summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support
diff options
context:
space:
mode:
authorOleksandr Kravchuk <open.source@oleksandr-kravchuk.com>2020-07-26 21:42:13 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-07-27 19:58:09 +0100
commit9e5dfa356cd3dc296e199088cabef4ed1e27421b (patch)
treeeba3ed05b6e94d6dadfe0f4d61d454de2feee73d /meta/recipes-support
parent68dc5f24a770df29c7923af37f0726b7451cec18 (diff)
downloadpoky-9e5dfa356cd3dc296e199088cabef4ed1e27421b.tar.gz
re2c: update to 2.0
CVE patch dropped as a backport present in the nre release. RP: Remove dropped CVE patch (From OE-Core rev: aec5bccc175e8ec7422095abe8ea86f99f74ad50) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support')
-rw-r--r--meta/recipes-support/re2c/re2c/CVE-2020-11958.patch41
-rw-r--r--meta/recipes-support/re2c/re2c_2.0.bb (renamed from meta/recipes-support/re2c/re2c_1.3.bb)6
2 files changed, 2 insertions, 45 deletions
diff --git a/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch b/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch
deleted file mode 100644
index 43462e642a..0000000000
--- a/meta/recipes-support/re2c/re2c/CVE-2020-11958.patch
+++ /dev/null
@@ -1,41 +0,0 @@
1From c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a Mon Sep 17 00:00:00 2001
2From: Ulya Trofimovich <skvadrik@gmail.com>
3Date: Fri, 17 Apr 2020 22:47:14 +0100
4Subject: [PATCH] Fix crash in lexer refill (reported by Agostino Sarubbo).
5
6The crash happened in a rare case of a very long lexeme that doen't fit
7into the buffer, forcing buffer reallocation.
8
9The crash was caused by an incorrect calculation of the shift offset
10(it was smaller than necessary). As a consequence, the data from buffer
11start and up to the beginning of the current lexeme was not discarded
12(as it should have been), resulting in less free space for new data than
13expected.
14
15Upstream-Status: Backport [https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a]
16CVE: CVE-2020-11958
17Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
18---
19 src/parse/scanner.cc | 3 ++-
20 1 file changed, 2 insertions(+), 1 deletion(-)
21
22diff --git a/src/parse/scanner.cc b/src/parse/scanner.cc
23index 1d6e9efa..bd651314 100644
24--- a/src/parse/scanner.cc
25+++ b/src/parse/scanner.cc
26@@ -155,13 +155,14 @@ bool Scanner::fill(size_t need)
27 if (!buf) fatal("out of memory");
28
29 memmove(buf, tok, copy);
30- shift_ptrs_and_fpos(buf - bot);
31+ shift_ptrs_and_fpos(buf - tok);
32 delete [] bot;
33 bot = buf;
34
35 free = BSIZE - copy;
36 }
37
38+ DASSERT(lim + free <= bot + BSIZE);
39 if (!read(free)) {
40 eof = lim;
41 memset(lim, 0, YYMAXFILL);
diff --git a/meta/recipes-support/re2c/re2c_1.3.bb b/meta/recipes-support/re2c/re2c_2.0.bb
index e9053acdf6..b73b024072 100644
--- a/meta/recipes-support/re2c/re2c_1.3.bb
+++ b/meta/recipes-support/re2c/re2c_2.0.bb
@@ -5,10 +5,8 @@ SECTION = "devel"
5LICENSE = "PD" 5LICENSE = "PD"
6LIC_FILES_CHKSUM = "file://LICENSE;md5=64eca4d8a3b67f9dc7656094731a2c8d" 6LIC_FILES_CHKSUM = "file://LICENSE;md5=64eca4d8a3b67f9dc7656094731a2c8d"
7 7
8SRC_URI = "https://github.com/skvadrik/re2c/releases/download/${PV}/${BPN}-${PV}.tar.xz \ 8SRC_URI = "https://github.com/skvadrik/re2c/releases/download/${PV}/${BPN}-${PV}.tar.xz"
9 file://CVE-2020-11958.patch \ 9SRC_URI[sha256sum] = "89a9d7ee14be10e3779ea7b2c8ea4a964afce6e76b8dbcd5479940681db46d20"
10"
11SRC_URI[sha256sum] = "f37f25ff760e90088e7d03d1232002c2c2672646d5844fdf8e0d51a5cd75a503"
12UPSTREAM_CHECK_URI = "https://github.com/skvadrik/re2c/releases" 10UPSTREAM_CHECK_URI = "https://github.com/skvadrik/re2c/releases"
13 11
14BBCLASSEXTEND = "native nativesdk" 12BBCLASSEXTEND = "native nativesdk"