From: "akuster" <akuster808@gmail.com>
To: openembedded-devel@lists.openembedded.org
Subject: [gatesgarth 01/31] mcpp: Normalize the patch format of CVE
Date: Sun, 17 Jan 2021 09:36:06 -0800 [thread overview]
Message-ID: <81874b239287126805aa176907bd52e9a7801655.1610904793.git.akuster808@gmail.com> (raw)
In-Reply-To: <cover.1610904792.git.akuster808@gmail.com>
From: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Because CVE-2019-14274.patch is included in ice-mcpp.patch, the cve-check-tool fails to correctly judge the CVE of the OSS. CVE-2019-14274.patch is separated from ice-mcpp.patch to fix the problem.
Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 9301b77e3266160ffb7e9bfd69d445f0392076c8)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
.../mcpp/files/CVE-2019-14274.patch | 34 +++++++++++++++++++
.../mcpp/files/ice-mcpp.patch | 31 -----------------
meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb | 3 +-
3 files changed, 36 insertions(+), 32 deletions(-)
create mode 100644 meta-oe/recipes-devtools/mcpp/files/CVE-2019-14274.patch
diff --git a/meta-oe/recipes-devtools/mcpp/files/CVE-2019-14274.patch b/meta-oe/recipes-devtools/mcpp/files/CVE-2019-14274.patch
new file mode 100644
index 0000000000..a0c6584ecb
--- /dev/null
+++ b/meta-oe/recipes-devtools/mcpp/files/CVE-2019-14274.patch
@@ -0,0 +1,34 @@
+From ea453aca2742be6ac43ba4ce0da6f938a7e5a5d8 Mon Sep 17 00:00:00 2001
+From: He Liu <liulonnie@gmail.com>
+Date: Tue, 4 Feb 2014 11:00:40 -0800
+Subject: [PATCH] line comment bug
+
+---
+ src/support.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/support.c b/src/support.c
+index c57eaef..e3357e4 100644
+--- a/src/support.c
++++ b/src/support.c
+@@ -188,7 +188,7 @@ static char * append_to_buffer(
+ size_t length
+ )
+ {
+- if (mem_buf_p->bytes_avail < length) { /* Need to allocate more memory */
++ if (mem_buf_p->bytes_avail < length + 1) { /* Need to allocate more memory */
+ size_t size = MAX( BUF_INCR_SIZE, length);
+
+ if (mem_buf_p->buffer == NULL) { /* 1st append */
+@@ -1722,6 +1722,8 @@ com_start:
+ sp -= 2;
+ while (*sp != '\n') /* Until end of line */
+ mcpp_fputc( *sp++, OUT);
++ mcpp_fputc('\n', OUT);
++ wrong_line = TRUE;
+ }
+ goto end_line;
+ default: /* Not a comment */
+--
+2.25.1
+
diff --git a/meta-oe/recipes-devtools/mcpp/files/ice-mcpp.patch b/meta-oe/recipes-devtools/mcpp/files/ice-mcpp.patch
index 8103cf0920..1df3ae55bc 100644
--- a/meta-oe/recipes-devtools/mcpp/files/ice-mcpp.patch
+++ b/meta-oe/recipes-devtools/mcpp/files/ice-mcpp.patch
@@ -114,37 +114,6 @@ diff -r -c -N ../mcpp-2.7.2-old/src/main.c ./src/main.c
}
int mcpp_lib_main
-diff -r -c -N ../mcpp-2.7.2-old/src/support.c ./src/support.c
-*** ../mcpp-2.7.2-old/src/support.c Tue Jun 10 06:02:33 2008
---- ./src/support.c Fri May 14 12:40:56 2010
-***************
-*** 188,194 ****
- size_t length
- )
- {
-! if (mem_buf_p->bytes_avail < length) { /* Need to allocate more memory */
- size_t size = MAX( BUF_INCR_SIZE, length);
-
- if (mem_buf_p->buffer == NULL) { /* 1st append */
---- 188,194 ----
- size_t length
- )
- {
-! if (mem_buf_p->bytes_avail < length + 1) { /* Need to allocate more memory */
- size_t size = MAX( BUF_INCR_SIZE, length);
-
- if (mem_buf_p->buffer == NULL) { /* 1st append */
-***************
-*** 1722,1727 ****
---- 1722,1729 ----
- sp -= 2;
- while (*sp != '\n') /* Until end of line */
- mcpp_fputc( *sp++, OUT);
-+ mcpp_fputc( '\n', OUT);
-+ wrong_line = TRUE;
- }
- goto end_line;
- default: /* Not a comment */
diff -r -c -N ../mcpp-2.7.2-old/src/system.c ./src/system.c
*** ../mcpp-2.7.2-old/src/system.c 2008-11-26 10:53:51.000000000 +0100
--- ./src/system.c 2011-02-21 16:18:05.678058106 +0100
