libuv: fix CVE-2024-24806

Upstream-Status: Backport[https://github.com/libuv/libuv/commit/0f2d7e784a256b54b2385043438848047bc2a629] Upstream-Status: Backport[https://github.com/libuv/libuv/commit/3530bcc30350d4a6ccf35d2f7b33e23292b9de70]> Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Hugo SIMELIERE <hsimeliere.opensource@witekio.com> 2024-02-19 11:50:33 +0100
committer: Armin Kuster <akuster808@gmail.com> 2024-03-03 16:38:27 -0500
commit: 3c1bd6e007cd2bc6bee06d8784dcce71644401a9 (patch)
tree: 46d8db194867d3b5ebcdbcf6e838ca2e4a55b69c
parent: e30e0c309465de4e52addf008ab4404580c0026e (diff)
download: meta-openembedded-3c1bd6e007cd2bc6bee06d8784dcce71644401a9.tar.gz
3 files changed, 65 insertions, 1 deletions
diff --git a/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-1.patch b/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-1.patch
new file mode 100644
index 000000000..426388c3b
--- /dev/null
+++ b/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-1.patch
@@ -0,0 +1,32 @@
+From 40dad53252e82eb4ee6e0c000e0c9ab15c7af312 Mon Sep 17 00:00:00 2001
+From: Ben Noordhuis <info@bnoordhuis.nl>
+Date: Thu, 18 Jan 2024 14:51:40 +0100
+Subject: [PATCH] fix: always zero-terminate idna output
+CVE: CVE-2024-24806
+Upstream commit: 0f2d7e784a256b54b2385043438848047bc2a629
+Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
+---
+ src/idna.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+diff --git a/src/idna.c b/src/idna.c
+index 13ffac6b..874f1caf 100644
+--- a/src/idna.c
+++ b/src/idna.c
+@@ -284,8 +284,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
+       return rc;
+   }
+ 
+-  if (d < de)
+-    *d++ = '\0';
+  if (d >= de)
+    return UV_EINVAL;
+ 
+  *d++ = '\0';
+   return d - ds;  /* Number of bytes written. */
+ }
+-- 
+2.43.0
diff --git a/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-2.patch b/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-2.patch
new file mode 100644
index 000000000..f231cf96b
--- /dev/null
+++ b/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-2.patch
@@ -0,0 +1,30 @@
+From 6b8bce71f3ea435fcb286d49df1204c23ef3ea01 Mon Sep 17 00:00:00 2001
+From: Ben Noordhuis <info@bnoordhuis.nl>
+Date: Thu, 18 Jan 2024 14:52:38 +0100
+Subject: [PATCH] fix: reject zero-length idna inputs
+CVE: CVE-2024-24806
+Upstream commit: 3530bcc30350d4a6ccf35d2f7b33e23292b9de70
+Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
+---
+ src/idna.c | 3 +++
+ 1 file changed, 3 insertions(+)
+diff --git a/src/idna.c b/src/idna.c
+index 874f1caf..97edf06c 100644
+--- a/src/idna.c
+++ b/src/idna.c
+@@ -254,6 +254,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
+   char* ds;
+   int rc;
+ 
+  if (s == se)
+    return UV_EINVAL;
+
+   ds = d;
+ 
+   for (si = s; si < se; /* empty */) {
+-- 
+2.43.0
diff --git a/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb b/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb
index 41e95f56a..da99b41fd 100644
--- a/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb
+++ b/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb
@@ -6,7 +6,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a68902a430e32200263d182d44924d47"
 SRCREV = "533b738838ad8407032e14b6772b29ef9af63cfa"
 SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https \
-           file://CVE-2020-8252.patch"
+           file://CVE-2020-8252.patch \
+           file://CVE-2024-24806-1.patch \
+           file://CVE-2024-24806-2.patch"
 S = "${WORKDIR}/git"
author	Hugo SIMELIERE <hsimeliere.opensource@witekio.com>	2024-02-19 11:50:33 +0100
committer	Armin Kuster <akuster808@gmail.com>	2024-03-03 16:38:27 -0500
commit	3c1bd6e007cd2bc6bee06d8784dcce71644401a9 (patch)
tree	46d8db194867d3b5ebcdbcf6e838ca2e4a55b69c
parent	e30e0c309465de4e52addf008ab4404580c0026e (diff)
download	meta-openembedded-3c1bd6e007cd2bc6bee06d8784dcce71644401a9.tar.gz

