diff options
| author | yanjun.zhu <yanjun.zhu@windriver.com> | 2012-11-30 19:08:56 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2012-12-03 16:38:35 +0000 |
| commit | 07d689aa876d3cceb2bbeaa08f6dc03f778611b7 (patch) | |
| tree | ba4a4713e900052d5a32bf4735b1f1e0169e2420 /meta/recipes-support/libproxy | |
| parent | bca7285d84c53c846f8598083d1c94f672429a7f (diff) | |
| download | poky-07d689aa876d3cceb2bbeaa08f6dc03f778611b7.tar.gz | |
libproxy: Fix for CVE-2012-4504
Reference:https://code.google.com/p/libproxy/source/detail?r=853
Stack-based buffer overflow in the url::get_pac function in url.cpp
in libproxy 0.4.x before 0.4.9 allows remote servers to have an
unspecified impact via a large proxy.pac file.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504
[YOCTO #3487]
(From OE-Core rev: 821401df8cd79e4878ad87f918b1ce8d0da141ec)
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/libproxy')
| -rw-r--r-- | meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch | 29 | ||||
| -rw-r--r-- | meta/recipes-support/libproxy/libproxy_0.4.7.bb | 1 |
2 files changed, 30 insertions, 0 deletions
diff --git a/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch b/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch new file mode 100644 index 0000000000..7f2d93a937 --- /dev/null +++ b/meta/recipes-support/libproxy/libproxy/libproxy-0.4.7-CVE-2012-4504.patch | |||
| @@ -0,0 +1,29 @@ | |||
| 1 | Upstream-Status: Backport | ||
| 2 | |||
| 3 | libproxy - CVE-2012-4504: | ||
| 4 | |||
| 5 | Reference:https://code.google.com/p/libproxy/source/detail?r=853 | ||
| 6 | |||
| 7 | Stack-based buffer overflow in the url::get_pac function in url.cpp | ||
| 8 | in libproxy 0.4.x before 0.4.9 allows remote servers to have an | ||
| 9 | unspecified impact via a large proxy.pac file. | ||
| 10 | |||
| 11 | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4504 | ||
| 12 | |||
| 13 | Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com> | ||
| 14 | |||
| 15 | diff -urpN a/libproxy/url.cpp b/libproxy/url.cpp | ||
| 16 | --- a/libproxy/url.cpp 2012-11-26 10:08:47.000000000 +0800 | ||
| 17 | +++ b/libproxy/url.cpp 2012-11-26 10:05:54.000000000 +0800 | ||
| 18 | @@ -472,9 +472,10 @@ char* url::get_pac() { | ||
| 19 | // Add this chunk to our content length, | ||
| 20 | // ensuring that we aren't over our max size | ||
| 21 | content_length += chunk_length; | ||
| 22 | - if (content_length >= PAC_MAX_SIZE) break; | ||
| 23 | } | ||
| 24 | |||
| 25 | + if (content_length >= PAC_MAX_SIZE) break; | ||
| 26 | + | ||
| 27 | while (recvd != content_length) { | ||
| 28 | int r = recv(sock, buffer + recvd, content_length - recvd, 0); | ||
| 29 | if (r < 0) break; | ||
diff --git a/meta/recipes-support/libproxy/libproxy_0.4.7.bb b/meta/recipes-support/libproxy/libproxy_0.4.7.bb index c6a733a1df..510c6b7c4e 100644 --- a/meta/recipes-support/libproxy/libproxy_0.4.7.bb +++ b/meta/recipes-support/libproxy/libproxy_0.4.7.bb | |||
| @@ -13,6 +13,7 @@ PR = "r5" | |||
| 13 | SRC_URI = "http://libproxy.googlecode.com/files/libproxy-${PV}.tar.gz \ | 13 | SRC_URI = "http://libproxy.googlecode.com/files/libproxy-${PV}.tar.gz \ |
| 14 | file://g++-namepace.patch \ | 14 | file://g++-namepace.patch \ |
| 15 | file://libproxy_fix_for_gcc4.7.patch \ | 15 | file://libproxy_fix_for_gcc4.7.patch \ |
| 16 | file://libproxy-0.4.7-CVE-2012-4504.patch \ | ||
| 16 | " | 17 | " |
| 17 | 18 | ||
| 18 | SRC_URI[md5sum] = "509e03a488a61cd62bfbaf3ab6a2a7a5" | 19 | SRC_URI[md5sum] = "509e03a488a61cd62bfbaf3ab6a2a7a5" |