diff options
| author | Ross Burton <ross.burton@intel.com> | 2019-06-24 19:13:08 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-07-27 18:05:18 +0100 |
| commit | 45e662b445970d6f57b8787c0c61b903cdfaa238 (patch) | |
| tree | 00f44ca721eaa0ff40ca96127f8a4defb9cd254f /meta/recipes-core/glibc/glibc/CVE-2018-19591.patch | |
| parent | f749c69115dcc3918d1fd0acd379852288193345 (diff) | |
| download | poky-45e662b445970d6f57b8787c0c61b903cdfaa238.tar.gz | |
glibc: backport CVE fixes
Backport the fixes for several CVEs from the 2.28 stable branch:
- CVE-2016-10739
- CVE-2018-19591
(From OE-Core rev: 950a60c0e4183037a807031ddc9167b1a81a5348)
Signed-off-by: Ross Burton <ross.burton@intel.com>
[Dropped CVE-2019-9169 as its in my contrib already]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glibc/glibc/CVE-2018-19591.patch')
| -rw-r--r-- | meta/recipes-core/glibc/glibc/CVE-2018-19591.patch | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch b/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch new file mode 100644 index 0000000000..9c78a3dfa0 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/CVE-2018-19591.patch | |||
| @@ -0,0 +1,48 @@ | |||
| 1 | CVE: CVE-2018-19591 | ||
| 2 | Upstream-Status: Backport | ||
| 3 | Signed-off-by: Ross Burton <ross.burton@intel.com> | ||
| 4 | |||
| 5 | From ce6ba630dbc96f49eb1f30366aa62261df4792f9 Mon Sep 17 00:00:00 2001 | ||
| 6 | From: Florian Weimer <fweimer@redhat.com> | ||
| 7 | Date: Tue, 27 Nov 2018 16:12:43 +0100 | ||
| 8 | Subject: [PATCH] CVE-2018-19591: if_nametoindex: Fix descriptor for overlong | ||
| 9 | name [BZ #23927] | ||
| 10 | |||
| 11 | (cherry picked from commit d527c860f5a3f0ed687bd03f0cb464612dc23408) | ||
| 12 | --- | ||
| 13 | ChangeLog | 7 +++++++ | ||
| 14 | NEWS | 6 ++++++ | ||
| 15 | sysdeps/unix/sysv/linux/if_index.c | 11 ++++++----- | ||
| 16 | 3 files changed, 19 insertions(+), 5 deletions(-) | ||
| 17 | |||
| 18 | diff --git a/sysdeps/unix/sysv/linux/if_index.c b/sysdeps/unix/sysv/linux/if_index.c | ||
| 19 | index e3d08982d9..782fc5e175 100644 | ||
| 20 | --- a/sysdeps/unix/sysv/linux/if_index.c | ||
| 21 | +++ b/sysdeps/unix/sysv/linux/if_index.c | ||
| 22 | @@ -38,11 +38,6 @@ __if_nametoindex (const char *ifname) | ||
| 23 | return 0; | ||
| 24 | #else | ||
| 25 | struct ifreq ifr; | ||
| 26 | - int fd = __opensock (); | ||
| 27 | - | ||
| 28 | - if (fd < 0) | ||
| 29 | - return 0; | ||
| 30 | - | ||
| 31 | if (strlen (ifname) >= IFNAMSIZ) | ||
| 32 | { | ||
| 33 | __set_errno (ENODEV); | ||
| 34 | @@ -50,6 +45,12 @@ __if_nametoindex (const char *ifname) | ||
| 35 | } | ||
| 36 | |||
| 37 | strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name)); | ||
| 38 | + | ||
| 39 | + int fd = __opensock (); | ||
| 40 | + | ||
| 41 | + if (fd < 0) | ||
| 42 | + return 0; | ||
| 43 | + | ||
| 44 | if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0) | ||
| 45 | { | ||
| 46 | int saved_errno = errno; | ||
| 47 | -- | ||
| 48 | 2.11.0 | ||