diff options
author | Simone Weiß <simone.p.weiss@posteo.com> | 2024-03-02 19:09:56 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2024-03-03 16:25:20 +0000 |
commit | 3299b4942c525632f6eb1f39b328f2192774da47 (patch) | |
tree | 8085b5f1f52d935598bb730fb32c3df71053baa1 /meta/recipes-core | |
parent | 9a8fff91488d123b40c165ab3218488ab5e9e422 (diff) | |
download | poky-3299b4942c525632f6eb1f39b328f2192774da47.tar.gz |
coreutils: backport patch to fix heap overflow in split
Backported from upstream to fix CVE-2024-0684
(From OE-Core rev: 64c502850147e82c93b5fc7f45a8c76a9ad414d8)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core')
-rw-r--r-- | meta/recipes-core/coreutils/coreutils/CVE-2024-0684.patch | 39 | ||||
-rw-r--r-- | meta/recipes-core/coreutils/coreutils_9.4.bb | 1 |
2 files changed, 40 insertions, 0 deletions
diff --git a/meta/recipes-core/coreutils/coreutils/CVE-2024-0684.patch b/meta/recipes-core/coreutils/coreutils/CVE-2024-0684.patch new file mode 100644 index 0000000000..0c68e2dce0 --- /dev/null +++ b/meta/recipes-core/coreutils/coreutils/CVE-2024-0684.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | From c4c5ed8f4e9cd55a12966d4f520e3a13101637d9 Mon Sep 17 00:00:00 2001 | ||
2 | From: Paul Eggert <eggert@cs.ucla.edu> | ||
3 | Date: Tue, 16 Jan 2024 13:48:32 -0800 | ||
4 | Subject: [PATCH 1/1] split: do not shrink hold buffer | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=utf8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | * src/split.c (line_bytes_split): Do not shrink hold buffer. | ||
10 | If it’s large for this batch it’s likely to be large for the next | ||
11 | batch, and for ‘split’ it’s not worth the complexity/CPU hassle to | ||
12 | shrink it. Do not assume hold_size can be bufsize. | ||
13 | |||
14 | CVE: CVE-2024-0684 | ||
15 | Upstream-Status: Backport [https://github.com/coreutils/coreutils/commit/c4c5ed8f4e9cd55a12966d4f520e3a13101637d9] | ||
16 | Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> | ||
17 | --- | ||
18 | src/split.c | 3 --- | ||
19 | 1 file changed, 3 deletions(-) | ||
20 | |||
21 | diff --git a/src/split.c b/src/split.c | ||
22 | index 64020c859..037960a59 100644 | ||
23 | --- a/src/split.c | ||
24 | +++ b/src/split.c | ||
25 | @@ -809,10 +809,7 @@ line_bytes_split (intmax_t n_bytes, char *buf, idx_t bufsize) | ||
26 | { | ||
27 | cwrite (n_out == 0, hold, n_hold); | ||
28 | n_out += n_hold; | ||
29 | - if (n_hold > bufsize) | ||
30 | - hold = xirealloc (hold, bufsize); | ||
31 | n_hold = 0; | ||
32 | - hold_size = bufsize; | ||
33 | } | ||
34 | |||
35 | /* Output to eol if present. */ | ||
36 | -- | ||
37 | 2.11.4.GIT | ||
38 | |||
39 | |||
diff --git a/meta/recipes-core/coreutils/coreutils_9.4.bb b/meta/recipes-core/coreutils/coreutils_9.4.bb index a79cabd3d2..fc51adcd5b 100644 --- a/meta/recipes-core/coreutils/coreutils_9.4.bb +++ b/meta/recipes-core/coreutils/coreutils_9.4.bb | |||
@@ -17,6 +17,7 @@ SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \ | |||
17 | file://remove-usr-local-lib-from-m4.patch \ | 17 | file://remove-usr-local-lib-from-m4.patch \ |
18 | file://0001-local.mk-fix-cross-compiling-problem.patch \ | 18 | file://0001-local.mk-fix-cross-compiling-problem.patch \ |
19 | file://0001-posixtm-pacify-clang-18.patch \ | 19 | file://0001-posixtm-pacify-clang-18.patch \ |
20 | file://CVE-2024-0684.patch \ | ||
20 | file://run-ptest \ | 21 | file://run-ptest \ |
21 | " | 22 | " |
22 | SRC_URI[sha256sum] = "ea613a4cf44612326e917201bbbcdfbd301de21ffc3b59b6e5c07e040b275e52" | 23 | SRC_URI[sha256sum] = "ea613a4cf44612326e917201bbbcdfbd301de21ffc3b59b6e5c07e040b275e52" |