[mapserver] 01/02: Add upstream patch to fix CVE-2017-5522 (stack buffer overflow).

Bas Couwenberg sebastic at debian.org
Wed Jan 18 21:53:34 UTC 2017 

This is an automated email from the git hooks/post-receive script.

sebastic pushed a commit to branch ubuntu/precise
in repository mapserver.

commit 6b7d7d8bf894b52c87730e1ee368f7daca2ad2c7
Author: Bas Couwenberg <sebastic at xs4all.nl>
Date:   Wed Jan 18 22:33:22 2017 +0100

    Add upstream patch to fix CVE-2017-5522 (stack buffer overflow).
---
 debian/changelog                   |  6 ++++++
 debian/patches/CVE-2017-5522.patch | 30 ++++++++++++++++++++++++++++++
 debian/patches/series              |  1 +
 3 files changed, 37 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 97b2dc4..5f62100 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+mapserver (6.4.2-1~precise3) UNRELEASED; urgency=medium
+
+  * Add upstream patch to fix CVE-2017-5522 (stack buffer overflow).
+
+ -- Bas Couwenberg <sebastic at debian.org>  Wed, 18 Jan 2017 22:33:15 +0100
+
 mapserver (6.4.2-1~precise2) precise; urgency=high
 
   * Add upstream patch to fix CVE-2016-9839.
diff --git a/debian/patches/CVE-2017-5522.patch b/debian/patches/CVE-2017-5522.patch
new file mode 100644
index 0000000..07a047f
--- /dev/null
+++ b/debian/patches/CVE-2017-5522.patch
@@ -0,0 +1,30 @@
+Description: security fix (patch by EvenR)
+ Fixes CVE-2017-5522 (stack buffer overflow)
+Author: Even Rouault <even.rouault at spatialys.com>
+Origin: https://github.com/mapserver/mapserver/commit/fb00f8149898fcf9fcb490a179984e481248f066
+        https://github.com/mapserver/mapserver/commit/f096b132e58cdfe2714ce372e9f4f7c76d72c5ec
+
+--- a/mapogcfilter.c
++++ b/mapogcfilter.c
+@@ -2860,6 +2860,9 @@ char *FLTGetIsLikeComparisonExpression(F
+   pszValue = psFilterNode->psRightNode->pszValue;
+   nLength = strlen(pszValue);
+ 
++  if( 1 + 2 * nLength + 1 + 1 >= sizeof(szTmp) )
++    return NULL;
++
+   iTmp =0;
+   if (nLength > 0 && pszValue[0] != pszWild[0] &&
+       pszValue[0] != pszSingle[0] &&
+--- a/mapogcfiltercommon.c
++++ b/mapogcfiltercommon.c
+@@ -94,6 +94,9 @@ char *FLTGetIsLikeComparisonCommonExpres
+   pszValue = psFilterNode->psRightNode->pszValue;
+   nLength = strlen(pszValue);
+ 
++  if( 1 + 2 * nLength + 1 + 1 >= sizeof(szTmp) )
++      return NULL;
++
+   iTmp =0;
+   if (nLength > 0 && pszValue[0] != pszWild[0] &&
+       pszValue[0] != pszSingle[0] &&
diff --git a/debian/patches/series b/debian/patches/series
index 1325eeb..7e3de8e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -5,3 +5,4 @@ ruby-mapscript-install.patch
 cmake-mapserver-export.patch
 oracle-plugin.patch
 0001-Backport-4928-and-5356.patch
+CVE-2017-5522.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-grass/mapserver.git

More information about the Pkg-grass-devel mailing list