diff options
author | Timo Teräs <timo.teras@iki.fi> | 2021-07-16 10:54:08 +0300 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2021-07-26 14:43:35 +0300 |
commit | 36048e8fef019c5be938f8a688845b6eef1d46ab (patch) | |
tree | 0aa34f757463289276b3ccacc5395fdc5decca85 /test/command-parsing.sh | |
parent | 41a6e4c247e68e906bea1ca7c31f0e8d3b49bc83 (diff) | |
download | apk-tools-36048e8fef019c5be938f8a688845b6eef1d46ab.tar.gz apk-tools-36048e8fef019c5be938f8a688845b6eef1d46ab.tar.bz2 apk-tools-36048e8fef019c5be938f8a688845b6eef1d46ab.tar.xz apk-tools-36048e8fef019c5be938f8a688845b6eef1d46ab.zip |
libfetch: fix range checking for http/ftp protocol parsing
Various parsing of numeric strings were not having adequate range
checking causing information leak or potential crash.
CVE-2021-36159
fixes #10749
Co-authored-by: Ariadne Conill <ariadne@dereferenced.org>
Reported-by: Samanta Navarro <ferivoz@riseup.net>
Diffstat (limited to 'test/command-parsing.sh')
0 files changed, 0 insertions, 0 deletions