1 files changed, 0 insertions, 56 deletions

diff --git a/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch b/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch
deleted file mode 100644
index 8e1a1a9943..0000000000
--- a/meta/recipes-bsp/u-boot/files/0004-CVE-2019-13106.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From 1307dabf5422372483f840dda3963f9dbd2e8e6f Mon Sep 17 00:00:00 2001
-From: Paul Emge <paulemge@forallsecure.com>
-Date: Mon, 8 Jul 2019 16:37:07 -0700
-Subject: [PATCH 4/9] CVE-2019-13106: ext4: fix out-of-bounds memset
-
-In ext4fs_read_file in ext4fs.c, a memset can overwrite the bounds of
-the destination memory region. This patch adds a check to disallow
-this.
-
-Signed-off-by: Paul Emge <paulemge@forallsecure.com>
-
-Upstream-Status: Backport[http://git.denx.de/?p=u-boot.git;a=commit;
-                 h=e205896c5383c938274262524adceb2775fb03ba]
-
-CVE: CVE-2019-13106
-
-Signed-off-by: Meng Li <Meng.Li@windriver.com>
----
- fs/ext4/ext4fs.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/fs/ext4/ext4fs.c b/fs/ext4/ext4fs.c
-index e2b740cac4..37b31d9f0f 100644
---- a/fs/ext4/ext4fs.c
-+++ b/fs/ext4/ext4fs.c
-@@ -61,6 +61,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
- 	lbaint_t delayed_skipfirst = 0;
- 	lbaint_t delayed_next = 0;
- 	char *delayed_buf = NULL;
-+	char *start_buf = buf;
- 	short status;
- 	struct ext_block_cache cache;
- 
-@@ -139,6 +140,7 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
- 			}
- 		} else {
- 			int n;
-+			int n_left;
- 			if (previous_block_number != -1) {
- 				/* spill */
- 				status = ext4fs_devread(delayed_start,
-@@ -153,8 +155,9 @@ int ext4fs_read_file(struct ext2fs_node *node, loff_t pos,
- 			}
- 			/* Zero no more than `len' bytes. */
- 			n = blocksize - skipfirst;
--			if (n > len)
--				n = len;
-+			n_left = len - ( buf - start_buf );
-+			if (n > n_left)
-+				n = n_left;
- 			memset(buf, 0, n);
- 		}
- 		buf += blocksize - skipfirst;
--- 
-2.17.1
-