commit | fcf0ba06ae12ccd7c67cee3c8d948df15f946b85 | [log] [tgz] |
---|---|---|
author | Erik de Castro Lopo <erikd@mega-nerd.com> | Wed Nov 19 19:35:59 2014 -0800 |
committer | Erik de Castro Lopo <erikd@mega-nerd.com> | Tue Nov 25 13:03:55 2014 +1100 |
tree | 86599c12e2ee8b50fe5b3ab98ea1d12329180e05 | |
parent | 288edbb3a16b3b857508e2f70d0fb43091f2858f [diff] |
src/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow. A file provided by the reporters caused the stream decoder to write to un-allocated heap space resulting in a segfault. The solution is to error out (by returning false from read_residual_partitioned_rice_()) instead of trying to continue to decode. Fixes: CVE-2014-9028 Reported-by: Michele Spagnuolo, Google Security Team <mikispag@google.com>