diff options
| author |   Yi Zhao <yi.zhao@eng.windriver.com> | 2023-08-29 19:06:35 +0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-08-30 09:56:10 +0100 |
| commit | d0bd1c823c10af9a0ef7e5ce05b770c1d8bb247c (patch) | |
| tree | 8f7f2c970f3c9dcc02226b63ce316a7a6c805b68 /meta/recipes-connectivity | |
| parent | 037fd7c8e772bae0949d6e096c34564eaa2a3858 (diff) | |
| download | openembedded-core-contrib-d0bd1c823c10af9a0ef7e5ce05b770c1d8bb247c.tar.gz | |
dhcpcd: fix buffer overflow
Backport a patch to fix buffer overflow for strlcpy:
$ dhcpcd enp0s3
dhcpcd-10.0.2 starting
*** buffer overflow detected ***: terminated
dhcpcd_fork_cb: truncated read 0 (expected 4)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity')
| -rw-r--r-- | meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb | 1 | ||||
| -rw-r--r-- | meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch | 33 |
2 files changed, 34 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb index 9dccc93713..0966edd1b8 100644 --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=ma file://dhcpcd.service \ file://dhcpcd@.service \ file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \ + file://0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch \ " SRCREV = "d2fbde99cf2d0072016af9dfe6a77032a5a9fc30" diff --git a/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch new file mode 100644 index 0000000000..d4fb1737a6 --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch @@ -0,0 +1,33 @@ +From 1bd8fc7d4b34f752a32709d277a897e5ad202d97 Mon Sep 17 00:00:00 2001 +From: Tobias Heider <tobhe@users.noreply.github.com> +Date: Tue, 15 Aug 2023 18:06:48 +0200 +Subject: [PATCH] privsep: fix strlcpy overflow in psp_ifname (#239) + +When running our Ubuntu tests with libc6 and strlcpy overflow checks +enabled we found that the wrong size is passed to strlcpy resulting +in a crash because of an overflow. + +Upstream-Status: Backport +[https://github.com/NetworkConfiguration/dhcpcd/commit/1bd8fc7d4b34f752a32709d277a897e5ad202d97] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + src/privsep.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/privsep.c b/src/privsep.c +index b11c0351..cfe54742 100644 +--- a/src/privsep.c ++++ b/src/privsep.c +@@ -1200,7 +1200,7 @@ ps_newprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid) + #endif + + if (!(ctx->options & DHCPCD_MANAGER)) +- strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_name)); ++ strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_ifname)); + TAILQ_INSERT_TAIL(&ctx->ps_processes, psp, next); + return psp; + } +-- +2.25.1 + |