* [poky][zeus][PATCH] libpcre: Add fix for CVE-2020-14155
@ 2020-07-29 12:55 saloni
2020-07-29 13:02 ` ✗ patchtest: failure for " Patchwork
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: saloni @ 2020-07-29 12:55 UTC (permalink / raw)
To: openembedded-core, raj.khem; +Cc: nisha.parrakat, anuj.chougule, Rahul Taya
From: Rahul Taya <Rahul.Taya@kpit.com>
Added below patch in libpcre
CVE-2020-14155.patch
This patch fixes below error:
PCRE could allow a remote attacker to execute arbitrary
code on the system, caused by an integer overflow in
libpcre via a large number after (?C substring.
By sending a request with a large number, an attacker
can execute arbitrary code on the system or
cause the application to crash.
Upstream-Status: Pending
Tested-by: Rahul Taya <Rahul.Taya@kpit.com>
Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
---
.../libpcre/libpcre/CVE-2020-14155.patch | 40 ++++++++++++++++++++++
meta/recipes-support/libpcre/libpcre_8.44.bb | 3 +-
2 files changed, 42 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
diff --git a/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
new file mode 100644
index 0000000..d6cb9bf
--- /dev/null
+++ b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
@@ -0,0 +1,40 @@
+--- pcre-8.43/pcre_compile.c 2020-07-05 22:26:25.310501521 +0530
++++ pcre-8.43/pcre_compile1.c 2020-07-05 22:30:22.254489562 +0530
+
+CVE: CVE-2020-14155
+Upstream-Status: Backport [https://vcs.pcre.org/pcre/code/trunk/pcre_compile.c?view=patch&r1=1761&r2=1760&pathrev=1761]
+
+@@ -6,7 +6,7 @@
+ and semantics are as close as possible to those of the Perl 5 language.
+
+ Written by Philip Hazel
+- Copyright (c) 1997-2018 University of Cambridge
++ Copyright (c) 1997-2020 University of Cambridge
+
+ -----------------------------------------------------------------------------
+ Redistribution and use in source and binary forms, with or without
+@@ -7130,17 +7130,19 @@
+ int n = 0;
+ ptr++;
+ while(IS_DIGIT(*ptr))
++ {
+ n = n * 10 + *ptr++ - CHAR_0;
++ if (n > 255)
++ {
++ *errorcodeptr = ERR38;
++ goto FAILED;
++ }
++ }
+ if (*ptr != CHAR_RIGHT_PARENTHESIS)
+ {
+ *errorcodeptr = ERR39;
+ goto FAILED;
+ }
+- if (n > 255)
+- {
+- *errorcodeptr = ERR38;
+- goto FAILED;
+- }
+ *code++ = n;
+ PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
+ PUT(code, LINK_SIZE, 0); /* Default length */
diff --git a/meta/recipes-support/libpcre/libpcre_8.44.bb b/meta/recipes-support/libpcre/libpcre_8.44.bb
index e5471e8..81b38bb 100644
--- a/meta/recipes-support/libpcre/libpcre_8.44.bb
+++ b/meta/recipes-support/libpcre/libpcre_8.44.bb
@@ -11,7 +11,8 @@ SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \
file://fix-pcre-name-collision.patch \
file://run-ptest \
file://Makefile \
- "
+ file://CVE-2020-14155.patch \
+"
SRC_URI[md5sum] = "cf7326204cc46c755b5b2608033d9d24"
SRC_URI[sha256sum] = "19108658b23b3ec5058edc9f66ac545ea19f9537234be1ec62b714c84399366d"
--
2.7.4
This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.
