aboutsummaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch')
-rw-r--r--meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch38
1 files changed, 0 insertions, 38 deletions
diff --git a/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch b/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch
deleted file mode 100644
index 75065eb05..000000000
--- a/meta-oe/recipes-extended/dlt-daemon/dlt-daemon/275.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-Upstream-status: Backport
-CVE: CVE-2020-29394
-From 7f5cd5404a03fa330e192084f6bdafb2dc9bdcb7 Mon Sep 17 00:00:00 2001
-From: GwanYeong Kim <gy741.kim@gmail.com>
-Date: Sat, 28 Nov 2020 12:24:46 +0900
-Subject: [PATCH] dlt_common: Fix buffer overflow in dlt_filter_load
-
-A buffer overflow in the dlt_filter_load function in dlt_common.c in dlt-daemon allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.
-
-Fixed: #274
-
-Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
----
- src/shared/dlt_common.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/shared/dlt_common.c b/src/shared/dlt_common.c
-index 254f4ce4..d15b1cec 100644
---- a/src/shared/dlt_common.c
-+++ b/src/shared/dlt_common.c
-@@ -404,7 +404,7 @@ DltReturnValue dlt_filter_load(DltFilter *filter, const char *filename, int verb
- while (!feof(handle)) {
- str1[0] = 0;
-
-- if (fscanf(handle, "%s", str1) != 1)
-+ if (fscanf(handle, "%254s", str1) != 1)
- break;
-
- if (str1[0] == 0)
-@@ -419,7 +419,7 @@ DltReturnValue dlt_filter_load(DltFilter *filter, const char *filename, int verb
-
- str1[0] = 0;
-
-- if (fscanf(handle, "%s", str1) != 1)
-+ if (fscanf(handle, "%254s", str1) != 1)
- break;
-
- if (str1[0] == 0)