diff options
Diffstat (limited to 'meta/recipes-core/glibc/glibc/CVE-2017-15671.patch')
-rw-r--r-- | meta/recipes-core/glibc/glibc/CVE-2017-15671.patch | 66 |
1 files changed, 0 insertions, 66 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2017-15671.patch b/meta/recipes-core/glibc/glibc/CVE-2017-15671.patch deleted file mode 100644 index 35692820d4..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2017-15671.patch +++ /dev/null @@ -1,66 +0,0 @@ -From f1cf98b583787cfb6278baea46e286a0ee7567fd Mon Sep 17 00:00:00 2001 -From: Paul Eggert <eggert@cs.ucla.edu> -Date: Sun, 22 Oct 2017 10:00:57 +0200 -Subject: [PATCH] glob: Fix buffer overflow during GLOB_TILDE unescaping [BZ - #22332] - -(cherry picked from commit a159b53fa059947cc2548e3b0d5bdcf7b9630ba8) - -Upstream-Status: Backport -CVE: CVE-2017-15671 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - ChangeLog | 6 ++++++ - NEWS | 4 ++++ - posix/glob.c | 4 ++-- - 3 files changed, 12 insertions(+), 2 deletions(-) - -Index: git/NEWS -=================================================================== ---- git.orig/NEWS -+++ git/NEWS -@@ -211,6 +211,10 @@ Security related changes: - on the stack or the heap, depending on the length of the user name). - Reported by Tim Rühsen. - -+ The glob function, when invoked with GLOB_TILDE and without -+ GLOB_NOESCAPE, could write past the end of a buffer while -+ unescaping user names. Reported by Tim Rühsen. -+ - The following bugs are resolved with this release: - - [984] network: Respond to changed resolv.conf in gethostbyname -Index: git/posix/glob.c -=================================================================== ---- git.orig/posix/glob.c -+++ git/posix/glob.c -@@ -823,11 +823,11 @@ glob (const char *pattern, int flags, in - char *p = mempcpy (newp, dirname + 1, - unescape - dirname - 1); - char *q = unescape; -- while (*q != '\0') -+ while (q != end_name) - { - if (*q == '\\') - { -- if (q[1] == '\0') -+ if (q + 1 == end_name) - { - /* "~fo\\o\\" unescape to user_name "foo\\", - but "~fo\\o\\/" unescape to user_name -Index: git/ChangeLog -=================================================================== ---- git.orig/ChangeLog -+++ git/ChangeLog -@@ -1,5 +1,10 @@ -+ - 2017-10-20 Paul Eggert <eggert@cs.ucla.edu> - -+ [BZ #22332] -+ * posix/glob.c (__glob): Fix buffer overflow during GLOB_TILDE -+ unescaping. -+ - [BZ #22320] - CVE-2017-15670 - * posix/glob.c (__glob): Fix one-byte overflow. |