patch 9.1.0404: [security] xxd: buffer-overflow with specific flagsv9.1.0404

Problem: [security] xxd: buffer-overflow with specific flags Solution: Correctly calculate the required buffer space (Lennard Hofmann) xxd writes each output line into a global buffer before printing. The maximum size of that buffer was not calculated correctly. This command was crashing in AddressSanitizer: $ xxd -Ralways -g1 -c256 -d -o 9223372036854775808 /etc/passwd This prints a line of 6680 bytes but the buffer only had room for 6549 bytes. If the output from "-b" was colored, the line could be even longer. closes: #14738 Co-authored-by: K.Takata <kentkt@csc.jp> Signed-off-by: Lennard Hofmann <lennard.hofmann@web.de> Signed-off-by: Christian Brabandt <cb@256bit.org>
author: Lennard Hofmann <lennard.hofmann@web.de> 2024-05-10 14:17:26 +0200
committer: Christian Brabandt <cb@256bit.org> 2024-05-10 14:41:18 +0200
commit: 67797191e039196128c69ba1538ccaf2a4711323 (patch)
tree: ca26c9474f4cf8743173cc23b99bf19bd8a475e0 /src/version.c
parent: 8c35c26c1f68950a75a1a93339410244fec23afc (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/src/version.c b/src/version.c
index 954b747b58..6bb8be6f4e 100644
--- a/src/version.c
+++ b/src/version.c
@@ -705,6 +705,8 @@ static char *(features[]) =
 static int included_patches[] =
 {   /* Add new patch number below this line */
 /**/
+    404,
+/**/
     403,
 /**/
     402,
author	Lennard Hofmann <lennard.hofmann@web.de>	2024-05-10 14:17:26 +0200
committer	Christian Brabandt <cb@256bit.org>	2024-05-10 14:41:18 +0200
commit	67797191e039196128c69ba1538ccaf2a4711323 (patch)
tree	ca26c9474f4cf8743173cc23b99bf19bd8a475e0 /src/version.c
parent	8c35c26c1f68950a75a1a93339410244fec23afc (diff)