diff options
| author | Armin Kuster <akuster@mvista.com> | 2019-07-01 17:30:37 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-07-27 18:05:18 +0100 |
| commit | e2f3997a84d0d700b0570a0f5d6f17ceffd955c4 (patch) | |
| tree | be18f12e4296eeb0eae4e70799281c8653be3693 /meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch | |
| parent | 45e662b445970d6f57b8787c0c61b903cdfaa238 (diff) | |
| download | poky-e2f3997a84d0d700b0570a0f5d6f17ceffd955c4.tar.gz | |
qemu: Security fixes CVE-2018-20815 CVE-2019-9824
Source: qemu.org
MR: 98623
Type: Security Fix
Disposition: Backport from qemu.org
ChangeID: 03b3f28e5860ef1cb9f58dce89f252bd7ed59f37
Description:
Fixes both CVE-2018-20815 and CVE-2019-9824
(From OE-Core rev: 5c45cd09fb29d4a1ebda6153a25f16e312049c44)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch')
| -rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch new file mode 100644 index 0000000000..c3a5981488 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch | |||
| @@ -0,0 +1,42 @@ | |||
| 1 | From da885fe1ee8b4589047484bd7fa05a4905b52b17 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Peter Maydell <peter.maydell@linaro.org> | ||
| 3 | Date: Fri, 14 Dec 2018 13:30:52 +0000 | ||
| 4 | Subject: [PATCH] device_tree.c: Don't use load_image() | ||
| 5 | |||
| 6 | The load_image() function is deprecated, as it does not let the | ||
| 7 | caller specify how large the buffer to read the file into is. | ||
| 8 | Instead use load_image_size(). | ||
| 9 | |||
| 10 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
| 11 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
| 12 | Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> | ||
| 13 | Reviewed-by: Michael S. Tsirkin <mst@redhat.com> | ||
| 14 | Reviewed-by: Eric Blake <eblake@redhat.com> | ||
| 15 | Message-id: 20181130151712.2312-9-peter.maydell@linaro.org | ||
| 16 | |||
| 17 | Upstream-Status: Backport | ||
| 18 | CVE: CVE-2018-20815 | ||
| 19 | affects <= 3.0.1 | ||
| 20 | |||
| 21 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
| 22 | |||
| 23 | --- | ||
| 24 | device_tree.c | 2 +- | ||
| 25 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
| 26 | |||
| 27 | diff --git a/device_tree.c b/device_tree.c | ||
| 28 | index 6d9c972..296278e 100644 | ||
| 29 | --- a/device_tree.c | ||
| 30 | +++ b/device_tree.c | ||
| 31 | @@ -91,7 +91,7 @@ void *load_device_tree(const char *filename_path, int *sizep) | ||
| 32 | /* First allocate space in qemu for device tree */ | ||
| 33 | fdt = g_malloc0(dt_size); | ||
| 34 | |||
| 35 | - dt_file_load_size = load_image(filename_path, fdt); | ||
| 36 | + dt_file_load_size = load_image_size(filename_path, fdt, dt_size); | ||
| 37 | if (dt_file_load_size < 0) { | ||
| 38 | error_report("Unable to open device tree file '%s'", | ||
| 39 | filename_path); | ||
| 40 | -- | ||
| 41 | 2.7.4 | ||
| 42 | |||