nspr: remove nspr-CVE-2014-1545.patch

It is a backport patch, and verified that the patch is in the source. (From OE-Core rev: a7e723bd78e280ae48e6de725b2881b35ae21f5c) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Robert Yang <liezhi.yang@windriver.com> 2015-04-27 20:43:22 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2015-04-30 23:04:13 +0100
commit: 2e31add77165ce62977e1331069f0efe5cafb2c8 (patch)
tree: cc85c8bf9c1b7c2b5ea57f5192889ec28a0194bc /meta/recipes-support/nspr
parent: 31e6dda52d0ccba0d90848134e79d5c585961fb8 (diff)
download: poky-2e31add77165ce62977e1331069f0efe5cafb2c8.tar.gz
1 files changed, 0 insertions, 67 deletions
diff --git a/meta/recipes-support/nspr/nspr/nspr-CVE-2014-1545.patch b/meta/recipes-support/nspr/nspr/nspr-CVE-2014-1545.patch
deleted file mode 100644
index 565ff168e0..0000000000
--- a/meta/recipes-support/nspr/nspr/nspr-CVE-2014-1545.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-Fix for CVE-2014-1545
-Upstream-Status: Backport
-Backported from nspr-4.10.6.tar.gz.
---
--- a/pr/src/io/prprf.c
-+++ b/pr/src/io/prprf.c
-@@ -50,6 +50,10 @@
- #include "prlog.h"
- #include "prmem.h"
- 
-+#ifdef _MSC_VER
-+#define snprintf _snprintf
-+#endif
-+
- /*
- ** WARNING: This code may *NOT* call PR_LOG (because PR_LOG calls it)
- */
-@@ -330,7 +334,7 @@
- ** Convert a double precision floating point number into its printable
- ** form.
- **
-** XXX stop using sprintf to convert floating point
-+** XXX stop using snprintf to convert floating point
- */
- static int cvt_f(SprintfState *ss, double d, const char *fmt0, const char *fmt1)
- {
-@@ -338,15 +342,14 @@
-     char fout[300];
-     int amount = fmt1 - fmt0;
- 
-    PR_ASSERT((amount > 0) && (amount < sizeof(fin)));
-    if (amount >= sizeof(fin)) {
-       /* Totally bogus % command to sprintf. Just ignore it */
-+    if (amount <= 0 || amount >= sizeof(fin)) {
-+        /* Totally bogus % command to snprintf. Just ignore it */
-        return 0;
-     }
-     memcpy(fin, fmt0, amount);
-     fin[amount] = 0;
- 
-    /* Convert floating point using the native sprintf code */
-+    /* Convert floating point using the native snprintf code */
- #ifdef DEBUG
-     {
-         const char *p = fin;
-@@ -356,14 +359,11 @@
-         }
-     }
- #endif
-    sprintf(fout, fin, d);
-
-    /*
-    ** This assert will catch overflow's of fout, when building with
-    ** debugging on. At least this way we can track down the evil piece
-    ** of calling code and fix it!
-    */
-    PR_ASSERT(strlen(fout) < sizeof(fout));
-+    memset(fout, 0, sizeof(fout));
-+    snprintf(fout, sizeof(fout), fin, d);
-+    /* Explicitly null-terminate fout because on Windows snprintf doesn't
-+     * append a null-terminator if the buffer is too small. */
-+    fout[sizeof(fout) - 1] = '\0';
- 
-     return (*ss->stuff)(ss, fout, strlen(fout));
- }
author	Robert Yang <liezhi.yang@windriver.com>	2015-04-27 20:43:22 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-04-30 23:04:13 +0100
commit	2e31add77165ce62977e1331069f0efe5cafb2c8 (patch)
tree	cc85c8bf9c1b7c2b5ea57f5192889ec28a0194bc /meta/recipes-support/nspr
parent	31e6dda52d0ccba0d90848134e79d5c585961fb8 (diff)
download	poky-2e31add77165ce62977e1331069f0efe5cafb2c8.tar.gz

diff --git a/meta/recipes-support/nspr/nspr/nspr-CVE-2014-1545.patch b/meta/recipes-support/nspr/nspr/nspr-CVE-2014-1545.patch deleted file mode 100644 index 565ff168e0..0000000000 --- a/meta/recipes-support/nspr/nspr/nspr-CVE-2014-1545.patch +++ /dev/null
@@ -1,67 +0,0 @@
1	Fix for CVE-2014-1545
2
3	Upstream-Status: Backport
4
5	Backported from nspr-4.10.6.tar.gz.
6	---
7	--- a/pr/src/io/prprf.c
8	+++ b/pr/src/io/prprf.c
9	@@ -50,6 +50,10 @@
10	#include "prlog.h"
11	#include "prmem.h"
12
13	+#ifdef _MSC_VER
14	+#define snprintf _snprintf
15	+#endif
16	+
17	/*
18	** WARNING: This code may NOT call PR_LOG (because PR_LOG calls it)
19	*/
20	@@ -330,7 +334,7 @@
21	** Convert a double precision floating point number into its printable
22	** form.
23	**
24	-** XXX stop using sprintf to convert floating point
25	+** XXX stop using snprintf to convert floating point
26	*/
27	static int cvt_f(SprintfState ss, double d, const char fmt0, const char *fmt1)
28	{
29	@@ -338,15 +342,14 @@
30	char fout[300];
31	int amount = fmt1 - fmt0;
32
33	- PR_ASSERT((amount > 0) && (amount < sizeof(fin)));
34	- if (amount >= sizeof(fin)) {
35	- /* Totally bogus % command to sprintf. Just ignore it */
36	+ if (amount <= 0 \|\| amount >= sizeof(fin)) {
37	+ /* Totally bogus % command to snprintf. Just ignore it */
38	return 0;
39	}
40	memcpy(fin, fmt0, amount);
41	fin[amount] = 0;
42
43	- /* Convert floating point using the native sprintf code */
44	+ /* Convert floating point using the native snprintf code */
45	#ifdef DEBUG
46	{
47	const char *p = fin;
48	@@ -356,14 +359,11 @@
49	}
50	}
51	#endif
52	- sprintf(fout, fin, d);
53	-
54	- /*
55	- ** This assert will catch overflow's of fout, when building with
56	- ** debugging on. At least this way we can track down the evil piece
57	- ** of calling code and fix it!
58	- */
59	- PR_ASSERT(strlen(fout) < sizeof(fout));
60	+ memset(fout, 0, sizeof(fout));
61	+ snprintf(fout, sizeof(fout), fin, d);
62	+ /* Explicitly null-terminate fout because on Windows snprintf doesn't
63	+ * append a null-terminator if the buffer is too small. */
64	+ fout[sizeof(fout) - 1] = '\0';
65
66	return (*ss->stuff)(ss, fout, strlen(fout));
67	}