File bzip2-1.0.6-CVE-2016-3189.patch of Package bzip2.21593

Author: Jakub Martisko <jamartis@redhat.com>
Date: Wed, 30 Mar 2016 10:22:27 +0200
Description: bzip2recover: Fix potential use-after-free
Origin: https://bugzilla.redhat.com/attachment.cgi?id=1169843&action=edit

--- a/bzip2recover.c
+++ b/bzip2recover.c
@@ -472,6 +472,7 @@ Int32 main ( Int32 argc, Char** argv )
             bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
             bsPutUInt32 ( bsWr, blockCRC );
             bsClose ( bsWr );
+            outFile = NULL;
          }
          if (wrBlock >= rbCtr) break;
          wrBlock++;
openSUSE Build Service is sponsored by