diff options
Diffstat (limited to 'meta/recipes-support/gmp/gmp/cve-2021-43618.patch')
| -rw-r--r-- | meta/recipes-support/gmp/gmp/cve-2021-43618.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-support/gmp/gmp/cve-2021-43618.patch b/meta/recipes-support/gmp/gmp/cve-2021-43618.patch new file mode 100644 index 0000000000..095fb21eaa --- /dev/null +++ b/meta/recipes-support/gmp/gmp/cve-2021-43618.patch | |||
| @@ -0,0 +1,27 @@ | |||
| 1 | CVE: CVE-2021-43618 | ||
| 2 | Upstream-Status: Backport | ||
| 3 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
| 4 | |||
| 5 | # HG changeset patch | ||
| 6 | # User Marco Bodrato <bodrato@mail.dm.unipi.it> | ||
| 7 | # Date 1634836009 -7200 | ||
| 8 | # Node ID 561a9c25298e17bb01896801ff353546c6923dbd | ||
| 9 | # Parent e1fd9db13b475209a864577237ea4b9105b3e96e | ||
| 10 | mpz/inp_raw.c: Avoid bit size overflows | ||
| 11 | |||
| 12 | diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c | ||
| 13 | --- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100 | ||
| 14 | +++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200 | ||
| 15 | @@ -88,8 +88,11 @@ | ||
| 16 | |||
| 17 | abs_csize = ABS (csize); | ||
| 18 | |||
| 19 | + if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) | ||
| 20 | + return 0; /* Bit size overflows */ | ||
| 21 | + | ||
| 22 | /* round up to a multiple of limbs */ | ||
| 23 | - abs_xsize = BITS_TO_LIMBS (abs_csize*8); | ||
| 24 | + abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8); | ||
| 25 | |||
| 26 | if (abs_xsize != 0) | ||
| 27 | { | ||