diff options
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r-- | meta/recipes-devtools/flex/flex/CVE-2016-6354.patch | 59 | ||||
-rw-r--r-- | meta/recipes-devtools/flex/flex_2.6.0.bb | 1 |
2 files changed, 60 insertions, 0 deletions
diff --git a/meta/recipes-devtools/flex/flex/CVE-2016-6354.patch b/meta/recipes-devtools/flex/flex/CVE-2016-6354.patch new file mode 100644 index 0000000000..216ac7ae1c --- /dev/null +++ b/meta/recipes-devtools/flex/flex/CVE-2016-6354.patch | |||
@@ -0,0 +1,59 @@ | |||
1 | From 3939eccdff598f47e5b37b05d58bf1b44d3796e7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Jussi Kukkonen <jussi.kukkonen@intel.com> | ||
3 | Date: Fri, 7 Oct 2016 14:15:38 +0300 | ||
4 | Subject: [PATCH] Prevent buffer overflow in yy_get_next_buffer | ||
5 | |||
6 | This is upstream commit a5cbe929ac3255d371e698f62dc256afe7006466 | ||
7 | with some additional backporting to make binutils build again. | ||
8 | |||
9 | Upstream-Status: Backport | ||
10 | CVE: CVE-2016-6354 | ||
11 | Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> | ||
12 | --- | ||
13 | src/flex.skl | 2 +- | ||
14 | src/scan.c | 2 +- | ||
15 | src/skel.c | 2 +- | ||
16 | 3 files changed, 3 insertions(+), 3 deletions(-) | ||
17 | |||
18 | diff --git a/src/flex.skl b/src/flex.skl | ||
19 | index ed71627..814d562 100644 | ||
20 | --- a/src/flex.skl | ||
21 | +++ b/src/flex.skl | ||
22 | @@ -1718,7 +1718,7 @@ int yyFlexLexer::yy_get_next_buffer() | ||
23 | |||
24 | else | ||
25 | { | ||
26 | - yy_size_t num_to_read = | ||
27 | + int num_to_read = | ||
28 | YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; | ||
29 | |||
30 | while ( num_to_read <= 0 ) | ||
31 | diff --git a/src/scan.c b/src/scan.c | ||
32 | index f1dce75..1949872 100644 | ||
33 | --- a/src/scan.c | ||
34 | +++ b/src/scan.c | ||
35 | @@ -4181,7 +4181,7 @@ static int yy_get_next_buffer (void) | ||
36 | |||
37 | else | ||
38 | { | ||
39 | - yy_size_t num_to_read = | ||
40 | + int num_to_read = | ||
41 | YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; | ||
42 | |||
43 | while ( num_to_read <= 0 ) | ||
44 | diff --git a/src/skel.c b/src/skel.c | ||
45 | index 26cc889..0344d18 100644 | ||
46 | --- a/src/skel.c | ||
47 | +++ b/src/skel.c | ||
48 | @@ -1929,7 +1929,7 @@ const char *skel[] = { | ||
49 | "", | ||
50 | " else", | ||
51 | " {", | ||
52 | - " yy_size_t num_to_read =", | ||
53 | + " int num_to_read =", | ||
54 | " YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1;", | ||
55 | "", | ||
56 | " while ( num_to_read <= 0 )", | ||
57 | -- | ||
58 | 2.1.4 | ||
59 | |||
diff --git a/meta/recipes-devtools/flex/flex_2.6.0.bb b/meta/recipes-devtools/flex/flex_2.6.0.bb index 3a45752f8b..ab35b09f99 100644 --- a/meta/recipes-devtools/flex/flex_2.6.0.bb +++ b/meta/recipes-devtools/flex/flex_2.6.0.bb | |||
@@ -15,6 +15,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/flex/flex-${PV}.tar.bz2 \ | |||
15 | file://do_not_create_pdf_doc.patch \ | 15 | file://do_not_create_pdf_doc.patch \ |
16 | file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ | 16 | file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ |
17 | file://0002-avoid-c-comments-in-c-code-fails-with-gcc-6.patch \ | 17 | file://0002-avoid-c-comments-in-c-code-fails-with-gcc-6.patch \ |
18 | file://CVE-2016-6354.patch \ | ||
18 | ${@bb.utils.contains('PTEST_ENABLED', '1', '', 'file://disable-tests.patch', d)} \ | 19 | ${@bb.utils.contains('PTEST_ENABLED', '1', '', 'file://disable-tests.patch', d)} \ |
19 | " | 20 | " |
20 | 21 | ||