mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 05:49:57 +00:00
Code Issues Projects Releases Wiki Activity

squid: patch CVE-2024-37894

Browse Source 
Reference: https://github.com/squid-cache/squid/security/advisories/GHSA-wgvf-q977-9xjg

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
This commit is contained in:
Peter Marko
2024-08-04 23:03:51 +02:00
committed by Armin Kuster
parent 8887a98d27
commit be2127dce5
2 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-networking/recipes-daemons/squid/files/CVE-2024-37894.patch
+36
View File
@@ -0,0 +1,36 @@
From 920563e7a080155fae3ced73d6198781e8b0ff04 Mon Sep 17 00:00:00 2001
From: Francesco Chemolli <5175948+kinkie@users.noreply.github.com>
Date: Sun, 2 Jun 2024 14:41:16 +0000
Subject: [PATCH] Bug 5378: type mismatch in libTrie (#1830)
TrieNode::add() incorrectly computed an offset of an internal data
structure, resulting in out-of-bounds memory accesses that could cause
corruption or crashes.
This bug was discovered and detailed by Joshua Rogers at
https://megamansec.github.io/Squid-Security-Audit/esi-underflow.html
where it was filed as "Buffer Underflow in ESI".
CVE: CVE-2024-37894
Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/920563e7a080155fae3ced73d6198781e8b0ff04]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
lib/libTrie/TrieNode.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/libTrie/TrieNode.cc b/lib/libTrie/TrieNode.cc
index 0f991a06d..d417e0f54 100644
--- a/lib/libTrie/TrieNode.cc
+++ b/lib/libTrie/TrieNode.cc
@@ -32,7 +32,7 @@ TrieNode::add(char const *aString, size_t theLength, void *privatedata, TrieChar
/* We trust that privatedata and existent keys have already been checked */
if (theLength) {
- int index = transform ? (*transform)(*aString): *aString;
+ const unsigned char index = transform ? (*transform)(*aString): *aString;
if (!internal[index])
internal[index] = new TrieNode;
--
2.30.2
meta-networking/recipes-daemons/squid/squid_6.9.bb
+1
View File
@@ -20,6 +20,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.xz \
file://volatiles.03_squid \
file://0002-squid-make-squid-conf-tests-run-on-target-device.patch \
file://squid.nm \
file://CVE-2024-37894.patch \
"
SRC_URI[sha256sum] = "1ad72d46e1cb556e9561214f0fb181adb87c7c47927ef69bc8acd68a03f61882"