35584e6 Fix heap buffer overread when vuxml is empty — HardenedBSD-pkg

rad:z3QDZAW2FAfuLvihrhiyDC9fAD8G9

HardenedBSD Package Manager

Fix heap buffer overread when vuxml is empty

Baptiste Daroussin committed 1 month ago

commit 35584e6af64d88167c86c42d3ab70d11e0abc1a3
parent 637c144

2 files changed +5 -0

modified libpkg/pkg_audit.c

@@ -672,6 +672,9 @@ pkg_audit_preprocess(struct pkg_audit_entry *h)

 	qsort(ret, n, sizeof(*ret), pkg_audit_entry_cmp);
 	if (n < 2)
 		goto first_byte_idx;
 	/*
 	 * Determining jump indexes to the next different prefix.
 	 * Only non-1 increments are calculated there.

@@ -697,6 +700,7 @@ pkg_audit_preprocess(struct pkg_audit_entry *h)

 		}
 	}
 first_byte_idx:
 	/* Calculate jump indexes for the first byte of the package name */
 	memset(audit_entry_first_byte_idx, '\0', sizeof(audit_entry_first_byte_idx));
 	for (n = 1, i = 0; n < 256; n++) {

modified src/audit.c

@@ -416,6 +416,7 @@ exec_audit(int argc, char **argv)

 							pkg_printf("%n-%v\n", pkg, pkg);
 						else
 							pkg_printf("%s\n", pkg);
 						pkg_audit_issues_free(issues);
 						continue;
 					}