diff options
author | Caolán McNamara <caolanm@redhat.com> | 2011-12-12 12:44:34 +0000 |
---|---|---|
committer | Petr Mladek <pmladek@suse.cz> | 2011-12-12 18:05:31 +0100 |
commit | d30211ba589e9af3c22231bd2aa04b81a8cddb1e (patch) | |
tree | 9822a31f9c6f6c7dc3c10e6ac2109b8f396f7d9a | |
parent | 785d6aa3a1f83bba1046108c908f7dcd666b176a (diff) |
Resolves: CVE-2011-4599
(cherry picked from commit cf5d0e20f2ba5a71f9ca2ed78a1b24841c97bb06)
Signed-off-by: Caolán McNamara <caolanm@redhat.com>
-rw-r--r-- | icu/CVE-2011-4599.patch | 20 | ||||
-rw-r--r-- | icu/makefile.mk | 3 |
2 files changed, 22 insertions, 1 deletions
diff --git a/icu/CVE-2011-4599.patch b/icu/CVE-2011-4599.patch new file mode 100644 index 000000000000..fd8b12111c6b --- /dev/null +++ b/icu/CVE-2011-4599.patch @@ -0,0 +1,20 @@ +--- misc/icu/source/source/common/uloc.c ++++ misc/build/icu/source/common/uloc.c +@@ -1797,7 +1797,7 @@ + int32_t variantLen = _deleteVariant(variant, uprv_min(variantSize, (nameCapacity-len)), variantToCompare, n); + len -= variantLen; + if (variantLen > 0) { +- if (name[len-1] == '_') { /* delete trailing '_' */ ++ if (len > 0 && name[len-1] == '_') { /* delete trailing '_' */ + --len; + } + addKeyword = VARIANT_MAP[j].keyword; +@@ -1805,7 +1805,7 @@ + break; + } + } +- if (name[len-1] == '_') { /* delete trailing '_' */ ++ if (len > 0 && len <= nameCapacity && name[len-1] == '_') { /* delete trailing '_' */ + --len; + } + } diff --git a/icu/makefile.mk b/icu/makefile.mk index 595ed2028354..cb024752625d 100644 --- a/icu/makefile.mk +++ b/icu/makefile.mk @@ -52,7 +52,8 @@ PATCH_FILES=\ icu4c-4_4_2-wchar_t.patch \ icu4c-warnings.patch \ icu4c-escapespace.patch \ - icu4c-strict-c.patch + icu4c-strict-c.patch \ + CVE-2011-4599.patch .IF "$(OS)"=="ANDROID" PATCH_FILES+=\ |