blob: 7c08f95f84f416e26bb534af42c553c073bf0ebf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
$NetBSD: patch-cm,v 1.1 2005/12/18 15:25:29 jlam Exp $
Fix for Perl format string vulnerability noted in CVE-2005-3962.
--- sv.c.orig 2005-05-27 06:38:11.000000000 -0400
+++ sv.c
@@ -8520,6 +8520,10 @@ Perl_sv_vcatpvfn(pTHX_ SV *sv, const cha
if (*q == '$') {
++q;
efix = width;
+ if (width > INT_MAX)
+ efix = INT_MAX;
+ else
+ efix = width;
} else {
goto gotwidth;
}
|
