$OpenBSD: patch-lib_bidi_c,v 1.1 2017/10/20 20:26:53 jca Exp $

Fix for CVE-2017-14061

commit 16853b6973a1e72fee2b7cccda85472cb9951305
Author: Tim Rühsen <tim.ruehsen@gmx.de>
Date:   Tue Aug 1 11:15:10 2017 +0200

    lib/bidi: Fix integer overflow (found by fuzzing)

Index: lib/bidi.c
--- lib/bidi.c.orig
+++ lib/bidi.c
@@ -30,6 +30,7 @@
 
 #include "idn2.h"
 
+#include <sys/types.h>
 #include <stdbool.h>
 
 #include "bidi.h"
@@ -39,7 +40,7 @@
 static bool
 _isBidi (const uint32_t *label, size_t llen)
 {
-  while (llen-- > 0) {
+  for (; (ssize_t) llen > 0; llen--) {
     int bc = uc_bidi_category (*label++);
 
     if (bc == UC_BIDI_R || bc == UC_BIDI_AL || bc == UC_BIDI_AN)
