1 files changed, 0 insertions, 135 deletions
diff --git a/recipes-support/curl/curl/CVE-2017-8817.patch b/recipes-support/curl/curl/CVE-2017-8817.patch
deleted file mode 100644
index e8429b2..0000000
--- a/recipes-support/curl/curl/CVE-2017-8817.patch
+++ /dev/null
@@ -1,135 +0,0 @@
-From 438a9ebfe9c4dc850ca2ed858bf5b8c31ce15ef5 Mon Sep 17 00:00:00 2001
-From: Sona Sarmadi <sona.sarmadi@enea.com>
-Date: Fri, 2 Mar 2018 08:48:05 +0100
-Subject: [PATCH] curl: fix for CVE-2017-8817
-wildcardmatch: fix heap buffer overflow in setcharset
-The code would previous read beyond the end of the pattern string if the
-match pattern ends with an open bracket when the default pattern
-matching function is used.
-Detected by OSS-Fuzz:
-https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4161
-CVE: CVE-2017-8817
-Upstream-Status: Backport [https://curl.haxx.se/CVE-2017-8817.patch]
-Bug: https://curl.haxx.se/docs/adv_2017-ae72.html
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
- lib/curl_fnmatch.c      |  9 +++------
- tests/data/Makefile.inc |  2 +-
- tests/data/test1163     | 52 +++++++++++++++++++++++++++++++++++++++++++++++++
- 3 files changed, 56 insertions(+), 7 deletions(-)
- create mode 100644 tests/data/test1163
-diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c
-index 46d3ada..5dd5323 100644
--- a/lib/curl_fnmatch.c
-+++ b/lib/curl_fnmatch.c
-@@ -133,6 +133,9 @@ static int setcharset(unsigned char **p, unsigned char *charset)
-   unsigned char c;
-   for(;;) {
-     c = **p;
-+    if(!c)
-+      return SETCHARSET_FAIL;
-+
-     switch(state) {
-     case CURLFNM_SCHS_DEFAULT:
-       if(ISALNUM(c)) { /* ASCII value */
-@@ -196,9 +199,6 @@ static int setcharset(unsigned char **p, unsigned char *charset)
-         else
-           return SETCHARSET_FAIL;
-       }
-      else if(c == '\0') {
-        return SETCHARSET_FAIL;
-      }
-       else {
-         charset[c] = 1;
-         (*p)++;
-@@ -277,9 +277,6 @@ static int setcharset(unsigned char **p, unsigned char *charset)
-       else if(c == ']') {
-         return SETCHARSET_OK;
-       }
-      else if(c == '\0') {
-        return SETCHARSET_FAIL;
-      }
-       else if(ISPRINT(c)) {
-         charset[c] = 1;
-         (*p)++;
-diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
-index 5284654..942f9ee 100644
--- a/tests/data/Makefile.inc
-+++ b/tests/data/Makefile.inc
-@@ -122,7 +122,7 @@ test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \
- test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \
- test1144 test1145 test1146 \
- test1152 \
-\
-+test1163 \
- test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
- test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \
- test1216 test1217 test1218 test1219 \
-diff --git a/tests/data/test1163 b/tests/data/test1163
-new file mode 100644
-index 0000000..3266fa8
--- /dev/null
-+++ b/tests/data/test1163
-@@ -0,0 +1,52 @@
-+<testcase>
-+<info>
-+<keywords>
-+FTP
-+RETR
-+LIST
-+wildcardmatch
-+ftplistparser
-+flaky
-+</keywords>
-+</info>
-+
-+#
-+# Server-side
-+<reply>
-+<data>
-+</data>
-+</reply>
-+
-+# Client-side
-+<client>
-+<server>
-+ftp
-+</server>
-+<tool>
-+lib576
-+</tool>
-+<name>
-+FTP wildcard with pattern ending with an open-bracket
-+</name>
-+<command>
-+"ftp://%HOSTIP:%FTPPORT/fully_simulated/DOS/*[]["
-+</command>
-+</client>
-+<verify>
-+<protocol>
-+USER anonymous
-+PASS ftp@example.com
-+PWD
-+CWD fully_simulated
-+CWD DOS
-+EPSV
-+TYPE A
-+LIST
-+QUIT
-+</protocol>
-+# 78 == CURLE_REMOTE_FILE_NOT_FOUND
-+<errorcode>
-+78
-+</errorcode>
-+</verify>
-+</testcase>
-- 
-1.9.1

diff --git a/recipes-support/curl/curl/CVE-2017-8817.patch b/recipes-support/curl/curl/CVE-2017-8817.patch deleted file mode 100644 index e8429b2..0000000 --- a/recipes-support/curl/curl/CVE-2017-8817.patch +++ /dev/null
@@ -1,135 +0,0 @@
1	From 438a9ebfe9c4dc850ca2ed858bf5b8c31ce15ef5 Mon Sep 17 00:00:00 2001
2	From: Sona Sarmadi <sona.sarmadi@enea.com>
3	Date: Fri, 2 Mar 2018 08:48:05 +0100
4	Subject: [PATCH] curl: fix for CVE-2017-8817
5
6	wildcardmatch: fix heap buffer overflow in setcharset
7
8	The code would previous read beyond the end of the pattern string if the
9	match pattern ends with an open bracket when the default pattern
10	matching function is used.
11
12	Detected by OSS-Fuzz:
13	https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4161
14
15	CVE: CVE-2017-8817
16	Upstream-Status: Backport [https://curl.haxx.se/CVE-2017-8817.patch]
17
18	Bug: https://curl.haxx.se/docs/adv_2017-ae72.html
19
20	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
21	---
22	lib/curl_fnmatch.c \| 9 +++------
23	tests/data/Makefile.inc \| 2 +-
24	tests/data/test1163 \| 52 +++++++++++++++++++++++++++++++++++++++++++++++++
25	3 files changed, 56 insertions(+), 7 deletions(-)
26	create mode 100644 tests/data/test1163
27
28	diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c
29	index 46d3ada..5dd5323 100644
30	--- a/lib/curl_fnmatch.c
31	+++ b/lib/curl_fnmatch.c
32	@@ -133,6 +133,9 @@ static int setcharset(unsigned char *p, unsigned char charset)
33	unsigned char c;
34	for(;;) {
35	c = **p;
36	+ if(!c)
37	+ return SETCHARSET_FAIL;
38	+
39	switch(state) {
40	case CURLFNM_SCHS_DEFAULT:
41	if(ISALNUM(c)) { /* ASCII value */
42	@@ -196,9 +199,6 @@ static int setcharset(unsigned char *p, unsigned char charset)
43	else
44	return SETCHARSET_FAIL;
45	}
46	- else if(c == '\0') {
47	- return SETCHARSET_FAIL;
48	- }
49	else {
50	charset[c] = 1;
51	(*p)++;
52	@@ -277,9 +277,6 @@ static int setcharset(unsigned char *p, unsigned char charset)
53	else if(c == ']') {
54	return SETCHARSET_OK;
55	}
56	- else if(c == '\0') {
57	- return SETCHARSET_FAIL;
58	- }
59	else if(ISPRINT(c)) {
60	charset[c] = 1;
61	(*p)++;
62	diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
63	index 5284654..942f9ee 100644
64	--- a/tests/data/Makefile.inc
65	+++ b/tests/data/Makefile.inc
66	@@ -122,7 +122,7 @@ test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \
67	test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \
68	test1144 test1145 test1146 \
69	test1152 \
70	-\
71	+test1163 \
72	test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \
73	test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \
74	test1216 test1217 test1218 test1219 \
75	diff --git a/tests/data/test1163 b/tests/data/test1163
76	new file mode 100644
77	index 0000000..3266fa8
78	--- /dev/null
79	+++ b/tests/data/test1163
80	@@ -0,0 +1,52 @@
81	+<testcase>
82	+<info>
83	+<keywords>
84	+FTP
85	+RETR
86	+LIST
87	+wildcardmatch
88	+ftplistparser
89	+flaky
90	+</keywords>
91	+</info>
92	+
93	+#
94	+# Server-side
95	+<reply>
96	+<data>
97	+</data>
98	+</reply>
99	+
100	+# Client-side
101	+<client>
102	+<server>
103	+ftp
104	+</server>
105	+<tool>
106	+lib576
107	+</tool>
108	+<name>
109	+FTP wildcard with pattern ending with an open-bracket
110	+</name>
111	+<command>
112	+"ftp://%HOSTIP:%FTPPORT/fully_simulated/DOS/*[]["
113	+</command>
114	+</client>
115	+<verify>
116	+<protocol>
117	+USER anonymous
118	+PASS ftp@example.com
119	+PWD
120	+CWD fully_simulated
121	+CWD DOS
122	+EPSV
123	+TYPE A
124	+LIST
125	+QUIT
126	+</protocol>
127	+# 78 == CURLE_REMOTE_FILE_NOT_FOUND
128	+<errorcode>
129	+78
130	+</errorcode>
131	+</verify>
132	+</testcase>
133	--
134	1.9.1
135