mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity

opencv: fix for CVE-2023-2618

Browse Source 
A vulnerability, which was classified as problematic, has been found
in OpenCV wechat_qrcode Module up to 4.7.0. Affected by this issue is
the function DecodedBitStreamParser::decodeHanziSegment of the file
qrcode/decoder/decoded_bit_stream_parser.cpp. The manipulation leads
to memory leak. The attack may be launched remotely. The name of the
patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. It is recommended
to apply a patch to fix this issue. The identifier of this vulnerability
is VDB-228548.

Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
[Refactored to apply to kirkstone]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Narpat Mali
2023-05-24 14:23:46 +00:00
committed by Armin Kuster
parent 06a732d7bd
commit af43d829a3
2 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-support/opencv/opencv/CVE-2023-2618.patch
+32
View File
@@ -0,0 +1,32 @@
From 2b62ff6181163eea029ed1cab11363b4996e9cd6 Mon Sep 17 00:00:00 2001
From: Nano <nanoapezlk@gmail.com>
Date: Thu, 27 Apr 2023 17:38:35 +0800
Subject: [PATCH] fix(wechat_qrcode): fixed memory leaks
CVE: CVE-2023-2618
Upstream-Status: Backport [https://github.com/opencv/opencv_contrib/pull/3484/commits/2b62ff6181163eea029ed1cab11363b4996e9cd6]
Signed-off-by: Narpat Mali <narpat.mali@windriver.com>
---
.../src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp b/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp
index b3a0a69c..f02435d5 100644
--- a/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp
+++ b/modules/wechat_qrcode/src/zxing/qrcode/decoder/decoded_bit_stream_parser.cpp
@@ -127,7 +127,10 @@ void DecodedBitStreamParser::decodeHanziSegment(Ref<BitSource> bits_, string& re
while (count > 0) {
// Each 13 bits encodes a 2-byte character
int twoBytes = bits.readBits(13, err_handler);
- if (err_handler.ErrCode()) return;
+ if (err_handler.ErrCode()) {
+ delete[] buffer;
+ return;
+ }
int assembledTwoBytes = ((twoBytes / 0x060) << 8) | (twoBytes % 0x060);
if (assembledTwoBytes < 0x003BF) {
// In the 0xA1A1 to 0xAAFE range
--
2.40.0
meta-oe/recipes-support/opencv/opencv_4.5.5.bb
+1
View File
@@ -53,6 +53,7 @@ SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=master;protocol
file://0001-Make-ts-module-external.patch \
file://0001-core-vsx-update-vec_absd-workaround-condition.patch \
file://CVE-2023-2617.patch;patchdir=../contrib \
file://CVE-2023-2618.patch;patchdir=../contrib \
"
SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=../contrib"