diff options
author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-01-28 13:57:44 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-01-28 17:22:25 +0000 |
commit | bc79395e2fcb886f224a4ad837fd93c779d2c53d (patch) | |
tree | 2fdc65d98203dc934cfec4cb26018c390534b7f5 /meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch | |
parent | a8ab78824575bdfcdb9efe89378951d734c1cfa9 (diff) | |
download | openembedded-core-contrib-bc79395e2fcb886f224a4ad837fd93c779d2c53d.tar.gz |
systemd: Update recent CVE patches
* Added CVE tag, Upstream-Status tag and Sign-off-by tags.
* Removed the verification of the entry length in the header
* Squashed CVE-2018-16865 patches into one
* CVE-2018-16866 patch now taken from systemd-stable and includes
an additional heap buffer overflow fix.
Signed-off-by: Marcus Cooper <marcusc@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch')
-rw-r--r-- | meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch | 84 |
1 files changed, 0 insertions, 84 deletions
diff --git a/meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch b/meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch deleted file mode 100644 index fa2c01034b..0000000000 --- a/meta/recipes-core/systemd/systemd/0028-journal-do-not-remove-multiple-spaces-after-identifi.patch +++ /dev/null @@ -1,84 +0,0 @@ -From c3a7da1bbb6d2df8ab7ea1c7ce34ded37a21959f Mon Sep 17 00:00:00 2001 -From: Yu Watanabe <watanabe.yu+github@gmail.com> -Date: Fri, 10 Aug 2018 11:07:54 +0900 -Subject: [PATCH] journal: do not remove multiple spaces after identifier in - syslog message - -Single space is used as separator. -C.f. discussions in #156. - -Fixes #9839 introduced by a6aadf4ae0bae185dc4c414d492a4a781c80ffe5. - -Patch backported from systemd master at -8595102d3ddde6d25c282f965573a6de34ab4421. - -This matches the change done for systemd-journald, hence forming the second -part of the fix for CVE-2018-16866 ---- - src/journal/journald-syslog.c | 4 +++- - src/journal/test-journal-syslog.c | 24 ++++++++++++++---------- - 2 files changed, 17 insertions(+), 11 deletions(-) - -diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c -index 97711ac7a3..e0b55cc566 100644 ---- a/src/journal/journald-syslog.c -+++ b/src/journal/journald-syslog.c -@@ -219,7 +219,9 @@ size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) - if (t) - *identifier = t; - -- e += strspn(p + e, WHITESPACE); -+ /* Single space is used as separator */ -+ if (p[e] != '\0' && strchr(WHITESPACE, p[e])) -+ e++; - - *buf = p + e; - return e; -diff --git a/src/journal/test-journal-syslog.c b/src/journal/test-journal-syslog.c -index 05f759817e..7294cde032 100644 ---- a/src/journal/test-journal-syslog.c -+++ b/src/journal/test-journal-syslog.c -@@ -6,7 +6,7 @@ - #include "string-util.h" - - static void test_syslog_parse_identifier(const char *str, -- const char *ident, const char *pid, int ret) { -+ const char *ident, const char *pid, const char *rest, int ret) { - const char *buf = str; - _cleanup_free_ char *ident2 = NULL, *pid2 = NULL; - int ret2; -@@ -16,18 +16,22 @@ static void test_syslog_parse_identifier(const char *str, - assert_se(ret == ret2); - assert_se(ident == ident2 || streq_ptr(ident, ident2)); - assert_se(pid == pid2 || streq_ptr(pid, pid2)); -+ assert_se(streq(buf, rest)); - } - - int main(void) { -- test_syslog_parse_identifier("pidu[111]: xxx", "pidu", "111", 11); -- test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, 6); -- test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, 7); -- test_syslog_parse_identifier("pidu xxx", NULL, NULL, 0); -- test_syslog_parse_identifier(":", "", NULL, 1); -- test_syslog_parse_identifier(": ", "", NULL, 3); -- test_syslog_parse_identifier("pidu:", "pidu", NULL, 5); -- test_syslog_parse_identifier("pidu: ", "pidu", NULL, 6); -- test_syslog_parse_identifier("pidu : ", NULL, NULL, 0); -+ test_syslog_parse_identifier("pidu[111]: xxx", "pidu", "111", "xxx", 11); -+ test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, "xxx", 6); -+ test_syslog_parse_identifier("pidu: xxx", "pidu", NULL, " xxx", 6); -+ test_syslog_parse_identifier("pidu xxx", NULL, NULL, "pidu xxx", 0); -+ test_syslog_parse_identifier(" pidu xxx", NULL, NULL, " pidu xxx", 0); -+ test_syslog_parse_identifier("", NULL, NULL, "", 0); -+ test_syslog_parse_identifier(" ", NULL, NULL, " ", 0); -+ test_syslog_parse_identifier(":", "", NULL, "", 1); -+ test_syslog_parse_identifier(": ", "", NULL, " ", 2); -+ test_syslog_parse_identifier("pidu:", "pidu", NULL, "", 5); -+ test_syslog_parse_identifier("pidu: ", "pidu", NULL, "", 6); -+ test_syslog_parse_identifier("pidu : ", NULL, NULL, "pidu : ", 0); - - return 0; - } --- -2.11.0 - |