1 files changed, 0 insertions, 43 deletions
diff --git a/meta/recipes-core/busybox/busybox/busybox-CVE-2017-16544.patch b/meta/recipes-core/busybox/busybox/busybox-CVE-2017-16544.patch
deleted file mode 100644
index fc19ee3356..0000000000
--- a/meta/recipes-core/busybox/busybox/busybox-CVE-2017-16544.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From c3797d40a1c57352192c6106cc0f435e7d9c11e8 Mon Sep 17 00:00:00 2001
-From: Denys Vlasenko <vda.linux@googlemail.com>
-Date: Tue, 7 Nov 2017 18:09:29 +0100
-Subject: lineedit: do not tab-complete any strings which have control
- characters
-function                                             old     new   delta
-add_match                                             41      68     +27
-CVE: CVE-2017-16544
-Upstream-Status: Backport
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
---
- libbb/lineedit.c | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-diff --git a/libbb/lineedit.c b/libbb/lineedit.c
-index c0e35bb..56e8140 100644
--- a/libbb/lineedit.c
-+++ b/libbb/lineedit.c
-@@ -645,6 +645,18 @@ static void free_tab_completion_data(void)
- 
- static void add_match(char *matched)
- {
-+       unsigned char *p = (unsigned char*)matched;
-+       while (*p) {
-+               /* ESC attack fix: drop any string with control chars */
-+               if (*p < ' '
-+                || (!ENABLE_UNICODE_SUPPORT && *p >= 0x7f)
-+                || (ENABLE_UNICODE_SUPPORT && *p == 0x7f)
-+               ) {
-+                       free(matched);
-+                       return;
-+               }
-+               p++;
-+       }
-        matches = xrealloc_vector(matches, 4, num_matches);
-        matches[num_matches] = matched;
-        num_matches++;
-- 
-cgit v0.12

diff --git a/meta/recipes-core/busybox/busybox/busybox-CVE-2017-16544.patch b/meta/recipes-core/busybox/busybox/busybox-CVE-2017-16544.patch deleted file mode 100644 index fc19ee3356..0000000000 --- a/meta/recipes-core/busybox/busybox/busybox-CVE-2017-16544.patch +++ /dev/null
@@ -1,43 +0,0 @@
1	From c3797d40a1c57352192c6106cc0f435e7d9c11e8 Mon Sep 17 00:00:00 2001
2	From: Denys Vlasenko <vda.linux@googlemail.com>
3	Date: Tue, 7 Nov 2017 18:09:29 +0100
4	Subject: lineedit: do not tab-complete any strings which have control
5	characters
6
7	function old new delta
8	add_match 41 68 +27
9
10	CVE: CVE-2017-16544
11	Upstream-Status: Backport
12
13	Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
14	Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
15	---
16	libbb/lineedit.c \| 12 ++++++++++++
17	1 file changed, 12 insertions(+)
18
19	diff --git a/libbb/lineedit.c b/libbb/lineedit.c
20	index c0e35bb..56e8140 100644
21	--- a/libbb/lineedit.c
22	+++ b/libbb/lineedit.c
23	@@ -645,6 +645,18 @@ static void free_tab_completion_data(void)
24
25	static void add_match(char *matched)
26	{
27	+ unsigned char p = (unsigned char)matched;
28	+ while (*p) {
29	+ /* ESC attack fix: drop any string with control chars */
30	+ if (*p < ' '
31	+ \|\| (!ENABLE_UNICODE_SUPPORT && *p >= 0x7f)
32	+ \|\| (ENABLE_UNICODE_SUPPORT && *p == 0x7f)
33	+ ) {
34	+ free(matched);
35	+ return;
36	+ }
37	+ p++;
38	+ }
39	matches = xrealloc_vector(matches, 4, num_matches);
40	matches[num_matches] = matched;
41	num_matches++;
42	--
43	cgit v0.12