All of lore.kernel.org
 help / color / mirror / Atom feed
* [meta-oe][dunfell][PATCH] fix(libupnp): apply cve-2020-13848
@ 2021-04-14  8:27 Andrej Kozemcak
  2021-04-22 13:52 ` [oe] " Armin Kuster
  0 siblings, 1 reply; 2+ messages in thread
From: Andrej Kozemcak @ 2021-04-14  8:27 UTC (permalink / raw)
  To: openembedded-devel; +Cc: Andrej Kozemcak

Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
---
 .../libupnp/files/CVE-2020-13848.patch        | 56 +++++++++++++++++++
 .../libupnp/libupnp_git.bb                    |  3 +-
 2 files changed, 58 insertions(+), 1 deletion(-)
 create mode 100644 meta-multimedia/recipes-connectivity/libupnp/files/CVE-2020-13848.patch

diff --git a/meta-multimedia/recipes-connectivity/libupnp/files/CVE-2020-13848.patch b/meta-multimedia/recipes-connectivity/libupnp/files/CVE-2020-13848.patch
new file mode 100644
index 000000000..8a90942fa
--- /dev/null
+++ b/meta-multimedia/recipes-connectivity/libupnp/files/CVE-2020-13848.patch
@@ -0,0 +1,56 @@
+diff --git a/ChangeLog b/ChangeLog
+index 4a956fc..265d268 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -2,6 +2,12 @@
+ Version 1.8.4
+ *******************************************************************************
+
++2020-06-04 Patrik Lantz pjlantz(at)github
++
++	Fixes #177
++
++	NULL pointer dereference in FindServiceControlURLPath
++
+ 2017-11-17 Marcelo Jimenez <mroberto(at)users.sourceforge.net>
+
+	GitHub #57 - 1.8.3 broke ABI without changing SONAME
+diff --git a/upnp/src/genlib/service_table/service_table.c b/upnp/src/genlib/service_table/service_table.c
+index 98c2c0f..f3ee4e5 100644
+--- a/upnp/src/genlib/service_table/service_table.c
++++ b/upnp/src/genlib/service_table/service_table.c
+@@ -300,12 +300,11 @@ FindServiceEventURLPath( service_table * table,
+     uri_type parsed_url;
+     uri_type parsed_url_in;
+
+-    if( ( table )
+-        &&
+-        ( parse_uri( eventURLPath,
+-                     strlen( eventURLPath ),
+-                     &parsed_url_in ) == HTTP_SUCCESS ) ) {
+-
++    if (!table || !eventURLPath) {
++      return NULL;
++    }
++    if (parse_uri(eventURLPath, strlen(eventURLPath), &parsed_url_in) ==
++        HTTP_SUCCESS) {
+         finger = table->serviceList;
+         while( finger ) {
+             if( finger->eventURL )
+@@ -352,11 +351,11 @@ FindServiceControlURLPath( service_table * table,
+     uri_type parsed_url;
+     uri_type parsed_url_in;
+
+-    if( ( table )
+-        &&
+-        ( parse_uri
+-          ( controlURLPath, strlen( controlURLPath ),
+-            &parsed_url_in ) == HTTP_SUCCESS ) ) {
++    if (!table || !controlURLPath) {
++      return NULL;
++    }
++    if (parse_uri(controlURLPath, strlen(controlURLPath), &parsed_url_in) ==
++        HTTP_SUCCESS) {
+         finger = table->serviceList;
+         while( finger ) {
+             if( finger->controlURL )
diff --git a/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb b/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb
index 339c07cd9..828e351be 100644
--- a/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb
+++ b/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb
@@ -12,7 +12,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=394a0f17b97f33426275571e15920434"
 PV = "1.8.4+git${SRCPV}"
 # release-1.8.4
 SRCREV = "d5a01fc9895daae98a0c5a8c7d3afce46add529d"
-SRC_URI = "git://github.com/mrjimenez/pupnp.git;protocol=https"
+SRC_URI = "git://github.com/mrjimenez/pupnp.git;protocol=https \
+           file://CVE-2020-13848.patch"
 
 S="${WORKDIR}/git"
 
-- 
2.20.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [oe] [meta-oe][dunfell][PATCH] fix(libupnp): apply cve-2020-13848
  2021-04-14  8:27 [meta-oe][dunfell][PATCH] fix(libupnp): apply cve-2020-13848 Andrej Kozemcak
@ 2021-04-22 13:52 ` Armin Kuster
  0 siblings, 0 replies; 2+ messages in thread
From: Armin Kuster @ 2021-04-22 13:52 UTC (permalink / raw)
  To: Andrej Kozemcak, openembedded-devel



