diff options
author | Joe Slater <jslater@windriver.com> | 2017-08-18 10:43:44 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-08-19 09:19:12 +0100 |
commit | f15f01edbaa431829a50053d07ed6d6b333584c7 (patch) | |
tree | 53e4dfa79172205902709c19b79575bc234d94e1 /meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9228.patch | |
parent | e7986a5493ccd222b82c2388ea8c3bb7004b48dd (diff) | |
download | openembedded-core-contrib-f15f01edbaa431829a50053d07ed6d6b333584c7.tar.gz |
ruby: fix CVE-2017-922{6-9}
CVE-2017-9226 : check too big code point value for single byte
CVE-2017-9227 : access to invalid address by reg->dmin value
CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class()
CVE-2017-9229 : access to invalid address by reg->dmax value
Signed-off-by: Joe Slater <jslater@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9228.patch')
-rw-r--r-- | meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9228.patch | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9228.patch b/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9228.patch new file mode 100644 index 0000000000..d8bfba486c --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/ruby-CVE-2017-9228.patch @@ -0,0 +1,34 @@ +From 3b63d12038c8d8fc278e81c942fa9bec7c704c8b Mon Sep 17 00:00:00 2001 +From: "K.Kosako" <kosako@sofnec.co.jp> +Date: Wed, 24 May 2017 13:43:25 +0900 +Subject: [PATCH] fix #60 : invalid state(CCS_VALUE) in parse_char_class() + +--- + regparse.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- end of original header + +CVE: CVE-2017-9228 + +Upstream-Status: Inappropriate [not author] +Signed-off-by: Joe Slater <joe.slater@windriver.com> + +diff --git a/regparse.c b/regparse.c +index 69875fa..1988747 100644 +--- a/regparse.c ++++ b/regparse.c +@@ -4081,7 +4081,9 @@ next_state_class(CClassNode* cc, OnigCodePoint* vs, enum CCVALTYPE* type, + } + } + +- *state = CCS_VALUE; ++ if (*state != CCS_START) ++ *state = CCS_VALUE; ++ + *type = CCV_CLASS; + return 0; + } +-- +1.7.9.5 + |