diff --git a/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-1.patch b/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-1.patch new file mode 100644 index 000000000..426388c3b --- /dev/null +++ b/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-1.patch
@@ -0,0 +1,32 @@
		1	From 40dad53252e82eb4ee6e0c000e0c9ab15c7af312 Mon Sep 17 00:00:00 2001
		2	From: Ben Noordhuis <info@bnoordhuis.nl>
		3	Date: Thu, 18 Jan 2024 14:51:40 +0100
		4	Subject: [PATCH] fix: always zero-terminate idna output
		5
		6	CVE: CVE-2024-24806
		7	Upstream commit: 0f2d7e784a256b54b2385043438848047bc2a629
		8
		9	Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
		10	---
		11	src/idna.c \| 5 +++--
		12	1 file changed, 3 insertions(+), 2 deletions(-)
		13
		14	diff --git a/src/idna.c b/src/idna.c
		15	index 13ffac6b..874f1caf 100644
		16	--- a/src/idna.c
		17	+++ b/src/idna.c
		18	@@ -284,8 +284,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
		19	return rc;
		20	}
		21
		22	- if (d < de)
		23	- *d++ = '\0';
		24	+ if (d >= de)
		25	+ return UV_EINVAL;
		26
		27	+ *d++ = '\0';
		28	return d - ds; /* Number of bytes written. */
		29	}
		30	--
		31	2.43.0
		32


diff --git a/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-2.patch b/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-2.patch new file mode 100644 index 000000000..f231cf96b --- /dev/null +++ b/meta-oe/recipes-connectivity/libuv/libuv/CVE-2024-24806-2.patch
@@ -0,0 +1,30 @@
		1	From 6b8bce71f3ea435fcb286d49df1204c23ef3ea01 Mon Sep 17 00:00:00 2001
		2	From: Ben Noordhuis <info@bnoordhuis.nl>
		3	Date: Thu, 18 Jan 2024 14:52:38 +0100
		4	Subject: [PATCH] fix: reject zero-length idna inputs
		5
		6	CVE: CVE-2024-24806
		7	Upstream commit: 3530bcc30350d4a6ccf35d2f7b33e23292b9de70
		8
		9	Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
		10	---
		11	src/idna.c \| 3 +++
		12	1 file changed, 3 insertions(+)
		13
		14	diff --git a/src/idna.c b/src/idna.c
		15	index 874f1caf..97edf06c 100644
		16	--- a/src/idna.c
		17	+++ b/src/idna.c
		18	@@ -254,6 +254,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) {
		19	char* ds;
		20	int rc;
		21
		22	+ if (s == se)
		23	+ return UV_EINVAL;
		24	+
		25	ds = d;
		26
		27	for (si = s; si < se; /* empty */) {
		28	--
		29	2.43.0
		30


diff --git a/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb b/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb index 41e95f56a..da99b41fd 100644 --- a/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb +++ b/meta-oe/recipes-connectivity/libuv/libuv_1.36.0.bb
@@ -6,7 +6,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a68902a430e32200263d182d44924d47"
6		6
7	SRCREV = "533b738838ad8407032e14b6772b29ef9af63cfa"	7	SRCREV = "533b738838ad8407032e14b6772b29ef9af63cfa"
8	SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https \	8	SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https \
9	file://CVE-2020-8252.patch"	9	file://CVE-2020-8252.patch \
		10	file://CVE-2024-24806-1.patch \
		11	file://CVE-2024-24806-2.patch"
10		12
11	S = "${WORKDIR}/git"	13	S = "${WORKDIR}/git"
12		14