Overview

File CVE-2014-10071.patch of Package zsh.23099

commit 49a3086bb67575435251c70ee598e2fd406ef055
Author: Mikael Magnusson <mikachu@gmail.com>
Date:   Mon Oct 6 20:33:47 2014 +0200

    33365: avoid buffer overflow for very long fds in >& fd syntax

Index: zsh-5.0.5/Src/exec.c
===================================================================
--- zsh-5.0.5.orig/Src/exec.c
+++ zsh-5.0.5/Src/exec.c
@@ -3131,7 +3131,7 @@ execcmd(Estate state, int input, int out
 		    fil = movefd(dup(fd));
 		}
 		if (fil == -1) {
-		    char fdstr[4];
+		    char fdstr[DIGBUFSIZE];
 
 		    closemnodes(mfds);
 		    fixfds(save);
openSUSE Build Service is sponsored by
Places