diff options
Diffstat (limited to 'media-gfx/openscad/files/openscad-2021.01-CVE-2022-0497-Out-of-bounds-memory-access-in-comment.patch')
-rw-r--r-- | media-gfx/openscad/files/openscad-2021.01-CVE-2022-0497-Out-of-bounds-memory-access-in-comment.patch | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/media-gfx/openscad/files/openscad-2021.01-CVE-2022-0497-Out-of-bounds-memory-access-in-comment.patch b/media-gfx/openscad/files/openscad-2021.01-CVE-2022-0497-Out-of-bounds-memory-access-in-comment.patch new file mode 100644 index 000000000000..39ef72406f47 --- /dev/null +++ b/media-gfx/openscad/files/openscad-2021.01-CVE-2022-0497-Out-of-bounds-memory-access-in-comment.patch @@ -0,0 +1,25 @@ +From https://github.com/openscad/openscad/commit/84addf3c1efbd51d8ff424b7da276400bbfa1a4b Mon Sep 17 00:00:00 2001 +From: Torsten Paul <Torsten.Paul@gmx.de> +Date: Sat, 5 Feb 2022 18:45:29 +0100 +Subject: [PATCH 02/11] CVE-2022-0497 Out-of-bounds memory access in comment + parser. + +Public issue: +https://github.com/openscad/openscad/issues/4043 + +Fix in master branch: +https://github.com/openscad/openscad/pull/4044 +--- a/src/comment.cpp ++++ b/src/comment.cpp +@@ -92,7 +92,7 @@ static std::string getComment(const std::string &fulltext, int line) + } + + int end = start + 1; +- while (fulltext[end] != '\n') end++; ++ while (end < fulltext.size() && fulltext[end] != '\n') end++; + + std::string comment = fulltext.substr(start, end - start); + +-- +2.35.1 + |