diff options
Diffstat (limited to 'package/libs/libjson-c/patches/001-Protect-array_list_del_idx-against-size_t-overflow.patch')
| -rw-r--r-- | package/libs/libjson-c/patches/001-Protect-array_list_del_idx-against-size_t-overflow.patch | 27 |
1 files changed, 0 insertions, 27 deletions
diff --git a/package/libs/libjson-c/patches/001-Protect-array_list_del_idx-against-size_t-overflow.patch b/package/libs/libjson-c/patches/001-Protect-array_list_del_idx-against-size_t-overflow.patch deleted file mode 100644 index 456fbf35ff..0000000000 --- a/package/libs/libjson-c/patches/001-Protect-array_list_del_idx-against-size_t-overflow.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 099016b7e8d70a6d5dd814e788bba08d33d48426 Mon Sep 17 00:00:00 2001 -From: Tobias Stoeckmann <tobias@stoeckmann.org> -Date: Mon, 4 May 2020 19:41:16 +0200 -Subject: [PATCH 1/2] Protect array_list_del_idx against size_t overflow. - -If the assignment of stop overflows due to idx and count being -larger than SIZE_T_MAX in sum, out of boundary access could happen. - -It takes invalid usage of this function for this to happen, but -I decided to add this check so array_list_del_idx is as safe against -bad usage as the other arraylist functions. ---- - arraylist.c | 3 +++ - 1 file changed, 3 insertions(+) - ---- a/arraylist.c -+++ b/arraylist.c -@@ -135,6 +135,9 @@ array_list_del_idx( struct array_list *a - { - size_t i, stop; - -+ /* Avoid overflow in calculation with large indices. */ -+ if (idx > SIZE_T_MAX - count) -+ return -1; - stop = idx + count; - if ( idx >= arr->length || stop > arr->length ) return -1; - for ( i = idx; i < stop; ++i ) { |