diff options
Diffstat (limited to 'meta/recipes-support/gmp/gmp/cve-2021-43618.patch')
-rw-r--r-- | meta/recipes-support/gmp/gmp/cve-2021-43618.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-support/gmp/gmp/cve-2021-43618.patch b/meta/recipes-support/gmp/gmp/cve-2021-43618.patch new file mode 100644 index 0000000000..095fb21eaa --- /dev/null +++ b/meta/recipes-support/gmp/gmp/cve-2021-43618.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | CVE: CVE-2021-43618 | ||
2 | Upstream-Status: Backport | ||
3 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
4 | |||
5 | # HG changeset patch | ||
6 | # User Marco Bodrato <bodrato@mail.dm.unipi.it> | ||
7 | # Date 1634836009 -7200 | ||
8 | # Node ID 561a9c25298e17bb01896801ff353546c6923dbd | ||
9 | # Parent e1fd9db13b475209a864577237ea4b9105b3e96e | ||
10 | mpz/inp_raw.c: Avoid bit size overflows | ||
11 | |||
12 | diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c | ||
13 | --- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100 | ||
14 | +++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200 | ||
15 | @@ -88,8 +88,11 @@ | ||
16 | |||
17 | abs_csize = ABS (csize); | ||
18 | |||
19 | + if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) | ||
20 | + return 0; /* Bit size overflows */ | ||
21 | + | ||
22 | /* round up to a multiple of limbs */ | ||
23 | - abs_xsize = BITS_TO_LIMBS (abs_csize*8); | ||
24 | + abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8); | ||
25 | |||
26 | if (abs_xsize != 0) | ||
27 | { | ||