iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)
ISO-2022-CN-EXT uses escape sequences to indicate character set changes (as specified by RFC 1922). While the SOdesignation has the expected bounds checks, neither SS2designation nor SS3designation have its; allowing a write overflow of 1, 2, or 3 bytes with fixed values: '$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'. Checked on aarch64-linux-gnu. Co-authored-by:Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by:
Carlos O'Donell <carlos@redhat.com> Tested-by:
Carlos O'Donell <carlos@redhat.com> (cherry picked from commit f9dc609e)
Loading
Please register or sign in to comment