summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorLee Chee Yang <chee.yang.lee@intel.com>2021-01-06 08:15:21 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2021-01-12 14:25:13 +0000
commitce150eaae2f0df70cd55fad4dc7ee4286c11333c (patch)
treed707932fa02e6ffc8dd4f1d1b94c437aa142d6c5 /meta
parentfe8298ec3b38ab1d2ed726fdda776317c0eba8a4 (diff)
downloadpoky-ce150eaae2f0df70cd55fad4dc7ee4286c11333c.tar.gz
glib-2.0: fix CVE-2020-35457
https://gitlab.gnome.org/GNOME/glib/-/issues/2197 upstream claim it is not security issue, but no harm to fix it since this is still a valid issue. (From OE-Core rev: 122f93d68ee0e9b418da0dcc99cb7cdcb7b3f643) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch41
-rw-r--r--meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb1
2 files changed, 42 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch
new file mode 100644
index 0000000000..828f9fcb96
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch
@@ -0,0 +1,41 @@
1From 63c5b62f0a984fac9a9700b12f54fe878e016a5d Mon Sep 17 00:00:00 2001
2From: Philip Withnall <withnall@endlessm.com>
3Date: Wed, 2 Sep 2020 12:38:09 +0100
4Subject: [PATCH] goption: Add a precondition to avoid GOptionEntry list
5 overflow
6MIME-Version: 1.0
7Content-Type: text/plain; charset=UTF-8
8Content-Transfer-Encoding: 8bit
9
10If the calling code adds more option entries than `G_MAXSIZE` then
11there’ll be an integer overflow. This seems vanishingly unlikely (given
12that all callers use static option entry lists), but add a precondition
13anyway.
14
15Signed-off-by: Philip Withnall <withnall@endlessm.com>
16
17Fixes: #2197
18
19Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d]
20CVE: CVE-2020-35457
21Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
22---
23 glib/goption.c | 2 ++
24 1 file changed, 2 insertions(+)
25
26diff --git a/glib/goption.c b/glib/goption.c
27index 9f5b977c4..bb9093a33 100644
28--- a/glib/goption.c
29+++ b/glib/goption.c
30@@ -2422,6 +2422,8 @@ g_option_group_add_entries (GOptionGroup *group,
31
32 for (n_entries = 0; entries[n_entries].long_name != NULL; n_entries++) ;
33
34+ g_return_if_fail (n_entries <= G_MAXSIZE - group->n_entries);
35+
36 group->entries = g_renew (GOptionEntry, group->entries, group->n_entries + n_entries);
37
38 /* group->entries could be NULL in the trivial case where we add no
39--
402.25.1
41
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
index a30c5215be..b9462bc945 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.64.5.bb
@@ -17,6 +17,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
17 file://0001-meson-Run-atomics-test-on-clang-as-well.patch \ 17 file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
18 file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \ 18 file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
19 file://tzdata-update.patch \ 19 file://tzdata-update.patch \
20 file://CVE-2020-35457.patch \
20 " 21 "
21 22
22SRC_URI_append_class-native = " file://relocate-modules.patch" 23SRC_URI_append_class-native = " file://relocate-modules.patch"