
|
|
|
--- ./src/ps.c.sec2 2006-11-09 17:31:34.000000000 +0000
|
|
|
|
+++ ./src/ps.c 2006-11-09 17:37:07.000000000 +0000
|
|
|
|
@@ -1423,6 +1423,8 @@
|
|
|
|
quoted=1;
|
|
|
|
line++;
|
|
|
|
while (*line && !(*line == ')' && level == 0 )) {
|
|
|
|
+ if (cp - text >= PSLINELENGTH - 2)
|
|
|
|
+ break;
|
|
|
|
if (*line == '\\') {
|
|
|
|
if (*(line+1) == 'n') {
|
|
|
|
*cp++ = '\n';
|
|
|
|
@@ -1477,8 +1479,11 @@
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
- while (*line && !(*line == ' ' || *line == '\t' || *line == '\n'))
|
|
|
|
+ while (*line && !(*line == ' ' || *line == '\t' || *line == '\n')) {
|
|
|
|
+ if (cp - text >= PSLINELENGTH - 2)
|
|
|
|
+ break;
|
|
|
|
*cp++ = *line++;
|
|
|
|
+ }
|
|
|
|
}
|
|
|
|
*cp = '\0';
|
|
|
|
if (next_char) *next_char = line;
|