diff options
Diffstat (limited to 'meta/recipes-extended/libsolv/libsolv/0007-Fix-testsolv-segfaults.patch')
| -rw-r--r-- | meta/recipes-extended/libsolv/libsolv/0007-Fix-testsolv-segfaults.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-extended/libsolv/libsolv/0007-Fix-testsolv-segfaults.patch b/meta/recipes-extended/libsolv/libsolv/0007-Fix-testsolv-segfaults.patch new file mode 100644 index 0000000000..5c13ce5e9d --- /dev/null +++ b/meta/recipes-extended/libsolv/libsolv/0007-Fix-testsolv-segfaults.patch @@ -0,0 +1,47 @@ +From 43928ee565b9c4f69daa1875da66f92b2d5bf932 Mon Sep 17 00:00:00 2001 +From: Jaroslav Rohel <jrohel@redhat.com> +Date: Tue, 11 Dec 2018 10:27:15 +0100 +Subject: [PATCH] Fix: testsolv segfaults +Reply-To: muislam@microsoft.com + +ERROR: AddressSanitizer: SEGV on unknown address 0x0000000002f0 (pc 0x7f31501d3bd2 bp 0x7ffcfe4d4a50 sp 0x7ffcfe4d4a30 T0) +0 0x7f31501d3bd1 in pool_whatprovides /home/company/real_sanitize/libsolv-master/src/pool.h:331 +1 0x7f31501d895e in testcase_str2solvid /home/company/real_sanitize/libsolv-master/ext/testcase.c:793 +2 0x7f31501e8388 in testcase_read /home/company/real_sanitize/libsolv-master/ext/testcase.c:2807 +3 0x402aa5 in main /home/company/real_sanitize/libsolv-master/tools/testsolv.c:148 +4 0x7f314fa8da3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20a3f) +5 0x401bb8 in _start (/home/company/real_sanitize/libsolv-master/build/install/bin/testsolv+0x401bb8) + +ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f5af9e7815f bp 0x7ffc4c843a40 sp 0x7ffc4c8436c0 T0) +0 0x7f5af9e7815e in testcase_read /home/company/real_sanitize/libsolv-master/ext/testcase.c:2799 +1 0x402aa5 in main /home/company/real_sanitize/libsolv-master/tools/testsolv.c:148 +2 0x7f5af971da3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x20a3f) +3 0x401bb8 in _start (/home/company/real_sanitize/libsolv-master/build/install/bin/testsolv+0x401bb8) + +CVE: CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 + +Upstream-Status: Backport + +Signed-off-by: Muminul Islam <muislam@microsoft.com> + +Cherry picked from https://github.com/openSUSE/libsolv/pull/291/commits +--- + ext/testcase.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ext/testcase.c b/ext/testcase.c +index dd20de14..83467fe2 100644 +--- a/ext/testcase.c ++++ b/ext/testcase.c +@@ -2772,7 +2772,7 @@ testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **res + { + int i = strlen(pieces[1]); + s = strchr(pieces[1], '('); +- if (!s && pieces[1][i - 1] != ')') ++ if (!s || pieces[1][i - 1] != ')') + { + pool_error(pool, 0, "testcase_read: bad namespace '%s'", pieces[1]); + } +-- +2.23.0 + |