^ permalink raw reply related [flat|nested] 4+ messages in thread
* ✗ patchtest: failure for libpcre: Add fix for CVE-2020-14155
2020-07-29 12:55 [poky][zeus][PATCH] libpcre: Add fix for CVE-2020-14155 saloni
@ 2020-07-29 13:02 ` Patchwork
2020-07-29 17:56 ` [poky][zeus][PATCH] " Khem Raj
2020-07-30 0:10 ` [OE-core] " Anuj Mittal
2 siblings, 0 replies; 4+ messages in thread
From: Patchwork @ 2020-07-29 13:02 UTC (permalink / raw)
To: Saloni Jain; +Cc: openembedded-core
== Series Details ==
Series: libpcre: Add fix for CVE-2020-14155
Revision: 1
URL : https://patchwork.openembedded.org/series/25384/
State : failure
== Summary ==
Thank you for submitting this patch series to OpenEmbedded Core. This is
an automated response. Several tests have been executed on the proposed
series by patchtest resulting in the following failures:
* Issue Series does not apply on top of target branch [test_series_merge_on_head]
Suggested fix Rebase your series on top of targeted branch
Targeted branch zeus (currently at f5b90eeed7)
* Issue A patch file has been added, but does not have a Signed-off-by tag [test_signed_off_by_presence]
Suggested fix Sign off the added patch file (meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch)
If you believe any of these test results are incorrect, please reply to the
mailing list (openembedded-core@lists.openembedded.org) raising your concerns.
Otherwise we would appreciate you correcting the issues and submitting a new
version of the patchset if applicable. Please ensure you add/increment the
version number when sending the new version (i.e. [PATCH] -> [PATCH v2] ->
[PATCH v3] -> ...).
---
Guidelines: https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines
Test framework: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest
Test suite: http://git.yoctoproject.org/cgit/cgit.cgi/patchtest-oe
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [poky][zeus][PATCH] libpcre: Add fix for CVE-2020-14155
2020-07-29 12:55 [poky][zeus][PATCH] libpcre: Add fix for CVE-2020-14155 saloni
2020-07-29 13:02 ` ✗ patchtest: failure for " Patchwork
@ 2020-07-29 17:56 ` Khem Raj
2020-07-30 0:10 ` [OE-core] " Anuj Mittal
2 siblings, 0 replies; 4+ messages in thread
From: Khem Raj @ 2020-07-29 17:56 UTC (permalink / raw)
To: Saloni Jain
Cc: Patches and discussions about the oe-core layer, Nisha Parrakat,
Anuj Chougule, Rahul Taya
On Wed, Jul 29, 2020 at 5:56 AM Saloni Jain <Saloni.Jain@kpit.com> wrote:
>
> From: Rahul Taya <Rahul.Taya@kpit.com>
>
> Added below patch in libpcre
> CVE-2020-14155.patch
>
> This patch fixes below error:
> PCRE could allow a remote attacker to execute arbitrary
> code on the system, caused by an integer overflow in
> libpcre via a large number after (?C substring.
> By sending a request with a large number, an attacker
> can execute arbitrary code on the system or
> cause the application to crash.
>
> Upstream-Status: Pending
you don't need this here. its needed in package patch header which you
already have
secondly do we need this on master and dunfell ?
>
> Tested-by: Rahul Taya <Rahul.Taya@kpit.com>
> Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
> ---
> .../libpcre/libpcre/CVE-2020-14155.patch | 40 ++++++++++++++++++++++
> meta/recipes-support/libpcre/libpcre_8.44.bb | 3 +-
> 2 files changed, 42 insertions(+), 1 deletion(-)
> create mode 100644 meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
>
> diff --git a/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
> new file mode 100644
> index 0000000..d6cb9bf
> --- /dev/null
> +++ b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
> @@ -0,0 +1,40 @@
> +--- pcre-8.43/pcre_compile.c 2020-07-05 22:26:25.310501521 +0530
> ++++ pcre-8.43/pcre_compile1.c 2020-07-05 22:30:22.254489562 +0530
> +
> +CVE: CVE-2020-14155
> +Upstream-Status: Backport [https://vcs.pcre.org/pcre/code/trunk/pcre_compile.c?view=patch&r1=1761&r2=1760&pathrev=1761]
> +
> +@@ -6,7 +6,7 @@
> + and semantics are as close as possible to those of the Perl 5 language.
