Description: Add check for buffer overflow with malformed input files This was later re-found and became CVE-2014-8123. Author: Bug-Debian: http://bugs.debian.org/407015 Bug-Debian: https://bugs.debian.org/771768 Forwarded: http://seclists.org/oss-sec/2014/q4/870 Last-Update: 2016-01-11 --- antiword-0.37~/wordole.c 2005-08-26 21:49:57.000000000 +0200 +++ antiword-0.37/wordole.c 2009-06-03 22:31:15.948014682 +0200 @@ -259,6 +259,10 @@ } tNameSize = (size_t)usGetWord(0x40, aucBytes); tNameSize = (tNameSize + 1) / 2; + if ( tNameSize > sizeof(atPPSlist[iIndex].szName)) { + werr(0, "Name Size of PPS %d is too large", iIndex); + tNameSize = sizeof(atPPSlist[iIndex].szName); + } vName2String(atPPSlist[iIndex].szName, aucBytes, tNameSize); atPPSlist[iIndex].ucType = ucGetByte(0x42, aucBytes); if (atPPSlist[iIndex].ucType == 5) { /form> Wojtek's customized Guix
aboutsummaryrefslogtreecommitdiff
path: root/gnu/installer.scm
AgeCommit message (Expand)Author
2022-12-05installer: Log provenance data....* gnu/installer.scm (provenance-sexp): New procedure. (installer-program)[installer-builder]: Add 'installer-log-line' call. Ludovic Courtès
2022-11-15installer: Migrate to 'guile-gnutls'....* gnu/installer.scm (installer-program): Replace GNUTLS with GUILE-GNUTLS. Ludovic Courtès
2022-11-15installer: Report known-unsupported PCI devices....* gnu/installer/hardware.scm: New file. * gnu/local.mk (INSTALLER_MODULES): Add it. * po/guix/POTFILES.in: Add it. * gnu/installer.scm (installer-steps): Pass #:pci-database to the 'welcome' step procedure. * gnu/installer/newt.scm (welcome-page): Add #:pci-database and pass it to 'run-welcome-page'. * gnu/installer/newt/welcome.scm (check-hardware-support): Add #:pci-database. Enumerate unsupported PCI devices and run an error page when unsupported devices are found. (run-welcome-page): Add #:pci-database and pass it to 'check-hardware-support' and to the recursive call. * gnu/installer/record.scm (<installer>)[welcome-page]: Adjust comment. * doc/guix.texi (Hardware Considerations): Mention it. Ludovic Courtès
2022-11-15installer: Use 'current-guix' for extensions....This lets us use the latest (gnu build linux-modules) for instance. Note that items listed in 'with-extensions' come first in the load path, before the directory containing the modules in 'with-imported-modules'. * gnu/installer.scm (installer-program): Use (current-guix) instead of 'guix' in 'with-extensions'. Ludovic Courtès
2022-11-02installer: Skip the backtrace page on user abort....When the user aborts the installation because a core dump is discovered or the installation command failed, displaying the abort backtrace doesn't make much sense. Hide it when the abort condition is &user-abort-error and skip directly to the dump page. * gnu/installer/steps.scm (&user-abort-error): New variable. (user-abort-error?): New procedure. * gnu/installer/newt/final.scm (run-install-failed-page): Raise a user-abort-error. * gnu/installer/newt/welcome.scm (run-welcome-page): Ditto. * gnu/installer.scm (installer-program): Hide the backtrace page and directly propose to dump the report when the a &user-abort-error is raised. Mathieu Othacehe
2022-11-02installer: Add core dump support....Fixes: <https://issues.guix.gnu.org/58733> * gnu/installer.scm (installer-program): Enable core dump generation. * gnu/installer/dump.scm (%core-dump): New variable. (prepare-dump): Copy the core dump file. * gnu/installer/newt/welcome.scm (run-welcome-page): Propose to report an installation that previously generated a core dump. Mathieu Othacehe