1 files changed, 123 insertions, 0 deletions
diff --git a/meta/recipes-devtools/git/files/CVE-2022-41903-07.patch b/meta/recipes-devtools/git/files/CVE-2022-41903-07.patch
new file mode 100644
index 0000000000..ec248ad6c2
--- /dev/null
+++ b/meta/recipes-devtools/git/files/CVE-2022-41903-07.patch
@@ -0,0 +1,123 @@
+From 522cc87fdc25449222a5894a428eebf4b8d5eaa9 Mon Sep 17 00:00:00 2001
+From: Patrick Steinhardt <ps@pks.im>
+Date: Thu, 1 Dec 2022 15:46:53 +0100
+Subject: [PATCH 07/12] utf8: fix truncated string lengths in utf8_strnwidth()
+The `utf8_strnwidth()` function accepts an optional string length as
+input parameter. This parameter can either be set to `-1`, in which case
+we call `strlen()` on the input. Or it can be set to a positive integer
+that indicates a precomputed length, which callers typically compute by
+calling `strlen()` at some point themselves.
+The input parameter is an `int` though, whereas `strlen()` returns a
+`size_t`. This can lead to implementation-defined behaviour though when
+the `size_t` cannot be represented by the `int`. In the general case
+though this leads to wrap-around and thus to negative string sizes,
+which is sure enough to not lead to well-defined behaviour.
+Fix this by accepting a `size_t` instead of an `int` as string length.
+While this takes away the ability of callers to simply pass in `-1` as
+string length, it really is trivial enough to convert them to instead
+pass in `strlen()` instead.
+Signed-off-by: Patrick Steinhardt <ps@pks.im>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+Upstream-Status: Backport [https://github.com/git/git/commit/522cc87fdc25449222a5894a428eebf4b8d5eaa9]
+CVE: CVE-2022-41903
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ column.c | 2 +-
+ pretty.c | 4 ++--
+ utf8.c   | 8 +++-----
+ utf8.h   | 2 +-
+ 4 files changed, 7 insertions(+), 9 deletions(-)
+diff --git a/column.c b/column.c
+index 4a38eed..0c79850 100644
+--- a/column.c
+++ b/column.c
+@@ -23,7 +23,7 @@ struct column_data {
+ /* return length of 's' in letters, ANSI escapes stripped */
+ static int item_length(const char *s)
+ {
+-       return utf8_strnwidth(s, -1, 1);
+       return utf8_strnwidth(s, strlen(s), 1);
+ }
+ 
+ /*
+diff --git a/pretty.c b/pretty.c
+index ff9fc97..c3c1443 100644
+--- a/pretty.c
+++ b/pretty.c
+@@ -1437,7 +1437,7 @@ static size_t format_and_pad_commit(struct strbuf *sb, /* in UTF-8 */
+                int occupied;
+                if (!start)
+                        start = sb->buf;
+-               occupied = utf8_strnwidth(start, -1, 1);
+               occupied = utf8_strnwidth(start, strlen(start), 1);
+                occupied += c->pretty_ctx->graph_width;
+                padding = (-padding) - occupied;
+        }
+@@ -1455,7 +1455,7 @@ static size_t format_and_pad_commit(struct strbuf *sb, /* in UTF-8 */
+                placeholder++;
+                total_consumed++;
+        }
+-       len = utf8_strnwidth(local_sb.buf, -1, 1);
+       len = utf8_strnwidth(local_sb.buf, local_sb.len, 1);
+ 
+        if (c->flush_type == flush_left_and_steal) {
+                const char *ch = sb->buf + sb->len - 1;
+diff --git a/utf8.c b/utf8.c
+index 5c8f151..a66984b 100644
+--- a/utf8.c
+++ b/utf8.c
+@@ -206,13 +206,11 @@ int utf8_width(const char **start, size_t *remainder_p)
+  * string, assuming that the string is utf8.  Returns strlen() instead
+  * if the string does not look like a valid utf8 string.
