mirror of
https://git.yoctoproject.org/poky
synced 2026-04-13 23:02:30 +02:00
libcomps: fix CVE-2019-3817
(From OE-Core rev: 2cebc7faa10c7ac6f60437658702f7adce3b3a89) Signed-off-by: Kevin Weng <t-keweng@microsoft.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Andrii Bordunov via Openembedded-core
committed by
Richard Purdie
Richard Purdie
parent
9da2eb4bef
commit
4e6a44598f
97
meta/recipes-devtools/libcomps/libcomps/CVE-2019-3817.patch
Normal file
97
meta/recipes-devtools/libcomps/libcomps/CVE-2019-3817.patch
Normal file
@@ -0,0 +1,97 @@
|
||||
From cea10cd1f2ef6bb4edaac0c1d46d47bf237c42b8 Mon Sep 17 00:00:00 2001
|
||||
From: Riccardo Schirone <rschiron@redhat.com>
|
||||
Date: Mon, 21 Jan 2019 18:11:42 +0100
|
||||
Subject: [PATCH] Fix UAF in comps_objmrtree_unite function
|
||||
|
||||
The added field is not used at all in many places and it is probably the
|
||||
left-over of some copy-paste.
|
||||
|
||||
Upstream-Status: Backport
|
||||
[https://github.com/rpm-software-management/libcomps/commit
|
||||
/e3a5d056633677959ad924a51758876d415e7046]
|
||||
|
||||
CVE: CVE-2019-3817
|
||||
|
||||
Signed-off-by: Kevin Weng <t-keweng@microsoft.com>
|
||||
---
|
||||
libcomps/src/comps_mradix.c | 2 --
|
||||
libcomps/src/comps_objmradix.c | 2 --
|
||||
libcomps/src/comps_objradix.c | 2 --
|
||||
libcomps/src/comps_radix.c | 1 -
|
||||
4 files changed, 7 deletions(-)
|
||||
|
||||
diff --git a/libcomps/src/comps_mradix.c b/libcomps/src/comps_mradix.c
|
||||
index 338cb07..6ceb7c9 100644
|
||||
--- a/libcomps/src/comps_mradix.c
|
||||
+++ b/libcomps/src/comps_mradix.c
|
||||
@@ -177,7 +177,6 @@ void comps_mrtree_unite(COMPS_MRTree *rt1, COMPS_MRTree *rt2) {
|
||||
struct Pair {
|
||||
COMPS_HSList * subnodes;
|
||||
char * key;
|
||||
- char added;
|
||||
} *pair, *parent_pair;
|
||||
|
||||
pair = malloc(sizeof(struct Pair));
|
||||
@@ -195,7 +194,6 @@ void comps_mrtree_unite(COMPS_MRTree *rt1, COMPS_MRTree *rt2) {
|
||||
parent_pair = (struct Pair*) it->data;
|
||||
free(it);
|
||||
|
||||
- pair->added = 0;
|
||||
for (it = tmp_subnodes->first; it != NULL; it=it->next) {
|
||||
pair = malloc(sizeof(struct Pair));
|
||||
pair->subnodes = ((COMPS_MRTreeData*)it->data)->subnodes;
|
||||
diff --git a/libcomps/src/comps_objmradix.c b/libcomps/src/comps_objmradix.c
|
||||
index 9be6648..8771c89 100644
|
||||
--- a/libcomps/src/comps_objmradix.c
|
||||
+++ b/libcomps/src/comps_objmradix.c
|
||||
@@ -285,7 +285,6 @@ void comps_objmrtree_unite(COMPS_ObjMRTree *rt1, COMPS_ObjMRTree *rt2) {
|
||||
struct Pair {
|
||||
COMPS_HSList * subnodes;
|
||||
char * key;
|
||||
- char added;
|
||||
} *pair, *parent_pair;
|
||||
|
||||
pair = malloc(sizeof(struct Pair));
|
||||
@@ -303,7 +302,6 @@ void comps_objmrtree_unite(COMPS_ObjMRTree *rt1, COMPS_ObjMRTree *rt2) {
|
||||
parent_pair = (struct Pair*) it->data;
|
||||
free(it);
|
||||
|
||||
- pair->added = 0;
|
||||
for (it = tmp_subnodes->first; it != NULL; it=it->next) {
|
||||
pair = malloc(sizeof(struct Pair));
|
||||
pair->subnodes = ((COMPS_ObjMRTreeData*)it->data)->subnodes;
|
||||
diff --git a/libcomps/src/comps_objradix.c b/libcomps/src/comps_objradix.c
|
||||
index a790270..0ebaf22 100644
|
||||
--- a/libcomps/src/comps_objradix.c
|
||||
+++ b/libcomps/src/comps_objradix.c
|
||||
@@ -692,7 +692,6 @@ void comps_objrtree_unite(COMPS_ObjRTree *rt1, COMPS_ObjRTree *rt2) {
|
||||
struct Pair {
|
||||
COMPS_HSList * subnodes;
|
||||
char * key;
|
||||
- char added;
|
||||
} *pair, *parent_pair;
|
||||
|
||||
pair = malloc(sizeof(struct Pair));
|
||||
@@ -711,7 +710,6 @@ void comps_objrtree_unite(COMPS_ObjRTree *rt1, COMPS_ObjRTree *rt2) {
|
||||
//printf("key-part:%s\n", parent_pair->key);
|
||||
free(it);
|
||||
|
||||
- //pair->added = 0;
|
||||
for (it = tmp_subnodes->first; it != NULL; it=it->next) {
|
||||
pair = malloc(sizeof(struct Pair));
|
||||
pair->subnodes = ((COMPS_ObjRTreeData*)it->data)->subnodes;
|
||||
diff --git a/libcomps/src/comps_radix.c b/libcomps/src/comps_radix.c
|
||||
index ada4fda..05dcaf2 100644
|
||||
--- a/libcomps/src/comps_radix.c
|
||||
+++ b/libcomps/src/comps_radix.c
|
||||
@@ -529,7 +529,6 @@ void comps_rtree_unite(COMPS_RTree *rt1, COMPS_RTree *rt2) {
|
||||
struct Pair {
|
||||
COMPS_HSList * subnodes;
|
||||
char * key;
|
||||
- char added;
|
||||
} *pair, *parent_pair;
|
||||
|
||||
pair = malloc(sizeof(struct Pair));
|
||||
--
|
||||
2.22.0
|
||||
|
||||
@@ -6,6 +6,7 @@ SRC_URI = "git://github.com/rpm-software-management/libcomps.git \
|
||||
file://0001-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \
|
||||
file://0002-Set-library-installation-path-correctly.patch \
|
||||
file://0001-Make-__comps_objmrtree_all-static-inline.patch \
|
||||
file://CVE-2019-3817.patch \
|
||||
"
|
||||
|
||||
PV = "0.1.8+git${SRCPV}"
|
||||
|
||||
Reference in New Issue
Block a user