mirror of
https://git.yoctoproject.org/poky
synced 2026-05-31 12:49:46 +00:00
sysstat: Fix CVE-2023-33204
References: https://nvd.nist.gov/vuln/detail/CVE-2023-33204 https://ubuntu.com/security/CVE-2023-33204 Upstream Patch: https://github.com/sysstat/sysstat/commit/954ff2e2673c (From OE-Core rev: 7a6871590b908e4b749484d913da5e280c20d05f) Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Xiangyu Chen
committed by
Richard Purdie
Richard Purdie
parent
5f022cd62c
commit
9eb992471f
@@ -0,0 +1,46 @@
|
|||||||
|
From 0764cb56df4a5afdf04980c9eb6735f789f5aa42 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Pavel Kopylov <pkopylov@cloudlinux.com>
|
||||||
|
Date: Wed, 17 May 2023 11:33:45 +0200
|
||||||
|
Subject: [PATCH] Fix an overflow which is still possible for some values.
|
||||||
|
|
||||||
|
CVE: CVE-2023-33204
|
||||||
|
Upstream-Status: Backport [https://github.com/sysstat/sysstat/commit/954ff2e2673c]
|
||||||
|
|
||||||
|
Backport Changes:
|
||||||
|
Adopt additional changes as per following merge commit of pull request:
|
||||||
|
https://github.com/sysstat/sysstat/commit/6f8dc568e6ab
|
||||||
|
|
||||||
|
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
|
||||||
|
Signed-off-by: Sanjay Chitroda <schitrod@cisco.com>
|
||||||
|
---
|
||||||
|
common.c | 14 ++++++++------
|
||||||
|
1 file changed, 8 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/common.c b/common.c
|
||||||
|
index a3d31a5..138920c 100644
|
||||||
|
--- a/common.c
|
||||||
|
+++ b/common.c
|
||||||
|
@@ -447,15 +447,17 @@ int check_dir(char *dirname)
|
||||||
|
void check_overflow(unsigned int val1, unsigned int val2,
|
||||||
|
unsigned int val3)
|
||||||
|
{
|
||||||
|
- if ((unsigned long long) val1 * (unsigned long long) val2 *
|
||||||
|
- (unsigned long long) val3 > UINT_MAX) {
|
||||||
|
+ if ((val1 != 0) && (val2 != 0) && (val3 != 0) &&
|
||||||
|
+ (((unsigned long long)UINT_MAX / (unsigned long long)val1 <
|
||||||
|
+ (unsigned long long)val2) ||
|
||||||
|
+ ((unsigned long long)UINT_MAX / ((unsigned long long)val1 *
|
||||||
|
+ (unsigned long long)val2) < (unsigned long long)val3))) {
|
||||||
|
#ifdef DEBUG
|
||||||
|
- fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
|
||||||
|
- __FUNCTION__, (unsigned long long) val1 * (unsigned long long) val2 *
|
||||||
|
- (unsigned long long) val3);
|
||||||
|
+ fprintf(stderr, "%s: Overflow detected (%u,%u,%u). Aborting...\n",
|
||||||
|
+ __FUNCTION__, val1, val2, val3);
|
||||||
|
#endif
|
||||||
|
exit(4);
|
||||||
|
- }
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifndef SOURCE_SADC
|
||||||
@@ -2,6 +2,8 @@ require sysstat.inc
|
|||||||
|
|
||||||
LIC_FILES_CHKSUM = "file://COPYING;md5=a23a74b3f4caf9616230789d94217acb"
|
LIC_FILES_CHKSUM = "file://COPYING;md5=a23a74b3f4caf9616230789d94217acb"
|
||||||
|
|
||||||
SRC_URI += "file://0001-configure.in-remove-check-for-chkconfig.patch"
|
SRC_URI += "file://0001-configure.in-remove-check-for-chkconfig.patch \
|
||||||
|
file://CVE-2023-33204.patch \
|
||||||
|
"
|
||||||
|
|
||||||
SRC_URI[sha256sum] = "3e77134aedaa6fc57d9745da67edfd8990e19adee71ac47196229261c563fb48"
|
SRC_URI[sha256sum] = "3e77134aedaa6fc57d9745da67edfd8990e19adee71ac47196229261c563fb48"
|
||||||
|
|||||||
Reference in New Issue
Block a user