diff options
Diffstat (limited to 'pkgs/tools/compression/bzip2/cve-2019-12900.patch')
-rw-r--r-- | pkgs/tools/compression/bzip2/cve-2019-12900.patch | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/pkgs/tools/compression/bzip2/cve-2019-12900.patch b/pkgs/tools/compression/bzip2/cve-2019-12900.patch new file mode 100644 index 000000000000..bf3d13a7a691 --- /dev/null +++ b/pkgs/tools/compression/bzip2/cve-2019-12900.patch @@ -0,0 +1,13 @@ +https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d +diff --git a/decompress.c b/decompress.c +--- a/decompress.c ++++ b/decompress.c +@@ -287,7 +287,7 @@ + GET_BITS(BZ_X_SELECTOR_1, nGroups, 3); + if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR); + GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15); +- if (nSelectors < 1) RETURN(BZ_DATA_ERROR); ++ if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR); + for (i = 0; i < nSelectors; i++) { + j = 0; + while (True) { |