Package: liblouis / 3.0.0-3+deb9u4

CVE-2017-13738-and-2017-13744.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
From edf8ee00197e5a9b062554bdca00fe1617d257a4 Mon Sep 17 00:00:00 2001
From: Mike Gorse <mgorse@suse.com>
Date: Tue, 29 Aug 2017 16:55:29 -0500
Subject: [PATCH] Fix possible out-of-bounds write from a \ followed by
 multiple newlines

Fixes CVE-2017-13738 and CVE-2017-13744.
Index: liblouis-3.0.0/liblouis/compileTranslationTable.c
===================================================================
--- liblouis-3.0.0.orig/liblouis/compileTranslationTable.c
+++ liblouis-3.0.0/liblouis/compileTranslationTable.c
@@ -573,6 +573,7 @@ getALine (FileInfo * nested)
       if (pch == '\\' && ch == 10)
 	{
 	  nested->linelen--;
+	  pch = ch;
 	  continue;
 	}
       if (ch == 10 || nested->linelen >= MAXSTRING)