Commit 0264ec0
Apply modified Debian 05-gniibe-fix-13.patch, to fix heap-based buffer overflow in the do_msg() function (#15)
https://sourceforge.net/p/mcpp/bugs/13/ and CVE-2019-14274
Description: Fix for a bug reported to sourceforge.net #13
by fixing error messages.
Also, fix erroneous messages.
Author: NIIBE Yutaka
The buffer overflow was caused by do_msg() treating illegal control characters
in the error message output as tokenized macros that needed to be expanded for
printing.
This fixes the problem by just not printing the preprocessed source code which
contains those illegal control characters.
The patch has been reworked to change the error messages to better match those
that are output when unterminated strings are encountered. It also changes the
other patched messages to restore the 'l' in "%02lx" because do_msg() passes a
long integer to mcpp_fprintf().
Co-authored-by: John Brandwood <john.brandwood@telzey.com>1 parent 45cee5a commit 0264ec0
1 file changed
Lines changed: 6 additions & 6 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
593 | 593 | | |
594 | 594 | | |
595 | 595 | | |
596 | | - | |
| 596 | + | |
597 | 597 | | |
598 | | - | |
| 598 | + | |
599 | 599 | | |
600 | 600 | | |
601 | 601 | | |
| |||
652 | 652 | | |
653 | 653 | | |
654 | 654 | | |
655 | | - | |
| 655 | + | |
656 | 656 | | |
657 | 657 | | |
658 | 658 | | |
| |||
673 | 673 | | |
674 | 674 | | |
675 | 675 | | |
676 | | - | |
| 676 | + | |
677 | 677 | | |
678 | 678 | | |
679 | 679 | | |
680 | 680 | | |
681 | 681 | | |
682 | 682 | | |
683 | | - | |
| 683 | + | |
684 | 684 | | |
685 | 685 | | |
686 | 686 | | |
| |||
1158 | 1158 | | |
1159 | 1159 | | |
1160 | 1160 | | |
1161 | | - | |
| 1161 | + | |
1162 | 1162 | | |
1163 | 1163 | | |
1164 | 1164 | | |
| |||
0 commit comments