summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/coreutils/coreutils-8.22/parse-datetime-CVE-2014-9471.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-core/coreutils/coreutils-8.22/parse-datetime-CVE-2014-9471.patch')
-rw-r--r--meta/recipes-core/coreutils/coreutils-8.22/parse-datetime-CVE-2014-9471.patch40
1 files changed, 40 insertions, 0 deletions
diff --git a/meta/recipes-core/coreutils/coreutils-8.22/parse-datetime-CVE-2014-9471.patch b/meta/recipes-core/coreutils/coreutils-8.22/parse-datetime-CVE-2014-9471.patch
new file mode 100644
index 0000000000..d01bf06e0c
--- /dev/null
+++ b/meta/recipes-core/coreutils/coreutils-8.22/parse-datetime-CVE-2014-9471.patch
@@ -0,0 +1,40 @@
1diff -ruN a/ChangeLog b/ChangeLog
2--- a/ChangeLog 2013-12-13 16:20:00.000000000 +0100
3+++ b/ChangeLog 2015-02-26 09:24:10.640577829 +0100
4@@ -1,3 +1,11 @@
5+2014-02-25 Sona Sarmadi <sona.sarmadi@enea.com>
6+
7+ parse-datetime: fix crash or infloop in TZ="" parsing
8+ * lib/parse-datetime.y (parse_datetime): Break out of the
9+ TZ="" parsing loop once the second significant " is found.
10+ Also skip over any subsequent whitespace to be consistent
11+ with the non TZ= case (CVE-2014-9471)
12+
13 2013-12-13 Pádraig Brady <P@draigBrady.com>
14
15 version 8.22
16diff -ruN a/lib/parse-datetime.y b/lib/parse-datetime.y
17--- a/lib/parse-datetime.y 2013-12-04 15:53:33.000000000 +0100
18+++ b/lib/parse-datetime.y 2015-02-26 09:20:15.238528670 +0100
19@@ -1303,8 +1303,6 @@
20 char tz1buf[TZBUFSIZE];
21 bool large_tz = TZBUFSIZE < tzsize;
22 bool setenv_ok;
23- /* Free tz0, in case this is the 2nd or subsequent time through. */
24- free (tz0);
25 tz0 = get_tz (tz0buf);
26 z = tz1 = large_tz ? xmalloc (tzsize) : tz1buf;
27 for (s = tzbase; *s != '"'; s++)
28@@ -1316,7 +1314,12 @@
29 if (!setenv_ok)
30 goto fail;
31 tz_was_altered = true;
32+
33 p = s + 1;
34+ while (c = *p, c_isspace (c))
35+ p++;
36+
37+ break;
38 }
39 }
40