mirror of
https://git.yoctoproject.org/poky
synced 2026-06-02 13:29:49 +00:00
glib-2.0: fix CVE-2020-35457
https://gitlab.gnome.org/GNOME/glib/-/issues/2197 upstream claim it is not security issue, but no harm to fix it since this is still a valid issue. (From OE-Core rev: 122f93d68ee0e9b418da0dcc99cb7cdcb7b3f643) Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Lee Chee Yang
committed by
Richard Purdie
Richard Purdie
parent
fe8298ec3b
commit
ce150eaae2
@@ -0,0 +1,41 @@
|
|||||||
|
From 63c5b62f0a984fac9a9700b12f54fe878e016a5d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Philip Withnall <withnall@endlessm.com>
|
||||||
|
Date: Wed, 2 Sep 2020 12:38:09 +0100
|
||||||
|
Subject: [PATCH] goption: Add a precondition to avoid GOptionEntry list
|
||||||
|
overflow
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
If the calling code adds more option entries than `G_MAXSIZE` then
|
||||||
|
there’ll be an integer overflow. This seems vanishingly unlikely (given
|
||||||
|
that all callers use static option entry lists), but add a precondition
|
||||||
|
anyway.
|
||||||
|
|
||||||
|
Signed-off-by: Philip Withnall <withnall@endlessm.com>
|
||||||
|
|
||||||
|
Fixes: #2197
|
||||||
|
|
||||||
|
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d]
|
||||||
|
CVE: CVE-2020-35457
|
||||||
|
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
|
||||||
|
---
|
||||||
|
glib/goption.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/glib/goption.c b/glib/goption.c
|
||||||
|
index 9f5b977c4..bb9093a33 100644
|
||||||
|
--- a/glib/goption.c
|
||||||
|
+++ b/glib/goption.c
|
||||||
|
@@ -2422,6 +2422,8 @@ g_option_group_add_entries (GOptionGroup *group,
|
||||||
|
|
||||||
|
for (n_entries = 0; entries[n_entries].long_name != NULL; n_entries++) ;
|
||||||
|
|
||||||
|
+ g_return_if_fail (n_entries <= G_MAXSIZE - group->n_entries);
|
||||||
|
+
|
||||||
|
group->entries = g_renew (GOptionEntry, group->entries, group->n_entries + n_entries);
|
||||||
|
|
||||||
|
/* group->entries could be NULL in the trivial case where we add no
|
||||||
|
--
|
||||||
|
2.25.1
|
||||||
|
|
||||||
@@ -17,6 +17,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
|
|||||||
file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
|
file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
|
||||||
file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
|
file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
|
||||||
file://tzdata-update.patch \
|
file://tzdata-update.patch \
|
||||||
|
file://CVE-2020-35457.patch \
|
||||||
"
|
"
|
||||||
|
|
||||||
SRC_URI_append_class-native = " file://relocate-modules.patch"
|
SRC_URI_append_class-native = " file://relocate-modules.patch"
|
||||||
|
|||||||
Reference in New Issue
Block a user