summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/libuv/libuv/CVE-2024-24806-3.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/libuv/libuv/CVE-2024-24806-3.patch')
-rw-r--r--meta/recipes-connectivity/libuv/libuv/CVE-2024-24806-3.patch31
1 files changed, 31 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/libuv/libuv/CVE-2024-24806-3.patch b/meta/recipes-connectivity/libuv/libuv/CVE-2024-24806-3.patch
new file mode 100644
index 0000000000..733660cf05
--- /dev/null
+++ b/meta/recipes-connectivity/libuv/libuv/CVE-2024-24806-3.patch
@@ -0,0 +1,31 @@
+From a7443ee6b3b3c6a12708148aa9bb001b7782905c Mon Sep 17 00:00:00 2001
+From: Santiago Gimeno <santiago.gimeno@gmail.com>
+Date: Wed, 7 Feb 2024 20:27:58 +0100
+Subject: [PATCH] test: empty strings are not valid IDNA
+
+Upstream-Status: Backport [https://github.com/libuv/libuv/commit/e0327e1d508b8207c9150b6e582f0adf26213c39]
+CVE: CVE-2024-24806
+
+Fixes: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6
+Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
+---
+ test/test-idna.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/test-idna.c b/test/test-idna.c
+index d59b521e..37da38de 100644
+--- a/test/test-idna.c
++++ b/test/test-idna.c
+@@ -150,8 +150,8 @@ TEST_IMPL(idna_toascii) {
+ /* Illegal inputs. */
+ F("\xC0\x80\xC1\x80", UV_EINVAL); /* Overlong UTF-8 sequence. */
+ F("\xC0\x80\xC1\x80.com", UV_EINVAL); /* Overlong UTF-8 sequence. */
++ F("", UV_EINVAL);
+ /* No conversion. */
+- T("", "");
+ T(".", ".");
+ T(".com", ".com");
+ T("example", "example");
+--
+2.43.0
+
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-04 10:33:48 +0000