diff options
author | Kang Kai <kai.kang@windriver.com> | 2013-01-24 16:58:15 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2013-03-01 15:38:48 +0000 |
commit | a54d4ae89e0b92c413de7e8e1f52eb50ccdf192b (patch) | |
tree | 2e63ec3524df948ecd141bb2920bd4cc45aa16c0 | |
parent | 8cb87526627b9820a9be5698c084df788a433a7b (diff) | |
download | poky-a54d4ae89e0b92c413de7e8e1f52eb50ccdf192b.tar.gz |
perl: fix security issue
Add perl-fix-CVE-2012-5195.patch to fix perl memory exhaustion
denial-of-service attack issue.
And patch is from perl 5.14.3 branch:
http://perl5.git.perl.org/perl.git/commit/b675304e3fdbcce3ef853b06b6ebe870d99faa7e
[Yocto 3701]
(From OE-Core rev: b4799833d26eacf60a7590bc5770b3715389fe66)
Signed-off-by: Kang Kai <kai.kang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-devtools/perl/perl-5.14.2/perl-fix-CVE-2012-5195.patch | 41 | ||||
-rw-r--r-- | meta/recipes-devtools/perl/perl_5.14.2.bb | 3 |
2 files changed, 43 insertions, 1 deletions
diff --git a/meta/recipes-devtools/perl/perl-5.14.2/perl-fix-CVE-2012-5195.patch b/meta/recipes-devtools/perl/perl-5.14.2/perl-fix-CVE-2012-5195.patch new file mode 100644 index 0000000000..da96f9c494 --- /dev/null +++ b/meta/recipes-devtools/perl/perl-5.14.2/perl-fix-CVE-2012-5195.patch | |||
@@ -0,0 +1,41 @@ | |||
1 | Upstream-Status: Backport | ||
2 | |||
3 | This patch is from perl mainline: | ||
4 | http://perl5.git.perl.org/perl.git/commit/b675304e3fdbcce3ef853b06b6ebe870d99faa7e | ||
5 | |||
6 | Signed-off-by: Kang Kai <kai.kang@windriver.com> | ||
7 | |||
8 | --- | ||
9 | From b675304e3fdbcce3ef853b06b6ebe870d99faa7e Mon Sep 17 00:00:00 2001 | ||
10 | From: Andy Dougherty <doughera@lafayette.edu> | ||
11 | Date: Thu, 27 Sep 2012 09:52:18 -0400 | ||
12 | Subject: [PATCH] avoid calling memset with a negative count | ||
13 | |||
14 | Poorly written perl code that allows an attacker to specify the count to | ||
15 | perl's 'x' string repeat operator can already cause a memory exhaustion | ||
16 | denial-of-service attack. A flaw in versions of perl before 5.15.5 can | ||
17 | escalate that into a heap buffer overrun; coupled with versions of glibc | ||
18 | before 2.16, it possibly allows the execution of arbitrary code. | ||
19 | |||
20 | The flaw addressed to this commit has been assigned identifier | ||
21 | CVE-2012-5195. | ||
22 | --- | ||
23 | util.c | 3 +++ | ||
24 | 1 files changed, 3 insertions(+), 0 deletions(-) | ||
25 | |||
26 | diff --git a/util.c b/util.c | ||
27 | index 0ea39c6..230211e 100644 | ||
28 | --- a/util.c | ||
29 | +++ b/util.c | ||
30 | @@ -3319,6 +3319,9 @@ Perl_repeatcpy(register char *to, register const char *from, I32 len, register I | ||
31 | { | ||
32 | PERL_ARGS_ASSERT_REPEATCPY; | ||
33 | |||
34 | + if (count < 0) | ||
35 | + Perl_croak_nocontext("%s",PL_memory_wrap); | ||
36 | + | ||
37 | if (len == 1) | ||
38 | memset(to, *from, count); | ||
39 | else if (count) { | ||
40 | -- | ||
41 | 1.7.4.1 | ||
diff --git a/meta/recipes-devtools/perl/perl_5.14.2.bb b/meta/recipes-devtools/perl/perl_5.14.2.bb index d9206d86d3..d3f6ffdb17 100644 --- a/meta/recipes-devtools/perl/perl_5.14.2.bb +++ b/meta/recipes-devtools/perl/perl_5.14.2.bb | |||
@@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://Copying;md5=2b4c6ffbcfcbdee469f02565f253d81a \ | |||
7 | # We need gnugrep (for -I) | 7 | # We need gnugrep (for -I) |
8 | DEPENDS = "virtual/db grep-native" | 8 | DEPENDS = "virtual/db grep-native" |
9 | DEPENDS += "gdbm zlib" | 9 | DEPENDS += "gdbm zlib" |
10 | PR = "r11" | 10 | PR = "r12" |
11 | 11 | ||
12 | # 5.10.1 has Module::Build built-in | 12 | # 5.10.1 has Module::Build built-in |
13 | PROVIDES += "libmodule-build-perl" | 13 | PROVIDES += "libmodule-build-perl" |
@@ -67,6 +67,7 @@ SRC_URI = "http://www.cpan.org/src/5.0/perl-${PV}.tar.gz \ | |||
67 | file://fix_bad_rpath.patch \ | 67 | file://fix_bad_rpath.patch \ |
68 | file://perl-build-in-t-dir.patch \ | 68 | file://perl-build-in-t-dir.patch \ |
69 | file://perl-archlib-exp.patch \ | 69 | file://perl-archlib-exp.patch \ |
70 | file://perl-fix-CVE-2012-5195.patch \ | ||
70 | \ | 71 | \ |
71 | file://config.sh \ | 72 | file://config.sh \ |
72 | file://config.sh-32 \ | 73 | file://config.sh-32 \ |