io: Fix use after free in ftw (BZ 26779)
(cherry picked from commit 79dcf1a0e983217810662ec0ebe26dc33b43c41c)
This commit is contained in:
liqingqing_1229
openeuler-sync-bot
parent
816e5fb975
commit
475a8ee8af
@ -66,7 +66,7 @@
|
||||
##############################################################################
|
||||
Name: glibc
|
||||
Version: 2.34
|
||||
Release: 102
|
||||
Release: 103
|
||||
Summary: The GNU libc libraries
|
||||
License: %{all_license}
|
||||
URL: http://www.gnu.org/software/glibc/
|
||||
@ -243,6 +243,7 @@ Patch155: backport-elf-tlsdeschtab.h-Add-the-Malloc-return-value-check.patch
|
||||
Patch156: backport-Fix-OOB-read-in-stdlib-thousand-grouping-parsing-BZ.patch
|
||||
Patch157: backport-elf-Remove-allocate-use-on-_dl_debug_printf.patch
|
||||
Patch158: backport-elf-Do-not-completely-clear-reused-namespace-in-dlmo.patch
|
||||
Patch159: io-Fix-use-after-free-in-ftw-BZ-26779.patch
|
||||
|
||||
Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch
|
||||
Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch
|
||||
@ -1424,6 +1425,9 @@ fi
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Dec 12 2022 Qingqing Li <liqingqing3@huawei.com> - 2.34-103
|
||||
- io: Fix use after free in ftw (BZ 26779)
|
||||
|
||||
* Thu Dec 08 2022 shixuantong <shixuantong1@huawei.com> - 2.34-102
|
||||
- elf: Do not completely clear reused namespace in dlmopen (bug 29600)
|
||||
- elf: Remove allocate use on _dl_debug_printf
|
||||
|
||||
29
io-Fix-use-after-free-in-ftw-BZ-26779.patch
Normal file
29
io-Fix-use-after-free-in-ftw-BZ-26779.patch
Normal file
@ -0,0 +1,29 @@
|
||||
From ee52ab25ba875f458981fce22c54e3c04c7a17d3 Mon Sep 17 00:00:00 2001
|
||||
From: Martin Sebor <msebor@redhat.com>
|
||||
Date: Tue, 25 Jan 2022 17:39:02 -0700
|
||||
Subject: [PATCH] io: Fix use-after-free in ftw [BZ #26779]
|
||||
|
||||
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
||||
---
|
||||
io/ftw.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/io/ftw.c b/io/ftw.c
|
||||
index 2742541f36..94bd5a93e4 100644
|
||||
--- a/io/ftw.c
|
||||
+++ b/io/ftw.c
|
||||
@@ -323,8 +323,9 @@ open_dir_stream (int *dfdp, struct ftw_data *data, struct dir_data *dirp)
|
||||
buf[actsize++] = '\0';
|
||||
|
||||
/* Shrink the buffer to what we actually need. */
|
||||
- data->dirstreams[data->actdir]->content = realloc (buf, actsize);
|
||||
- if (data->dirstreams[data->actdir]->content == NULL)
|
||||
+ void *content = realloc (buf, actsize);
|
||||
+ data->dirstreams[data->actdir]->content = content;
|
||||
+ if (content == NULL)
|
||||
{
|
||||
int save_err = errno;
|
||||
free (buf);
|
||||
--
|
||||
2.33.0
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user