2005-08-10 Jeremy Katz <katzj@redhat.com>

* isomd5sum/libcheckisomd5.c: Fix buffer overrun (from Dustin Kirkland <dustin.kirkland@us.ibm.com>
author: Jeremy Katz <katzj@redhat.com> 2005-08-10 15:21:31 +0000
committer: Jeremy Katz <katzj@redhat.com> 2005-08-10 15:21:31 +0000
commit: 50e9df6bfbc6debf490865b5df98312c63b4225b (patch)
tree: 05c532bb42eaa9a736533236b1b106adef119927
parent: 8cb576b129e701b4c38dbb9cc8a04343ab8cb017 (diff)
download: anaconda-50e9df6bfbc6debf490865b5df98312c63b4225b.tar.gz
anaconda-50e9df6bfbc6debf490865b5df98312c63b4225b.tar.xz
anaconda-50e9df6bfbc6debf490865b5df98312c63b4225b.zip
2 files changed, 6 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index bab07660b..935474bb9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2005-08-10  Jeremy Katz  <katzj@redhat.com>
+
+	* isomd5sum/libcheckisomd5.c: Fix buffer overrun (from Dustin
+	Kirkland <dustin.kirkland@us.ibm.com>
+
 2005-08-03  Bill Nottingham  <notting@redhat.com>
 
 	* ui/Makefile: fix make clean
diff --git a/isomd5sum/libcheckisomd5.c b/isomd5sum/libcheckisomd5.c
index b7ab1e9e2..618cdabdd 100644
--- a/isomd5sum/libcheckisomd5.c
+++ b/isomd5sum/libcheckisomd5.c
@@ -70,7 +70,7 @@ static int parsepvd(int isofd, char *mediasum, int *skipsectors, long long *isos
 	if (!strncmp(buf2 + loc, "ISO MD5SUM = ", 13)) {
 
 	    /* make sure we dont walk off end */
-	    if ((loc + 32) > 511)
+	    if ((loc + 32 + 13) > 511)
 		return -1;
 
 	    memcpy(mediasum, buf2 + loc + 13, 32);
author	Jeremy Katz <katzj@redhat.com>	2005-08-10 15:21:31 +0000
committer	Jeremy Katz <katzj@redhat.com>	2005-08-10 15:21:31 +0000
commit	50e9df6bfbc6debf490865b5df98312c63b4225b (patch)
tree	05c532bb42eaa9a736533236b1b106adef119927
parent	8cb576b129e701b4c38dbb9cc8a04343ab8cb017 (diff)
download	anaconda-50e9df6bfbc6debf490865b5df98312c63b4225b.tar.gz anaconda-50e9df6bfbc6debf490865b5df98312c63b4225b.tar.xz anaconda-50e9df6bfbc6debf490865b5df98312c63b4225b.zip