Author: emaste
Date: Tue Jul 2 23:56:37 2019
New Revision: 349619
URL: https://svnweb.freebsd.org/changeset/base/349619
Log:
libc: correct iconv buffer overflow
admbugs: 920
Submitted by: Andrea Venturoli, gabor
Reported by: Andrea Venturoli <secur...@netfence.it>, NetFence
Security: CVE-2019-5600
Security: FreeBSD-SA-19:09.iconv
Modified:
head/lib/libc/iconv/citrus_none.c
Modified: head/lib/libc/iconv/citrus_none.c
==============================================================================
--- head/lib/libc/iconv/citrus_none.c Tue Jul 2 23:02:52 2019
(r349618)
+++ head/lib/libc/iconv/citrus_none.c Tue Jul 2 23:56:37 2019
(r349619)
@@ -144,7 +144,7 @@ _citrus_NONE_stdenc_cstomb(struct _citrus_stdenc * __r
s[2] = (char)(idx >> 16);
*nresult = 3;
} else {
- if (n < 3) {
+ if (n < 4) {
*nresult = (size_t)-1;
return (E2BIG);
}
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
