diff options
author | Joe Slater <jslater@windriver.com> | 2017-08-18 10:43:44 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-08-19 09:19:12 +0100 |
commit | f15f01edbaa431829a50053d07ed6d6b333584c7 (patch) | |
tree | 53e4dfa79172205902709c19b79575bc234d94e1 /meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9227.patch | |
parent | e7986a5493ccd222b82c2388ea8c3bb7004b48dd (diff) | |
download | openembedded-core-contrib-f15f01edbaa431829a50053d07ed6d6b333584c7.tar.gz |
ruby: fix CVE-2017-922{6-9}
CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9227.patch')
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9227.patch | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9227.patch b/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9227.patch new file mode 100644 index 0000000000..85e7ccb369 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9227.patch @@ -0,0 +1,32 @@ +From 9690d3ab1f9bcd2db8cbe1fe3ee4a5da606b8814 Mon Sep 17 00:00:00 2001 +From: "K.Kosako" <kosako@sofnec.co.jp> +Date: Tue, 23 May 2017 16:15:35 +0900 +Subject: [PATCH] fix #58 : access to invalid address by reg->dmin value + +--- + regexec.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- end of original header + +CVE: CVE-2017-9227 + +Upstream-Status: Inappropriate [not author] +Signed-off-by: Joe Slater <joe.slater@windriver.com> + +diff --git a/regexec.c b/regexec.c +index d4e577d..2fa0f3d 100644 +--- a/regexec.c ++++ b/regexec.c +@@ -3154,6 +3154,8 @@ forward_search_range(regex_t* reg, const UChar* str, const UChar* end, UChar* s, + } + else { + UChar *q = p + reg->dmin; ++ ++ if (q >= end) return 0; /* fail */ + while (p < q) p += enclen(reg->enc, p, end); + } + } +-- +1.7.9.5 + |