diff options
author | Alan Coopersmith <alan.coopersmith@oracle.com> | 2013-03-02 12:01:39 -0800 |
---|---|---|
committer | Ulrich Sibiller <uli42@gmx.de> | 2016-10-12 09:34:39 +0200 |
commit | bddfee4a987c0ef5eb26e1b14b8385e7630a1e21 (patch) | |
tree | c6c5e9fe7fe6e1feb7baea802dc8f6340b672977 /version.sh | |
parent | dbc11719399ce7e191c806ad6b5c9104666e2a77 (diff) | |
download | nx-libs-bddfee4a987c0ef5eb26e1b14b8385e7630a1e21.tar.gz nx-libs-bddfee4a987c0ef5eb26e1b14b8385e7630a1e21.tar.bz2 nx-libs-bddfee4a987c0ef5eb26e1b14b8385e7630a1e21.zip |
Unbounded recursion in GetDatabase() when parsing include files [CVE-2013-2004 1/2]
GetIncludeFile() can call GetDatabase() which can call GetIncludeFile()
which can call GetDatabase() which can call GetIncludeFile() ....
eventually causing recursive stack overflow and crash.
Easily reproduced with a resource file that #includes itself.
Limit is set to a include depth of 100 files, which should be enough
for all known use cases, but could be adjusted later if necessary.
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Signed-off-by: Julien Cristau <jcristau@debian.org>
Backported-to-NX-by: Ulrich Sibiller <uli42@gmx.de>
Diffstat (limited to 'version.sh')
0 files changed, 0 insertions, 0 deletions