mirror of
https://abf.rosa.ru/djam/glibc40.git
synced 2025-02-23 15:52:52 +00:00
45 lines
1.7 KiB
Diff
45 lines
1.7 KiB
Diff
|
diff -ruN a/NEWS b/NEWS
|
||
|
|
--- a/NEWS 2020-02-01 20:52:50.000000000 +0900
|
||
|
|
+++ b/NEWS 2021-04-16 08:56:18.255582011 +0900
|
||
|
|
@@ -149,6 +149,10 @@
|
||
|
|
addresses for loaded libraries and thus bypass ASLR for a setuid
|
||
|
|
program. Reported by Marcin Kościelnicki.
|
||
|
|
|
||
|
|
+ CVE-2020-27618: An infinite loop has been fixed in the iconv program when
|
||
|
|
+ invoked with input containing redundant shift sequences in the IBM1364,
|
||
|
|
+ IBM1371, IBM1388, IBM1390, or IBM1399 character sets.
|
||
|
|
+
|
||
|
|
The following bugs are resolved with this release:
|
||
|
|
|
||
|
|
[12031] localedata: iconv -t ascii//translit with Greek characters
|
||
|
|
diff -ruN a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c
|
||
|
|
--- a/iconvdata/ibm1364.c 2020-02-01 20:52:50.000000000 +0900
|
||
|
|
+++ b/iconvdata/ibm1364.c 2021-04-16 09:01:27.268590024 +0900
|
||
|
|
@@ -158,24 +158,14 @@
|
||
|
|
\
|
||
|
|
if (__builtin_expect (ch, 0) == SO) \
|
||
|
|
{ \
|
||
|
|
- /* Shift OUT, change to DBCS converter. */ \
|
||
|
|
- if (curcs == db) \
|
||
|
|
- { \
|
||
|
|
- result = __GCONV_ILLEGAL_INPUT; \
|
||
|
|
- break; \
|
||
|
|
- } \
|
||
|
|
+ /* Shift OUT, change to DBCS converter (redundant escape okay). */ \
|
||
|
|
curcs = db; \
|
||
|
|
++inptr; \
|
||
|
|
continue; \
|
||
|
|
} \
|
||
|
|
if (__builtin_expect (ch, 0) == SI) \
|
||
|
|
{ \
|
||
|
|
- /* Shift IN, change to SBCS converter. */ \
|
||
|
|
- if (curcs == sb) \
|
||
|
|
- { \
|
||
|
|
- result = __GCONV_ILLEGAL_INPUT; \
|
||
|
|
- break; \
|
||
|
|
- } \
|
||
|
|
+ /* Shift IN, change to SBCS converter (redundant escape okay). */ \
|
||
|
|
curcs = sb; \
|
||
|
|
++inptr; \
|
||
|
|
continue; \
|