libfetch: fix range checking for http/ftp protocol parsing - apk-tools - Adélie Linux patches for Alpine Package Keeper (apk-tools)

diff options

author	Timo Teräs <timo.teras@iki.fi>	2021-07-16 10:54:08 +0300
committer	Timo Teräs <timo.teras@iki.fi>	2021-07-26 14:43:35 +0300
commit	36048e8fef019c5be938f8a688845b6eef1d46ab (patch)
tree	0aa34f757463289276b3ccacc5395fdc5decca85 /test/complicated4.test
parent	41a6e4c247e68e906bea1ca7c31f0e8d3b49bc83 (diff)
download	apk-tools-36048e8fef019c5be938f8a688845b6eef1d46ab.tar.gz apk-tools-36048e8fef019c5be938f8a688845b6eef1d46ab.tar.bz2 apk-tools-36048e8fef019c5be938f8a688845b6eef1d46ab.tar.xz apk-tools-36048e8fef019c5be938f8a688845b6eef1d46ab.zip

libfetch: fix range checking for http/ftp protocol parsing

Various parsing of numeric strings were not having adequate range checking causing information leak or potential crash. CVE-2021-36159 fixes #10749 Co-authored-by: Ariadne Conill <ariadne@dereferenced.org> Reported-by: Samanta Navarro <ferivoz@riseup.net>

Diffstat (limited to 'test/complicated4.test')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: