2 files changed, 35 insertions, 2 deletions
diff --git a/meta/recipes-support/lz4/files/CVE-2021-3520.patch b/meta/recipes-support/lz4/files/CVE-2021-3520.patch
new file mode 100644
index 0000000000..5ac8f6691f
--- /dev/null
+++ b/meta/recipes-support/lz4/files/CVE-2021-3520.patch
@@ -0,0 +1,27 @@
+From 8301a21773ef61656225e264f4f06ae14462bca7 Mon Sep 17 00:00:00 2001
+From: Jasper Lievisse Adriaanse <j@jasper.la>
+Date: Fri, 26 Feb 2021 15:21:20 +0100
+Subject: [PATCH] Fix potential memory corruption with negative memmove() size
+Upstream-Status: Backport
+https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7
+CVE: CVE-2021-3520
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ lib/lz4.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+Index: git/lib/lz4.c
+===================================================================
+--- git.orig/lib/lz4.c
+++ git/lib/lz4.c
+@@ -1665,7 +1665,7 @@ LZ4_decompress_generic(
+                  const size_t dictSize         /* note : = 0 if noDict */
+                  )
+ {
+-    if (src == NULL) { return -1; }
+    if ((src == NULL) || (outputSize < 0)) { return -1; }
+ 
+     {   const BYTE* ip = (const BYTE*) src;
+         const BYTE* const iend = ip + srcSize;
diff --git a/meta/recipes-support/lz4/lz4_1.9.2.bb b/meta/recipes-support/lz4/lz4_1.9.2.bb
index 455d2a5141..bc11a57eb5 100644
--- a/meta/recipes-support/lz4/lz4_1.9.2.bb
+++ b/meta/recipes-support/lz4/lz4_1.9.2.bb
@@ -1,5 +1,6 @@
 SUMMARY = "Extremely Fast Compression algorithm"
 DESCRIPTION = "LZ4 is a very fast lossless compression algorithm, providing compression speed at 400 MB/s per core, scalable with multi-cores CPU. It also features an extremely fast decoder, with speed in multiple GB/s per core, typically reaching RAM speed limits on multi-core systems."
+HOMEPAGE = "https://github.com/lz4/lz4"
 LICENSE = "BSD | BSD-2-Clause | GPL-2.0"
 LIC_FILES_CHKSUM = "file://lib/LICENSE;md5=ebc2ea4814a64de7708f1571904b32cc \
@@ -11,8 +12,13 @@ PE = "1"
 SRCREV = "fdf2ef5809ca875c454510610764d9125ef2ebbd"
-SRC_URI = "git://github.com/lz4/lz4.git;branch=dev \
+# remove at next version upgrade or when output changes
+PR = "r1"
+HASHEQUIV_HASH_VERSION .= ".1"
+SRC_URI = "git://github.com/lz4/lz4.git;branch=dev;protocol=https \
           file://run-ptest \
+           file://CVE-2021-3520.patch \
           "
 UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
@@ -21,7 +27,7 @@ S = "${WORKDIR}/git"
