diff options
Diffstat (limited to 'meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch')
-rw-r--r-- | meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch new file mode 100644 index 0000000000..0bacd6b192 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch | |||
@@ -0,0 +1,36 @@ | |||
1 | From 3295b48defa0f8570114877b063fe546dd348b3c Mon Sep 17 00:00:00 2001 | ||
2 | From: Karl Williamson <khw@cpan.org> | ||
3 | Date: Thu, 20 Feb 2020 17:49:36 +0000 | ||
4 | Subject: [PATCH] regcomp: use long jumps if there is any possibility of | ||
5 | overflow | ||
6 | |||
7 | (CVE-2020-10878) Be conservative for backporting, we'll aim to do | ||
8 | something more aggressive for bleadperl. | ||
9 | |||
10 | (cherry picked from commit 9d7759db46f3b31b1d3f79c44266b6ba42a47fc6) | ||
11 | |||
12 | Upstream-Status: Backport [https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c] | ||
13 | CVE: CVE-2020-10878 | ||
14 | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> | ||
15 | --- | ||
16 | regcomp.c | 7 +++++++ | ||
17 | 1 file changed, 7 insertions(+) | ||
18 | |||
19 | diff --git a/regcomp.c b/regcomp.c | ||
20 | index 4ba2980db66..73c35a67020 100644 | ||
21 | --- a/regcomp.c | ||
22 | +++ b/regcomp.c | ||
23 | @@ -7762,6 +7762,13 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count, | ||
24 | |||
25 | /* We have that number in RExC_npar */ | ||
26 | RExC_total_parens = RExC_npar; | ||
27 | + | ||
28 | + /* XXX For backporting, use long jumps if there is any possibility of | ||
29 | + * overflow */ | ||
30 | + if (RExC_size > U16_MAX && ! RExC_use_BRANCHJ) { | ||
31 | + RExC_use_BRANCHJ = TRUE; | ||
32 | + flags |= RESTART_PARSE; | ||
33 | + } | ||
34 | } | ||
35 | else if (! MUST_RESTART(flags)) { | ||
36 | ReREFCNT_dec(Rx); | ||