Sophie

Sophie

distrib > Scientific%20Linux > 5x > x86_64 > by-pkgid > b2b31f8f12ce25fb0a2128354ea26724 > files > 17

cups-1.3.7-30.el5.src.rpm

diff -up cups-1.3.7/cgi-bin/var.c.CVE-2010-1748 cups-1.3.7/cgi-bin/var.c
--- cups-1.3.7/cgi-bin/var.c.CVE-2010-1748	2010-05-13 17:17:29.324218144 +0100
+++ cups-1.3.7/cgi-bin/var.c	2010-05-13 17:18:05.660219246 +0100
@@ -1103,6 +1103,9 @@ cgi_initialize_string(const char *data)	
 	    * Read the hex code...
 	    */
 
+            if (!isxdigit(data[1] & 255) || !isxdigit(data[2] & 255))
+	      return (0);
+
             if (s < (value + sizeof(value) - 1))
 	    {
               data ++;

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional