44 lines
1.3 KiB
Diff
44 lines
1.3 KiB
Diff
# HG changeset patch
|
|
# User John Calcote <john.calcote@gmail.com>
|
|
# Date 1491502259 21600
|
|
# Thu Apr 06 12:10:59 2017 -0600
|
|
# Node ID 52e64208bc616a5def0f4d337c1adc18c23ef3ec
|
|
# Parent f9f53696e6bea9976d3c0e5c6825b9d7a026be7c
|
|
CVE-2012-4428: fix handling of string-list in slp_common.c
|
|
|
|
diff -r f9f53696e6be -r 52e64208bc61 common/slp_compare.c
|
|
--- a/common/slp_compare.c Thu Apr 06 12:04:31 2017 -0600
|
|
+++ b/common/slp_compare.c Thu Apr 06 12:10:59 2017 -0600
|
|
@@ -588,13 +588,10 @@
|
|
/* seek to the end of the next list item */
|
|
while(1)
|
|
{
|
|
- if(itemend == listend || *itemend == ',')
|
|
- {
|
|
- if(*(itemend - 1) != '\\')
|
|
- {
|
|
- break;
|
|
- }
|
|
- }
|
|
+ if(itemend == listend)
|
|
+ break;
|
|
+ if(*itemend == ',' && *(itemend - 1) != '\\')
|
|
+ break;
|
|
|
|
itemend++;
|
|
}
|
|
@@ -684,9 +681,10 @@
|
|
/* seek to the end of the next list item */
|
|
while (1)
|
|
{
|
|
- if (itemend == listend || *itemend == ',')
|
|
- if (*(itemend - 1) != '\\')
|
|
- break;
|
|
+ if(itemend == listend)
|
|
+ break;
|
|
+ if(*itemend == ',' && *(itemend - 1) != '\\')
|
|
+ break;
|
|
itemend++;
|
|
}
|
|
|