mirror/openwrt
1
0
Fork 0
mirror of https://git.openwrt.org/openwrt/openwrt.git synced 2024-06-16 20:23:53 +02:00
Code Releases Activity
bc0288b768
openwrt/package/libs/libjson-c/patches/004-Issue-599-Fix-the-backwards-check-in-lh_table_insert.patch
Robert Marko bc0288b768 libjson-c: backport security fixes 
This backports upstream fixes for the out of bounds write vulnerability in json-c.
It was reported and patches in this upstream PR: https://github.com/json-c/json-c/pull/592

Addresses CVE-2020-12762

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-05-13 11:16:43 +02:00

30 lines
1.0 KiB
Diff
Raw Blame History

From 519dfe1591d85432986f9762d41d1a883198c157 Mon Sep 17 00:00:00 2001
From: Eric Haszlakiewicz <erh+git@nimenees.com>
Date: Sun, 10 May 2020 03:32:19 +0000
Subject: [PATCH] Issue #599: Fix the backwards check in
lh_table_insert_w_hash() that was preventing adding more than 11 objects. Add
a test to check for this too.
---
linkhash.c | 2 +-
tests/test4.c | 29 +++++++++++++++++++++++++++++
tests/test4.expected | 1 +
3 files changed, 31 insertions(+), 1 deletion(-)
diff --git a/linkhash.c b/linkhash.c
index 51e90b1..f930efd 100644
--- a/linkhash.c
+++ b/linkhash.c
@@ -582,7 +582,7 @@ int lh_table_insert_w_hash(struct lh_table *t, const void *k, const void *v, con
if (t->count >= t->size * LH_LOAD_FACTOR) {
/* Avoid signed integer overflow with large tables. */
- int new_size = INT_MAX / 2 < t->size ? t->size * 2 : INT_MAX;
+ int new_size = (t->size > INT_MAX / 2) ? INT_MAX : (t->size * 2);
if (t->size == INT_MAX || lh_table_resize(t, new_size) != 0)
return -1;
}
--
2.26.2
View Git Blame Copy Permalink