Package: pev
Version: 0.81-2
Severity: grave
Tags: patch security
Justification: user security hole
X-Debbugs-Cc: benoit.sev...@gmail.com, Debian Security Team
<t...@security.debian.org>
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
ineffective)?
* What was the outcome of this action?
* What outcome did you expect instead?
*** End of the template - remove these template lines ***
libpe has an off-by-one error which is fixed upstream. libpe is included in the
pev package. peres calls functions within libpe. Running peres on certain files
triggers the off-by-one error. Applying the patch fixes the issue.
-- System Information:
Debian Release: rodete
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.26-1rodete1-amd64 (SMP w/6 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/bash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages pev depends on:
ii libc6 2.31-11
ii libssl1.1 1.1.1k-1
pev recommends no packages.
pev suggests no packages.
-- no debconf information
>From 5737a97c57be175333fc0c6f51bb2cdd7101c17e Mon Sep 17 00:00:00 2001
From: Jardel Weyrich <jweyr...@gmail.com>
Date: Mon, 18 Jan 2021 22:03:49 -0300
Subject: [PATCH] utils: Fix off-by-one error in pe_utils_str_widechar2ascii.
---
utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/utils.c b/utils.c
index bd2da84..f05ba67 100644
--- a/utils.c
+++ b/utils.c
@@ -132,7 +132,7 @@ char *pe_utils_str_array_join(char *strings[], size_t
count, char delimiter) {
void pe_utils_str_widechar2ascii(char *output, const char *widechar, size_t
length) {
// quick & dirty UFT16 to ASCII conversion
- for (size_t p = 0; p <= length; p++) {
+ for (size_t p = 0; p < length; p++) {
memcpy(output + p, (uint16_t *)(widechar) + p, 1);
}
}
>From 5737a97c57be175333fc0c6f51bb2cdd7101c17e Mon Sep 17 00:00:00 2001
From: Jardel Weyrich <jweyr...@gmail.com>
Date: Mon, 18 Jan 2021 22:03:49 -0300
Subject: [PATCH] utils: Fix off-by-one error in pe_utils_str_widechar2ascii.
---
utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/utils.c b/utils.c
index bd2da84..f05ba67 100644
--- a/utils.c
+++ b/utils.c
@@ -132,7 +132,7 @@ char *pe_utils_str_array_join(char *strings[], size_t
count, char delimiter) {
void pe_utils_str_widechar2ascii(char *output, const char *widechar, size_t
length) {
// quick & dirty UFT16 to ASCII conversion
- for (size_t p = 0; p <= length; p++) {
+ for (size_t p = 0; p < length; p++) {
memcpy(output + p, (uint16_t *)(widechar) + p, 1);
}
}
>From 5737a97c57be175333fc0c6f51bb2cdd7101c17e Mon Sep 17 00:00:00 2001
From: Jardel Weyrich <jweyr...@gmail.com>
Date: Mon, 18 Jan 2021 22:03:49 -0300
Subject: [PATCH] utils: Fix off-by-one error in pe_utils_str_widechar2ascii.
---
utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/utils.c b/utils.c
index bd2da84..f05ba67 100644
--- a/utils.c
+++ b/utils.c
@@ -132,7 +132,7 @@ char *pe_utils_str_array_join(char *strings[], size_t
count, char delimiter) {
void pe_utils_str_widechar2ascii(char *output, const char *widechar, size_t
length) {
// quick & dirty UFT16 to ASCII conversion
- for (size_t p = 0; p <= length; p++) {
+ for (size_t p = 0; p < length; p++) {
memcpy(output + p, (uint16_t *)(widechar) + p, 1);
}
}
