Package list unrtf / debian/0.21.5-3 debian / patches / 0002-Need-to-process-word-chars-as-unsigned.-Else-char-wi.patch
debian/0.21.5-3

Tree @debian/0.21.5-3 (Download .tar.gz)

0002-Need-to-process-word-chars-as-unsigned.-Else-char-wi.patch @debian/0.21.5-3raw · history · blame

From: Jean-Francois Dockes <jfd@recoll.org>
Date: Sun, 21 Dec 2014 10:47:03 +0100
Subject: Need to process word chars as unsigned. Else char with hi bit set
 can crash program

Partially fixes CVE-2014-9275, according to
https://lists.gnu.org/archive/html/bug-unrtf/2014-12/msg00001.html

Origin: https://bitbucket.org/medoc/unrtf-int/commits/1df886f2e65f7c512a6217588ae8d94d4bcbc63d/raw/
Bug-Debian: http://bugs.debian.org/772811
---
 src/hash.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/hash.c b/src/hash.c
index b886d1e..67c6a25 100644
--- a/src/hash.c
+++ b/src/hash.c
@@ -133,8 +133,8 @@ hashitem_new (char *str)
 
 	hi->str = my_strdup(str);
 
-	i = *str;
-	if (i=='\\') i=str[1];
+	i = (unsigned char)*str;
+	if (i=='\\') i=(unsigned char)str[1];
 	i <<= 24;
 	hi->value = i | (hash_value++ & 0xffffff);
 	hi->next = NULL;