diff options
| author | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2024-05-28 16:18:30 -0500 |
|---|---|---|
| committer | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2024-08-07 09:58:09 -0500 |
| commit | fe6ea11a4fe63e51945625a3268294b95637e2c8 (patch) | |
| tree | 306985c358bb2576ed4402fa2603e54d5d14241c /user/readstat/use-after-free.patch | |
| parent | 442a7e2147ce9d355ff40e2e9274db39ced41313 (diff) | |
| download | packages-fe6ea11a4fe63e51945625a3268294b95637e2c8.tar.gz packages-fe6ea11a4fe63e51945625a3268294b95637e2c8.tar.bz2 packages-fe6ea11a4fe63e51945625a3268294b95637e2c8.tar.xz packages-fe6ea11a4fe63e51945625a3268294b95637e2c8.zip | |
user/readstat: Update to 1.1.9 and fix issues
1.1.9 includes many big-endian fixes and other improvements.
* Fix use-after-free found after 1.1.9 release that causes GCC to error.
* Fix buffer overflow that might cause a crash.
* Fix two more big endian issues.
Diffstat (limited to 'user/readstat/use-after-free.patch')
| -rw-r--r-- | user/readstat/use-after-free.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/user/readstat/use-after-free.patch b/user/readstat/use-after-free.patch new file mode 100644 index 000000000..70ea38ffd --- /dev/null +++ b/user/readstat/use-after-free.patch @@ -0,0 +1,37 @@ +From 718d49155e327471ed9bf4a8c157f849f285b46c Mon Sep 17 00:00:00 2001 +From: Stefan Gerlach <stefan.gerlach@uni-konstanz.de> +Date: Wed, 20 Sep 2023 15:18:07 +0200 +Subject: [PATCH] Fix use after free (#298) + +--- + src/bin/readstat.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/src/bin/readstat.c b/src/bin/readstat.c +index 48b8fdd..e3fbbd1 100644 +--- a/src/bin/readstat.c ++++ b/src/bin/readstat.c +@@ -397,8 +397,6 @@ static int convert_file(const char *input_filename, const char *catalog_filename + module->finish(rs_ctx->module_ctx); + } + +- free(rs_ctx); +- + if (error != READSTAT_OK) { + if (file_exists) { + fprintf(stderr, "Error opening %s: File exists (Use -f to overwrite)\n", output_filename); +@@ -406,9 +404,14 @@ static int convert_file(const char *input_filename, const char *catalog_filename + fprintf(stderr, "Error processing %s: %s\n", rs_ctx->error_filename, readstat_error_message(error)); + unlink(output_filename); + } ++ ++ free(rs_ctx); ++ + return 1; + } + ++ free(rs_ctx); ++ + return 0; + } + |