summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch')
-rw-r--r--meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch37
1 files changed, 0 insertions, 37 deletions
diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch
deleted file mode 100644
index e85fec40aa..0000000000
--- a/meta/recipes-extended/libarchive/libarchive/CVE-2017-14166.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-libarchive-3.3.2: Fix CVE-2017-14166
-
-[No upstream tracking] -- https://github.com/libarchive/libarchive/pull/935
-
-archive_read_support_format_xar: heap-based buffer overflow in xml_data
-
-Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71]
-CVE: CVE-2017-14166
-Bug: 935
-Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
-
-diff --git a/libarchive/archive_read_support_format_xar.c b/libarchive/archive_read_support_format_xar.c
-index 7a22beb..93eeacc 100644
---- a/libarchive/archive_read_support_format_xar.c
-+++ b/libarchive/archive_read_support_format_xar.c
-@@ -1040,6 +1040,9 @@ atol10(const char *p, size_t char_cnt)
- uint64_t l;
- int digit;
-
-+ if (char_cnt == 0)
-+ return (0);
-+
- l = 0;
- digit = *p - '0';
- while (digit >= 0 && digit < 10 && char_cnt-- > 0) {
-@@ -1054,7 +1057,10 @@ atol8(const char *p, size_t char_cnt)
- {
- int64_t l;
- int digit;
--
-+
-+ if (char_cnt == 0)
-+ return (0);
-+
- l = 0;
- while (char_cnt-- > 0) {
- if (*p >= '0' && *p <= '7')
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-26 08:31:17 +0000