diff options
author | Didier Raboud <odyx@debian.org> | 2020-04-25 16:02:12 +0200 |
---|---|---|
committer | Didier Raboud <odyx@debian.org> | 2020-04-25 16:23:01 +0200 |
commit | f1b7b7e074291c85366a60f7a197dea19e62c9cf (patch) | |
tree | 57d73662b104f9e43348cec877b3e15844fcd9e3 | |
parent | 1668f3bdc68101d44d0d18c85ba3e6572b517ff4 (diff) |
CVE-2019-8842: The `ippReadIO` function may under-read an extension field
-rw-r--r-- | cups/ipp.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/cups/ipp.c b/cups/ipp.c index 98b499716..4ebb1da9c 100644 --- a/cups/ipp.c +++ b/cups/ipp.c @@ -2960,7 +2960,7 @@ ippReadIO(void *src, /* I - Data source */ * Read 32-bit "extension" tag... */ - if ((*cb)(src, buffer, 4) < 1) + if ((*cb)(src, buffer, 4) < 4) { DEBUG_puts("1ippReadIO: Callback returned EOF/error"); _cupsBufferRelease((char *)buffer); |