diff options
Diffstat (limited to 'meta/recipes-extended/libsolv/libsolv/0006-Fix-testsolv-segfault.patch')
-rw-r--r-- | meta/recipes-extended/libsolv/libsolv/0006-Fix-testsolv-segfault.patch | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/meta/recipes-extended/libsolv/libsolv/0006-Fix-testsolv-segfault.patch b/meta/recipes-extended/libsolv/libsolv/0006-Fix-testsolv-segfault.patch new file mode 100644 index 0000000000..559aefb1ec --- /dev/null +++ b/meta/recipes-extended/libsolv/libsolv/0006-Fix-testsolv-segfault.patch | |||
@@ -0,0 +1,41 @@ | |||
1 | From 823bf65087a017d2f488f01e09ee284fa36f7446 Mon Sep 17 00:00:00 2001 | ||
2 | From: Jaroslav Rohel <jrohel@redhat.com> | ||
3 | Date: Tue, 11 Dec 2018 10:22:09 +0100 | ||
4 | Subject: [PATCH] Fix: testsolv segfault | ||
5 | Reply-To: muislam@microsoft.com | ||
6 | |||
7 | ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7fab0e11bf2b bp 0x7ffdfc044b70 sp 0x7ffdfc044a90 T0) | ||
8 | 0 0x7fab0e11bf2a in testcase_str2dep_complex /home/company/real_sanitize/libsolv-master/ext/testcase.c:577 | ||
9 | 1 0x7fab0e11c80f in testcase_str2dep /home/company/real_sanitize/libsolv-master/ext/testcase.c:656 | ||
10 | 2 0x7fab0e12e64a in testcase_read /home/company/real_sanitize/libsolv-master/ext/testcase.c:2952 | ||
11 | 3 0x402aa5 in main /home/company/real_sanitize/libsolv-master/tools/testsolv.c:148 | ||
12 | 4 0x7fab0d9d2a3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20a3f) | ||
13 | 5 0x401bb8 in _start (/home/company/real_sanitize/libsolv-master/build/install/bin/testsolv+0x401bb8) | ||
14 | |||
15 | CVE: CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 | ||
16 | |||
17 | Upstream-Status: Backport | ||
18 | |||
19 | Signed-off-by: Muminul Islam <muislam@microsoft.com> | ||
20 | |||
21 | Cherry picked from https://github.com/openSUSE/libsolv/pull/291/commits | ||
22 | --- | ||
23 | ext/testcase.c | 2 ++ | ||
24 | 1 file changed, 2 insertions(+) | ||
25 | |||
26 | diff --git a/ext/testcase.c b/ext/testcase.c | ||
27 | index 3901d90d..dd20de14 100644 | ||
28 | --- a/ext/testcase.c | ||
29 | +++ b/ext/testcase.c | ||
30 | @@ -571,6 +571,8 @@ testcase_str2dep_complex(Pool *pool, const char **sp, int relop) | ||
31 | Id flags, id, id2, namespaceid = 0; | ||
32 | struct oplist *op; | ||
33 | |||
34 | + if (!s) | ||
35 | + return 0; | ||
36 | while (*s == ' ' || *s == '\t') | ||
37 | s++; | ||
38 | if (!strncmp(s, "namespace:", 10)) | ||
39 | -- | ||
40 | 2.23.0 | ||
41 | |||