Sophie

Sophie

distrib > Mandriva > 2010.2 > x86_64 > by-pkgid > e0ecf1de97625bd665ba6741f8b282d6 > files > 68

glibc-2.11.1-8mnb2.src.rpm

(oe) taken from glibc_2.3.6-0ubuntu20.6.diff (git-mntent-newline-escape.dpatch)

# DP: Description: escape newlines int mntent fields (CVE-2010-0296).
# DP: Origin: http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=ab00f4eac8f4932211259ff87be83144f5211540

--- misc/mntent_r.c	2006-12-09 17:05:59.000000000 -0500
+++ misc/mntent_r.c.oden	2010-06-07 11:51:37.000000000 -0400
@@ -194,7 +194,7 @@ weak_alias (__getmntent_r, getmntent_r)
     const char *rp = name;						      \
 									      \
     while (*rp != '\0')							      \
-      if (*rp == ' ' || *rp == '\t' || *rp == '\\')			      \
+      if (*rp == ' ' || *rp == '\t' || *rp == '\n' || *rp == '\\')	      \
 	break;								      \
       else								      \
 	++rp;								      \

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional