summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorDenys Vlasenko2022-08-02 12:41:18 +0200
committerDenys Vlasenko2022-08-02 12:41:18 +0200
commitdaa66ed62c79684219088cc0361d5b316d5d1295 (patch)
tree45ea93d868cc86875bc4ab6998ff7a8e0e1677d0 /include
parent1c5455284234e894dfb6086bf7f3e9a6d5d9611f (diff)
downloadbusybox-daa66ed62c79684219088cc0361d5b316d5d1295.zip
busybox-daa66ed62c79684219088cc0361d5b316d5d1295.tar.gz
ash: fix use-after-free in pattern substituon code
Patch by soeren@soeren-tempel.net The idx variable points to a value in the stack string (as managed by STPUTC). STPUTC may resize this stack string via realloc(3). If this happens, the idx pointer needs to be updated. Otherwise, dereferencing idx may result in a use-after free. function old new delta subevalvar 1562 1566 +4 Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'include')
0 files changed, 0 insertions, 0 deletions