diff options
Diffstat (limited to 'core/perl/cve-2012-5195.patch')
| -rw-r--r-- | core/perl/cve-2012-5195.patch | 29 |
1 files changed, 0 insertions, 29 deletions
diff --git a/core/perl/cve-2012-5195.patch b/core/perl/cve-2012-5195.patch deleted file mode 100644 index a995194c6..000000000 --- a/core/perl/cve-2012-5195.patch +++ /dev/null @@ -1,29 +0,0 @@ -commit b11b0d3ef18a35595a07a06c91fa4f27c9cacf5b -Author: Andy Dougherty <doughera@lafayette.edu> -Date: Thu Sep 27 09:52:18 2012 -0400 - - avoid calling memset with a negative count - - Poorly written perl code that allows an attacker to specify the count to - perl's 'x' string repeat operator can already cause a memory exhaustion - denial-of-service attack. A flaw in versions of perl before 5.15.5 can - escalate that into a heap buffer overrun; coupled with versions of glibc - before 2.16, it possibly allows the execution of arbitrary code. - - The flaw addressed to this commit has been assigned identifier - CVE-2012-5195. - -diff --git a/util.c b/util.c -index 171456f..34f5fa9 100644 ---- a/util.c -+++ b/util.c -@@ -3416,6 +3416,9 @@ Perl_repeatcpy(register char *to, register const char *from, I32 len, register I - { - PERL_ARGS_ASSERT_REPEATCPY; - -+ if (count < 0) -+ Perl_croak_nocontext("%s",PL_memory_wrap); -+ - if (len == 1) - memset(to, *from, count); - else if (count) { |