Menu
▾
▴
[Ming-cvs] [libming/libming] c14d07: Fix integer overflow vulnerability in util/read.c.
|
From: GitHub <no...@gi...> - 2018-01-17 10:17:42
|
Branch: refs/heads/master Home: https://github.com/libming/libming Commit: c14d07ef20c3f403fcfa59502b74c66933473431 https://github.com/libming/libming/commit/c14d07ef20c3f403fcfa59502b74c66933473431 Author: Hugo Lefeuvre <hl...@de...> Date: 2018-01-17 (Wed, 17 Jan 2018) Changed paths: M NEWS M util/read.c Log Message: ----------- Fix integer overflow vulnerability in util/read.c. This vulnerability is caused by a regression introduced in d468907. In this commit we cast the result of readUInt8(f) before left shifting by 24 in order to avoid out of range shift. This commit fixes CVE-2018-5251 (fixes #98). Commit: 9141f1df0d6ecb84f298633ba03569bbf5c842d0 https://github.com/libming/libming/commit/9141f1df0d6ecb84f298633ba03569bbf5c842d0 Author: Hugo Lefeuvre <hl...@de...> Date: 2018-01-17 (Wed, 17 Jan 2018) Changed paths: M NEWS M util/read.c Log Message: ----------- Fix left shift of a negative value in readSBits. Check for !number before left-shifting by (number-1). This commit fixes CVE-2018-5294 (fixes #97). Compare: https://github.com/libming/libming/compare/1df8bc2e6e28...9141f1df0d6e |
