Overview

File icu-CVE-2011-4599.patch of Package icu

Index: icu/source/common/uloc.c
===================================================================
--- icu.orig/source/common/uloc.c
+++ icu/source/common/uloc.c
@@ -1736,7 +1736,7 @@ _canonicalize(const char* localeID,
                 int32_t variantLen = _deleteVariant(variant, uprv_min(variantSize, (nameCapacity-len)), variantToCompare, n);
                 len -= variantLen;
                 if (variantLen > 0) {
-                    if (name[len-1] == '_') { /* delete trailing '_' */
+                    if (len > 0 && name[len-1] == '_') { /* delete trailing '_' */
                         --len;
                     }
                     addKeyword = VARIANT_MAP[j].keyword;
@@ -1744,7 +1744,7 @@ _canonicalize(const char* localeID,
                     break;
                 }
             }
-            if (name[len-1] == '_') { /* delete trailing '_' */
+            if (len > 0 && len <= nameCapacity && name[len-1] == '_') { /* delete trailing '_' */
                 --len;
             }
         }
openSUSE Build Service is sponsored by
Places