From abfcabb070ef133f9b76c08b044a9fccd474b7ca Mon Sep 17 00:00:00 2001
From: Anatol Belski <anbelski@linux.microsoft.com>
Date: Wed, 3 Feb 2021 08:42:57 +0000
Subject: glib-2.0: Rename patch file for CVE-2020-35457

The naming convention needs to be help so the CVE is recognized as
fixed by the tooling.

Signed-off-by: Anatol Belski <anbelski@linux.microsoft.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 ...-a-precondition-to-avoid-GOptionEntry-lis.patch | 41 ----------------------
 .../glib-2.0/glib-2.0/CVE-2020-35457.patch         | 41 ++++++++++++++++++++++
 meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb      |  2 +-
 3 files changed, 42 insertions(+), 42 deletions(-)
 delete mode 100644 meta/recipes-core/glib-2.0/glib-2.0/0001-goption-Add-a-precondition-to-avoid-GOptionEntry-lis.patch
 create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch

diff --git a/meta/recipes-core/glib-2.0/glib-2.0/0001-goption-Add-a-precondition-to-avoid-GOptionEntry-lis.patch b/meta/recipes-core/glib-2.0/glib-2.0/0001-goption-Add-a-precondition-to-avoid-GOptionEntry-lis.patch
deleted file mode 100644
index 17dcada613..0000000000
--- a/meta/recipes-core/glib-2.0/glib-2.0/0001-goption-Add-a-precondition-to-avoid-GOptionEntry-lis.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 63c5b62f0a984fac9a9700b12f54fe878e016a5d Mon Sep 17 00:00:00 2001
-From: Philip Withnall <withnall@endlessm.com>
-Date: Wed, 2 Sep 2020 12:38:09 +0100
-Subject: [PATCH] goption: Add a precondition to avoid GOptionEntry list
- overflow
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-If the calling code adds more option entries than `G_MAXSIZE` then
-there’ll be an integer overflow. This seems vanishingly unlikely (given
-that all callers use static option entry lists), but add a precondition
-anyway.
-
-Signed-off-by: Philip Withnall <withnall@endlessm.com>
-
-Fixes: #2197
----
- glib/goption.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-CVE: CVE-2020-35457
-Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d]
-Comment: adjusted offset by -5 to fix patch fuzz warning
-
-diff --git a/glib/goption.c b/glib/goption.c
-index 9f5b977c4..bb9093a33 100644
---- a/glib/goption.c
-+++ b/glib/goption.c
-@@ -2417,6 +2417,8 @@ g_option_group_add_entries (GOptionGroup       *group,
- 
-   for (n_entries = 0; entries[n_entries].long_name != NULL; n_entries++) ;
- 
-+  g_return_if_fail (n_entries <= G_MAXSIZE - group->n_entries);
-+
-   group->entries = g_renew (GOptionEntry, group->entries, group->n_entries + n_entries);
- 
-   /* group->entries could be NULL in the trivial case where we add no
--- 
-2.20.1
-
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch
new file mode 100644
index 0000000000..17dcada613
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2020-35457.patch
@@ -0,0 +1,41 @@
+From 63c5b62f0a984fac9a9700b12f54fe878e016a5d Mon Sep 17 00:00:00 2001
+From: Philip Withnall <withnall@endlessm.com>
+Date: Wed, 2 Sep 2020 12:38:09 +0100
+Subject: [PATCH] goption: Add a precondition to avoid GOptionEntry list
+ overflow
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If the calling code adds more option entries than `G_MAXSIZE` then
+there’ll be an integer overflow. This seems vanishingly unlikely (given
+that all callers use static option entry lists), but add a precondition
+anyway.
+
+Signed-off-by: Philip Withnall <withnall@endlessm.com>
+
+Fixes: #2197
+---
+ glib/goption.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+CVE: CVE-2020-35457
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/63c5b62f0a984fac9a9700b12f54fe878e016a5d]
+Comment: adjusted offset by -5 to fix patch fuzz warning
+
+diff --git a/glib/goption.c b/glib/goption.c
+index 9f5b977c4..bb9093a33 100644
+--- a/glib/goption.c
++++ b/glib/goption.c
+@@ -2417,6 +2417,8 @@ g_option_group_add_entries (GOptionGroup       *group,
+ 
+   for (n_entries = 0; entries[n_entries].long_name != NULL; n_entries++) ;
+ 
++  g_return_if_fail (n_entries <= G_MAXSIZE - group->n_entries);
++
+   group->entries = g_renew (GOptionEntry, group->entries, group->n_entries + n_entries);
+ 
+   /* group->entries could be NULL in the trivial case where we add no
+-- 
+2.20.1
+
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb
index 0ad14a0878..1a006b9f38 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.62.6.bb
@@ -17,7 +17,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
            file://0001-meson-Run-atomics-test-on-clang-as-well.patch \
            file://0001-gio-tests-resources.c-comment-out-a-build-host-only-.patch \
            file://tzdata-update.patch \
-           file://0001-goption-Add-a-precondition-to-avoid-GOptionEntry-lis.patch \
+           file://CVE-2020-35457.patch \
            "
 
 SRC_URI_append_class-native = " file://relocate-modules.patch"
-- 
cgit 1.2.3-korg