wok-current rev 25700

Patch glibc CVE-2024-2961 again (wrong encode char on patch)
author Stanislas Leduc <shann@slitaz.org>
date Thu Apr 18 21:24:55 2024 +0000 (8 months ago)
parents 12b90a723e05
children 9ec15db3af75
files glibc/stuff/glibc-2.28-CVE-2024-2961.patch
line diff
     1.1 --- a/glibc/stuff/glibc-2.28-CVE-2024-2961.patch	Thu Apr 18 21:07:29 2024 +0000
     1.2 +++ b/glibc/stuff/glibc-2.28-CVE-2024-2961.patch	Thu Apr 18 21:24:55 2024 +0000
     1.3 @@ -1,3 +1,31 @@
     1.4 +From 682ad4c8623e611a971839990ceef00346289cc9 Mon Sep 17 00:00:00 2001
     1.5 +From: Charles Fol <folcharles@gmail.com>
     1.6 +Date: Thu, 28 Mar 2024 12:25:38 -0300
     1.7 +Subject: [PATCH] iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing
     1.8 + escape sequence (CVE-2024-2961)
     1.9 +
    1.10 +ISO-2022-CN-EXT uses escape sequences to indicate character set changes
    1.11 +(as specified by RFC 1922).  While the SOdesignation has the expected
    1.12 +bounds checks, neither SS2designation nor SS3designation have its;
    1.13 +allowing a write overflow of 1, 2, or 3 bytes with fixed values:
    1.14 +'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.
    1.15 +
    1.16 +Checked on aarch64-linux-gnu.
    1.17 +
    1.18 +Co-authored-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
    1.19 +Reviewed-by: Carlos O'Donell <carlos@redhat.com>
    1.20 +Tested-by: Carlos O'Donell <carlos@redhat.com>
    1.21 +
    1.22 +(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)
    1.23 +---
    1.24 + iconvdata/Makefile                    |   5 +-
    1.25 + iconvdata/iso-2022-cn-ext.c           |  12 +++
    1.26 + iconvdata/tst-iconv-iso-2022-cn-ext.c | 128 ++++++++++++++++++++++++++
    1.27 + 3 files changed, 144 insertions(+), 1 deletion(-)
    1.28 + create mode 100644 iconvdata/tst-iconv-iso-2022-cn-ext.c
    1.29 +
    1.30 +diff --git a/iconvdata/Makefile b/iconvdata/Makefile
    1.31 +index b67b4feeb4..8fc126c210 100644
    1.32  --- a/iconvdata/Makefile
    1.33  +++ b/iconvdata/Makefile
    1.34  @@ -73,7 +73,7 @@
    1.35 @@ -156,7 +184,7 @@
    1.36  +
    1.37  +  /* Same as before for SS3designation.  */
    1.38  +  {
    1.39 -+    char inbuf[] = "å \xe5\x8a\x84";
    1.40 ++    char inbuf[] = "劄 \xe5\x8a\x84";
    1.41  +
    1.42  +    for (int i = 0; i < 14; i++)
    1.43  +      {
    1.44 @@ -182,5 +210,6 @@
    1.45  +}
    1.46  +
    1.47  +#include <support/test-driver.c>
    1.48 ---
    1.49 +-- 
    1.50  2.39.3
    1.51 +