summaryrefslogtreecommitdiff
path: root/community/dumb/CVE-2006-3668.patch
diff options
context:
space:
mode:
Diffstat (limited to 'community/dumb/CVE-2006-3668.patch')
-rw-r--r--community/dumb/CVE-2006-3668.patch16
1 files changed, 16 insertions, 0 deletions
diff --git a/community/dumb/CVE-2006-3668.patch b/community/dumb/CVE-2006-3668.patch
new file mode 100644
index 000000000..09d2fb68f
--- /dev/null
+++ b/community/dumb/CVE-2006-3668.patch
@@ -0,0 +1,16 @@
+Index: libdumb-0.9.3/src/it/itread.c
+===================================================================
+--- libdumb-0.9.3.orig/src/it/itread.c 2006-07-21 11:05:48.000000000 +0200
++++ libdumb-0.9.3/src/it/itread.c 2006-07-21 11:07:22.000000000 +0200
+@@ -292,6 +292,11 @@
+
+ envelope->flags = dumbfile_getc(f);
+ envelope->n_nodes = dumbfile_getc(f);
++ if(envelope->n_nodes > 25) {
++ TRACE("IT error: wrong number of envelope nodes (%d)\n", envelope->n_nodes);
++ envelope->n_nodes = 0;
++ return -1;
++ }
+ envelope->loop_start = dumbfile_getc(f);
+ envelope->loop_end = dumbfile_getc(f);
+ envelope->sus_loop_start = dumbfile_getc(f);
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-03 13:26:03 +0000