> +
> + Written by Philip Hazel
> +- Copyright (c) 1997-2018 University of Cambridge
> ++ Copyright (c) 1997-2020 University of Cambridge
> +
> + -----------------------------------------------------------------------------
> + Redistribution and use in source and binary forms, with or without
> +@@ -7130,17 +7130,19 @@
> + int n = 0;
> + ptr++;
> + while(IS_DIGIT(*ptr))
> ++ {
> + n = n * 10 + *ptr++ - CHAR_0;
> ++ if (n > 255)
> ++ {
> ++ *errorcodeptr = ERR38;
> ++ goto FAILED;
> ++ }
> ++ }
> + if (*ptr != CHAR_RIGHT_PARENTHESIS)
> + {
> + *errorcodeptr = ERR39;
> + goto FAILED;
> + }
> +- if (n > 255)
> +- {
> +- *errorcodeptr = ERR38;
> +- goto FAILED;
> +- }
> + *code++ = n;
> + PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
> + PUT(code, LINK_SIZE, 0); /* Default length */
> diff --git a/meta/recipes-support/libpcre/libpcre_8.44.bb b/meta/recipes-support/libpcre/libpcre_8.44.bb
> index e5471e8..81b38bb 100644
> --- a/meta/recipes-support/libpcre/libpcre_8.44.bb
> +++ b/meta/recipes-support/libpcre/libpcre_8.44.bb
> @@ -11,7 +11,8 @@ SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \
> file://fix-pcre-name-collision.patch \
> file://run-ptest \
> file://Makefile \
> - "
> + file://CVE-2020-14155.patch \
> +"
>
> SRC_URI[md5sum] = "cf7326204cc46c755b5b2608033d9d24"
> SRC_URI[sha256sum] = "19108658b23b3ec5058edc9f66ac545ea19f9537234be1ec62b714c84399366d"
> --
> 2.7.4
>
> This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [OE-core] [poky][zeus][PATCH] libpcre: Add fix for CVE-2020-14155
2020-07-29 12:55 [poky][zeus][PATCH] libpcre: Add fix for CVE-2020-14155 saloni
2020-07-29 13:02 ` ✗ patchtest: failure for " Patchwork
2020-07-29 17:56 ` [poky][zeus][PATCH] " Khem Raj
@ 2020-07-30 0:10 ` Anuj Mittal
2 siblings, 0 replies; 4+ messages in thread
From: Anuj Mittal @ 2020-07-30 0:10 UTC (permalink / raw)
To: openembedded-core, saloni.jain, raj.khem
Cc: Rahul.Taya, anuj.chougule, nisha.parrakat
On Wed, 2020-07-29 at 18:25 +0530, saloni wrote:
> From: Rahul Taya <Rahul.Taya@kpit.com>
>
> Added below patch in libpcre
> CVE-2020-14155.patch
>
> This patch fixes below error:
> PCRE could allow a remote attacker to execute arbitrary
> code on the system, caused by an integer overflow in
> libpcre via a large number after (?C substring.
> By sending a request with a large number, an attacker
> can execute arbitrary code on the system or
> cause the application to crash.
>
> Upstream-Status: Pending
>
> Tested-by: Rahul Taya <Rahul.Taya@kpit.com>
> Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com>
> ---
> .../libpcre/libpcre/CVE-2020-14155.patch | 40
> ++++++++++++++++++++++
> meta/recipes-support/libpcre/libpcre_8.44.bb | 3 +-
zeus has libpcre version 8.43. Also it looks like this specific fix is
already is 8.44.
So please test and send again for proper version & branch.
Thanks,
Anuj
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-07-30 0:10 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-29 12:55 [poky][zeus][PATCH] libpcre: Add fix for CVE-2020-14155 saloni
2020-07-29 13:02 ` ✗ patchtest: failure for " Patchwork
2020-07-29 17:56 ` [poky][zeus][PATCH] " Khem Raj
2020-07-30 0:10 ` [OE-core] " Anuj Mittal
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.