Mercurial > hg
changeset 28657:b9714d958e89 stable
parsers: detect short records (SEC)
CVE-2016-3630 (2/2)
This addresses part of a vulnerability in binary delta application.
author | Matt Mackall <mpm@selenic.com> |
---|---|
date | Wed, 16 Mar 2016 17:30:26 -0700 |
parents | b6ed2505d6cf |
children | 34d43cb85de8 |
files | mercurial/mpatch.c |
diffstat | 1 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/mpatch.c Wed Mar 16 17:29:29 2016 -0700 +++ b/mercurial/mpatch.c Wed Mar 16 17:30:26 2016 -0700 @@ -215,10 +215,10 @@ lt->start = getbe32(bin + pos); lt->end = getbe32(bin + pos + 4); lt->len = getbe32(bin + pos + 8); - if (lt->start > lt->end) - break; /* sanity check */ lt->data = bin + pos + 12; pos += 12 + lt->len; + if (lt->start > lt->end || lt->len < 0) + break; /* sanity check */ lt++; }