mirror of
https://git.yoctoproject.org/poky
synced 2026-02-12 11:43:04 +01:00
bbc0795ada
Existing version of ruby-native (2.2.5) was crashing on my machine (and others' too), yet a functional ruby is necessary to upgrade webkit to a version that less vulnerable to Spectre. I've performed the update by copying the ruby recipe directory over from the current pyro tree; if you want to see the list of specific commits, issue this command: git log99656fecf4meta/recipes-devtools/ruby (up to commite593d3aeb2) (From OE-Core rev: 4734a4b41898e3df252b6234ed1270a915fd1f68) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
42 lines
906 B
Diff
42 lines
906 B
Diff
From 690313a061f7a4fa614ec5cc8368b4f2284e059b Mon Sep 17 00:00:00 2001
|
|
From: "K.Kosako" <kosako@sofnec.co.jp>
|
|
Date: Tue, 23 May 2017 10:28:58 +0900
|
|
Subject: [PATCH] fix #57 : DATA_ENSURE() check must be before data access
|
|
|
|
---
|
|
regexec.c | 5 -----
|
|
1 file changed, 5 deletions(-)
|
|
|
|
--- end of original header
|
|
|
|
CVE: CVE-2017-9224
|
|
|
|
Context modified so that patch applies for version 2.4.1.
|
|
|
|
Upstream-Status: Pending
|
|
Signed-off-by: Joe Slater <joe.slater@windriver.com>
|
|
|
|
|
|
diff --git a/regexec.c b/regexec.c
|
|
index 35fef11..d4e577d 100644
|
|
--- a/regexec.c
|
|
+++ b/regexec.c
|
|
@@ -1473,14 +1473,9 @@ match_at(regex_t* reg, const UChar* str, const UChar* end,
|
|
NEXT;
|
|
|
|
CASE(OP_EXACT1) MOP_IN(OP_EXACT1);
|
|
-#if 0
|
|
DATA_ENSURE(1);
|
|
if (*p != *s) goto fail;
|
|
p++; s++;
|
|
-#endif
|
|
- if (*p != *s++) goto fail;
|
|
- DATA_ENSURE(0);
|
|
- p++;
|
|
MOP_OUT;
|
|
break;
|
|
|
|
--
|
|
1.7.9.5
|
|
|