1 files changed, 49 insertions, 0 deletions
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch
new file mode 100644
index 0000000000..83d0205160
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch
@@ -0,0 +1,49 @@
+From e6490c84e84ba9f182fbd83b51ff4f9f5a0a1793 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@endlessos.org>
+Date: Wed, 16 Aug 2023 03:42:47 +0000
+Subject: [PATCH] gvariant: Port g_variant_deep_copy() to count its iterations
+ directly
+This is equivalent to what `GVariantIter` does, but it means that
+`g_variant_deep_copy()` is making its own `g_variant_get_child_value()`
+calls.
+This will be useful in an upcoming commit, where those child values will
+be inspected a little more deeply.
+Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
+Helps: #2121
+CVE: CVE-2023-32665
+Upstream-Status: Backport from [https://gitlab.gnome.org/GNOME/glib/-/commit/e6490c84e84ba9f182fbd83b51ff4f9f5a0a1793]
+Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
+---
+ glib/gvariant.c | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+diff --git a/glib/gvariant.c b/glib/gvariant.c
+index cdb428e..fdd36be 100644
+--- a/glib/gvariant.c
+++ b/glib/gvariant.c
+@@ -5799,14 +5799,13 @@ g_variant_deep_copy (GVariant *value)
+     case G_VARIANT_CLASS_VARIANT:
+       {
+         GVariantBuilder builder;
+-        GVariantIter iter;
+-        GVariant *child;
+        gsize i, n_children;
+ 
+         g_variant_builder_init (&builder, g_variant_get_type (value));
+-        g_variant_iter_init (&iter, value);
+ 
+-        while ((child = g_variant_iter_next_value (&iter)))
+        for (i = 0, n_children = g_variant_n_children (value); i < n_children; i++)
+           {
+            GVariant *child = g_variant_get_child_value (value, i);
+             g_variant_builder_add_value (&builder, g_variant_deep_copy (child));
+             g_variant_unref (child);
+           }
+-- 
+2.24.4

diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch new file mode 100644 index 0000000000..83d0205160 --- /dev/null +++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2023-32665-0007.patch
@@ -0,0 +1,49 @@
	1	From e6490c84e84ba9f182fbd83b51ff4f9f5a0a1793 Mon Sep 17 00:00:00 2001
	2	From: Philip Withnall <pwithnall@endlessos.org>
	3	Date: Wed, 16 Aug 2023 03:42:47 +0000
	4	Subject: [PATCH] gvariant: Port g_variant_deep_copy() to count its iterations
	5	directly
	6
	7	This is equivalent to what `GVariantIter` does, but it means that
	8	`g_variant_deep_copy()` is making its own `g_variant_get_child_value()`
	9	calls.
	10
	11	This will be useful in an upcoming commit, where those child values will
	12	be inspected a little more deeply.
	13
	14	Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
	15
	16	Helps: #2121
	17
	18	CVE: CVE-2023-32665
	19	Upstream-Status: Backport from [https://gitlab.gnome.org/GNOME/glib/-/commit/e6490c84e84ba9f182fbd83b51ff4f9f5a0a1793]
	20	Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
	21	---
	22	glib/gvariant.c \| 7 +++----
	23	1 file changed, 3 insertions(+), 4 deletions(-)
	24
	25	diff --git a/glib/gvariant.c b/glib/gvariant.c
	26	index cdb428e..fdd36be 100644
	27	--- a/glib/gvariant.c
	28	+++ b/glib/gvariant.c
	29	@@ -5799,14 +5799,13 @@ g_variant_deep_copy (GVariant *value)
	30	case G_VARIANT_CLASS_VARIANT:
	31	{
	32	GVariantBuilder builder;
	33	- GVariantIter iter;
	34	- GVariant *child;
	35	+ gsize i, n_children;
	36
	37	g_variant_builder_init (&builder, g_variant_get_type (value));
	38	- g_variant_iter_init (&iter, value);
	39
	40	- while ((child = g_variant_iter_next_value (&iter)))
	41	+ for (i = 0, n_children = g_variant_n_children (value); i < n_children; i++)
	42	{
	43	+ GVariant *child = g_variant_get_child_value (value, i);
	44	g_variant_builder_add_value (&builder, g_variant_deep_copy (child));
	45	g_variant_unref (child);
	46	}
	47	--
	48	2.24.4
	49