diff --git a/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb b/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb
index b5ca495663..f8125f72d9 100644
--- a/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb
+++ b/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb
@@ -4,7 +4,8 @@ LICENSE = "BSD-2-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=5ca370b75ec890321888a00cea9bc1d5"
SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \
- file://ice-mcpp.patch "
+ file://ice-mcpp.patch \
+ file://CVE-2019-14274.patch"
SRC_URI[md5sum] = "512de48c87ab023a69250edc7a0c7b05"
SRC_URI[sha256sum] = "3b9b4421888519876c4fc68ade324a3bbd81ceeb7092ecdbbc2055099fcb8864"
--
2.17.1
next prev parent reply other threads:[~2021-01-17 17:36 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-17 17:36 [gatesgarth 00/31] Patch Review akuster
2021-01-17 17:36 ` akuster [this message]
2021-01-17 17:36 ` [gatesgarth 02/31] zabbix: CVE-2020-15803 Security Advisory akuster
2021-01-17 17:36 ` [gatesgarth 03/31] samba: CVE-2020-14318 " akuster
2021-01-17 17:36 ` [gatesgarth 04/31] samba: CVE-2020-14383 " akuster
2021-01-17 17:36 ` [gatesgarth 05/31] php: CVE-2020-7070 akuster
2021-01-17 17:36 ` [gatesgarth 06/31] php: CVE-2020-7069 akuster
2021-01-17 17:36 ` [gatesgarth 07/31] nodejs: 12.19.0 -> 12.19.1 akuster
2021-01-17 17:36 ` [gatesgarth 08/31] multipath-tools: fix error handling for udev_monitor_set_receive_buffer_size akuster
2021-01-17 17:36 ` [gatesgarth 09/31] ebtables: do not install /etc/ethertypes akuster
2021-01-17 17:36 ` [gatesgarth 10/31] lockfile-progs: use DEBIAN_MIRROR in SRC_URI akuster
2021-01-17 17:36 ` [gatesgarth 11/31] python3-aiohttp: added missing RDEPENDs akuster
2021-01-17 17:36 ` [gatesgarth 12/31] liboop: use upstream SRC_URI akuster
2021-01-17 17:36 ` [gatesgarth 13/31] fbset: use DEBIAN_MIRROR in SRC_URI akuster
2021-01-17 17:36 ` [gatesgarth 14/31] openct: use upstream SRC_URI akuster
2021-01-17 17:36 ` [gatesgarth 15/31] colord: fix installed-vs-shipped error akuster
2021-01-17 17:36 ` [gatesgarth 16/31] pidgin-sipe: Do not add native libdir to pkgconfig search path akuster
2021-01-17 17:36 ` [gatesgarth 17/31] sdbus-c++-libsystemd: Fix reallocarray check in meson akuster
2021-01-17 17:36 ` [gatesgarth 18/31] networkmanager: Fix reallocarray check in meson and configure akuster
2021-01-17 17:36 ` [gatesgarth 19/31] spdlog: Fix recipe so other recipes can use spdlog with external fmt akuster
2021-01-17 17:36 ` [gatesgarth 20/31] nanopb: move to dynamic-layers akuster
2021-01-17 17:36 ` [gatesgarth 21/31] postgresql: Use /dev/urandom when openssl is not used akuster
2021-01-17 17:36 ` [gatesgarth 22/31] tclap: align version to tag v1.2.2 akuster
2021-01-17 17:36 ` [gatesgarth 23/31] tclap: fix branch akuster
2021-01-17 17:36 ` [gatesgarth 24/31] lmbench: Fix setting LDLIBS failure akuster
2021-01-17 17:36 ` [gatesgarth 25/31] wireshark: Several securtiy fixes akuster
2021-01-17 17:36 ` [gatesgarth 26/31] nodejs: 12.19.1 -> 12.20.1 akuster
2021-01-17 17:36 ` [gatesgarth 27/31] libsdl2-mixer: Fix ogg/vorbis support in libsdl2-mixer akuster
2021-01-17 17:36 ` [gatesgarth 28/31] libsdl2-mixer: set --disable-music-ogg-shared to link statically akuster
2021-01-17 17:36 ` [gatesgarth 29/31] gssdp: Upgrade to 1.2.2 -> 1.2.3 akuster
2021-01-17 17:36 ` [gatesgarth 30/31] gupnp: Upgrade to 1.2.2 -> 1.2.4 akuster
2021-01-17 17:36 ` [gatesgarth 31/31] fuse: set CVE_PRODUCT to "fuse_project:fuse" akuster
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=81874b239287126805aa176907bd52e9a7801655.1610904793.git.akuster808@gmail.com \
--to=akuster808@gmail.com \
--cc=openembedded-devel@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.