diff options
| author |   Chee Yang Lee <chee.yang.lee@intel.com> | 2023-02-09 20:46:26 +0800 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-02-15 10:20:44 +0000 |
| commit | 4573a584397f197fbc9170abec3c590ea36667f7 (patch) | |
| tree | 08c719d32fd254c5341f600be52563268ac187fb /meta/recipes-extended | |
| parent | c21586a46061af7e00fd30f4eb2b7ca2c74d9fc7 (diff) | |
| download | openembedded-core-4573a584397f197fbc9170abec3c590ea36667f7.tar.gz | |
tar: Fix CVE-2022-48303
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended')
| -rw-r--r-- | meta/recipes-extended/tar/files/CVE-2022-48303.patch | 36 | ||||
| -rw-r--r-- | meta/recipes-extended/tar/tar_1.34.bb | 4 |
2 files changed, 39 insertions, 1 deletions
diff --git a/meta/recipes-extended/tar/files/CVE-2022-48303.patch b/meta/recipes-extended/tar/files/CVE-2022-48303.patch new file mode 100644 index 0000000000..a8e9f4ac7d --- /dev/null +++ b/meta/recipes-extended/tar/files/CVE-2022-48303.patch @@ -0,0 +1,36 @@ +From 1d530107a24d71e798727d7f0afa0833473d1074 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Matej=20Mu=C5=BEila?= <mmuzila@gmail.com> +Date: Wed, 11 Jan 2023 08:55:58 +0100 +Subject: [PATCH] Fix savannah bug #62387 + +* src/list.c (from_header): Check for the end of field after leading byte + (0x80 or 0xff) of base-256 encoded header value + +Upstream-Status: Backport +[https://savannah.gnu.org/patch/download.php?file_id=54212] +CVE: CVE-2022-48303 +Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> +--- + src/list.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/list.c b/src/list.c +index 9fafc425..bf41b581 100644 +--- a/src/list.c ++++ b/src/list.c +@@ -895,6 +895,12 @@ from_header (char const *where0, size_t digs, char const *type, + << (CHAR_BIT * sizeof (uintmax_t) + - LG_256 - (LG_256 - 2))); + value = (*where++ & ((1 << (LG_256 - 2)) - 1)) - signbit; ++ if (where == lim) ++ { ++ if (type && !silent) ++ ERROR ((0, 0, _("Archive base-256 value is invalid"))); ++ return -1; ++ } + for (;;) + { + value = (value << LG_256) + (unsigned char) *where++; +-- +2.38.1 + diff --git a/meta/recipes-extended/tar/tar_1.34.bb b/meta/recipes-extended/tar/tar_1.34.bb index 7307cd57a2..22c04ba70a 100644 --- a/meta/recipes-extended/tar/tar_1.34.bb +++ b/meta/recipes-extended/tar/tar_1.34.bb @@ -6,7 +6,9 @@ SECTION = "base" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" -SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2" +SRC_URI = "${GNU_MIRROR}/tar/tar-${PV}.tar.bz2 \ + file://CVE-2022-48303.patch \ + " SRC_URI[sha256sum] = "b44cc67f8a1f6b0250b7c860e952b37e8ed932a90bd9b1862a511079255646ff" |