diff options
author | Anuj Mittal <anuj.mittal@intel.com> | 2020-02-05 11:32:52 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2020-02-11 23:04:29 +0000 |
commit | ac6150563bd8e4cb2fa09a2777879afc993f1c20 (patch) | |
tree | 7b2e3e0f18bc0fdd26ec09d21e585b973043bce2 /meta | |
parent | 832588c287d47604d8f717adfed6cc2ecd8c755e (diff) | |
download | openembedded-core-contrib-ac6150563bd8e4cb2fa09a2777879afc993f1c20.tar.gz |
Revert "bzip2: Fix CVE-2019-12900"
This reverts commit 175e6cb75ce328d51a9d4ad18c7e09d9fb92c2e1.
This change is already in bzip2 1.0.7. The change fixing a regression
caused by this change is in 1.0.8 which is the current version in zeus.
This isn't resulting in failures because the patch file isn't included
in SRC_URI.
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch b/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch deleted file mode 100644 index 9859d9d1a2..0000000000 --- a/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Tue, 28 May 2019 19:35:18 +0200 -Subject: [PATCH] Make sure nSelectors is not out of range - -nSelectors is used in a loop from 0 to nSelectors to access selectorMtf -which is -UChar selectorMtf[BZ_MAX_SELECTORS]; -so if nSelectors is bigger than BZ_MAX_SELECTORS it'll do an invalid memory -access -Fixes out of bounds access discovered while fuzzying karchive - -Link: https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc.patch - -Upstream-Status: Backport -CVE: CVE-2019-12900.patch -Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com> ---- - decompress.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/decompress.c b/decompress.c -index ab6a624..f3db91d 100644 ---- a/decompress.c -+++ b/decompress.c -@@ -287,7 +287,7 @@ Int32 BZ2_decompress ( DState* s ) - GET_BITS(BZ_X_SELECTOR_1, nGroups, 3); - if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR); - GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15); -- if (nSelectors < 1) RETURN(BZ_DATA_ERROR); -+ if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR); - for (i = 0; i < nSelectors; i++) { - j = 0; - while (True) { --- -2.22.0 |