1 files changed, 0 insertions, 44 deletions
diff --git a/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch b/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch
deleted file mode 100644
index 04a09e46df..0000000000
--- a/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 261658ddaf24bb35edd477cf09ec055569fd9894 Mon Sep 17 00:00:00 2001
-From: "liucheng (G)" <liucheng32@huawei.com>
-Date: Thu, 29 Aug 2019 13:47:40 +0000
-Subject: [PATCH 6/9] CVE: nfs: fix stack-based buffer overflow in some
- nfs_handler reply helper functions
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-This patch adds a check to nfs_handler to fix buffer overflow for CVE-2019-14197,
-CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203 and CVE-2019-14204.
-Signed-off-by: Cheng Liu <liucheng32@huawei.com>
-Reported-by: Fermín Serna <fermin@semmle.com>
-Acked-by: Joe Hershberger <joe.hershberger@ni.com>
-Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
-                 h=741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21]
-CVE: CVE-2019-14197, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202,
-     CVE-2019-14203 and CVE-2019-14204
-Signed-off-by: Meng Li <Meng.Li@windriver.com>
---
- net/nfs.c | 3 +++
- 1 file changed, 3 insertions(+)
-diff --git a/net/nfs.c b/net/nfs.c
-index d6a7f8e827..b7cf3b3a18 100644
--- a/net/nfs.c
-+++ b/net/nfs.c
-@@ -732,6 +732,9 @@ static void nfs_handler(uchar *pkt, unsigned dest, struct in_addr sip,
- 
-        debug("%s\n", __func__);
- 
-+       if (len > sizeof(struct rpc_t))
-+               return;
-+
-        if (dest != nfs_our_port)
-                return;
- 
-- 
-2.17.1

diff --git a/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch b/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch deleted file mode 100644 index 04a09e46df..0000000000 --- a/meta/recipes-bsp/u-boot/files/0006-CVE-2019-14197-14200-14201-14202-14203-14204.patch +++ /dev/null
@@ -1,44 +0,0 @@
1	From 261658ddaf24bb35edd477cf09ec055569fd9894 Mon Sep 17 00:00:00 2001
2	From: "liucheng (G)" <liucheng32@huawei.com>
3	Date: Thu, 29 Aug 2019 13:47:40 +0000
4	Subject: [PATCH 6/9] CVE: nfs: fix stack-based buffer overflow in some
5	nfs_handler reply helper functions
6	MIME-Version: 1.0
7	Content-Type: text/plain; charset=UTF-8
8	Content-Transfer-Encoding: 8bit
9
10	This patch adds a check to nfs_handler to fix buffer overflow for CVE-2019-14197,
11	CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203 and CVE-2019-14204.
12
13	Signed-off-by: Cheng Liu <liucheng32@huawei.com>
14	Reported-by: Fermín Serna <fermin@semmle.com>
15	Acked-by: Joe Hershberger <joe.hershberger@ni.com>
16
17	Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
18	h=741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21]
19
20	CVE: CVE-2019-14197, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202,
21	CVE-2019-14203 and CVE-2019-14204
22
23	Signed-off-by: Meng Li <Meng.Li@windriver.com>
24	---
25	net/nfs.c \| 3 +++
26	1 file changed, 3 insertions(+)
27
28	diff --git a/net/nfs.c b/net/nfs.c
29	index d6a7f8e827..b7cf3b3a18 100644
30	--- a/net/nfs.c
31	+++ b/net/nfs.c
32	@@ -732,6 +732,9 @@ static void nfs_handler(uchar *pkt, unsigned dest, struct in_addr sip,
33
34	debug("%s\n", __func__);
35
36	+ if (len > sizeof(struct rpc_t))
37	+ return;
38	+
39	if (dest != nfs_our_port)
40	return;
41
42	--
43	2.17.1
44