1 files changed, 0 insertions, 49 deletions
diff --git a/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch b/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch
deleted file mode 100644
index de122b27d0..0000000000
--- a/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 1d36545e43003f4b1bb3a303a3b468abd482fa2f Mon Sep 17 00:00:00 2001
-From: Paul Emge <paulemge@forallsecure.com>
-Date: Mon, 8 Jul 2019 16:37:05 -0700
-Subject: [PATCH 2/9] CVE-2019-13104: ext4: check for underflow in
- ext4fs_read_file
-in ext4fs_read_file, it is possible for a broken/malicious file
-system to cause a memcpy of a negative number of bytes, which
-overflows all memory. This patch fixes the issue by checking for
-a negative length.
-Signed-off-by: Paul Emge <paulemge@forallsecure.com>
-Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
-                 h=878269dbe74229005dd7f27aca66c554e31dad8e]
-CVE: CVE-2019-13104
-Signed-off-by: Meng Li <Meng.Li@windriver.com>
---
- fs/ext4/ext4fs.c | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c
-index 26db677a1f..c8c8655ed8 100644
--- a/fs/ext4/ext4fs.c
-+++ b/fs/ext4/ext4fs.c
-@@ -66,13 +66,15 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
- 
-        ext_cache_init(&cache);
- 
-       if (blocksize <= 0)
-               return -1;
-
-        /* Adjust len so it we can't read past the end of the file. */
-        if (len + pos > filesize)
-                len = (filesize - pos);
- 
-+       if (blocksize <= 0 || len <= 0) {
-+               ext_cache_fini(&cache);
-+               return -1;
-+       }
-+
-        blockcnt = lldiv(((len + pos) + blocksize - 1), blocksize);
- 
-        for (i = lldiv(pos, blocksize); i < blockcnt; i++) {
-- 
-2.17.1

diff --git a/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch b/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch deleted file mode 100644 index de122b27d0..0000000000 --- a/meta/recipes-bsp/u-boot/files/0002-CVE-2019-13104.patch +++ /dev/null
@@ -1,49 +0,0 @@
1	From 1d36545e43003f4b1bb3a303a3b468abd482fa2f Mon Sep 17 00:00:00 2001
2	From: Paul Emge <paulemge@forallsecure.com>
3	Date: Mon, 8 Jul 2019 16:37:05 -0700
4	Subject: [PATCH 2/9] CVE-2019-13104: ext4: check for underflow in
5	ext4fs_read_file
6
7	in ext4fs_read_file, it is possible for a broken/malicious file
8	system to cause a memcpy of a negative number of bytes, which
9	overflows all memory. This patch fixes the issue by checking for
10	a negative length.
11
12	Signed-off-by: Paul Emge <paulemge@forallsecure.com>
13
14	Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
15	h=878269dbe74229005dd7f27aca66c554e31dad8e]
16
17	CVE: CVE-2019-13104
18
19	Signed-off-by: Meng Li <Meng.Li@windriver.com>
20	---
21	fs/ext4/ext4fs.c \| 8 +++++---
22	1 file changed, 5 insertions(+), 3 deletions(-)
23
24	diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c
25	index 26db677a1f..c8c8655ed8 100644
26	--- a/fs/ext4/ext4fs.c
27	+++ b/fs/ext4/ext4fs.c
28	@@ -66,13 +66,15 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
29
30	ext_cache_init(&cache);
31
32	- if (blocksize <= 0)
33	- return -1;
34	-
35	/* Adjust len so it we can't read past the end of the file. */
36	if (len + pos > filesize)
37	len = (filesize - pos);
38
39	+ if (blocksize <= 0 \|\| len <= 0) {
40	+ ext_cache_fini(&cache);
41	+ return -1;
42	+ }
43	+
44	blockcnt = lldiv(((len + pos) + blocksize - 1), blocksize);
45
46	for (i = lldiv(pos, blocksize); i < blockcnt; i++) {
47	--
48	2.17.1
49