summaryrefslogtreecommitdiff
path: root/test/integration/test-bug-709560-set-candidate-release
diff options
context:
space:
mode:
authorJulian Andres Klode <julian.klode@canonical.com>2020-12-05 20:17:56 +0100
committerJulian Andres Klode <julian.klode@canonical.com>2020-12-07 12:29:57 +0100
commited786183bfe9813cf9bc603de0a2beed3e0d0e31 (patch)
treee897b4823befdc6ddf3122a9709ec3209c60c7ee /test/integration/test-bug-709560-set-candidate-release
parent29581d103fc85d988c1f8a9c995ef9a6bb600500 (diff)
CVE-2020-27350: debfile: integer overflow: Limit control size to 64 MiB
Like the code in arfile.cc, MemControlExtract also has buffer overflows, in code allocating memory for parsing control files. Specify an upper limit of 64 MiB for control files to both protect against the Size overflowing (we allocate Size + 2 bytes), and protect a bit against control files consisting only of zeroes.
Diffstat (limited to 'test/integration/test-bug-709560-set-candidate-release')
0 files changed, 0 insertions, 0 deletions