diff options
Diffstat (limited to 'meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch')
-rw-r--r-- | meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch b/meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch new file mode 100644 index 0000000000..d79a82d648 --- /dev/null +++ b/meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch @@ -0,0 +1,30 @@ +From 175850b03e1af251d705c1d04b2b9b3c1c06e48f Mon Sep 17 00:00:00 2001 +From: Akira TAGOH <akira@tagoh.org> +Date: Thu, 17 Feb 2022 19:06:10 +0900 +Subject: [PATCH] Fix SEGV issue in fribidi_remove_bidi_marks + +Escape from fribidi_remove_bidi_marks() immediately if str is null. + +This fixes https://github.com/fribidi/fribidi/issues/183 + +CVE: CVE-2022-25310 +Upstream-Status: Backport [https://github.com/fribidi/fribidi/commit/175850b03e1af251d705c1d04b2b9b3c1c06e48f] +Signed-off-by: Pawan Badganchi <Pawan.Badganchi@kpit.com> + +--- + lib/fribidi.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/fribidi.c b/lib/fribidi.c +index f5da0da..70bdab2 100644 +--- a/lib/fribidi.c ++++ b/lib/fribidi.c +@@ -74,7 +74,7 @@ fribidi_remove_bidi_marks ( + fribidi_boolean status = false; + + if UNLIKELY +- (len == 0) ++ (len == 0 || str == NULL) + { + status = true; + goto out; |