diff options
Diffstat (limited to 'meta/recipes-core/glibc/glibc/CVE-2019-9169.patch')
| -rw-r--r-- | meta/recipes-core/glibc/glibc/CVE-2019-9169.patch | 36 |
1 files changed, 0 insertions, 36 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2019-9169.patch b/meta/recipes-core/glibc/glibc/CVE-2019-9169.patch deleted file mode 100644 index bc40361c5d..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2019-9169.patch +++ /dev/null @@ -1,36 +0,0 @@ -CVE: CVE-2019-9169 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From 583dd860d5b833037175247230a328f0050dbfe9 Mon Sep 17 00:00:00 2001 -From: Paul Eggert <eggert@cs.ucla.edu> -Date: Mon, 21 Jan 2019 11:08:13 -0800 -Subject: [PATCH] regex: fix read overrun [BZ #24114] - -Problem found by AddressSanitizer, reported by Hongxu Chen in: -https://debbugs.gnu.org/34140 -* posix/regexec.c (proceed_next_node): -Do not read past end of input buffer. ---- - posix/regexec.c | 6 ++++-- - 2 files changed, 13 insertions(+), 3 deletions(-) - -diff --git a/posix/regexec.c b/posix/regexec.c -index 91d5a79..084b122 100644 ---- a/posix/regexec.c -+++ b/posix/regexec.c -@@ -1293,8 +1293,10 @@ proceed_next_node (const re_match_context_t *mctx, Idx nregs, regmatch_t *regs, - else if (naccepted) - { - char *buf = (char *) re_string_get_buffer (&mctx->input); -- if (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx, -- naccepted) != 0) -+ if (mctx->input.valid_len - *pidx < naccepted -+ || (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx, -+ naccepted) -+ != 0)) - return -1; - } - } --- -2.9.3 |