diff options
author | Armin Kuster <akuster@mvista.com> | 2019-07-01 17:30:37 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-07-27 18:05:18 +0100 |
commit | e2f3997a84d0d700b0570a0f5d6f17ceffd955c4 (patch) | |
tree | be18f12e4296eeb0eae4e70799281c8653be3693 /meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch | |
parent | 45e662b445970d6f57b8787c0c61b903cdfaa238 (diff) | |
download | poky-e2f3997a84d0d700b0570a0f5d6f17ceffd955c4.tar.gz |
qemu: Security fixes CVE-2018-20815 CVE-2019-9824
Source: qemu.org
MR: 98623
Type: Security Fix
Disposition: Backport from qemu.org
ChangeID: 03b3f28e5860ef1cb9f58dce89f252bd7ed59f37
Description:
Fixes both CVE-2018-20815 and CVE-2019-9824
(From OE-Core rev: 5c45cd09fb29d4a1ebda6153a25f16e312049c44)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch new file mode 100644 index 0000000000..c3a5981488 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2018-20815_p1.patch | |||
@@ -0,0 +1,42 @@ | |||
1 | From da885fe1ee8b4589047484bd7fa05a4905b52b17 Mon Sep 17 00:00:00 2001 | ||
2 | From: Peter Maydell <peter.maydell@linaro.org> | ||
3 | Date: Fri, 14 Dec 2018 13:30:52 +0000 | ||
4 | Subject: [PATCH] device_tree.c: Don't use load_image() | ||
5 | |||
6 | The load_image() function is deprecated, as it does not let the | ||
7 | caller specify how large the buffer to read the file into is. | ||
8 | Instead use load_image_size(). | ||
9 | |||
10 | Signed-off-by: Peter Maydell <peter.maydell@linaro.org> | ||
11 | Reviewed-by: Richard Henderson <richard.henderson@linaro.org> | ||
12 | Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> | ||
13 | Reviewed-by: Michael S. Tsirkin <mst@redhat.com> | ||
14 | Reviewed-by: Eric Blake <eblake@redhat.com> | ||
15 | Message-id: 20181130151712.2312-9-peter.maydell@linaro.org | ||
16 | |||
17 | Upstream-Status: Backport | ||
18 | CVE: CVE-2018-20815 | ||
19 | affects <= 3.0.1 | ||
20 | |||
21 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
22 | |||
23 | --- | ||
24 | device_tree.c | 2 +- | ||
25 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
26 | |||
27 | diff --git a/device_tree.c b/device_tree.c | ||
28 | index 6d9c972..296278e 100644 | ||
29 | --- a/device_tree.c | ||
30 | +++ b/device_tree.c | ||
31 | @@ -91,7 +91,7 @@ void *load_device_tree(const char *filename_path, int *sizep) | ||
32 | /* First allocate space in qemu for device tree */ | ||
33 | fdt = g_malloc0(dt_size); | ||
34 | |||
35 | - dt_file_load_size = load_image(filename_path, fdt); | ||
36 | + dt_file_load_size = load_image_size(filename_path, fdt, dt_size); | ||
37 | if (dt_file_load_size < 0) { | ||
38 | error_report("Unable to open device tree file '%s'", | ||
39 | filename_path); | ||
40 | -- | ||
41 | 2.7.4 | ||
42 | |||