aboutsummaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorLee Chee Yang <chee.yang.lee@intel.com>2020-03-11 14:47:36 +0800
committerAnuj Mittal <anuj.mittal@intel.com>2020-03-16 07:04:05 +0800
commit8ec7a51da26f07fd43b5e6787b15c8636009b183 (patch)
treeca96bcae4d5e9afc3ed105199fd55a7e6ef05dc1 /meta
parentdac4545cdf0ab848086da96eac123d0c640cd8b2 (diff)
downloadopenembedded-core-contrib-8ec7a51da26f07fd43b5e6787b15c8636009b183.tar.gz
libpcre2: fix CVE-2019-20454
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta')
-rw-r--r--meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch19
-rw-r--r--meta/recipes-support/libpcre/libpcre2_10.33.bb1
2 files changed, 20 insertions, 0 deletions
diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch
new file mode 100644
index 0000000000..51f95a7097
--- /dev/null
+++ b/meta/recipes-support/libpcre/libpcre2/CVE-2019-20454.patch
@@ -0,0 +1,19 @@
+Upstream-Status: Backport [https://vcs.pcre.org/pcre2/code/trunk/src/pcre2_jit_compile.c?r1=1092&r2=1091&pathrev=1092]
+CVE: CVE-2020-8002
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+
+--- pcre2-10.30/src/pcre2_jit_compile.c 2019/05/13 16:26:17 1091
++++ pcre2-10.30/src/pcre2_jit_compile.c 2019/05/13 16:38:18 1092
+@@ -8571,7 +8571,10 @@
+ PCRE2_SPTR bptr;
+ uint32_t c;
+
+-GETCHARINC(c, cc);
++/* Patch by PH */
++/* GETCHARINC(c, cc); */
++
++c = *cc++;
+ #if PCRE2_CODE_UNIT_WIDTH == 32
+ if (c >= 0x110000)
+ return NULL;
+
diff --git a/meta/recipes-support/libpcre/libpcre2_10.33.bb b/meta/recipes-support/libpcre/libpcre2_10.33.bb
index 50b26753b4..1020df99b8 100644
--- a/meta/recipes-support/libpcre/libpcre2_10.33.bb
+++ b/meta/recipes-support/libpcre/libpcre2_10.33.bb
@@ -12,6 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37"
SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2 \
file://pcre-cross.patch \
+ file://CVE-2019-20454.patch \
"
SRC_URI[md5sum] = "80b355f2dce909a2e2424f5c79eddb44"