4 files changed, 62 insertions, 0 deletions
diff --git a/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
new file mode 100644
index 0000000000..183512fd7d
--- /dev/null
+++ b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
@@ -0,0 +1,41 @@
+--- pcre-8.43/pcre_compile.c    2020-07-05 22:26:25.310501521 +0530
+++ pcre-8.43/pcre_compile1.c   2020-07-05 22:30:22.254489562 +0530
+CVE: CVE-2020-14155
+Upstream-Status: Backport [https://vcs.pcre.org/pcre/code/trunk/pcre_compile.c?view=patch&r1=1761&r2=1760&pathrev=1761]
+Signed-off-by: Rahul Taya<Rahul.Taya@kpit.com>
+@@ -6,7 +6,7 @@
+ and semantics are as close as possible to those of the Perl 5 language.
+                        Written by Philip Hazel
+-           Copyright (c) 1997-2018 University of Cambridge
+           Copyright (c) 1997-2020 University of Cambridge
+ -----------------------------------------------------------------------------
+ Redistribution and use in source and binary forms, with or without
+@@ -7130,17 +7130,19 @@
+           int n = 0;
+           ptr++;
+           while(IS_DIGIT(*ptr))
+           {
+             n = n * 10 + *ptr++ - CHAR_0;
+            if (n > 255)
+               {
+               *errorcodeptr = ERR38;
+               goto FAILED;
+               }
+            }
+           if (*ptr != CHAR_RIGHT_PARENTHESIS)
+             {
+             *errorcodeptr = ERR39;
+             goto FAILED;
+             }
+-          if (n > 255)
+-            {
+-            *errorcodeptr = ERR38;
+-            goto FAILED;
+-            }
+           *code++ = n;
+           PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
+           PUT(code, LINK_SIZE, 0);                          /* Default length */
diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch
new file mode 100644
index 0000000000..51f95a7097
--- /dev/null
+++ b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch
@@ -0,0 +1,19 @@
+Upstream-Status: Backport [https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_jit_compile.c?r1=1092&r2=1091&pathrev=1092]
+CVE: CVE-2020-8002
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+--- pcre2-10.30/src/pcre2_jit_compile.c 2019/05/13 16:26:17     1091
+++ pcre2-10.30/src/pcre2_jit_compile.c 2019/05/13 16:38:18     1092
+@@ -8571,7 +8571,10 @@
+ PCRE2_SPTR bptr;
+ uint32_t c;
+ 
+-GETCHARINC(c, cc);
+/* Patch by PH */
+/* GETCHARINC(c, cc); */
+
+c = *cc++;
+ #if PCRE2_CODE_UNIT_WIDTH == 32
+ if (c >= 0x110000)
+   return NULL;
diff --git a/meta/recipes-support/libpcre/libpcre2_10.33.bb b/meta/recipes-support/libpcre/libpcre2_10.33.bb
index 50b26753b4..1020df99b8 100644
--- a/meta/recipes-support/libpcre/libpcre2_10.33.bb
+++ b/meta/recipes-support/libpcre/libpcre2_10.33.bb
@@ -12,6 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37"
 SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2 \
           file://pcre-cross.patch \
+           file://CVE-2019-20454.patch \
 "
 SRC_URI[md5sum] = "80b355f2dce909a2e2424f5c79eddb44"
diff --git a/meta/recipes-support/libpcre/libpcre_8.43.bb b/meta/recipes-support/libpcre/libpcre_8.43.bb
index b97af08b25..60ece64504 100644
--- a/meta/recipes-support/libpcre/libpcre_8.43.bb
+++ b/meta/recipes-support/libpcre/libpcre_8.43.bb
@@ -12,6 +12,7 @@ SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \
           file://out-of-tree.patch \
           file://run-ptest \
           file://Makefile \
+           file://CVE-2020-14155.patch \
 "
 SRC_URI[md5sum] = "636222e79e392c3d95dcc545f24f98c4"

