summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnuj Mittal <anuj.mittal@intel.com>2020-01-17 17:14:31 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-01-28 11:15:01 (GMT)
commitd8da51bd3b84791d181a2844efe00d4bf2cdb02c (patch)
tree5d4ca2637dbe2d5c68335305ab66bb9c1ac910e1
parentdbd22b6cd75dd607e1e47bf12da4d54b574c9a8f (diff)
downloadpoky-d8da51bd3b84791d181a2844efe00d4bf2cdb02c.tar.gz
nasm: fix CVE-2019-14248
See: https://bugzilla.nasm.us/show_bug.cgi?id=3392576 (From OE-Core rev: 49dca79c6e5f631d1f55422864ee57c86cafe1a4) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-devtools/nasm/nasm/CVE-2019-14248.patch43
-rw-r--r--meta/recipes-devtools/nasm/nasm_2.14.02.bb1
2 files changed, 44 insertions, 0 deletions
diff --git a/meta/recipes-devtools/nasm/nasm/CVE-2019-14248.patch b/meta/recipes-devtools/nasm/nasm/CVE-2019-14248.patch
new file mode 100644
index 0000000..d45d2cb
--- /dev/null
+++ b/meta/recipes-devtools/nasm/nasm/CVE-2019-14248.patch
@@ -0,0 +1,43 @@
1From 93d41d82963b2cfd0b24c906f5a8daf53281b559 Mon Sep 17 00:00:00 2001
2From: "H. Peter Anvin (Intel)" <hpa@zytor.com>
3Date: Fri, 16 Aug 2019 01:12:54 -0700
4Subject: [PATCH] BR 3392576: don't segfault on a bad %pragma limit
5
6Don't segfault on a bad %pragma limit. Instead treat a NULL pointer as
7an empty string.
8
9Reported-by: Ren Kimura <rkx1209dev@gmail.com>
10Signed-off-by: H. Peter Anvin (Intel) <hpa@zytor.com>
11
12CVE: CVE-2019-14248
13Upstream-Status: Backport [https://repo.or.cz/nasm.git/commit/93d41d82963b2cfd0b24c906f5a8daf53281b559]
14Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
15---
16 asm/nasm.c | 7 ++++++-
17 1 file changed, 6 insertions(+), 1 deletion(-)
18
19diff --git a/asm/nasm.c b/asm/nasm.c
20index c84d675..65116ab 100644
21--- a/asm/nasm.c
22+++ b/asm/nasm.c
23@@ -212,6 +212,11 @@ nasm_set_limit(const char *limit, const char *valstr)
24 bool rn_error;
25 int errlevel;
26
27+ if (!limit)
28+ limit = "";
29+ if (!valstr)
30+ valstr = "";
31+
32 for (i = 0; i <= LIMIT_MAX; i++) {
33 if (!nasm_stricmp(limit, limit_info[i].name))
34 break;
35@@ -204,7 +209,7 @@ nasm_set_limit(const char *limit, const char *valstr)
36 errlevel = ERR_WARNING|ERR_NOFILE|ERR_USAGE;
37 else
38 errlevel = ERR_WARNING|ERR_PASS1|WARN_UNKNOWN_PRAGMA;
39- nasm_error(errlevel, "unknown limit: `%s'", limit);
40+ nasm_error(errlevel, "invalid limit value: `%s'", valstr);
41 return DIRR_ERROR;
42 }
43
diff --git a/meta/recipes-devtools/nasm/nasm_2.14.02.bb b/meta/recipes-devtools/nasm/nasm_2.14.02.bb
index e4f964c..bd4ecea 100644
--- a/meta/recipes-devtools/nasm/nasm_2.14.02.bb
+++ b/meta/recipes-devtools/nasm/nasm_2.14.02.bb
@@ -5,6 +5,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=90904486f8fbf1861cf42752e1a39efe"
5 5
6SRC_URI = "http://www.nasm.us/pub/nasm/releasebuilds/${PV}/nasm-${PV}.tar.bz2 \ 6SRC_URI = "http://www.nasm.us/pub/nasm/releasebuilds/${PV}/nasm-${PV}.tar.bz2 \
7 file://CVE-2018-19755.patch \ 7 file://CVE-2018-19755.patch \
8 file://CVE-2019-14248.patch \
8 " 9 "
9 10
10SRC_URI[md5sum] = "3f489aa48ad2aa1f967dc5e293bbd06f" 11SRC_URI[md5sum] = "3f489aa48ad2aa1f967dc5e293bbd06f"