CVE-2020-28013: Heap buffer overflow in parse_fix_phrase()

author Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>

Mon, 29 Mar 2021 20:44:47 +0000 (22:44 +0200)

committer Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>

Thu, 27 May 2021 19:30:47 +0000 (21:30 +0200)
author Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
Mon, 29 Mar 2021 20:44:47 +0000 (22:44 +0200)
committer Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
Thu, 27 May 2021 19:30:47 +0000 (21:30 +0200)
diff --git a/src/src/parse.c b/src/src/parse.c

index cfc1f996f8bc9cefacd07d5a4f172fdc3d2fbac5..e0470c86f51236265d9ba67b671e420c34b77112 100644 (file)
--- a/src/src/parse.c
+++ b/src/src/parse.c
@@ -1134,12 +1134,7 @@ while (s < end)
              {
              if (ss >= end) ss--;
              *t++ = '(';
-            if (ss < s)
-              {
-              /* Someone has ended the string with "<punct>(". */
-              ss = s;
-              }
-            else
+            if (ss > s)
                {
                Ustrncpy(t, s, ss-s);
                t += ss-s;
author	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
	Mon, 29 Mar 2021 20:44:47 +0000 (22:44 +0200)
committer	Heiko Schlittermann (HS12-RIPE) <hs@schlittermann.de>
	Thu, 27 May 2021 19:30:47 +0000 (21:30 +0200)