Apply fix for CVE-2008-2371 to fix a heap-based buffer overflow.

author Matthias Clasen <matthiasc@src.gnome.org>

Tue, 1 Jul 2008 03:27:14 +0000 (03:27 +0000)

committer Matthias Clasen <matthiasc@src.gnome.org>

Tue, 1 Jul 2008 03:27:14 +0000 (03:27 +0000)
author Matthias Clasen <matthiasc@src.gnome.org>
Tue, 1 Jul 2008 03:27:14 +0000 (03:27 +0000)
committer Matthias Clasen <matthiasc@src.gnome.org>
Tue, 1 Jul 2008 03:27:14 +0000 (03:27 +0000)
diff --git a/ChangeLog b/ChangeLog

index 9af8de484aadc5578bb8538481feb5fca9103e4c..b5bc37e77d48763b2f22f4a5b53583862ede5e4f 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2008-06-30  Matthias Clasen  <mclasen@redhat.com>
+
+       * glib/pcre/pcre_compile.c: Apply fix for CVE-2008-2371 to
+       fix a heap-based buffer overflow.
+
  2008-06-29  Björn Lindqvist  <bjourne@gmail.com>
  
         Bug 539626 – Update docstrings for g_object_freeze_notify and
diff --git a/glib/pcre/pcre_compile.c b/glib/pcre/pcre_compile.c

index 514127f2183a06e5e20bfb5f18cc001af5f61de1..54756bc7403a3fb1a442030d2d3d73130a6c5498 100644 (file)
--- a/glib/pcre/pcre_compile.c
+++ b/glib/pcre/pcre_compile.c
@@ -4807,7 +4807,7 @@ we set the flag only if there is a literal "\r" or "\n" in the class. */
                 (lengthptr == NULL || *lengthptr == 2 + 2*LINK_SIZE))
              {
              cd->external_options = newoptions;
-            options = newoptions;
+            options = *optionsptr = newoptions;
              }
           else
              {
author	Matthias Clasen <matthiasc@src.gnome.org>
	Tue, 1 Jul 2008 03:27:14 +0000 (03:27 +0000)
committer	Matthias Clasen <matthiasc@src.gnome.org>
	Tue, 1 Jul 2008 03:27:14 +0000 (03:27 +0000)
ChangeLog		patch \| blob \| history
glib/pcre/pcre_compile.c		patch \| blob \| history