diff options
Diffstat (limited to 'meta/recipes-support/curl/curl/CVE-2017-1000099.patch')
-rw-r--r-- | meta/recipes-support/curl/curl/CVE-2017-1000099.patch | 41 |
1 files changed, 0 insertions, 41 deletions
diff --git a/meta/recipes-support/curl/curl/CVE-2017-1000099.patch b/meta/recipes-support/curl/curl/CVE-2017-1000099.patch deleted file mode 100644 index 96ff1b064b..0000000000 --- a/meta/recipes-support/curl/curl/CVE-2017-1000099.patch +++ /dev/null @@ -1,41 +0,0 @@ -From c9332fa5e84f24da300b42b1a931ade929d3e27d Mon Sep 17 00:00:00 2001 -From: Even Rouault <even.rouault@spatialys.com> -Date: Tue, 1 Aug 2017 17:17:06 +0200 -Subject: [PATCH] file: output the correct buffer to the user - -Regression brought by 7c312f84ea930d8 (April 2017) - -CVE: CVE-2017-1000099 - -Bug: https://curl.haxx.se/docs/adv_20170809C.html - -Credit to OSS-Fuzz for the discovery - -Upstream-Status: Backport -https://github.com/curl/curl/commit/c9332fa5e84f24da300b42b1a931ade929d3e27d - -Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> ---- - lib/file.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/file.c b/lib/file.c -index bd426eac2..666cbe75b 100644 ---- a/lib/file.c -+++ b/lib/file.c -@@ -499,11 +499,11 @@ static CURLcode file_do(struct connectdata *conn, bool *done) - Curl_month[tm->tm_mon], - tm->tm_year + 1900, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); -- result = Curl_client_write(conn, CLIENTWRITE_BOTH, buf, 0); -+ result = Curl_client_write(conn, CLIENTWRITE_BOTH, header, 0); - if(!result) - /* set the file size to make it available post transfer */ - Curl_pgrsSetDownloadSize(data, expected_size); - return result; - } --- -2.13.3 - |