1 files changed, 31 insertions, 0 deletions

diff --git a/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-3.patch b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-3.patch
new file mode 100644
index 0000000000..4746265eeb
--- /dev/null
+++ b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-3.patch
@@ -0,0 +1,31 @@
+From a95f977f5d809915ec4b14836d2b5b7f5e74881e Mon Sep 17 00:00:00 2001
+From: Matthew Fernandez <matthew.fernandez@gmail.com>
+Date: Fri, 12 Jan 2024 17:06:17 +1100
+Subject: [PATCH] gvc: detect plugin installation failure and display an error
+
+Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/a95f977f5d809915ec4b14836d2b5b7f5e74881e]
+CVE: CVE-2023-46045
+
+Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
+---
+ lib/gvc/gvconfig.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c
+index 95e8c6c..77d0865 100644
+--- a/lib/gvc/gvconfig.c
++++ b/lib/gvc/gvconfig.c
+@@ -188,6 +188,10 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s)
+ 	do {
+ 	    const char *api = token(&nest, &s);
+ 	    const api_t gv_api = gvplugin_api(api);
++	    if (gv_api == (api_t)-1) {
++		agerr(AGERR, "config error: %s %s not found\n", package_path, api);
++		return 0;
++	    }
+ 	    do {
+ 		if (nest == 2) {
+ 		    type = token(&nest, &s);
+-- 
+2.40.0
+