On 4/14/21 1:27 AM, Andrej Kozemcak wrote:
> Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
> ---
>  .../libupnp/files/CVE-2020-13848.patch        | 56 +++++++++++++++++++
>  .../libupnp/libupnp_git.bb                    |  3 +-
>  2 files changed, 58 insertions(+), 1 deletion(-)
>  create mode 100644 meta-multimedia/recipes-connectivity/libupnp/files/CVE-2020-13848.patch
>
> diff --git a/meta-multimedia/recipes-connectivity/libupnp/files/CVE-2020-13848.patch b/meta-multimedia/recipes-connectivity/libupnp/files/CVE-2020-13848.patch
> new file mode 100644
> index 000000000..8a90942fa
> --- /dev/null
> +++ b/meta-multimedia/recipes-connectivity/libupnp/files/CVE-2020-13848.patch

Patch missing all the needful as defined in the Patch Guidelines
https://www.openembedded.org/wiki/Commit_Patch_Message_Guidelines

- armin
> @@ -0,0 +1,56 @@
> +diff --git a/ChangeLog b/ChangeLog
> +index 4a956fc..265d268 100644
> +--- a/ChangeLog
> ++++ b/ChangeLog
> +@@ -2,6 +2,12 @@
> + Version 1.8.4
> + *******************************************************************************
> +
> ++2020-06-04 Patrik Lantz pjlantz(at)github
> ++
> ++	Fixes #177
> ++
> ++	NULL pointer dereference in FindServiceControlURLPath
> ++
> + 2017-11-17 Marcelo Jimenez <mroberto(at)users.sourceforge.net>
> +
> +	GitHub #57 - 1.8.3 broke ABI without changing SONAME
> +diff --git a/upnp/src/genlib/service_table/service_table.c b/upnp/src/genlib/service_table/service_table.c
> +index 98c2c0f..f3ee4e5 100644
> +--- a/upnp/src/genlib/service_table/service_table.c
> ++++ b/upnp/src/genlib/service_table/service_table.c
> +@@ -300,12 +300,11 @@ FindServiceEventURLPath( service_table * table,
> +     uri_type parsed_url;
> +     uri_type parsed_url_in;
> +
> +-    if( ( table )
> +-        &&
> +-        ( parse_uri( eventURLPath,
> +-                     strlen( eventURLPath ),
> +-                     &parsed_url_in ) == HTTP_SUCCESS ) ) {
> +-
> ++    if (!table || !eventURLPath) {
> ++      return NULL;
> ++    }
> ++    if (parse_uri(eventURLPath, strlen(eventURLPath), &parsed_url_in) ==
> ++        HTTP_SUCCESS) {
> +         finger = table->serviceList;
> +         while( finger ) {
> +             if( finger->eventURL )
> +@@ -352,11 +351,11 @@ FindServiceControlURLPath( service_table * table,
> +     uri_type parsed_url;
> +     uri_type parsed_url_in;
> +
> +-    if( ( table )
> +-        &&
> +-        ( parse_uri
> +-          ( controlURLPath, strlen( controlURLPath ),
> +-            &parsed_url_in ) == HTTP_SUCCESS ) ) {
> ++    if (!table || !controlURLPath) {
> ++      return NULL;
> ++    }
> ++    if (parse_uri(controlURLPath, strlen(controlURLPath), &parsed_url_in) ==
> ++        HTTP_SUCCESS) {
> +         finger = table->serviceList;
> +         while( finger ) {
> +             if( finger->controlURL )
> diff --git a/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb b/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb
> index 339c07cd9..828e351be 100644
> --- a/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb
> +++ b/meta-multimedia/recipes-connectivity/libupnp/libupnp_git.bb
> @@ -12,7 +12,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=394a0f17b97f33426275571e15920434"
>  PV = "1.8.4+git${SRCPV}"
>  # release-1.8.4
>  SRCREV = "d5a01fc9895daae98a0c5a8c7d3afce46add529d"
> -SRC_URI = "git://github.com/mrjimenez/pupnp.git;protocol=https"
> +SRC_URI = "git://github.com/mrjimenez/pupnp.git;protocol=https \
> +           file://CVE-2020-13848.patch"
>  
>  S="${WORKDIR}/git"
>  
>
> 
>


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-04-22 13:52 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-14  8:27 [meta-oe][dunfell][PATCH] fix(libupnp): apply cve-2020-13848 Andrej Kozemcak
2021-04-22 13:52 ` [oe] " Armin Kuster

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.