diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-11-30 20:44:09 +0100 |
|---|---|---|
| committer | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-11-30 20:48:03 +0100 |
| commit | 5fb0376aed5e99e502fae2928be5d68622c19d00 (patch) | |
| tree | eb43dcd3b1a47c5fcb8ac66474c203f33670d566 /meta-oe/recipes-devtools | |
| parent | b6eb044866f01a79e8ee3bf3c613123a2a75c39f (diff) | |
| download | meta-openembedded-5fb0376aed5e99e502fae2928be5d68622c19d00.tar.gz | |
yasm: patch CVE-2023-29579
Details: https://nvd.nist.gov/vuln/detail/CVE-2023-29579
The patch was taken from Debian:
https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit cc30757a7fd0af5f60b9a6408b3eb94c0810acda)
Diffstat (limited to 'meta-oe/recipes-devtools')
| -rw-r--r-- | meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch | 39 | ||||
| -rw-r--r-- | meta-oe/recipes-devtools/yasm/yasm_git.bb | 3 |
2 files changed, 41 insertions, 1 deletions
diff --git a/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch b/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch new file mode 100644 index 0000000000..58b4ed1996 --- /dev/null +++ b/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-29579.patch | |||
| @@ -0,0 +1,39 @@ | |||
| 1 | From 81c1b7b0a28f052eaadddcb010944bf67e6ae257 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Gyorgy Sarvari <skandigraun@gmail.com> | ||
| 3 | Date: Sat, 15 Nov 2025 13:24:21 +0100 | ||
| 4 | Subject: [PATCH] Make sure CPU feature parsing use large enough string buffer. | ||
| 5 | Fixes CVE-2023-29579. | ||
| 6 | |||
| 7 | Author: Petter Reinholdtsen <pere@debian.org> | ||
| 8 | Bug: https://github.com/yasm/yasm/issues/214 | ||
| 9 | Bug-Debian: https://bugs.debian.org/1035951 | ||
| 10 | Forwarded: https://github.com/yasm/yasm/issues/214 | ||
| 11 | Last-Update: 2025-04-30 | ||
| 12 | |||
| 13 | This patch is taken from Debian: | ||
| 14 | https://sources.debian.org/patches/yasm/1.3.0-8/1000-x86-dir-cpu-CVE-2023-29579.patch/ | ||
| 15 | |||
| 16 | CVE: CVE-2023-29579 | ||
| 17 | Upstream-Status: Submitted [https://github.com/yasm/yasm/issues/214] | ||
| 18 | |||
| 19 | Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> | ||
| 20 | --- | ||
| 21 | modules/arch/x86/x86arch.c | 5 +++-- | ||
| 22 | 1 file changed, 3 insertions(+), 2 deletions(-) | ||
| 23 | |||
| 24 | diff --git a/modules/arch/x86/x86arch.c b/modules/arch/x86/x86arch.c | ||
| 25 | index bac11774..58327958 100644 | ||
| 26 | --- a/modules/arch/x86/x86arch.c | ||
| 27 | +++ b/modules/arch/x86/x86arch.c | ||
| 28 | @@ -165,8 +165,9 @@ x86_dir_cpu(yasm_object *object, yasm_valparamhead *valparams, | ||
| 29 | yasm_error_set(YASM_ERROR_SYNTAX, | ||
| 30 | N_("invalid argument to [%s]"), "CPU"); | ||
| 31 | else { | ||
| 32 | - char strcpu[16]; | ||
| 33 | - sprintf(strcpu, "%lu", yasm_intnum_get_uint(intcpu)); | ||
| 34 | + char strcpu[21]; /* 21 = ceil(log10(LONG_MAX)+1) */ | ||
| 35 | + assert(8*sizeof(unsigned long) <= 64); | ||
| 36 | + snprintf(strcpu, sizeof(strcpu), "%lu", yasm_intnum_get_uint(intcpu)); | ||
| 37 | yasm_x86__parse_cpu(arch_x86, strcpu, strlen(strcpu)); | ||
| 38 | } | ||
| 39 | } else | ||
diff --git a/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-oe/recipes-devtools/yasm/yasm_git.bb index d1c37cb2ae..d89f9aebe3 100644 --- a/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-oe/recipes-devtools/yasm/yasm_git.bb | |||
| @@ -14,7 +14,8 @@ SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \ | |||
| 14 | file://CVE-2023-31975.patch \ | 14 | file://CVE-2023-31975.patch \ |
| 15 | file://CVE-2023-37732.patch \ | 15 | file://CVE-2023-37732.patch \ |
| 16 | file://CVE-2024-22653.patch \ | 16 | file://CVE-2024-22653.patch \ |
| 17 | " | 17 | file://CVE-2023-29579.patch \ |
| 18 | " | ||
| 18 | 19 | ||
| 19 | S = "${WORKDIR}/git" | 20 | S = "${WORKDIR}/git" |
| 20 | 21 | ||