1 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch
new file mode 100644
index 0000000000..0bacd6b192
--- /dev/null
+++ b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch
@@ -0,0 +1,36 @@
+From 3295b48defa0f8570114877b063fe546dd348b3c Mon Sep 17 00:00:00 2001
+From: Karl Williamson <khw@cpan.org>
+Date: Thu, 20 Feb 2020 17:49:36 +0000
+Subject: [PATCH] regcomp: use long jumps if there is any possibility of
+ overflow
+(CVE-2020-10878) Be conservative for backporting, we'll aim to do
+something more aggressive for bleadperl.
+(cherry picked from commit 9d7759db46f3b31b1d3f79c44266b6ba42a47fc6)
+Upstream-Status: Backport [https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c] 
+CVE: CVE-2020-10878
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ regcomp.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+diff --git a/regcomp.c b/regcomp.c
+index 4ba2980db66..73c35a67020 100644
+--- a/regcomp.c
+++ b/regcomp.c
+@@ -7762,6 +7762,13 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
+ 
+         /* We have that number in RExC_npar */
+         RExC_total_parens = RExC_npar;
+
+        /* XXX For backporting, use long jumps if there is any possibility of
+         * overflow */
+        if (RExC_size > U16_MAX && ! RExC_use_BRANCHJ) {
+            RExC_use_BRANCHJ = TRUE;
+            flags |= RESTART_PARSE;
+        }
+     }
+     else if (! MUST_RESTART(flags)) {
+        ReREFCNT_dec(Rx);

diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch new file mode 100644 index 0000000000..0bacd6b192 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch
@@ -0,0 +1,36 @@
	1	From 3295b48defa0f8570114877b063fe546dd348b3c Mon Sep 17 00:00:00 2001
	2	From: Karl Williamson <khw@cpan.org>
	3	Date: Thu, 20 Feb 2020 17:49:36 +0000
	4	Subject: [PATCH] regcomp: use long jumps if there is any possibility of
	5	overflow
	6
	7	(CVE-2020-10878) Be conservative for backporting, we'll aim to do
	8	something more aggressive for bleadperl.
	9
	10	(cherry picked from commit 9d7759db46f3b31b1d3f79c44266b6ba42a47fc6)
	11
	12	Upstream-Status: Backport [https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c]
	13	CVE: CVE-2020-10878
	14	Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
	15	---
	16	regcomp.c \| 7 +++++++
	17	1 file changed, 7 insertions(+)
	18
	19	diff --git a/regcomp.c b/regcomp.c
	20	index 4ba2980db66..73c35a67020 100644
	21	--- a/regcomp.c
	22	+++ b/regcomp.c
	23	@@ -7762,6 +7762,13 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
	24
	25	/* We have that number in RExC_npar */
	26	RExC_total_parens = RExC_npar;
	27	+
	28	+ /* XXX For backporting, use long jumps if there is any possibility of
	29	+ * overflow */
	30	+ if (RExC_size > U16_MAX && ! RExC_use_BRANCHJ) {
	31	+ RExC_use_BRANCHJ = TRUE;
	32	+ flags \|= RESTART_PARSE;
	33	+ }
	34	}
	35	else if (! MUST_RESTART(flags)) {
	36	ReREFCNT_dec(Rx);