Mercurial > hg > orthanc
diff OrthancFramework/Resources/Patches/dcmtk-3.6.0-dulparse-vulnerability.patch @ 4044:d25f4c0fa160 framework
splitting code into OrthancFramework and OrthancServer
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Wed, 10 Jun 2020 20:30:34 +0200 |
parents | Resources/Patches/dcmtk-3.6.0-dulparse-vulnerability.patch@6ac6193a7935 |
children |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/OrthancFramework/Resources/Patches/dcmtk-3.6.0-dulparse-vulnerability.patch Wed Jun 10 20:30:34 2020 +0200 @@ -0,0 +1,29 @@ +diff -urEb dcmtk-3.6.0.orig/dcmnet/libsrc/dulparse.cc dcmtk-3.6.0/dcmnet/libsrc/dulparse.cc +--- dcmtk-3.6.0.orig/dcmnet/libsrc/dulparse.cc 2010-12-01 09:26:36.000000000 +0100 ++++ dcmtk-3.6.0/dcmnet/libsrc/dulparse.cc 2016-12-02 15:58:49.930540033 +0100 +@@ -393,6 +393,8 @@ + return cond; + + buf += length; ++ if (presentationLength < length) ++ return EC_MemoryExhausted; + presentationLength -= length; + DCMNET_TRACE("Successfully parsed Abstract Syntax"); + break; +@@ -404,12 +406,16 @@ + cond = LST_Enqueue(&context->transferSyntaxList, (LST_NODE*)subItem); + if (cond.bad()) return cond; + buf += length; ++ if (presentationLength < length) ++ return EC_MemoryExhausted; + presentationLength -= length; + DCMNET_TRACE("Successfully parsed Transfer Syntax"); + break; + default: + cond = parseDummy(buf, &length, presentationLength); + buf += length; ++ if (presentationLength < length) ++ return EC_MemoryExhausted; + presentationLength -= length; + break; + }