Skip to content
Commit e1135387 authored by Charles Fol's avatar Charles Fol Committed by Adhemerval Zanella
Browse files

iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961) 



ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922).  While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.

Checked on aarch64-linux-gnu.

Co-authored-by: default avatarAdhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: default avatarCarlos O'Donell <carlos@redhat.com>
Tested-by: default avatarCarlos O'Donell <carlos@redhat.com>

(cherry picked from commit f9dc609e)
parent 20534f81
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment