diff options
Diffstat (limited to 'meta/recipes-core/systemd/systemd/CVE-2022-3821.patch')
-rw-r--r-- | meta/recipes-core/systemd/systemd/CVE-2022-3821.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-core/systemd/systemd/CVE-2022-3821.patch b/meta/recipes-core/systemd/systemd/CVE-2022-3821.patch new file mode 100644 index 0000000000..f9c6704cfc --- /dev/null +++ b/meta/recipes-core/systemd/systemd/CVE-2022-3821.patch | |||
@@ -0,0 +1,47 @@ | |||
1 | From 9102c625a673a3246d7e73d8737f3494446bad4e Mon Sep 17 00:00:00 2001 | ||
2 | From: Yu Watanabe <watanabe.yu+github@gmail.com> | ||
3 | Date: Thu, 7 Jul 2022 18:27:02 +0900 | ||
4 | Subject: [PATCH] time-util: fix buffer-over-run | ||
5 | |||
6 | Fixes #23928. | ||
7 | |||
8 | CVE: CVE-2022-3821 | ||
9 | Upstream-Status: Backport [https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e.patch] | ||
10 | Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> | ||
11 | Comment: Both the hunks refreshed to backport | ||
12 | |||
13 | --- | ||
14 | src/basic/time-util.c | 2 +- | ||
15 | src/test/test-time-util.c | 5 +++++ | ||
16 | 2 files changed, 6 insertions(+), 1 deletion(-) | ||
17 | |||
18 | diff --git a/src/basic/time-util.c b/src/basic/time-util.c | ||
19 | index abbc4ad5cd70..26d59de12348 100644 | ||
20 | --- a/src/basic/time-util.c | ||
21 | +++ b/src/basic/time-util.c | ||
22 | @@ -514,7 +514,7 @@ char *format_timespan(char *buf, size_t | ||
23 | t = b; | ||
24 | } | ||
25 | |||
26 | - n = MIN((size_t) k, l); | ||
27 | + n = MIN((size_t) k, l-1); | ||
28 | |||
29 | l -= n; | ||
30 | p += n; | ||
31 | diff --git a/src/test/test-time-util.c b/src/test/test-time-util.c | ||
32 | index e8e4e2a67bb1..58c5fa9be40c 100644 | ||
33 | --- a/src/test/test-time-util.c | ||
34 | +++ b/src/test/test-time-util.c | ||
35 | @@ -501,6 +501,12 @@ int main(int argc, char *argv[]) { | ||
36 | test_format_timespan(1); | ||
37 | test_format_timespan(USEC_PER_MSEC); | ||
38 | test_format_timespan(USEC_PER_SEC); | ||
39 | + | ||
40 | + /* See issue #23928. */ | ||
41 | + _cleanup_free_ char *buf; | ||
42 | + assert_se(buf = new(char, 5)); | ||
43 | + assert_se(buf == format_timespan(buf, 5, 100005, 1000)); | ||
44 | + | ||
45 | test_timezone_is_valid(); | ||
46 | test_get_timezones(); | ||
47 | test_usec_add(); | ||