diff --git a/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch new file mode 100644 index 0000000000..183512fd7d --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
@@ -0,0 +1,41 @@
		1	--- pcre-8.43/pcre_compile.c 2020-07-05 22:26:25.310501521 +0530
		2	+++ pcre-8.43/pcre_compile1.c 2020-07-05 22:30:22.254489562 +0530
		3
		4	CVE: CVE-2020-14155
		5	Upstream-Status: Backport [https://vcs.pcre.org/pcre/code/trunk/pcre_compile.c?view=patch&r1=1761&r2=1760&pathrev=1761]
		6	Signed-off-by: Rahul Taya<Rahul.Taya@kpit.com>
		7
		8	@@ -6,7 +6,7 @@
		9	and semantics are as close as possible to those of the Perl 5 language.
		10
		11	Written by Philip Hazel
		12	- Copyright (c) 1997-2018 University of Cambridge
		13	+ Copyright (c) 1997-2020 University of Cambridge
		14
		15	-----------------------------------------------------------------------------
		16	Redistribution and use in source and binary forms, with or without
		17	@@ -7130,17 +7130,19 @@
		18	int n = 0;
		19	ptr++;
		20	while(IS_DIGIT(*ptr))
		21	+ {
		22	n = n * 10 + *ptr++ - CHAR_0;
		23	+ if (n > 255)
		24	+ {
		25	+ *errorcodeptr = ERR38;
		26	+ goto FAILED;
		27	+ }
		28	+ }
		29	if (*ptr != CHAR_RIGHT_PARENTHESIS)
		30	{
		31	*errorcodeptr = ERR39;
		32	goto FAILED;
		33	}
		34	- if (n > 255)
		35	- {
		36	- *errorcodeptr = ERR38;
		37	- goto FAILED;
		38	- }
		39	*code++ = n;
		40	PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
		41	PUT(code, LINK_SIZE, 0); /* Default length */


diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch new file mode 100644 index 0000000000..51f95a7097 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch
@@ -0,0 +1,19 @@
		1	Upstream-Status: Backport [https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_jit_compile.c?r1=1092&r2=1091&pathrev=1092]
		2	CVE: CVE-2020-8002
		3	Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
		4
		5	--- pcre2-10.30/src/pcre2_jit_compile.c 2019/05/13 16:26:17 1091
		6	+++ pcre2-10.30/src/pcre2_jit_compile.c 2019/05/13 16:38:18 1092
		7	@@ -8571,7 +8571,10 @@
		8	PCRE2_SPTR bptr;
		9	uint32_t c;
		10
		11	-GETCHARINC(c, cc);
		12	+/* Patch by PH */
		13	+/* GETCHARINC(c, cc); */
		14	+
		15	+c = *cc++;
		16	#if PCRE2_CODE_UNIT_WIDTH == 32
		17	if (c >= 0x110000)
		18	return NULL;
		19


diff --git a/meta/recipes-support/libpcre/libpcre2_10.33.bb b/meta/recipes-support/libpcre/libpcre2_10.33.bb index 50b26753b4..1020df99b8 100644 --- a/meta/recipes-support/libpcre/libpcre2_10.33.bb +++ b/meta/recipes-support/libpcre/libpcre2_10.33.bb
@@ -12,6 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37"
12		12
13	SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2 \	13	SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2 \
14	file://pcre-cross.patch \	14	file://pcre-cross.patch \
		15	file://CVE-2019-20454.patch \
15	"	16	"
16		17
17	SRC_URI[md5sum] = "80b355f2dce909a2e2424f5c79eddb44"	18	SRC_URI[md5sum] = "80b355f2dce909a2e2424f5c79eddb44"


diff --git a/meta/recipes-support/libpcre/libpcre_8.43.bb b/meta/recipes-support/libpcre/libpcre_8.43.bb index b97af08b25..60ece64504 100644 --- a/meta/recipes-support/libpcre/libpcre_8.43.bb +++ b/meta/recipes-support/libpcre/libpcre_8.43.bb
@@ -12,6 +12,7 @@ SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \
12	file://out-of-tree.patch \	12	file://out-of-tree.patch \
13	file://run-ptest \	13	file://run-ptest \
14	file://Makefile \	14	file://Makefile \
		15	file://CVE-2020-14155.patch \
15	"	16	"
16		17
17	SRC_URI[md5sum] = "636222e79e392c3d95dcc545f24f98c4"	18	SRC_URI[md5sum] = "636222e79e392c3d95dcc545f24f98c4"