 # Fixed in r118, which is larger than the current version.
 CVE_CHECK_WHITELIST += "CVE-2014-4715"
-EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir} BUILD_STATIC=no"
+EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' CFLAGS='${CFLAGS}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir} BUILD_STATIC=no"
 do_install() {
        oe_runmake install

diff --git a/meta/recipes-support/lz4/files/CVE-2021-3520.patch b/meta/recipes-support/lz4/files/CVE-2021-3520.patch new file mode 100644 index 0000000000..5ac8f6691f --- /dev/null +++ b/meta/recipes-support/lz4/files/CVE-2021-3520.patch
@@ -0,0 +1,27 @@
		1	From 8301a21773ef61656225e264f4f06ae14462bca7 Mon Sep 17 00:00:00 2001
		2	From: Jasper Lievisse Adriaanse <j@jasper.la>
		3	Date: Fri, 26 Feb 2021 15:21:20 +0100
		4	Subject: [PATCH] Fix potential memory corruption with negative memmove() size
		5
		6	Upstream-Status: Backport
		7	https://github.com/lz4/lz4/commit/8301a21773ef61656225e264f4f06ae14462bca7#diff-7055e9cf14c488aea9837aaf9f528b58ee3c22988d7d0d81d172ec62d94a88a7
		8	CVE: CVE-2021-3520
		9	Signed-off-by: Armin Kuster <akuster@mvista.com>
		10
		11	---
		12	lib/lz4.c \| 2 +-
		13	1 file changed, 1 insertion(+), 1 deletion(-)
		14
		15	Index: git/lib/lz4.c
		16	===================================================================
		17	--- git.orig/lib/lz4.c
		18	+++ git/lib/lz4.c
		19	@@ -1665,7 +1665,7 @@ LZ4_decompress_generic(
		20	const size_t dictSize /* note : = 0 if noDict */
		21	)
		22	{
		23	- if (src == NULL) { return -1; }
		24	+ if ((src == NULL) \|\| (outputSize < 0)) { return -1; }
		25
		26	{ const BYTE* ip = (const BYTE*) src;
		27	const BYTE* const iend = ip + srcSize;


diff --git a/meta/recipes-support/lz4/lz4_1.9.2.bb b/meta/recipes-support/lz4/lz4_1.9.2.bb index 455d2a5141..bc11a57eb5 100644 --- a/meta/recipes-support/lz4/lz4_1.9.2.bb +++ b/meta/recipes-support/lz4/lz4_1.9.2.bb
@@ -1,5 +1,6 @@
1	SUMMARY = "Extremely Fast Compression algorithm"	1	SUMMARY = "Extremely Fast Compression algorithm"
2	DESCRIPTION = "LZ4 is a very fast lossless compression algorithm, providing compression speed at 400 MB/s per core, scalable with multi-cores CPU. It also features an extremely fast decoder, with speed in multiple GB/s per core, typically reaching RAM speed limits on multi-core systems."	2	DESCRIPTION = "LZ4 is a very fast lossless compression algorithm, providing compression speed at 400 MB/s per core, scalable with multi-cores CPU. It also features an extremely fast decoder, with speed in multiple GB/s per core, typically reaching RAM speed limits on multi-core systems."
		3	HOMEPAGE = "https://github.com/lz4/lz4"
3		4
4	LICENSE = "BSD \| BSD-2-Clause \| GPL-2.0"	5	LICENSE = "BSD \| BSD-2-Clause \| GPL-2.0"
5	LIC_FILES_CHKSUM = "file://lib/LICENSE;md5=ebc2ea4814a64de7708f1571904b32cc \	6	LIC_FILES_CHKSUM = "file://lib/LICENSE;md5=ebc2ea4814a64de7708f1571904b32cc \
@@ -11,8 +12,13 @@ PE = "1"
11		12
12	SRCREV = "fdf2ef5809ca875c454510610764d9125ef2ebbd"	13	SRCREV = "fdf2ef5809ca875c454510610764d9125ef2ebbd"
13		14
14	SRC_URI = "git://github.com/lz4/lz4.git;branch=dev \	15	# remove at next version upgrade or when output changes
		16	PR = "r1"
		17	HASHEQUIV_HASH_VERSION .= ".1"
		18
		19	SRC_URI = "git://github.com/lz4/lz4.git;branch=dev;protocol=https \
15	file://run-ptest \	20	file://run-ptest \
		21	file://CVE-2021-3520.patch \
16	"	22	"
17	UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"	23	UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)"
18		24
@@ -21,7 +27,7 @@ S = "${WORKDIR}/git"
21	# Fixed in r118, which is larger than the current version.	27	# Fixed in r118, which is larger than the current version.
22	CVE_CHECK_WHITELIST += "CVE-2014-4715"	28	CVE_CHECK_WHITELIST += "CVE-2014-4715"
23		29
24	EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir} BUILD_STATIC=no"	30	EXTRA_OEMAKE = "PREFIX=${prefix} CC='${CC}' CFLAGS='${CFLAGS}' DESTDIR=${D} LIBDIR=${libdir} INCLUDEDIR=${includedir} BUILD_STATIC=no"
25		31
26	do_install() {	32	do_install() {
27	oe_runmake install	33	oe_runmake install