+  */
+-int utf8_strnwidth(const char *string, int len, int skip_ansi)
+int utf8_strnwidth(const char *string, size_t len, int skip_ansi)
+ {
+        int width = 0;
+        const char *orig = string;
+ 
+-       if (len == -1)
+-               len = strlen(string);
+        while (string && string < orig + len) {
+                int skip;
+                while (skip_ansi &&
+@@ -225,7 +223,7 @@ int utf8_strnwidth(const char *string, int len, int skip_ansi)
+ 
+ int utf8_strwidth(const char *string)
+ {
+-       return utf8_strnwidth(string, -1, 0);
+       return utf8_strnwidth(string, strlen(string), 0);
+ }
+ 
+ int is_utf8(const char *text)
+@@ -792,7 +790,7 @@ int skip_utf8_bom(char **text, size_t len)
+ void strbuf_utf8_align(struct strbuf *buf, align_type position, unsigned int width,
+                       const char *s)
+ {
+-       int slen = strlen(s);
+       size_t slen = strlen(s);
+        int display_len = utf8_strnwidth(s, slen, 0);
+        int utf8_compensation = slen - display_len;
+ 
+diff --git a/utf8.h b/utf8.h
+index fcd5167..6da1b6d 100644
+--- a/utf8.h
+++ b/utf8.h
+@@ -7,7 +7,7 @@ typedef unsigned int ucs_char_t;  /* assuming 32bit int */
+ 
+ size_t display_mode_esc_sequence_len(const char *s);
+ int utf8_width(const char **start, size_t *remainder_p);
+-int utf8_strnwidth(const char *string, int len, int skip_ansi);
+int utf8_strnwidth(const char *string, size_t len, int skip_ansi);
+ int utf8_strwidth(const char *string);
+ int is_utf8(const char *text);
+ int is_encoding_utf8(const char *name);
+-- 
+2.25.1

diff --git a/meta/recipes-devtools/git/files/CVE-2022-41903-07.patch b/meta/recipes-devtools/git/files/CVE-2022-41903-07.patch new file mode 100644 index 0000000000..ec248ad6c2 --- /dev/null +++ b/meta/recipes-devtools/git/files/CVE-2022-41903-07.patch
@@ -0,0 +1,123 @@
	1	From 522cc87fdc25449222a5894a428eebf4b8d5eaa9 Mon Sep 17 00:00:00 2001
	2	From: Patrick Steinhardt <ps@pks.im>
	3	Date: Thu, 1 Dec 2022 15:46:53 +0100
	4	Subject: [PATCH 07/12] utf8: fix truncated string lengths in utf8_strnwidth()
	5
	6	The `utf8_strnwidth()` function accepts an optional string length as
	7	input parameter. This parameter can either be set to `-1`, in which case
	8	we call `strlen()` on the input. Or it can be set to a positive integer
	9	that indicates a precomputed length, which callers typically compute by
	10	calling `strlen()` at some point themselves.
	11
	12	The input parameter is an `int` though, whereas `strlen()` returns a
	13	`size_t`. This can lead to implementation-defined behaviour though when
	14	the `size_t` cannot be represented by the `int`. In the general case
	15	though this leads to wrap-around and thus to negative string sizes,
	16	which is sure enough to not lead to well-defined behaviour.
	17
	18	Fix this by accepting a `size_t` instead of an `int` as string length.
	19	While this takes away the ability of callers to simply pass in `-1` as
	20	string length, it really is trivial enough to convert them to instead
	21	pass in `strlen()` instead.
