diff --git a/meta/recipes-devtools/file/file/CVE-2022-48554.patch b/meta/recipes-devtools/file/file/CVE-2022-48554.patch new file mode 100644 index 0000000000..c285bd2c23 --- /dev/null +++ b/meta/recipes-devtools/file/file/CVE-2022-48554.patch @@ -0,0 +1,35 @@ +CVE: CVE-2022-48554 +Upstream-Status: Backport [ https://github.com/file/file/commit/497aabb29cd08d2a5aeb63e45798d65fcbe03502 ] +Signed-off-by: Lee Chee Yang + +From 497aabb29cd08d2a5aeb63e45798d65fcbe03502 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas +Date: Mon, 14 Feb 2022 16:26:10 +0000 +Subject: [PATCH] PR/310: p870613: Don't use strlcpy to copy the string, it + will try to scan the source string to find out how much space is needed the + source string might not be NUL terminated. + +--- + src/funcs.c | 11 +++++++---- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/src/funcs.c b/src/funcs.c +index 89e1da597..dcfd352d2 100644 +--- a/src/funcs.c ++++ b/src/funcs.c +@@ -54,9 +54,12 @@ FILE_RCSID("@(#)$File: funcs.c,v 1.124 2022/01/10 14:15:08 christos Exp $") + protected char * + file_copystr(char *buf, size_t blen, size_t width, const char *str) + { +- if (++width > blen) +- width = blen; +- strlcpy(buf, str, width); ++ if (blen == 0) ++ return buf; ++ if (width >= blen) ++ width = blen - 1; ++ memcpy(buf, str, width); ++ buf[width] = '\0'; + return buf; + } + diff --git a/meta/recipes-devtools/file/file_5.41.bb b/meta/recipes-devtools/file/file_5.41.bb index 653887e97a..6fd4f2c746 100644 --- a/meta/recipes-devtools/file/file_5.41.bb +++ b/meta/recipes-devtools/file/file_5.41.bb @@ -11,7 +11,9 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=2;md5=0251eaec1188b20d9a72c502ecfdd DEPENDS = "file-replacement-native" DEPENDS:class-native = "bzip2-replacement-native" -SRC_URI = "git://github.com/file/file.git;branch=master;protocol=https" +SRC_URI = "git://github.com/file/file.git;branch=master;protocol=https \ + file://CVE-2022-48554.patch \ +" SRCREV = "504206e53a89fd6eed71aeaf878aa3512418eab1" S = "${WORKDIR}/git"