* [Buildroot] [PATCH] package/sdl: add upstream security fix for CVE-2022-34568
@ 2022-11-21 7:24 Peter Korsgaard
2022-11-21 20:45 ` Yann E. MORIN
2022-11-24 9:14 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Peter Korsgaard @ 2022-11-21 7:24 UTC (permalink / raw)
To: buildroot
SDL v1.2 was discovered to contain a use-after-free via the XFree function
at /src/video/x11/SDL_x11yuv.c.
https://github.com/advisories/GHSA-wr7h-5wm3-p3h4
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
...x11yuv.c-fix-possible-use-after-free.patch | 28 +++++++++++++++++++
package/sdl/sdl.mk | 3 ++
2 files changed, 31 insertions(+)
create mode 100644 package/sdl/0003-SDL_x11yuv.c-fix-possible-use-after-free.patch
diff --git a/package/sdl/0003-SDL_x11yuv.c-fix-possible-use-after-free.patch b/package/sdl/0003-SDL_x11yuv.c-fix-possible-use-after-free.patch
new file mode 100644
index 0000000000..d7858d0f96
--- /dev/null
+++ b/package/sdl/0003-SDL_x11yuv.c-fix-possible-use-after-free.patch
@@ -0,0 +1,28 @@
+From d7e00208738a0bc6af302723fe64908ac35b777b Mon Sep 17 00:00:00 2001
+From: Ozkan Sezer <sezeroz@gmail.com>
+Date: Sat, 18 Jun 2022 14:55:00 +0300
+Subject: [PATCH] SDL_x11yuv.c: fix possible use-after-free
+
+Fixes: https://github.com/libsdl-org/SDL-1.2/issues/863
+Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
+---
+ src/video/x11/SDL_x11yuv.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/video/x11/SDL_x11yuv.c b/src/video/x11/SDL_x11yuv.c
+index 62698dfd..0d5754e3 100644
+--- a/src/video/x11/SDL_x11yuv.c
++++ b/src/video/x11/SDL_x11yuv.c
+@@ -374,8 +374,8 @@ SDL_Overlay *X11_CreateYUVOverlay(_THIS, int width, int height, Uint32 format, S
+ #ifdef PITCH_WORKAROUND
+ if ( hwdata->image != NULL && hwdata->image->pitches[0] != (width*bpp) ) {
+ /* Ajust overlay width according to pitch */
+- XFree(hwdata->image);
+ width = hwdata->image->pitches[0] / bpp;
++ XFree(hwdata->image);
+ hwdata->image = SDL_NAME(XvCreateImage)(GFX_Display, xv_port, format,
+ 0, width, height);
+ }
+--
+2.30.2
+
diff --git a/package/sdl/sdl.mk b/package/sdl/sdl.mk
index 7389cd3edb..462600debb 100644
--- a/package/sdl/sdl.mk
+++ b/package/sdl/sdl.mk
@@ -13,6 +13,9 @@ SDL_CPE_ID_VENDOR = libsdl
SDL_CPE_ID_PRODUCT = simple_directmedia_layer
SDL_INSTALL_STAGING = YES
+# 0003-SDL_x11yuv.c-fix-possible-use-after-free.patch
+SDL_IGNORE_CVES += CVE-2022-34568
+
# we're patching configure.in, but package cannot autoreconf with our version of
# autotools, so we have to do it manually instead of setting SDL_AUTORECONF = YES
define SDL_RUN_AUTOGEN
--
2.30.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH] package/sdl: add upstream security fix for CVE-2022-34568
2022-11-21 7:24 [Buildroot] [PATCH] package/sdl: add upstream security fix for CVE-2022-34568 Peter Korsgaard
@ 2022-11-21 20:45 ` Yann E. MORIN
2022-11-24 9:14 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Yann E. MORIN @ 2022-11-21 20:45 UTC (permalink / raw)
To: Peter Korsgaard; +Cc: buildroot
Peter, All,
On 2022-11-21 08:24 +0100, Peter Korsgaard spake thusly:
> SDL v1.2 was discovered to contain a use-after-free via the XFree function
> at /src/video/x11/SDL_x11yuv.c.
>
> https://github.com/advisories/GHSA-wr7h-5wm3-p3h4
>
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Applied to master, thanks.
Regards,
Yann E. MORIN.
