File: CVE-2021-42006.patch

package info (click to toggle)
libgclib 0.12.8%2Bds-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,416 kB
  • sloc: cpp: 26,881; makefile: 58; sh: 20
file content (28 lines) | stat: -rw-r--r-- 686 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
Description: Fix CVE-2021-42006
Bug: https://github.com/gpertea/gclib/issues/11
Bug-Debian: https://bugs.debian.org/996591
Author: Andreas Tille <tille@debian.org>
Last-Update: 2021-10-18

--- libgclib.orig/gff.cpp
+++ libgclib/gff.cpp
@@ -487,7 +487,7 @@
  GMALLOC(dupline, llen+1);
  memcpy(dupline, l, llen+1);
  skipLine=true; //clear only if we make it to the end of this function
- char* t[9];
+ char* t[9] = {0};
  int i=0;
  int tidx=1;
  t[0]=line;
@@ -512,6 +512,10 @@
  track=t[1];
  ftype=t[2];
  info=t[8];
+ if (!info) {
+   GMessage("Warning: missing info:\n%s\n",l);
+   return;
+ }
  char* p=t[3];
  if (!parseUInt(p,fstart)) {
    //chromosome_band entries in Flybase