TakeV
/
guix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
guix/gnu/packages/patches/glib-CVE-2021-27219-14.patch

33 lines
1.1 KiB
Diff
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From 4506d1859a863087598c8d122740bae25b65b099 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Mon, 8 Feb 2021 10:04:48 +0000
Subject: [PATCH 4/5] gtlspassword: Fix inverted assertion
The intention here was to assert that the length of the password fits
in a gssize. Passwords more than half the size of virtual memory are
probably excessive.
Fixes: a8b204ff "gtlspassword: Forbid very long TLS passwords"
Signed-off-by: Simon McVittie <smcv@collabora.com>
(cherry picked from commit 61bb52ec42de1082bfb06ce1c737fc295bfe60b8)
---
gio/gtlspassword.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c
index dbcec41a8..bd86a6dfe 100644
--- a/gio/gtlspassword.c
+++ b/gio/gtlspassword.c
@@ -291,7 +291,7 @@ g_tls_password_set_value (GTlsPassword *password,
{
/* FIXME: g_tls_password_set_value_full() doesnt support unsigned gsize */
gsize length_unsigned = strlen ((gchar *) value);
- g_return_if_fail (length_unsigned > G_MAXSSIZE);
+ g_return_if_fail (length_unsigned <= G_MAXSSIZE);
length = (gssize) length_unsigned;
}
--
2.30.1
Reference in New Issue View Git Blame Copy Permalink