diff options
author | Andre McCurdy <armccurdy@gmail.com> | 2015-04-14 19:53:53 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-05-15 18:12:44 +0100 |
commit | c18b02e5e97a41b03377bd53ae02678c1fcb5c81 (patch) | |
tree | acd7eb112a80ad6bdcb872593b2025e5c993abb2 /meta/recipes-core/busybox/busybox | |
parent | aa263849ba573196d2cc859e7f84aa1758a20b06 (diff) | |
download | poky-c18b02e5e97a41b03377bd53ae02678c1fcb5c81.tar.gz |
busybox: remove CVE-2014-9645 patch (already upstream in 1.23.x)
The CVE-2014-9645 fix was merged in Busybox prior to the 1.23.0
release [1]. The fix was then reworked in Busybox 1.23.1, in such
a way that the original change was no longer required [2].
Although oe-core's CVE-2014-9645 patch still applies cleanly to
Busybox 1.23.1 and 1.23.2, applying it partially reverts the second
version of the upstream fix.
[1] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=4e314faa0aecb66717418e9a47a4451aec59262b
[2] http://git.busybox.net/busybox/commit/modutils/modprobe.c?h=1_23_stable&id=1ecfe811fe2f70380170ef7d820e8150054e88ca
(From OE-Core master rev: a753d3d8884b96baad5ed1a03335a81586420b86)
(From OE-Core rev: ef1748f26ab246d893f51141caa24dd4ae6b5ec0)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/busybox/busybox')
-rw-r--r-- | meta/recipes-core/busybox/busybox/CVE-2014-9645_busybox_reject_module_names_with_slashes.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/meta/recipes-core/busybox/busybox/CVE-2014-9645_busybox_reject_module_names_with_slashes.patch b/meta/recipes-core/busybox/busybox/CVE-2014-9645_busybox_reject_module_names_with_slashes.patch deleted file mode 100644 index 4e76067b3c..0000000000 --- a/meta/recipes-core/busybox/busybox/CVE-2014-9645_busybox_reject_module_names_with_slashes.patch +++ /dev/null | |||
@@ -1,41 +0,0 @@ | |||
1 | Upstream-status: Backport | ||
2 | http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b | ||
3 | |||
4 | CVE-2014-9645 fix. | ||
5 | |||
6 | [YOCTO #7257] | ||
7 | |||
8 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
9 | |||
10 | From 4e314faa0aecb66717418e9a47a4451aec59262b Mon Sep 17 00:00:00 2001 | ||
11 | From: Denys Vlasenko <vda.linux@googlemail.com> | ||
12 | Date: Thu, 20 Nov 2014 17:24:33 +0000 | ||
13 | Subject: modprobe,rmmod: reject module names with slashes | ||
14 | |||
15 | function old new delta | ||
16 | add_probe 86 113 +27 | ||
17 | |||
18 | Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> | ||
19 | --- | ||
20 | Index: busybox-1.22.1/modutils/modprobe.c | ||
21 | =================================================================== | ||
22 | --- busybox-1.22.1.orig/modutils/modprobe.c | ||
23 | +++ busybox-1.22.1/modutils/modprobe.c | ||
24 | @@ -238,6 +238,17 @@ static void add_probe(const char *name) | ||
25 | { | ||
26 | struct module_entry *m; | ||
27 | |||
28 | + /* | ||
29 | + * get_or_add_modentry() strips path from name and works | ||
30 | + * on remaining basename. | ||
31 | + * This would make "rmmod dir/name" and "modprobe dir/name" | ||
32 | + * to work like "rmmod name" and "modprobe name", | ||
33 | + * which is wrong, and can be abused via implicit modprobing: | ||
34 | + * "ifconfig /usbserial up" tries to modprobe netdev-/usbserial. | ||
35 | + */ | ||
36 | + if (strchr(name, '/')) | ||
37 | + bb_error_msg_and_die("malformed module name '%s'", name); | ||
38 | + | ||
39 | m = get_or_add_modentry(name); | ||
40 | if (!(option_mask32 & (OPT_REMOVE | OPT_SHOW_DEPS)) | ||
41 | && (m->flags & MODULE_FLAG_LOADED) | ||