diff options
| author |   Anuj Mittal <anuj.mittal@intel.com> | 2019-07-26 12:47:26 +0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-07-29 10:25:01 +0100 |
| commit | db17c2467af57a802f29a423ce1e9f0508bff5fe (patch) | |
| tree | da3eb3cc261a6ce439e01ddf2a89d84be98af690 | |
| parent | ff6db726440e911358fc222ab21ee36a77004782 (diff) | |
| download | openembedded-core-db17c2467af57a802f29a423ce1e9f0508bff5fe.tar.gz | |
wget: fix CVE-2019-5953
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-extended/wget/wget/CVE-2019-5953.patch | 34 | ||||
| -rw-r--r-- | meta/recipes-extended/wget/wget_1.20.1.bb | 1 |
2 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-extended/wget/wget/CVE-2019-5953.patch b/meta/recipes-extended/wget/wget/CVE-2019-5953.patch new file mode 100644 index 0000000000..00efe20a2f --- /dev/null +++ b/meta/recipes-extended/wget/wget/CVE-2019-5953.patch @@ -0,0 +1,34 @@ +From 692d5c5215de0db482c252492a92fc424cc6a97c Mon Sep 17 00:00:00 2001 +From: Tim Ruehsen <tim.ruehsen@gmx.de> +Date: Fri, 5 Apr 2019 11:50:44 +0200 +Subject: Fix a buffer overflow vulnerability + +* src/iri.c(do_conversion): Reallocate the output buffer to a larger + size if it is already full +Upstream-Status: Backport +CVE: CVE-2019-5953 +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- +--- a/src/iri.c ++++ b/src/iri.c +@@ -188,11 +191,14 @@ do_conversion (const char *tocode, const char *fromcode, char const *in_org, siz + } + else if (errno == E2BIG) /* Output buffer full */ + { ++ logprintf (LOG_VERBOSE, ++ _("Reallocate output buffer len=%d outlen=%d inlen=%d\n"), len, outlen, inlen); + tooshort++; + done = len; +- len = outlen = done + inlen * 2; +- s = xrealloc (s, outlen + 1); +- *out = s + done; ++ len = done + inlen * 2; ++ s = xrealloc (s, len + 1); ++ *out = s + done - outlen; ++ outlen += inlen * 2; + } + else /* Weird, we got an unspecified error */ + { +-- +cgit v1.0-41-gc330 + diff --git a/meta/recipes-extended/wget/wget_1.20.1.bb b/meta/recipes-extended/wget/wget_1.20.1.bb index d176bd0acd..e852a0c0cf 100644 --- a/meta/recipes-extended/wget/wget_1.20.1.bb +++ b/meta/recipes-extended/wget/wget_1.20.1.bb @@ -1,5 +1,6 @@ SRC_URI = "${GNU_MIRROR}/wget/wget-${PV}.tar.gz \ file://0002-improve-reproducibility.patch \ + file://CVE-2019-5953.patch \ " SRC_URI[md5sum] = "f6ebe9c7b375fc9832fb1b2028271fb7" |