File util-linux-libuuid-uuid_parse-overrun.patch of Package util-linux-systemd.27340
From 8596101d21a9bdc85388486ec9c431c114a443e3 Mon Sep 17 00:00:00 2001
From: Zane van Iperen <zane@zanevaniperen.com>
Date: Wed, 16 Feb 2022 00:57:17 +1000
Subject: [PATCH 1/4] libuuid: fix buffer overrun in uuid_parse_range()
It attempts to access in_start[36], despite 35 being the maximum
allowed index.
Reported-by: Pierre-Anthony Lemieux <pal@palemieux.com>
Signed-off-by: Zane van Iperen <zane@zanevaniperen.com>
---
libuuid/src/parse.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
Index: util-linux-2.33.2/libuuid/src/parse.c
===================================================================
--- util-linux-2.33.2.orig/libuuid/src/parse.c
+++ util-linux-2.33.2/libuuid/src/parse.c
@@ -48,7 +48,7 @@ int uuid_parse(const char *in, uuid_t uu
if (strlen(in) != 36)
return -1;
- for (i=0, cp = in; i <= 36; i++,cp++) {
+ for (i=0, cp = in; i < 36; i++,cp++) {
if ((i == 8) || (i == 13) || (i == 18) ||
(i == 23)) {
if (*cp == '-')
@@ -56,9 +56,7 @@ int uuid_parse(const char *in, uuid_t uu
else
return -1;
}
- if (i== 36)
- if (*cp == 0)
- continue;
+
if (!isxdigit(*cp))
return -1;
}