aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/glibc/glibc/CVE-2017-15671.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-core/glibc/glibc/CVE-2017-15671.patch')
-rw-r--r--meta/recipes-core/glibc/glibc/CVE-2017-15671.patch66
1 files changed, 0 insertions, 66 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2017-15671.patch b/meta/recipes-core/glibc/glibc/CVE-2017-15671.patch
deleted file mode 100644
index 35692820d4..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2017-15671.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From f1cf98b583787cfb6278baea46e286a0ee7567fd Mon Sep 17 00:00:00 2001
-From: Paul Eggert <eggert@cs.ucla.edu>
-Date: Sun, 22 Oct 2017 10:00:57 +0200
-Subject: [PATCH] glob: Fix buffer overflow during GLOB_TILDE unescaping [BZ
- #22332]
-
-(cherry picked from commit a159b53fa059947cc2548e3b0d5bdcf7b9630ba8)
-
-Upstream-Status: Backport
-CVE: CVE-2017-15671
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- ChangeLog | 6 ++++++
- NEWS | 4 ++++
- posix/glob.c | 4 ++--
- 3 files changed, 12 insertions(+), 2 deletions(-)
-
-Index: git/NEWS
-===================================================================
---- git.orig/NEWS
-+++ git/NEWS
-@@ -211,6 +211,10 @@ Security related changes:
- on the stack or the heap, depending on the length of the user name).
- Reported by Tim Rühsen.
-
-+ The glob function, when invoked with GLOB_TILDE and without
-+ GLOB_NOESCAPE, could write past the end of a buffer while
-+ unescaping user names. Reported by Tim Rühsen.
-+
- The following bugs are resolved with this release:
-
- [984] network: Respond to changed resolv.conf in gethostbyname
-Index: git/posix/glob.c
-===================================================================
---- git.orig/posix/glob.c
-+++ git/posix/glob.c
-@@ -823,11 +823,11 @@ glob (const char *pattern, int flags, in
- char *p = mempcpy (newp, dirname + 1,
- unescape - dirname - 1);
- char *q = unescape;
-- while (*q != '\0')
-+ while (q != end_name)
- {
- if (*q == '\\')
- {
-- if (q[1] == '\0')
-+ if (q + 1 == end_name)
- {
- /* "~fo\\o\\" unescape to user_name "foo\\",
- but "~fo\\o\\/" unescape to user_name
-Index: git/ChangeLog
-===================================================================
---- git.orig/ChangeLog
-+++ git/ChangeLog
-@@ -1,5 +1,10 @@
-+
- 2017-10-20 Paul Eggert <eggert@cs.ucla.edu>
-
-+ [BZ #22332]
-+ * posix/glob.c (__glob): Fix buffer overflow during GLOB_TILDE
-+ unescaping.
-+
- [BZ #22320]
- CVE-2017-15670
- * posix/glob.c (__glob): Fix one-byte overflow.