diff options
| author | Khem Raj <raj.khem@gmail.com> | 2024-08-02 08:21:48 +0000 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2024-08-06 19:11:18 -0700 |
| commit | 3abcfb7879f97c2dbb11ffb1d4518013c3e3daea (patch) | |
| tree | 7afb9fbc4f4afb2adf726ccb05161040336c3b21 | |
| parent | f9b5e80b578536a64971f252fb6fd32d5c1d3866 (diff) | |
| download | poky-3abcfb7879f97c2dbb11ffb1d4518013c3e3daea.tar.gz | |
busybox: Add fix for CVE-2023-42366
(From OE-Core rev: 25554f0a542894416ad17e1334c8a05feb56b12e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch | 37 | ||||
| -rw-r--r-- | meta/recipes-core/busybox/busybox_1.36.1.bb | 1 |
2 files changed, 38 insertions, 0 deletions
diff --git a/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch b/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch new file mode 100644 index 0000000000..282c2fde5a --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch | |||
| @@ -0,0 +1,37 @@ | |||
| 1 | From 8542236894a8d5f7393327117bc7f64787444efc Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Valery Ushakov <uwe@stderr.spb.ru> | ||
| 3 | Date: Wed, 24 Jan 2024 22:24:41 +0300 | ||
| 4 | Subject: [PATCH] awk.c: fix CVE-2023-42366 (bug #15874) | ||
| 5 | |||
| 6 | Make sure we don't read past the end of the string in next_token() | ||
| 7 | when backslash is the last character in an (invalid) regexp. | ||
| 8 | a fix and issue reported in bugzilla | ||
| 9 | |||
| 10 | https://bugs.busybox.net/show_bug.cgi?id=15874 | ||
| 11 | |||
| 12 | Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html] | ||
| 13 | |||
| 14 | CVE: CVE-2023-42366 | ||
| 15 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
| 16 | --- | ||
| 17 | editors/awk.c | 6 ++++-- | ||
| 18 | 1 file changed, 4 insertions(+), 2 deletions(-) | ||
| 19 | |||
| 20 | diff --git a/editors/awk.c b/editors/awk.c | ||
| 21 | index f320d8c..a53b193 100644 | ||
| 22 | --- a/editors/awk.c | ||
| 23 | +++ b/editors/awk.c | ||
| 24 | @@ -1168,9 +1168,11 @@ static uint32_t next_token(uint32_t expected) | ||
| 25 | s[-1] = bb_process_escape_sequence((const char **)&pp); | ||
| 26 | if (*p == '\\') | ||
| 27 | *s++ = '\\'; | ||
| 28 | - if (pp == p) | ||
| 29 | + if (pp == p) { | ||
| 30 | + if (*p == '\0') | ||
| 31 | + syntax_error(EMSG_UNEXP_EOS); | ||
| 32 | *s++ = *p++; | ||
| 33 | - else | ||
| 34 | + } else | ||
| 35 | p = pp; | ||
| 36 | } | ||
| 37 | } | ||
diff --git a/meta/recipes-core/busybox/busybox_1.36.1.bb b/meta/recipes-core/busybox/busybox_1.36.1.bb index 86dc9e86bf..bc1619d1a8 100644 --- a/meta/recipes-core/busybox/busybox_1.36.1.bb +++ b/meta/recipes-core/busybox/busybox_1.36.1.bb | |||
| @@ -55,6 +55,7 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ | |||
| 55 | file://CVE-2023-42363.patch \ | 55 | file://CVE-2023-42363.patch \ |
| 56 | file://0001-awk-fix-precedence-of-relative-to.patch \ | 56 | file://0001-awk-fix-precedence-of-relative-to.patch \ |
| 57 | file://0002-awk-fix-ternary-operator-and-precedence-of.patch \ | 57 | file://0002-awk-fix-ternary-operator-and-precedence-of.patch \ |
| 58 | file://0001-awk.c-fix-CVE-2023-42366-bug-15874.patch \ | ||
| 58 | " | 59 | " |
| 59 | SRC_URI:append:libc-musl = " file://musl.cfg " | 60 | SRC_URI:append:libc-musl = " file://musl.cfg " |
| 60 | # TODO http://lists.busybox.net/pipermail/busybox/2023-January/090078.html | 61 | # TODO http://lists.busybox.net/pipermail/busybox/2023-January/090078.html |