office-gobmx/external/nss/ubsan.patch.0
Michael Stahl 0cdf41419a nss: upgrade to release 3.29.5
- fixes CVE-2017-5461 and CVE-2017-5462
- drop ubsan-alignment.patch.0, there is apparently now some
  NO_SANITIZE_ALIGNMENT macro upstream to get this effect
- drop some hunks to prevent hard-coding CC/CCC vars, upstream now
  respects environment vars (but doesn't quote them...)
- drop first hunk of ubsan.patch.0, fixed upstream
- drop hunk for gtest-internal.h, header looks much newer anyway

Change-Id: I5c484c02c1235e185af1ef5166b069303d3378e1
Reviewed-on: https://gerrit.libreoffice.org/36756
Reviewed-by: Michael Stahl <mstahl@redhat.com>
Tested-by: Michael Stahl <mstahl@redhat.com>
2017-04-21 14:15:17 +02:00

29 lines
1.1 KiB
Text

--- nss/lib/softoken/legacydb/pk11db.c
+++ nss/lib/softoken/legacydb/pk11db.c
@@ -65,7 +65,7 @@
unsigned char isModuleDBOnly;
unsigned char isCritical;
unsigned char reserved[4];
- unsigned char names[6]; /* enough space for the length fields */
+ unsigned char names[1]; /* +5: enough space for the length fields */
};
struct lgdbSlotDataStr {
@@ -148,7 +148,7 @@
goto loser;
}
- dataLen = sizeof(lgdbData) + len + len2 + len3 + sizeof(unsigned short) +
+ dataLen = sizeof(lgdbData)+5 + len + len2 + len3 + sizeof(unsigned short) +
count * sizeof(lgdbSlotData);
data->data = (unsigned char *)PORT_ZAlloc(dataLen);
@@ -327,7 +327,7 @@
}
if ((encoded->major == LGDB_DB_EXT1_VERSION_MAJOR) &&
(encoded->minor >= LGDB_DB_EXT1_VERSION_MINOR)) {
- CHECK_SIZE(sizeof(lgdbData));
+ CHECK_SIZE(sizeof(lgdbData)+5);
trustOrder = LGDB_GETLONG(encoded->trustOrder);
cipherOrder = LGDB_GETLONG(encoded->cipherOrder);
isModuleDB = (encoded->isModuleDB != 0) ? PR_TRUE : PR_FALSE;