mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-05 08:02:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

re2c: update to 2.0

Browse Source 
CVE patch dropped as a backport present in the nre release.

RP: Remove dropped CVE patch
(From OE-Core rev: aec5bccc175e8ec7422095abe8ea86f99f74ad50)

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Oleksandr Kravchuk
2020-07-26 21:42:13 +02:00
committed by Richard Purdie
parent 68dc5f24a7
commit 9e5dfa356c
2 changed files with 2 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
meta/recipes-support/re2c/re2c/CVE-2020-11958.patch
View File

@@ -1,41 +0,0 @@
From c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a Mon Sep 17 00:00:00 2001
From: Ulya Trofimovich <skvadrik@gmail.com>
Date: Fri, 17 Apr 2020 22:47:14 +0100
Subject: [PATCH] Fix crash in lexer refill (reported by Agostino Sarubbo).
The crash happened in a rare case of a very long lexeme that doen't fit
into the buffer, forcing buffer reallocation.
The crash was caused by an incorrect calculation of the shift offset
(it was smaller than necessary). As a consequence, the data from buffer
start and up to the beginning of the current lexeme was not discarded
(as it should have been), resulting in less free space for new data than
expected.
Upstream-Status: Backport [https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a]
CVE: CVE-2020-11958
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
---
src/parse/scanner.cc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/parse/scanner.cc b/src/parse/scanner.cc
index 1d6e9efa..bd651314 100644
--- a/src/parse/scanner.cc
+++ b/src/parse/scanner.cc
@@ -155,13 +155,14 @@ bool Scanner::fill(size_t need)
if (!buf) fatal("out of memory");
memmove(buf, tok, copy);
- shift_ptrs_and_fpos(buf - bot);
+ shift_ptrs_and_fpos(buf - tok);
delete [] bot;
bot = buf;
free = BSIZE - copy;
}
+ DASSERT(lim + free <= bot + BSIZE);
if (!read(free)) {
eof = lim;
memset(lim, 0, YYMAXFILL);

6
meta/recipes-support/re2c/re2c_1.3.bb → meta/recipes-support/re2c/re2c_2.0.bb
View File

@@ -5,10 +5,8 @@ SECTION = "devel"
LICENSE = "PD"
LIC_FILES_CHKSUM = "file://LICENSE;md5=64eca4d8a3b67f9dc7656094731a2c8d"
SRC_URI = "https://github.com/skvadrik/re2c/releases/download/${PV}/${BPN}-${PV}.tar.xz \
file://CVE-2020-11958.patch \
"
SRC_URI[sha256sum] = "f37f25ff760e90088e7d03d1232002c2c2672646d5844fdf8e0d51a5cd75a503"
SRC_URI = "https://github.com/skvadrik/re2c/releases/download/${PV}/${BPN}-${PV}.tar.xz"
SRC_URI[sha256sum] = "89a9d7ee14be10e3779ea7b2c8ea4a964afce6e76b8dbcd5479940681db46d20"
UPSTREAM_CHECK_URI = "https://github.com/skvadrik/re2c/releases"
BBCLASSEXTEND = "native nativesdk"