mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-30 21:32:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

glib-2.0: add patch for CVE-2020-35457

Browse Source 
Upstream has disputed CVE-2020-35457 claiming it's not exploitable but
the patch is simple to add.

https://security-tracker.debian.org/tracker/CVE-2020-35457

"63c5b62f0a
https://gitlab.gnome.org/GNOME/glib/-/issues/2197
Upstream position is that it is not realistically a security issue."

For master branch this CVE is not reported by CVE checker:

NOTE: glib-2.0-2.66.4 is not vulnerable to CVE-2020-35457

(From OE-Core rev: 196d6a668fb44ac3f69d791d42d2eead285a758e)

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Mikko Rapeli
2021-01-05 12:18:20 +02:00
committed by Richard Purdie
parent 65d47dddf5
commit b8d9f563e8
2 changed files with 42 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
meta/recipes-core/glib-2.0/glib-2.0/0001-goption-Add-a-precondition-to-avoid-GOptionEntry-lis.patch Normal file
View File

@@ -0,0 +1,41 @@
From 63c5b62f0a984fac9a9700b12f54fe878e016a5d Mon Sep 17 00:00:00 2001
From: Philip Withnall <withnall@endlessm.com>
Date: Wed, 2 Sep 2020 12:38:09 +0100
Subject: [PATCH] goption: Add a precondition to avoid GOptionEntry list
overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
If the calling code adds more option entries than `G_MAXSIZE` then
therell be an integer overflow. This seems vanishingly unlikely (given
that all callers use static option entry lists), but add a precondition
anyway.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #2197
---
glib/goption.c | 2 ++
1 file changed, 2 insertions(+)
CVE: CVE-2020-35457
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d]
Comment: adjusted offset by -5 to fix patch fuzz warning
diff --git a/glib/goption.c b/glib/goption.c
index 9f5b977c4..bb9093a33 100644
--- a/glib/goption.c
+++ b/glib/goption.c
@@ -2417,6 +2417,8 @@ g_option_group_add_entries (GOptionGroup *group,
for (n_entries = 0; entries[n_entries].long_name != NULL; n_entries++) ;
+ g_return_if_fail (n_entries <= G_MAXSIZE - group->n_entries);
+
group->entries = g_renew (GOptionEntry, group->entries, group->n_entries + n_entries);
/* group->entries could be NULL in the trivial case where we add no
--
2.20.1

1
meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb
View File

@@ -17,6 +17,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
file://tzdata-update.patch \
file://0001-goption-Add-a-precondition-to-avoid-GOptionEntry-lis.patch \
"
SRC_URI_append_class-native = " file://relocate-modules.patch"