diff options
Diffstat (limited to 'meta-oe/recipes-support/opencv/opencv/CVE-2019-14493.patch')
-rw-r--r-- | meta-oe/recipes-support/opencv/opencv/CVE-2019-14493.patch | 237 |
1 files changed, 237 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/opencv/opencv/CVE-2019-14493.patch b/meta-oe/recipes-support/opencv/opencv/CVE-2019-14493.patch new file mode 100644 index 0000000000..2b5e06f23f --- /dev/null +++ b/meta-oe/recipes-support/opencv/opencv/CVE-2019-14493.patch @@ -0,0 +1,237 @@ +From 5691d998ead1d9b0542bcfced36c2dceb3a59023 Mon Sep 17 00:00:00 2001 +From: Alexander Alekhin <alexander.alekhin@intel.com> +Date: Thu, 25 Jul 2019 15:14:22 +0300 +Subject: [PATCH] core(persistence): added null ptr checks + +CVE: CVE-2019-14493 +Upstream-Status: Backport [https://github.com/opencv/opencv/commit/5691d998ead1d9b0542bcfced36c2dceb3a59023.patch] +Comment: No changes in any hunk + +Signed-off-by: Neetika Singh <Neetika.Singh@kpit.com> +--- + modules/core/src/persistence_json.cpp | 12 ++++++++++++ + modules/core/src/persistence_xml.cpp | 21 +++++++++++++++++++++ + modules/core/src/persistence_yml.cpp | 21 +++++++++++++++++++++ + 3 files changed, 54 insertions(+) + +diff --git a/modules/core/src/persistence_json.cpp b/modules/core/src/persistence_json.cpp +index ae678e1b8b1..89914e6534f 100644 +--- a/modules/core/src/persistence_json.cpp ++++ b/modules/core/src/persistence_json.cpp +@@ -296,6 +296,8 @@ class JSONParser : public FileStorageParser + + while ( is_eof == false && is_completed == false ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + switch ( *ptr ) + { + /* comment */ +@@ -381,6 +383,7 @@ class JSONParser : public FileStorageParser + if ( is_eof || !is_completed ) + { + ptr = fs->bufferStart(); ++ CV_Assert(ptr); + *ptr = '\0'; + fs->setEof(); + if( !is_completed ) +@@ -392,6 +395,9 @@ class JSONParser : public FileStorageParser + + char* parseKey( char* ptr, FileNode& collection, FileNode& value_placeholder ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + if( *ptr != '"' ) + CV_PARSE_ERROR_CPP( "Key must start with \'\"\'" ); + +@@ -430,6 +436,9 @@ class JSONParser : public FileStorageParser + + char* parseValue( char* ptr, FileNode& node ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid value input"); ++ + ptr = skipSpaces( ptr ); + if( !ptr || !*ptr ) + CV_PARSE_ERROR_CPP( "Unexpected End-Of-File" ); +@@ -817,6 +826,9 @@ class JSONParser : public FileStorageParser + + bool parse( char* ptr ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + ptr = skipSpaces( ptr ); + if ( !ptr || !*ptr ) + return false; +diff --git a/modules/core/src/persistence_xml.cpp b/modules/core/src/persistence_xml.cpp +index fb30d90896e..89876dd3da8 100644 +--- a/modules/core/src/persistence_xml.cpp ++++ b/modules/core/src/persistence_xml.cpp +@@ -360,6 +360,9 @@ class XMLParser : public FileStorageParser + + char* skipSpaces( char* ptr, int mode ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + int level = 0; + + for(;;) +@@ -441,6 +444,9 @@ class XMLParser : public FileStorageParser + + char* parseValue( char* ptr, FileNode& node ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + FileNode new_elem; + bool have_space = true; + int value_type = node.type(); +@@ -456,6 +462,8 @@ class XMLParser : public FileStorageParser + (c == '<' && ptr[1] == '!' && ptr[2] == '-') ) + { + ptr = skipSpaces( ptr, 0 ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + have_space = true; + c = *ptr; + } +@@ -502,6 +510,8 @@ class XMLParser : public FileStorageParser + { + ptr = fs->parseBase64( ptr, 0, new_elem); + ptr = skipSpaces( ptr, 0 ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + } + + ptr = parseTag( ptr, key2, type_name, tag_type ); +@@ -645,6 +655,9 @@ class XMLParser : public FileStorageParser + char* parseTag( char* ptr, std::string& tag_name, + std::string& type_name, int& tag_type ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid tag input"); ++ + if( *ptr == '\0' ) + CV_PARSE_ERROR_CPP( "Unexpected end of the stream" ); + +@@ -702,6 +715,8 @@ class XMLParser : public FileStorageParser + if( *ptr != '=' ) + { + ptr = skipSpaces( ptr, CV_XML_INSIDE_TAG ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid attribute"); + if( *ptr != '=' ) + CV_PARSE_ERROR_CPP( "Attribute name should be followed by \'=\'" ); + } +@@ -740,6 +755,8 @@ class XMLParser : public FileStorageParser + if( c != '>' ) + { + ptr = skipSpaces( ptr, CV_XML_INSIDE_TAG ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + c = *ptr; + } + +@@ -781,6 +798,8 @@ class XMLParser : public FileStorageParser + + // CV_XML_INSIDE_TAG is used to prohibit leading comments + ptr = skipSpaces( ptr, CV_XML_INSIDE_TAG ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + + if( memcmp( ptr, "<?xml", 5 ) != 0 ) // FIXIT ptr[1..] - out of bounds read without check + CV_PARSE_ERROR_CPP( "Valid XML should start with \'<?xml ...?>\'" ); +@@ -791,6 +810,8 @@ class XMLParser : public FileStorageParser + while( ptr && *ptr != '\0' ) + { + ptr = skipSpaces( ptr, 0 ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + + if( *ptr != '\0' ) + { +diff --git a/modules/core/src/persistence_yml.cpp b/modules/core/src/persistence_yml.cpp +index 4129ca1dc57..7742e827701 100644 +--- a/modules/core/src/persistence_yml.cpp ++++ b/modules/core/src/persistence_yml.cpp +@@ -330,6 +330,9 @@ class YAMLParser : public FileStorageParser + + char* skipSpaces( char* ptr, int min_indent, int max_comment_indent ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + for(;;) + { + while( *ptr == ' ' ) +@@ -374,6 +377,9 @@ class YAMLParser : public FileStorageParser + + bool getBase64Row(char* ptr, int indent, char* &beg, char* &end) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + beg = end = ptr = skipSpaces(ptr, 0, INT_MAX); + if (!ptr || !*ptr) + return false; // end of file +@@ -394,6 +400,9 @@ class YAMLParser : public FileStorageParser + + char* parseKey( char* ptr, FileNode& map_node, FileNode& value_placeholder ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + char c; + char *endptr = ptr - 1, *saveptr; + +@@ -422,6 +431,9 @@ class YAMLParser : public FileStorageParser + + char* parseValue( char* ptr, FileNode& node, int min_indent, bool is_parent_flow ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + char* endptr = 0; + char c = ptr[0], d = ptr[1]; + int value_type = FileNode::NONE; +@@ -508,6 +520,8 @@ class YAMLParser : public FileStorageParser + + *endptr = d; + ptr = skipSpaces( endptr, min_indent, INT_MAX ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + + c = *ptr; + +@@ -634,6 +648,8 @@ class YAMLParser : public FileStorageParser + FileNode elem; + + ptr = skipSpaces( ptr, new_min_indent, INT_MAX ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + if( *ptr == '}' || *ptr == ']' ) + { + if( *ptr != d ) +@@ -647,6 +663,8 @@ class YAMLParser : public FileStorageParser + if( *ptr != ',' ) + CV_PARSE_ERROR_CPP( "Missing , between the elements" ); + ptr = skipSpaces( ptr + 1, new_min_indent, INT_MAX ); ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); + } + + if( struct_type == FileNode::MAP ) +@@ -746,6 +764,9 @@ class YAMLParser : public FileStorageParser + + bool parse( char* ptr ) + { ++ if (!ptr) ++ CV_PARSE_ERROR_CPP("Invalid input"); ++ + bool first = true; + bool ok = true; + FileNode root_collection(fs->getFS(), 0, 0); + |