diff options
Diffstat (limited to 'meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch')
-rw-r--r-- | meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch b/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch new file mode 100644 index 000000000..1241ff9e3 --- /dev/null +++ b/meta-oe/recipes-devtools/yajl/yajl/CVE-2017-16516.patch | |||
@@ -0,0 +1,37 @@ | |||
1 | From 0b5e73c4321de0ba1d495fdc0967054b2a77931c Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> | ||
3 | Date: Mon, 10 Jul 2023 13:36:10 +0100 | ||
4 | Subject: [PATCH] Fix for CVE-2017-16516 | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=UTF-8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | Description: Fix for CVE-2017-16516 | ||
10 | Potential buffer overread: A JSON file can cause denial of service. | ||
11 | Origin: https://github.com/brianmario/yajl-ruby/commit/a8ca8f476655adaa187eedc60bdc770fff3c51ce | ||
12 | |||
13 | CVE: CVE-2017-16516 | ||
14 | Upstream-Status: Submitted [https://github.com/lloyd/yajl/issues/248] | ||
15 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
16 | --- | ||
17 | src/yajl_encode.c | 4 ++-- | ||
18 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
19 | |||
20 | diff --git a/src/yajl_encode.c b/src/yajl_encode.c | ||
21 | index fd08258..0d97cc5 100644 | ||
22 | --- a/src/yajl_encode.c | ||
23 | +++ b/src/yajl_encode.c | ||
24 | @@ -139,8 +139,8 @@ void yajl_string_decode(yajl_buf buf, const unsigned char * str, | ||
25 | end+=3; | ||
26 | /* check if this is a surrogate */ | ||
27 | if ((codepoint & 0xFC00) == 0xD800) { | ||
28 | - end++; | ||
29 | - if (str[end] == '\\' && str[end + 1] == 'u') { | ||
30 | + if (end + 2 < len && str[end + 1] == '\\' && str[end + 2] == 'u') { | ||
31 | + end++; | ||
32 | unsigned int surrogate = 0; | ||
33 | hexToDigit(&surrogate, str + end + 2); | ||
34 | codepoint = | ||
35 | -- | ||
36 | 2.34.1 | ||
37 | |||