aboutsummaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch')
-rw-r--r--meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch28
1 files changed, 28 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch
new file mode 100644
index 0000000000..797f8ad3b1
--- /dev/null
+++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch
@@ -0,0 +1,28 @@
+Origin: https://github.com/OpenSC/OpenSC/commit/578aed8391ef117ca64a9e0cba8e5c264368a0ec
+From: Frank Morgner <frankmorgner@gmail.com>
+Date: Thu, 8 Dec 2022 00:27:18 +0100
+Subject: sc_pkcs15init_rmdir: prevent out of bounds write
+
+fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53927
+CVE: CVE-2023-40661
+Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50]
+Signed-off-by: Virendra Thakur <virendrak@kpit.com>
+Comment: Hunk refreshed based on codebase.
+---
+ src/pkcs15init/pkcs15-lib.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c
+index 91cee37310..3df03c6e1f 100644
+--- a/src/pkcs15init/pkcs15-lib.c
++++ b/src/pkcs15init/pkcs15-lib.c
+@@ -666,6 +666,8 @@
+
+ path = df->path;
+ path.len += 2;
++ if (path.len > SC_MAX_PATH_SIZE)
++ return SC_ERROR_INTERNAL;
+
+ nfids = r / 2;
+ while (r >= 0 && nfids--) {
+
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-01 03:36:48 +0000