diff options
| author | Lee Chee Yang <chee.yang.lee@intel.com> | 2020-07-09 00:08:00 +0300 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2020-08-04 23:17:37 +0100 |
| commit | 0e3b8415cfc6bfcb16cc63d6ec7a43927fd752bf (patch) | |
| tree | 6060f97e640fb80fcf2a7f42090b61dd78e6dfcc /meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch | |
| parent | 6cb526d6a949b9124fb1e7ee1c9ae0396f63f95f (diff) | |
| download | poky-0e3b8415cfc6bfcb16cc63d6ec7a43927fd752bf.tar.gz | |
perl: fix CVE-2020-10543 & CVE-2020-10878
(From OE-Core rev: d9c5d9c52eb1f03ff9c907a76dda31042fb26edb)
(From OE-Core rev: de3fe84fcfe3f1c3c2ad963b1fe459ccca9472a0)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch')
| -rw-r--r-- | meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch new file mode 100644 index 0000000000..0bacd6b192 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch | |||
| @@ -0,0 +1,36 @@ | |||
| 1 | From 3295b48defa0f8570114877b063fe546dd348b3c Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Karl Williamson <khw@cpan.org> | ||
| 3 | Date: Thu, 20 Feb 2020 17:49:36 +0000 | ||
| 4 | Subject: [PATCH] regcomp: use long jumps if there is any possibility of | ||
| 5 | overflow | ||
| 6 | |||
| 7 | (CVE-2020-10878) Be conservative for backporting, we'll aim to do | ||
| 8 | something more aggressive for bleadperl. | ||
| 9 | |||
| 10 | (cherry picked from commit 9d7759db46f3b31b1d3f79c44266b6ba42a47fc6) | ||
| 11 | |||
| 12 | Upstream-Status: Backport [https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c] | ||
| 13 | CVE: CVE-2020-10878 | ||
| 14 | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> | ||
| 15 | --- | ||
| 16 | regcomp.c | 7 +++++++ | ||
| 17 | 1 file changed, 7 insertions(+) | ||
| 18 | |||
| 19 | diff --git a/regcomp.c b/regcomp.c | ||
| 20 | index 4ba2980db66..73c35a67020 100644 | ||
| 21 | --- a/regcomp.c | ||
| 22 | +++ b/regcomp.c | ||
| 23 | @@ -7762,6 +7762,13 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count, | ||
| 24 | |||
| 25 | /* We have that number in RExC_npar */ | ||
| 26 | RExC_total_parens = RExC_npar; | ||
| 27 | + | ||
| 28 | + /* XXX For backporting, use long jumps if there is any possibility of | ||
| 29 | + * overflow */ | ||
| 30 | + if (RExC_size > U16_MAX && ! RExC_use_BRANCHJ) { | ||
| 31 | + RExC_use_BRANCHJ = TRUE; | ||
| 32 | + flags |= RESTART_PARSE; | ||
| 33 | + } | ||
| 34 | } | ||
| 35 | else if (! MUST_RESTART(flags)) { | ||
| 36 | ReREFCNT_dec(Rx); | ||