	22
	23	Signed-off-by: Patrick Steinhardt <ps@pks.im>
	24	Signed-off-by: Junio C Hamano <gitster@pobox.com>
	25
	26	Upstream-Status: Backport [https://github.com/git/git/commit/522cc87fdc25449222a5894a428eebf4b8d5eaa9]
	27	CVE: CVE-2022-41903
	28	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
	29	---
	30	column.c \| 2 +-
	31	pretty.c \| 4 ++--
	32	utf8.c \| 8 +++-----
	33	utf8.h \| 2 +-
	34	4 files changed, 7 insertions(+), 9 deletions(-)
	35
	36	diff --git a/column.c b/column.c
	37	index 4a38eed..0c79850 100644
	38	--- a/column.c
	39	+++ b/column.c
	40	@@ -23,7 +23,7 @@ struct column_data {
	41	/* return length of 's' in letters, ANSI escapes stripped */
	42	static int item_length(const char *s)
	43	{
	44	- return utf8_strnwidth(s, -1, 1);
	45	+ return utf8_strnwidth(s, strlen(s), 1);
	46	}
	47
	48	/*
	49	diff --git a/pretty.c b/pretty.c
	50	index ff9fc97..c3c1443 100644
	51	--- a/pretty.c
	52	+++ b/pretty.c
	53	@@ -1437,7 +1437,7 @@ static size_t format_and_pad_commit(struct strbuf sb, / in UTF-8 */
	54	int occupied;
	55	if (!start)
	56	start = sb->buf;
	57	- occupied = utf8_strnwidth(start, -1, 1);
	58	+ occupied = utf8_strnwidth(start, strlen(start), 1);
	59	occupied += c->pretty_ctx->graph_width;
	60	padding = (-padding) - occupied;
	61	}
	62	@@ -1455,7 +1455,7 @@ static size_t format_and_pad_commit(struct strbuf sb, / in UTF-8 */
	63	placeholder++;
	64	total_consumed++;
	65	}
	66	- len = utf8_strnwidth(local_sb.buf, -1, 1);
	67	+ len = utf8_strnwidth(local_sb.buf, local_sb.len, 1);
	68
	69	if (c->flush_type == flush_left_and_steal) {
	70	const char *ch = sb->buf + sb->len - 1;
	71	diff --git a/utf8.c b/utf8.c
	72	index 5c8f151..a66984b 100644
	73	--- a/utf8.c
	74	+++ b/utf8.c
	75	@@ -206,13 +206,11 @@ int utf8_width(const char *start, size_t remainder_p)
	76	* string, assuming that the string is utf8. Returns strlen() instead
	77	* if the string does not look like a valid utf8 string.
	78	*/
	79	-int utf8_strnwidth(const char *string, int len, int skip_ansi)
	80	+int utf8_strnwidth(const char *string, size_t len, int skip_ansi)
	81	{
	82	int width = 0;
	83	const char *orig = string;
	84
	85	- if (len == -1)
	86	- len = strlen(string);
	87	while (string && string < orig + len) {
	88	int skip;
	89	while (skip_ansi &&
	90	@@ -225,7 +223,7 @@ int utf8_strnwidth(const char *string, int len, int skip_ansi)
	91
	92	int utf8_strwidth(const char *string)
	93	{
	94	- return utf8_strnwidth(string, -1, 0);
	95	+ return utf8_strnwidth(string, strlen(string), 0);
	96	}
	97
	98	int is_utf8(const char *text)
	99	@@ -792,7 +790,7 @@ int skip_utf8_bom(char **text, size_t len)
	100	void strbuf_utf8_align(struct strbuf *buf, align_type position, unsigned int width,
	101	const char *s)
	102	{
	103	- int slen = strlen(s);
	104	+ size_t slen = strlen(s);
	105	int display_len = utf8_strnwidth(s, slen, 0);
	106	int utf8_compensation = slen - display_len;
	107
	108	diff --git a/utf8.h b/utf8.h
	109	index fcd5167..6da1b6d 100644
	110	--- a/utf8.h
	111	+++ b/utf8.h
	112	@@ -7,7 +7,7 @@ typedef unsigned int ucs_char_t; /* assuming 32bit int */
	113
	114	size_t display_mode_esc_sequence_len(const char *s);
	115	int utf8_width(const char *start, size_t remainder_p);
	116	-int utf8_strnwidth(const char *string, int len, int skip_ansi);
	117	+int utf8_strnwidth(const char *string, size_t len, int skip_ansi);
	118	int utf8_strwidth(const char *string);
	119	int is_utf8(const char *text);
	120	int is_encoding_utf8(const char *name);
	121	--
	122	2.25.1
	123