Overview

File CVE-2019-17595.patch of Package ncurses.21518

Based on ncurses 6.1 - patch 20191012
From: Thomas E. Dickey

 + check for missing character after backslash in fmt_entry

---
 progs/dump_entry.c |    5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

--- progs/dump_entry.c
+++ progs/dump_entry.c	2019-10-12 15:59:07.000000000 +0000
@@ -1110,7 +1110,8 @@ fmt_entry(TERMTYPE2 *tterm,
 				*d++ = '\\';
 				*d = ':';
 			    } else if (*d == '\\') {
-				*++d = *s++;
+				if ((*++d = *s++) == '\0')
+				    break;
 			    }
 			    d++;
 			    *d = '\0';
@@ -1370,7 +1371,7 @@ one_one_mapping(const char *mapping)
 
     if (VALID_STRING(mapping)) {
 	int n = 0;
-	while (mapping[n] != '\0') {
+	while (mapping[n] != '\0' && mapping[n + 1] != '\0') {
 	    if (isLine(mapping[n]) &&
 		mapping[n] != mapping[n + 1]) {
 		result = FALSE;
openSUSE Build Service is sponsored by
Places