1 files changed, 37 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch b/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch
new file mode 100644
index 000000000..1241ff9e3
--- /dev/null
+++ b/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch
@@ -0,0 +1,37 @@
+From 0b5e73c4321de0ba1d495fdc0967054b2a77931c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Mon, 10 Jul 2023 13:36:10 +0100
+Subject: [PATCH] Fix for CVE-2017-16516
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Description: Fix for CVE-2017-16516
+ Potential buffer overread: A JSON file can cause denial of service.
+Origin: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce
+CVE: CVE-2017-16516
+Upstream-Status: Submitted [https://github.com/lloyd/yajl/issues/248]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+ src/yajl_encode.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/src/yajl_encode.c b/src/yajl_encode.c
+index fd08258..0d97cc5 100644
+--- a/src/yajl_encode.c
+++ b/src/yajl_encode.c
+@@ -139,8 +139,8 @@ void yajl_string_decode(yajl_buf buf, const unsigned char * str,
+                     end+=3;
+                     /* check if this is a surrogate */
+                     if ((codepoint & 0xFC00) == 0xD800) {
+-                        end++;
+-                        if (str[end] == '\\' && str[end + 1] == 'u') {
+                        if (end + 2 < len && str[end + 1] == '\\' && str[end + 2] == 'u') {
+                            end++;
+                             unsigned int surrogate = 0;
+                             hexToDigit(&surrogate, str + end + 2);
+                             codepoint =
+-- 
+2.34.1

diff --git a/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch b/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch new file mode 100644 index 000000000..1241ff9e3 --- /dev/null +++ b/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch
@@ -0,0 +1,37 @@
	1	From 0b5e73c4321de0ba1d495fdc0967054b2a77931c Mon Sep 17 00:00:00 2001
	2	From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
	3	Date: Mon, 10 Jul 2023 13:36:10 +0100
	4	Subject: [PATCH] Fix for CVE-2017-16516
	5	MIME-Version: 1.0
	6	Content-Type: text/plain; charset=UTF-8
	7	Content-Transfer-Encoding: 8bit
	8
	9	Description: Fix for CVE-2017-16516
	10	Potential buffer overread: A JSON file can cause denial of service.
	11	Origin: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce
	12
	13	CVE: CVE-2017-16516
	14	Upstream-Status: Submitted [https://github.com/lloyd/yajl/issues/248]
	15	Signed-off-by: Ross Burton <ross.burton@arm.com>
	16	---
	17	src/yajl_encode.c \| 4 ++--
	18	1 file changed, 2 insertions(+), 2 deletions(-)
	19
	20	diff --git a/src/yajl_encode.c b/src/yajl_encode.c
	21	index fd08258..0d97cc5 100644
	22	--- a/src/yajl_encode.c
	23	+++ b/src/yajl_encode.c
	24	@@ -139,8 +139,8 @@ void yajl_string_decode(yajl_buf buf, const unsigned char * str,
	25	end+=3;
	26	/* check if this is a surrogate */
	27	if ((codepoint & 0xFC00) == 0xD800) {
	28	- end++;
	29	- if (str[end] == '\\' && str[end + 1] == 'u') {
	30	+ if (end + 2 < len && str[end + 1] == '\\' && str[end + 2] == 'u') {
	31	+ end++;
	32	unsigned int surrogate = 0;
	33	hexToDigit(&surrogate, str + end + 2);
	34	codepoint =
	35	--
	36	2.34.1
	37