curl: Add CVE-2023-28320 follow-up fix

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-28320
https://security-tracker.debian.org/tracker/CVE-2023-28320

Upstream Patch:
Introduced by: https://github.com/curl/curl/commit/3c49b405de4f (curl-7_9_8)
Fixed by: https://github.com/curl/curl/commit/13718030ad4b (curl-8_1_0)
Follow-up: https://github.com/curl/curl/commit/f446258f0269 (curl-8_1_0)

(From OE-Core rev: 5d6d4768693f9baa9b801e87d4d2aed0d9792613)

Signed-off-by: Sanjay Chitroda <sanjay.chitroda@einfochips.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>

2 files changed, 81 insertions, 0 deletions

diff --git a/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch b/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch
new file mode 100644
index 0000000000..3c06d8c518
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2023-28320-fol1.patch
@@ -0,0 +1,80 @@
+From e442feb37ba25c80b8480b908d1c570fd9f41c5e Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 16 May 2023 23:40:42 +0200
+Subject: [PATCH] hostip: include easy_lock.h before using
+ GLOBAL_INIT_IS_THREADSAFE
+
+Since that header file is the only place that define can be defined.
+
+Reported-by: Marc Deslauriers
+
+Follow-up to 13718030ad4b3209
+
+Closes #11121
+
+CVE: CVE-2023-28320
+Upstream-Status: Backport [https://github.com/curl/curl/commit/f446258f0269]
+
+(cherry picked from commit f446258f0269a62289cca0210157cb8558d0edc3)
+Signed-off-by: Sanjay Chitroda <sanjay.chitroda@einfochips.com>
+
+---
+ lib/hostip.c | 10 ++++------
+ lib/hostip.h |  9 ---------
+ 2 files changed, 4 insertions(+), 15 deletions(-)
+
+diff --git a/lib/hostip.c b/lib/hostip.c
+index d6906a2e8..2d26b5628 100644
+--- a/lib/hostip.c
++++ b/lib/hostip.c
+@@ -70,6 +70,8 @@
+ #include <SystemConfiguration/SCDynamicStoreCopySpecific.h>
+ #endif
+ 
++#include "easy_lock.h"
++
+ #if defined(CURLRES_SYNCH) &&                   \
+   defined(HAVE_ALARM) &&                        \
+   defined(SIGALRM) &&                           \
+@@ -79,10 +81,6 @@
+ #define USE_ALARM_TIMEOUT
+ #endif
+ 
+-#ifdef USE_ALARM_TIMEOUT
+-#include "easy_lock.h"
+-#endif
+-
+ #define MAX_HOSTCACHE_LEN (255 + 7) /* max FQDN + colon + port number + zero */
+ 
+ /*
+@@ -265,8 +263,8 @@ void Curl_hostcache_prune(struct Curl_easy *data)
+ /* Beware this is a global and unique instance. This is used to store the
+    return address that we can jump back to from inside a signal handler. This
+    is not thread-safe stuff. */
+-sigjmp_buf curl_jmpenv;
+-curl_simple_lock curl_jmpenv_lock;
++static sigjmp_buf curl_jmpenv;
++static curl_simple_lock curl_jmpenv_lock;
+ #endif
+ 
+ /* lookup address, returns entry if found and not stale */
+diff --git a/lib/hostip.h b/lib/hostip.h
+index 4b5481f65..0dd19e87c 100644
+--- a/lib/hostip.h
++++ b/lib/hostip.h
+@@ -186,15 +186,6 @@ Curl_cache_addr(struct Curl_easy *data, struct Curl_addrinfo *addr,
+ #define CURL_INADDR_NONE INADDR_NONE
+ #endif
+ 
+-#ifdef HAVE_SIGSETJMP
+-/* Forward-declaration of variable defined in hostip.c. Beware this
+- * is a global and unique instance. This is used to store the return
+- * address that we can jump back to from inside a signal handler.
+- * This is not thread-safe stuff.
+- */
+-extern sigjmp_buf curl_jmpenv;
+-#endif
+-
+ /*
+  * Function provided by the resolver backend to set DNS servers to use.
+  */
diff --git a/meta/recipes-support/curl/curl_8.0.1.bb b/meta/recipes-support/curl/curl_8.0.1.bb
index bcfe4a6088..708f622fe1 100644
--- a/meta/recipes-support/curl/curl_8.0.1.bb
+++ b/meta/recipes-support/curl/curl_8.0.1.bb
@@ -18,6 +18,7 @@ SRC_URI = " \
     file://CVE-2023-28320.patch \
     file://CVE-2023-28321.patch \
     file://CVE-2023-32001.patch \
+    file://CVE-2023-28320-fol1.patch \
 "
 SRC_URI[sha256sum] = "0a381cd82f4d00a9a334438b8ca239afea5bfefcfa9a1025f2bf118e79e0b5f0"