diff options
| author |   Tim Rühsen <tim.ruehsen@gmx.de> | 2017-09-01 08:04:48 +0200 |
|---|---|---|
| committer |   Andreas K. Hüttel <dilfridge@gentoo.org> | 2017-10-05 12:12:04 +0200 |
| commit | fe153377bd2ddf567523c744d48d094c39089630 (patch) | |
| tree | be5c509c119e3279e2716c7f6c0e5ee693b2dc8d | |
| parent | [no-patch] Gentoo: also ignore commits where the message starts with [no-patch] (diff) | |
| download | glibc-fe153377bd2ddf567523c744d48d094c39089630.tar.gz glibc-fe153377bd2ddf567523c744d48d094c39089630.tar.bz2 glibc-fe153377bd2ddf567523c744d48d094c39089630.zip | |
lib/punycode.c (decode_digit): Fix integer overflow
lib/punycode.c (decode_digit): Fix integer overflow
This fix is a backport from libidn2 and addresses
CVE-2017-14062.
| -rw-r--r-- | libidn/punycode.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/libidn/punycode.c b/libidn/punycode.c index 93027188ce..49c660184e 100644 --- a/libidn/punycode.c +++ b/libidn/punycode.c @@ -78,10 +78,10 @@ enum /* point (for use in representing integers) in the range 0 to */ /* base-1, or base if cp does not represent a value. */ -static punycode_uint -decode_digit (punycode_uint cp) +static unsigned +decode_digit (int cp) { - return cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 : + return (unsigned) cp - 48 < 10 ? cp - 22 : cp - 65 < 26 ? cp - 65 : cp - 97 < 26 ? cp - 97 : base; } |