diff options
Diffstat (limited to 'meta/recipes-extended/gawk/gawk/CVE-2023-4156.patch')
-rw-r--r-- | meta/recipes-extended/gawk/gawk/CVE-2023-4156.patch | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/meta/recipes-extended/gawk/gawk/CVE-2023-4156.patch b/meta/recipes-extended/gawk/gawk/CVE-2023-4156.patch new file mode 100644 index 0000000000..c6cba058a7 --- /dev/null +++ b/meta/recipes-extended/gawk/gawk/CVE-2023-4156.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | From e709eb829448ce040087a3fc5481db6bfcaae212 Mon Sep 17 00:00:00 2001 | ||
2 | From: "Arnold D. Robbins" <arnold@skeeve.com> | ||
3 | Date: Wed, 3 Aug 2022 13:00:54 +0300 | ||
4 | Subject: [PATCH] Smal bug fix in builtin.c. | ||
5 | |||
6 | Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/gawk/tree/debian/patches/CVE-2023-4156.patch?h=ubuntu/focal-security | ||
7 | Upstream commit https://git.savannah.gnu.org/gitweb/?p=gawk.git;a=commitdiff;h=e709eb829448ce040087a3fc5481db6bfcaae212] | ||
8 | CVE: CVE-2023-4156 | ||
9 | Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> | ||
10 | --- | ||
11 | ChangeLog | 6 ++++++ | ||
12 | builtin.c | 5 ++++- | ||
13 | 2 files changed, 10 insertions(+), 1 deletion(-) | ||
14 | |||
15 | --- gawk-5.1.0.orig/builtin.c | ||
16 | +++ gawk-5.1.0/builtin.c | ||
17 | @@ -957,7 +957,10 @@ check_pos: | ||
18 | s1++; | ||
19 | n0--; | ||
20 | } | ||
21 | - if (val >= num_args) { | ||
22 | + // val could be less than zero if someone provides a field width | ||
23 | + // so large that it causes integer overflow. Mainly fuzzers do this, | ||
24 | + // but let's try to be good anyway. | ||
25 | + if (val < 0 || val >= num_args) { | ||
26 | toofew = true; | ||
27 | break; | ||
28 | } | ||