savannah.gnu.org
Open in
urlscan Pro
2001:470:142::72
Public Scan
URL:
https://savannah.gnu.org/patch/?10307
Submission: On February 08 via api from US — Scanned from DE
Submission: On February 08 via api from US — Scanned from DE
Form analysis
1 forms found in the DOMGET /search/#options
<form action="/search/#options" method="get">
<input type="text" title="Terms to look for" size="15" name="words" value="">
<br> in <select title="Area to search in" name="type_of_search">
<option value="soft" selected="selected">Projects</option>
<option value="people">People</option>
<option value="support"><!-- Search... in -->Support</option>
<option value="bugs"><!-- Search... in -->Bugs</option>
<option value="task"><!-- Search... in -->Tasks</option>
<option value="patch"><!-- Search... in -->Patches</option>
</select>
<br> <input type="submit" name="Search" value="Search"> <input type="hidden" name="exact" value="1">
</form>
Text Content
* * Not Logged in * Login * New User * This Page * Language * Clean Reload * Printer Version * Search * in Projects People Support Bugs Tasks Patches * Hosted Projects * Hosting requirements * Register New Project * Full List * Contributors Wanted * Statistics * Site Help * User Docs: FAQ * User Docs: In Depth Guide * Get Support * Contact Savannah * GNU Project * Help GNU * All GNU Packages * Dev Resources * License List * GNU Mirrors * Help us protect your freedom and the rights of computer users everywhere by becoming a member of the FSF. Join Now! * Free Software Foundation * Coming Events * Free Software Directory * Cryptographic software legal notice * Copyright infringement notification * Related Forges * Savannah Non-GNU * Puszcza GNU TAR - PATCHES: PATCH #10307, FIX SAVANNAH BUG #62387 Group * Main * Main * View members * Search * Homepage * Download * Support * Submit new * Browse * Reset to open * Digest * Export * Get statistics * Search * Mailing lists * Source code * Use Git * Browse Sources Repository * Bugs * Submit new * Browse * Reset to open * Digest * Export * Get statistics * Search * Tasks * Submit new * Browse * Reset to open * Digest * Export * Get statistics * Search * Patches * Submit new * Browse * Reset to open * Digest * Export * Get statistics * Search * News * Browse * Atom feed * Submit * Manage You are not allowed to post comments on this tracker with your current authentication level. PATCH #10307: FIX SAVANNAH BUG #62387 Submitter: Matej Mužila <mmuzila> Submitted: Wed 11 Jan 2023 08:58:25 AM UTC Category: None Priority: 5 - Normal Status: None Privacy: Public Assigned to: None Open/Closed: Open (-)DISCUSSION(+)DISCUSSION DISCUSSION Wed 11 Jan 2023 08:58:25 AM UTC, original submission: * src/list.c (from_header): Check for the end of field after leading byte (0x80 or 0xff) of base-256 encoded header value. If the 12 byte long mtime header field is set to a value consisting of 11 whitespaces (or '\0' and 10 whitespaces) followed by 0xff or 0x80 byte, heap buffer overflow occurs. In the base-256 decoding routine, the where pointer gets incremented after reading the leading byte (0x80 or 0xff), but no check for the end of the field is done before further reading. This may lead to out-of-bounds read and a jump depending on unitialised value. In this case the existing check does not kick in, because the where is already > lim. Patch fixing this problem is attached. Matej Mužila <mmuzila> (-)ATTACHED FILES(+)ATTACHED FILES ATTACHED FILES (Note: upload size limit is set to 16384 kB, after insertion of the required escape characters.) Attached Files file #54212: Fix-savannah-bug-62387.patch added by mmuzila (986B - text/x-patch) (-)DEPENDENCIES(+)DEPENDENCIES DEPENDENCIES Depends on the following items: None found Items that depend on this one: None found (-)MAIL NOTIFICATION CARBON-COPY LIST(+)MAIL NOTIFICATION CARBON-COPY LIST MAIL NOTIFICATION CARBON-COPY LIST Carbon-Copy List -email is unavailable- added by mmuzila (Submitted the item) (-)VOTES(+)VOTES VOTES There are 0 votes so far. Votes easily highlight which items people would like to see resolved in priority, independently of the priority of the item set by tracker managers. (-)HISTORY(+)HISTORY HISTORY Follows 1 latest change. Date Changed by Updated Field Previous Value => Replaced by 2023-01-11 mmuzila Attached File- Added Fix-savannah-bug-62387.patch, #54212 Copyright © 2023 Free Software Foundation, Inc. Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved. The Levitating, Meditating, Flute-playing Gnu logo is a GNU GPL'ed image provided by the Nevrax Design Team. Source Code Powered by Savane 3.10