> ---
> ...x11yuv.c-fix-possible-use-after-free.patch | 28 +++++++++++++++++++
> package/sdl/sdl.mk | 3 ++
> 2 files changed, 31 insertions(+)
> create mode 100644 package/sdl/0003-SDL_x11yuv.c-fix-possible-use-after-free.patch
>
> diff --git a/package/sdl/0003-SDL_x11yuv.c-fix-possible-use-after-free.patch b/package/sdl/0003-SDL_x11yuv.c-fix-possible-use-after-free.patch
> new file mode 100644
> index 0000000000..d7858d0f96
> --- /dev/null
> +++ b/package/sdl/0003-SDL_x11yuv.c-fix-possible-use-after-free.patch
> @@ -0,0 +1,28 @@
> +From d7e00208738a0bc6af302723fe64908ac35b777b Mon Sep 17 00:00:00 2001
> +From: Ozkan Sezer <sezeroz@gmail.com>
> +Date: Sat, 18 Jun 2022 14:55:00 +0300
> +Subject: [PATCH] SDL_x11yuv.c: fix possible use-after-free
> +
> +Fixes: https://github.com/libsdl-org/SDL-1.2/issues/863
> +Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> +---
> + src/video/x11/SDL_x11yuv.c | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/src/video/x11/SDL_x11yuv.c b/src/video/x11/SDL_x11yuv.c
> +index 62698dfd..0d5754e3 100644
> +--- a/src/video/x11/SDL_x11yuv.c
> ++++ b/src/video/x11/SDL_x11yuv.c
> +@@ -374,8 +374,8 @@ SDL_Overlay *X11_CreateYUVOverlay(_THIS, int width, int height, Uint32 format, S
> + #ifdef PITCH_WORKAROUND
> + if ( hwdata->image != NULL && hwdata->image->pitches[0] != (width*bpp) ) {
> + /* Ajust overlay width according to pitch */
> +- XFree(hwdata->image);
> + width = hwdata->image->pitches[0] / bpp;
> ++ XFree(hwdata->image);
> + hwdata->image = SDL_NAME(XvCreateImage)(GFX_Display, xv_port, format,
> + 0, width, height);
> + }
> +--
> +2.30.2
> +
> diff --git a/package/sdl/sdl.mk b/package/sdl/sdl.mk
> index 7389cd3edb..462600debb 100644
> --- a/package/sdl/sdl.mk
> +++ b/package/sdl/sdl.mk
> @@ -13,6 +13,9 @@ SDL_CPE_ID_VENDOR = libsdl
> SDL_CPE_ID_PRODUCT = simple_directmedia_layer
> SDL_INSTALL_STAGING = YES
>
> +# 0003-SDL_x11yuv.c-fix-possible-use-after-free.patch
> +SDL_IGNORE_CVES += CVE-2022-34568
> +
> # we're patching configure.in, but package cannot autoreconf with our version of
> # autotools, so we have to do it manually instead of setting SDL_AUTORECONF = YES
> define SDL_RUN_AUTOGEN
> --
> 2.30.2
>
> _______________________________________________
> buildroot mailing list
> buildroot@buildroot.org
> https://lists.buildroot.org/mailman/listinfo/buildroot
--
.-----------------.--------------------.------------------.--------------------.
| Yann E. MORIN | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software Designer | \ / CAMPAIGN | ___ |
| +33 561 099 427 `------------.-------: X AGAINST | \e/ There is no |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL | v conspiracy. |
'------------------------------^-------^------------------^--------------------'
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH] package/sdl: add upstream security fix for CVE-2022-34568
2022-11-21 7:24 [Buildroot] [PATCH] package/sdl: add upstream security fix for CVE-2022-34568 Peter Korsgaard
2022-11-21 20:45 ` Yann E. MORIN
@ 2022-11-24 9:14 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2022-11-24 9:14 UTC (permalink / raw)
To: buildroot
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes:
> SDL v1.2 was discovered to contain a use-after-free via the XFree function
> at /src/video/x11/SDL_x11yuv.c.
> https://github.com/advisories/GHSA-wr7h-5wm3-p3h4
> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Committed to 2022.08.x and 2022.02.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-11-24 9:14 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-21 7:24 [Buildroot] [PATCH] package/sdl: add upstream security fix for CVE-2022-34568 Peter Korsgaard
2022-11-21 20:45 ` Yann E. MORIN
2022-11-24 9:14 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.