From cf5d0e20f2ba5a71f9ca2ed78a1b24841c97bb06 Mon Sep 17 00:00:00 2001
From: Caolán McNamara <caolanm@redhat.com>
Date: Mon, 12 Dec 2011 12:44:34 +0000
Subject: Resolves: CVE-2011-4599

---
 icu/CVE-2011-4599.patch | 20 ++++++++++++++++++++
 icu/makefile.mk         |  3 ++-
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 icu/CVE-2011-4599.patch

(limited to 'icu')

diff --git a/icu/CVE-2011-4599.patch b/icu/CVE-2011-4599.patch
new file mode 100644
index 000000000000..fd8b12111c6b
--- /dev/null
+++ b/icu/CVE-2011-4599.patch
@@ -0,0 +1,20 @@
+--- misc/icu/source/source/common/uloc.c
++++ misc/build/icu/source/common/uloc.c
+@@ -1797,7 +1797,7 @@
+                 int32_t variantLen = _deleteVariant(variant, uprv_min(variantSize, (nameCapacity-len)), variantToCompare, n);
+                 len -= variantLen;
+                 if (variantLen > 0) {
+-                    if (name[len-1] == '_') { /* delete trailing '_' */
++                    if (len > 0 && name[len-1] == '_') { /* delete trailing '_' */
+                         --len;
+                     }
+                     addKeyword = VARIANT_MAP[j].keyword;
+@@ -1805,7 +1805,7 @@
+                     break;
+                 }
+             }
+-            if (name[len-1] == '_') { /* delete trailing '_' */
++            if (len > 0 && len <= nameCapacity && name[len-1] == '_') { /* delete trailing '_' */
+                 --len;
+             }
+         }
diff --git a/icu/makefile.mk b/icu/makefile.mk
index 595ed2028354..cb024752625d 100644
--- a/icu/makefile.mk
+++ b/icu/makefile.mk
@@ -52,7 +52,8 @@ PATCH_FILES=\
     icu4c-4_4_2-wchar_t.patch \
     icu4c-warnings.patch \
     icu4c-escapespace.patch \
-    icu4c-strict-c.patch
+    icu4c-strict-c.patch \
+    CVE-2011-4599.patch
 
 .IF "$(OS)"=="ANDROID"
 PATCH_FILES+=\
-- 
cgit