Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 13 Feb 2018 12:04:50 +0100
From: Hanno Böck <>
Subject: GNU patch out of bounds read, null pointer crash and double free

The recent release of GNU patch 2.7.6 fixed an old out of bounds read I
had reported in 2015:

out of bounds read with malformed patch in pch_write_line


I re-checked patch now and found a few more issues:

segfault / null pointer (probably crash only)

double free in function another_hunk()

Hanno Böck

GPG: FE73757FA60E4E21B937579FA5880072BBB51E42

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