diff options
| author | Didier Raboud <odyx@debian.org> | 2020-04-25 16:02:12 +0200 |
|---|---|---|
| committer | Didier Raboud <odyx@debian.org> | 2020-04-25 16:23:01 +0200 |
| commit | f1b7b7e074291c85366a60f7a197dea19e62c9cf (patch) | |
| tree | 57d73662b104f9e43348cec877b3e15844fcd9e3 | |
| parent | 1668f3bdc68101d44d0d18c85ba3e6572b517ff4 (diff) | |
CVE-2019-8842: The `ippReadIO` function may under-read an extension field
| -rw-r--r-- | cups/ipp.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/cups/ipp.c b/cups/ipp.c index 98b499716..4ebb1da9c 100644 --- a/cups/ipp.c +++ b/cups/ipp.c @@ -2960,7 +2960,7 @@ ippReadIO(void *src, /* I - Data source */ * Read 32-bit "extension" tag... */ - if ((*cb)(src, buffer, 4) < 1) + if ((*cb)(src, buffer, 4) < 4) { DEBUG_puts("1ippReadIO: Callback returned EOF/error"); _cupsBufferRelease((char *)buffer); |