From 19d73f67883c011cc74326a5dc34f7009efa60e1 Mon Sep 17 00:00:00 2001 Message-Id: <19d73f67883c011cc74326a5dc34f7009efa60e1.1662536462.git.pmatilai@redhat.com> From: Panu Matilainen Date: Tue, 6 Sep 2022 13:15:44 +0300 Subject: [PATCH] Fix buffer overrun from commit 4420c78beb86cc67392274bf351478a3375626a2 The newly handled ^ needs to be accounted for when allocating memory. Found when testing #1936, goes to show what a useful thing that is. --- lib/rpmdb.c | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/rpmdb.c b/lib/rpmdb.c index fd2b0671a..b3c5da62d 100644 --- a/lib/rpmdb.c +++ b/lib/rpmdb.c @@ -1107,6 +1107,7 @@ static char * mireDup(rpmTagVal tag, rpmMireMode *modep, case '.': case '+': case '*': + case '^': if (!brackets) nb++; break; case '\\': -- 2.37.3