summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/flex
diff options
context:
space:
mode:
authorJussi Kukkonen <jussi.kukkonen@intel.com>2016-10-10 11:30:03 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-10-11 08:27:27 +0100
commit55a8fe7e49000ce32b9858b93595693cfca0ccba (patch)
treebad3c5137cd68bffd0f6afc911b7722200e8564d /meta/recipes-devtools/flex
parent2109c620d42c099b633a4da4c2f0c0685b0a9b24 (diff)
downloadpoky-55a8fe7e49000ce32b9858b93595693cfca0ccba.tar.gz
flex: Backport buffer overflow fix
Fix a heap-based buffer overflow in yy_get_next_buffer() (CVE-2016-6354). (From OE-Core rev: 68d56306baa21e66756fb44c6c5680e725b1e3bc) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/flex')
-rw-r--r--meta/recipes-devtools/flex/flex/CVE-2016-6354.patch59
-rw-r--r--meta/recipes-devtools/flex/flex_2.6.0.bb1
2 files changed, 60 insertions, 0 deletions
diff --git a/meta/recipes-devtools/flex/flex/CVE-2016-6354.patch b/meta/recipes-devtools/flex/flex/CVE-2016-6354.patch
new file mode 100644
index 0000000000..216ac7ae1c
--- /dev/null
+++ b/meta/recipes-devtools/flex/flex/CVE-2016-6354.patch
@@ -0,0 +1,59 @@
1From 3939eccdff598f47e5b37b05d58bf1b44d3796e7 Mon Sep 17 00:00:00 2001
2From: Jussi Kukkonen <jussi.kukkonen@intel.com>
3Date: Fri, 7 Oct 2016 14:15:38 +0300
4Subject: [PATCH] Prevent buffer overflow in yy_get_next_buffer
5
6This is upstream commit a5cbe929ac3255d371e698f62dc256afe7006466
7with some additional backporting to make binutils build again.
8
9Upstream-Status: Backport
10CVE: CVE-2016-6354
11Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
12---
13 src/flex.skl | 2 +-
14 src/scan.c | 2 +-
15 src/skel.c | 2 +-
16 3 files changed, 3 insertions(+), 3 deletions(-)
17
18diff --git a/src/flex.skl b/src/flex.skl
19index ed71627..814d562 100644
20--- a/src/flex.skl
21+++ b/src/flex.skl
22@@ -1718,7 +1718,7 @@ int yyFlexLexer::yy_get_next_buffer()
23
24 else
25 {
26- yy_size_t num_to_read =
27+ int num_to_read =
28 YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;
29
30 while ( num_to_read <= 0 )
31diff --git a/src/scan.c b/src/scan.c
32index f1dce75..1949872 100644
33--- a/src/scan.c
34+++ b/src/scan.c
35@@ -4181,7 +4181,7 @@ static int yy_get_next_buffer (void)
36
37 else
38 {
39- yy_size_t num_to_read =
40+ int num_to_read =
41 YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;
42
43 while ( num_to_read <= 0 )
44diff --git a/src/skel.c b/src/skel.c
45index 26cc889..0344d18 100644
46--- a/src/skel.c
47+++ b/src/skel.c
48@@ -1929,7 +1929,7 @@ const char *skel[] = {
49 "",
50 " else",
51 " {",
52- " yy_size_t num_to_read =",
53+ " int num_to_read =",
54 " YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;",
55 "",
56 " while ( num_to_read <= 0 )",
57--
582.1.4
59
diff --git a/meta/recipes-devtools/flex/flex_2.6.0.bb b/meta/recipes-devtools/flex/flex_2.6.0.bb
index 3a45752f8b..ab35b09f99 100644
--- a/meta/recipes-devtools/flex/flex_2.6.0.bb
+++ b/meta/recipes-devtools/flex/flex_2.6.0.bb
@@ -15,6 +15,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/flex/flex-${PV}.tar.bz2 \
15 file://do_not_create_pdf_doc.patch \ 15 file://do_not_create_pdf_doc.patch \
16 file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ 16 file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
17 file://0002-avoid-c-comments-in-c-code-fails-with-gcc-6.patch \ 17 file://0002-avoid-c-comments-in-c-code-fails-with-gcc-6.patch \
18 file://CVE-2016-6354.patch \
18 ${@bb.utils.contains('PTEST_ENABLED', '1', '', 'file://disable-tests.patch', d)} \ 19 ${@bb.utils.contains('PTEST_ENABLED', '1', '', 'file://disable-tests.patch', d)} \
19 " 20 "
20 21