packages/yasm
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
yasm/CVE-2023-29579.patch
Funda Wang cdb0e78f61 fix CVE-2021-33454, CVE-2021-33464, CVE-2023-29579 
(cherry picked from commit 7aec1c83b4bfa6438582630d51dfd9ceaa9059b2)
2025-05-13 09:41:02 +08:00

23 lines
1.0 KiB
Diff
Raw Blame History

Description: Make sure CPU feature parsing use large enough string buffer.
Fixes CVE-2023-29579.
Author: Petter Reinholdtsen <pere@debian.org>
Bug: https://github.com/yasm/yasm/issues/214
Bug-Debian: https://bugs.debian.org/1035951
Forwarded: https://github.com/yasm/yasm/issues/214
Last-Update: 2025-04-30
---
--- yasm-1.3.0.orig/modules/arch/x86/x86arch.c
+++ yasm-1.3.0/modules/arch/x86/x86arch.c
@@ -165,8 +165,9 @@ x86_dir_cpu(yasm_object *object, yasm_va
yasm_error_set(YASM_ERROR_SYNTAX,
N_("invalid argument to [%s]"), "CPU");
else {
- char strcpu[16];
- sprintf(strcpu, "%lu", yasm_intnum_get_uint(intcpu));
+ char strcpu[21]; /* 21 = ceil(log10(LONG_MAX)+1) */
+ assert(8*sizeof(unsigned long) <= 64);
+ snprintf(strcpu, sizeof(strcpu), "%lu", yasm_intnum_get_uint(intcpu));
yasm_x86__parse_cpu(arch_x86, strcpu, strlen(strcpu));
}
} else
Reference in New Issue View Git Blame Copy Permalink