Sophie

Sophie

distrib > Mageia > 1 > i586 > media > core-updates-src > by-pkgid > 8c136095ee007450485b500948c56394 > files > 3

nut-2.6.0-2.1.mga1.src.rpm


http://trac.networkupstools.org/projects/nut/changeset/3633

--- common/parseconf.c	2011-05-31 10:36:47.000000000 +0000
+++ common/parseconf.c.oden	2012-06-04 14:42:40.000000000 +0000
@@ -171,6 +171,13 @@ static void addchar(PCONF_CTX_t *ctx)
 
 	wbuflen = strlen(ctx->wordbuf);
 
+	/* CVE-2012-2944: only allow the subset Ascii charset from Space to ~ */
+	if ((ctx->ch < 0x20) || (ctx->ch > 0x7f)) {
+		fprintf(stderr, "addchar: discarding invalid character (0x%02x)!\n",
+				ctx->ch);
+		return;
+	}
+
 	if (ctx->wordlen_limit != 0) {
 		if (wbuflen >= ctx->wordlen_limit) {

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional