git-history.diyao.me Git - systemd/.git/commit

author	Kevin Backhouse <securitylab@github.com>
	Fri, 12 Mar 2021 17:00:56 +0000 (18:00 +0100)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Fri, 12 Mar 2021 17:25:58 +0000 (18:25 +0100)
commit	37ca78a35cd1b9f13e584ccf3d332413c7875e40
tree	810a0b0ca70f98dc09754bc4b53c2aeb0cd79d92	tree \| snapshot
parent	495787b56cc74e6160f72b11c3bb52380e45f646	commit \| diff

ask-password-api: fix error handling on invalid unicode character

The integer overflow happens when utf8_encoded_valid_unichar() returns an error
code. The error code is a negative number: -22. This overflows when it is
assigned to `z` (type `size_t`). This can cause an infinite loop if the value
of `q` is 22 or larger.

To reproduce the bug, you need to run `systemd-ask-password` and enter an
invalid unicode character, followed by a backspace character.

GHSL-2021-052

src/shared/ask-password-api.c

diff | blob | history

https://github.com/systemd/systemd.git

RSS Atom