diff options
Diffstat (limited to 'meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch')
-rw-r--r-- | meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch b/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch new file mode 100644 index 0000000000..9a27945a8b --- /dev/null +++ b/meta/recipes-extended/sysstat/sysstat/CVE-2023-33204.patch @@ -0,0 +1,46 @@ +Origin: https://github.com/opencontainers/runc/commit/6f8dc568e6ab072bb8205b732f04e685bf9237c0 +Reviewed-by: Sylvain Beucler <beuc@debian.org> +Last-Update: 2023-02-18 + +From 954ff2e2673cef48f0ed44668c466eab041db387 Mon Sep 17 00:00:00 2001 +From: Pavel Kopylov <pkopylov@cloudlinux.com> +Date: Wed, 17 May 2023 11:33:45 +0200 +Subject: [PATCH] Fix an overflow which is still possible for some values. + +CVE: CVE-2023-33204 +Upstream-Status: Backport [ upstream: https://github.com/sysstat/sysstat/commit/6f8dc568e6ab072bb8205b732f04e685bf9237c0 +debian: http://security.debian.org/debian-security/pool/updates/main/s/sysstat/sysstat_12.0.3-2+deb10u2.debian.tar.xz ] +Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> + +--- + common.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +Index: sysstat-12.0.3/common.c +=================================================================== +--- sysstat-12.0.3.orig/common.c ++++ sysstat-12.0.3/common.c +@@ -1449,15 +1449,16 @@ int parse_values(char *strargv, unsigned + */ + void check_overflow(size_t val1, size_t val2, size_t val3) + { +- if ((unsigned long long) val1 * +- (unsigned long long) val2 * +- (unsigned long long) val3 > UINT_MAX) { ++ if ((val1 != 0) && (val2 != 0) && (val3 != 0) && ++ (((unsigned long long) UINT_MAX / (unsigned long long) val1 < ++ (unsigned long long) val2) || ++ ((unsigned long long) UINT_MAX / ((unsigned long long) val1 * (unsigned long long) val2) < ++ (unsigned long long) val3))) { + #ifdef DEBUG +- fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n", +- __FUNCTION__, +- (unsigned long long) val1 * (unsigned long long) val2 * (unsigned long long) val3); ++ fprintf(stderr, "%s: Overflow detected (%u,%u,%u). Aborting...\n", ++ __FUNCTION__, val1, val2, val3); + #endif +- exit(4); ++ exit(4); + } + } + |