granicus.if.org Git - procps-ng/commit

]> granicus.if.org Git - procps-ng/commit

author	Qualys Security Advisory <qsa@qualys.com>
	Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committer	Craig Small <csmall@enc.com.au>
	Fri, 18 May 2018 21:32:21 +0000 (07:32 +1000)
commit	37ce162604d0f0039b6fec5e2206a0593330c421
tree	afc57e584424dccb30c556030e41164000a497bf	tree \| snapshot
parent	8d359b04abae666e621694a8e7bfa9d55a2e07c4	commit \| diff

proc/escape.c: Prevent integer overflows in escape_str_utf8().

Simply rearrange the old comparisons. The new comparisons are safe,
because we know from previous checks that:

1/ wlen > 0

2/ my_cells < *maxcells (also: my_cells >= 0 and *maxcells > 0)

3/ len > 1

4/ my_bytes+1 < bufsize (also: my_bytes >= 0 and bufsize > 0)

proc/escape.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom