diff options
Diffstat (limited to 'recipes-support/curl')
-rw-r--r-- | recipes-support/curl/curl/CVE-2017-8817.patch | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/recipes-support/curl/curl/CVE-2017-8817.patch b/recipes-support/curl/curl/CVE-2017-8817.patch index 20ca406..e8429b2 100644 --- a/recipes-support/curl/curl/CVE-2017-8817.patch +++ b/recipes-support/curl/curl/CVE-2017-8817.patch | |||
@@ -1,6 +1,6 @@ | |||
1 | From 2dd71516235bb8f98210242c34a1a617caa8c171 Mon Sep 17 00:00:00 2001 | 1 | From 438a9ebfe9c4dc850ca2ed858bf5b8c31ce15ef5 Mon Sep 17 00:00:00 2001 |
2 | From: Sona Sarmadi <sona.sarmadi@enea.com> | 2 | From: Sona Sarmadi <sona.sarmadi@enea.com> |
3 | Date: Mon, 4 Dec 2017 10:25:14 +0100 | 3 | Date: Fri, 2 Mar 2018 08:48:05 +0100 |
4 | Subject: [PATCH] curl: fix for CVE-2017-8817 | 4 | Subject: [PATCH] curl: fix for CVE-2017-8817 |
5 | 5 | ||
6 | wildcardmatch: fix heap buffer overflow in setcharset | 6 | wildcardmatch: fix heap buffer overflow in setcharset |
@@ -20,13 +20,13 @@ Bug: https://curl.haxx.se/docs/adv_2017-ae72.html | |||
20 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> | 20 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> |
21 | --- | 21 | --- |
22 | lib/curl_fnmatch.c | 9 +++------ | 22 | lib/curl_fnmatch.c | 9 +++------ |
23 | tests/data/Makefile.inc | 1 + | 23 | tests/data/Makefile.inc | 2 +- |
24 | tests/data/test1163 | 52 +++++++++++++++++++++++++++++++++++++++++++++++++ | 24 | tests/data/test1163 | 52 +++++++++++++++++++++++++++++++++++++++++++++++++ |
25 | 3 files changed, 56 insertions(+), 6 deletions(-) | 25 | 3 files changed, 56 insertions(+), 7 deletions(-) |
26 | create mode 100644 tests/data/test1163 | 26 | create mode 100644 tests/data/test1163 |
27 | 27 | ||
28 | diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c | 28 | diff --git a/lib/curl_fnmatch.c b/lib/curl_fnmatch.c |
29 | index e8108bb..2f34335 100644 | 29 | index 46d3ada..5dd5323 100644 |
30 | --- a/lib/curl_fnmatch.c | 30 | --- a/lib/curl_fnmatch.c |
31 | +++ b/lib/curl_fnmatch.c | 31 | +++ b/lib/curl_fnmatch.c |
32 | @@ -133,6 +133,9 @@ static int setcharset(unsigned char **p, unsigned char *charset) | 32 | @@ -133,6 +133,9 @@ static int setcharset(unsigned char **p, unsigned char *charset) |
@@ -39,7 +39,7 @@ index e8108bb..2f34335 100644 | |||
39 | switch(state) { | 39 | switch(state) { |
40 | case CURLFNM_SCHS_DEFAULT: | 40 | case CURLFNM_SCHS_DEFAULT: |
41 | if(ISALNUM(c)) { /* ASCII value */ | 41 | if(ISALNUM(c)) { /* ASCII value */ |
42 | @@ -197,9 +200,6 @@ static int setcharset(unsigned char **p, unsigned char *charset) | 42 | @@ -196,9 +199,6 @@ static int setcharset(unsigned char **p, unsigned char *charset) |
43 | else | 43 | else |
44 | return SETCHARSET_FAIL; | 44 | return SETCHARSET_FAIL; |
45 | } | 45 | } |
@@ -49,7 +49,7 @@ index e8108bb..2f34335 100644 | |||
49 | else { | 49 | else { |
50 | charset[c] = 1; | 50 | charset[c] = 1; |
51 | (*p)++; | 51 | (*p)++; |
52 | @@ -278,9 +278,6 @@ static int setcharset(unsigned char **p, unsigned char *charset) | 52 | @@ -277,9 +277,6 @@ static int setcharset(unsigned char **p, unsigned char *charset) |
53 | else if(c == ']') { | 53 | else if(c == ']') { |
54 | return SETCHARSET_OK; | 54 | return SETCHARSET_OK; |
55 | } | 55 | } |
@@ -60,13 +60,14 @@ index e8108bb..2f34335 100644 | |||
60 | charset[c] = 1; | 60 | charset[c] = 1; |
61 | (*p)++; | 61 | (*p)++; |
62 | diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc | 62 | diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc |
63 | index 01ad40d..20aa856 100644 | 63 | index 5284654..942f9ee 100644 |
64 | --- a/tests/data/Makefile.inc | 64 | --- a/tests/data/Makefile.inc |
65 | +++ b/tests/data/Makefile.inc | 65 | +++ b/tests/data/Makefile.inc |
66 | @@ -122,6 +122,7 @@ test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \ | 66 | @@ -122,7 +122,7 @@ test1128 test1129 test1130 test1131 test1132 test1133 test1134 test1135 \ |
67 | test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \ | 67 | test1136 test1137 test1138 test1139 test1140 test1141 test1142 test1143 \ |
68 | test1144 test1145 test1146 \ | 68 | test1144 test1145 test1146 \ |
69 | test1152 \ | 69 | test1152 \ |
70 | -\ | ||
70 | +test1163 \ | 71 | +test1163 \ |
71 | test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \ | 72 | test1200 test1201 test1202 test1203 test1204 test1205 test1206 test1207 \ |
72 | test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \ | 73 | test1208 test1209 test1210 test1211 test1212 test1213 test1214 test1215 \ |