From d32b383c3a7af0212cf6bfc942f4f8d6ae08d986 Mon Sep 17 00:00:00 2001 From: Robert Yang Date: Wed, 8 Jul 2015 00:23:46 -0700 Subject: less: 471 -> 478 * Remove backport patch 0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch. * The LICENSE's checksum changed because of year changed, the contents are the same. (From OE-Core rev: 505f351ede9dd1eb0e6f01080ea24080697dadf4) Signed-off-by: Robert Yang Signed-off-by: Richard Purdie --- ...ossible-buffer-overrun-with-invalid-UTF-8.patch | 49 ---------------------- meta/recipes-extended/less/less_471.bb | 41 ------------------ meta/recipes-extended/less/less_478.bb | 40 ++++++++++++++++++ 3 files changed, 40 insertions(+), 90 deletions(-) delete mode 100644 meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch delete mode 100644 meta/recipes-extended/less/less_471.bb create mode 100644 meta/recipes-extended/less/less_478.bb (limited to 'meta/recipes-extended/less') diff --git a/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch b/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch deleted file mode 100644 index 455eafc492..0000000000 --- a/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch +++ /dev/null @@ -1,49 +0,0 @@ -From e0a1add063a657b98611c94debb3631b8ffa36fe Mon Sep 17 00:00:00 2001 -From: Junling Zheng -Date: Fri, 24 Apr 2015 11:24:04 +0800 -Subject: [PATCH] Fix possible buffer overrun with invalid UTF-8 - -An out of bounds read access in the UTF-8 decoding can be triggered with -a malformed file in the tool less. The access happens in the function -is_utf8_well_formed due to a truncated multibyte character in the sample -file. - -The bug does not crash less, it can only be made visible by running less -with valgrind or compiling it with Address Sanitizer. - -Version 475 of less contains a fix for this issue. The file version.c -contains some entry mentioning this issue (without any credit): - - - v475 3/2/15 Fix possible buffer overrun with invalid UTF-8 - -The fix is in the file line.c. We derive this patch from: - -https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html - -Thank Claire Robinson for validating it on Mageia 4 i586. Refer to: - -https://bugs.mageia.org/show_bug.cgi?id=15567 - -Upstream Status: Backported - -Signed-off-by: Junling Zheng ---- - line.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/line.c b/line.c -index 89495a3..474be2c 100644 ---- a/line.c -+++ b/line.c -@@ -807,7 +807,7 @@ pappend(c, pos) - mbc_buf[mbc_buf_index++] = c; - if (mbc_buf_index < mbc_buf_len) - return (0); -- if (is_utf8_well_formed(mbc_buf)) -+ if (is_utf8_well_formed(mbc_buf, mbc_buf_index)) - r = do_append(get_wchar(mbc_buf), mbc_buf, mbc_pos); - else - /* Complete, but not shortest form, sequence. */ --- -1.9.1 - diff --git a/meta/recipes-extended/less/less_471.bb b/meta/recipes-extended/less/less_471.bb deleted file mode 100644 index 72d256276b..0000000000 --- a/meta/recipes-extended/less/less_471.bb +++ /dev/null @@ -1,41 +0,0 @@ -SUMMARY = "Text file viewer similar to more" -DESCRIPTION = "Less is a program similar to more, i.e. a terminal \ -based program for viewing text files and the output from other \ -programs. Less offers many features beyond those that more does." -HOMEPAGE = "http://www.greenwoodsoftware.com/" -SECTION = "console/utils" - -# (GPLv2+ (<< 418), GPLv3+ (>= 418)) | less -# Including email author giving permissing to use BSD -# -# From: Mark Nudelman -# To: Elizabeth Flanagan = 418)) | less +# Including email author giving permissing to use BSD +# +# From: Mark Nudelman +# To: Elizabeth Flanagan