libfetch: fix range checking for http/ftp protocol parsing - apk-tools - Adélie Linux patches for Alpine Package Keeper (apk-tools)

diff options

author	Timo Teräs <timo.teras@iki.fi>	2021-07-16 10:54:08 +0300
committer	Timo Teräs <timo.teras@iki.fi>	2021-07-26 14:43:14 +0300
commit	ca1d975e5eae662cfde085338e2e29f8e6fcf64b (patch)
tree	5cbfdf287c45c0d472ddce0d0dcf7201c0bbad80 /src/app_audit.c
parent	003e7135024b08b6f29ba83935b468c8f0b41ad4 (diff)
download	apk-tools-ca1d975e5eae662cfde085338e2e29f8e6fcf64b.tar.gz apk-tools-ca1d975e5eae662cfde085338e2e29f8e6fcf64b.tar.bz2 apk-tools-ca1d975e5eae662cfde085338e2e29f8e6fcf64b.tar.xz apk-tools-ca1d975e5eae662cfde085338e2e29f8e6fcf64b.zip

libfetch: fix range checking for http/ftp protocol parsing

Various parsing of numeric strings were not having adequate range checking causing information leak or potential crash. CVE-2021-36159 fixes #10749 Co-authored-by: Ariadne Conill <ariadne@dereferenced.org> Reported-by: Samanta Navarro <ferivoz@riseup.net>

Diffstat (limited to 'src/app_audit.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: