summaryrefslogtreecommitdiffstats
path: root/abs/core/libcdaudio/02-cddb-bufferoverflow.patch
diff options
context:
space:
mode:
Diffstat (limited to 'abs/core/libcdaudio/02-cddb-bufferoverflow.patch')
-rw-r--r--abs/core/libcdaudio/02-cddb-bufferoverflow.patch15
1 files changed, 15 insertions, 0 deletions
diff --git a/abs/core/libcdaudio/02-cddb-bufferoverflow.patch b/abs/core/libcdaudio/02-cddb-bufferoverflow.patch
new file mode 100644
index 0000000..b542273
--- /dev/null
+++ b/abs/core/libcdaudio/02-cddb-bufferoverflow.patch
@@ -0,0 +1,15 @@
+Author: Moritz Muehlenhoff <jmm@inutil.org>
+Description: CVE-2008-5030
+
+diff -Naurp libcdaudio.orig/src/cddb.c libcdaudio/src/cddb.c
+--- libcdaudio.orig/src/cddb.c 2008-09-07 23:53:16.000000000 +0000
++++ libcdaudio/src/cddb.c 2008-11-12 21:32:21.000000000 +0000
+@@ -1679,7 +1679,7 @@ cddb_read_disc_data(int cd_desc, struct
+ free(file);
+
+ while(!feof(cddb_data)) {
+- fgets(inbuffer, 512, cddb_data);
++ fgets(inbuffer, 256, cddb_data);
+ cddb_process_line(inbuffer, data);
+ }
+
generated by cgit v0.12 at 2024-12-18 08:01:20 (GMT)