* [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916
@ 2023-05-31 22:34 Nat Bailey
2023-06-01 2:23 ` [oe] " Khem Raj
2023-06-01 17:48 ` [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 -> For kirkstone ! Randy MacLeod
0 siblings, 2 replies; 4+ messages in thread
From: Nat Bailey @ 2023-05-31 22:34 UTC (permalink / raw)
To: Openembedded-devel; +Cc: nat.bailey, randy.macleod
From: Natasha Bailey <nat.bailey@windriver.com>
This patch fixes a bug in libyang which could cause a null
pointer dereference from a call to strcmp.
Since this recipe includes ptests, the tests were run twice
(once before the patch and once after) with the same results:
all tests passing except utest_types, which is skipped.
Signed-off-by: Natasha Bailey <nat.bailey@windriver.com>
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
---
.../libyang/libyang/CVE-2023-26916.patch | 57 +++++++++++++++++++
.../libyang/libyang_2.0.164.bb | 1 +
2 files changed, 58 insertions(+)
create mode 100644 meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
diff --git a/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
new file mode 100644
index 000000000..f3af3dbff
--- /dev/null
+++ b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
@@ -0,0 +1,57 @@
+From dc668d296f9f05aeab6315d44cff3208641e3096 Mon Sep 17 00:00:00 2001
+From: Michal Vasko <mvasko@cesnet.cz>
+Date: Mon, 13 Feb 2023 10:23:13 +0100
+Subject: [PATCH] schema compile UPDATE do not implement 2 same modules
+
+CVE: CVE-2023-26916
+Upstream-Status: Backport [https://github.com/CESNET/libyang/commit/dc668d296f9f05aeab6315d44cff3208641e3096]
+
+Refs #1979
+---
+ src/schema_compile.c | 20 +++++++-------------
+ 1 file changed, 7 insertions(+), 13 deletions(-)
+
+diff --git a/src/schema_compile.c b/src/schema_compile.c
+index ed768ba0..68c0d681 100644
+--- a/src/schema_compile.c
++++ b/src/schema_compile.c
+@@ -1748,7 +1748,7 @@ lys_has_compiled_import_r(struct lys_module *mod)
+ LY_ERR
+ lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unres *unres)
+ {
+- LY_ERR ret;
++ LY_ERR r;
+ struct lys_module *m;
+
+ assert(!mod->implemented);
+@@ -1757,21 +1757,15 @@ lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unr
+ m = ly_ctx_get_module_implemented(mod->ctx, mod->name);
+ if (m) {
+ assert(m != mod);
+- if (!strcmp(mod->name, "yang") && (strcmp(m->revision, mod->revision) > 0)) {
+- /* special case for newer internal module, continue */
+- LOGVRB("Internal module \"%s@%s\" is already implemented in revision \"%s\", using it instead.",
+- mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
+- } else {
+- LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".",
+- mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
+- return LY_EDENIED;
+- }
++ LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".",
++ mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
++ return LY_EDENIED;
+ }
+
+ /* set features */
+- ret = lys_set_features(mod->parsed, features);
+- if (ret && (ret != LY_EEXIST)) {
+- return ret;
++ r = lys_set_features(mod->parsed, features);
++ if (r && (r != LY_EEXIST)) {
++ return r;
+ }
+
+ /*
+--
+2.34.1
+
diff --git a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
index 2817be7c8..7875c1ef7 100644
--- a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
+++ b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
@@ -11,6 +11,7 @@ SRCREV = "a0cc89516ab5eca84d01c85309f320a94752a64c"
SRC_URI = "git://github.com/CESNET/libyang.git;branch=master;protocol=https \
file://libyang-add-stdint-h.patch \
file://run-ptest \
+ file://CVE-2023-26916.patch \
"
S = "${WORKDIR}/git"
--
2.34.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [oe] [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916
2023-05-31 22:34 [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 Nat Bailey
@ 2023-06-01 2:23 ` Khem Raj
2023-06-01 17:48 ` [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 -> For kirkstone ! Randy MacLeod
1 sibling, 0 replies; 4+ messages in thread
From: Khem Raj @ 2023-06-01 2:23 UTC (permalink / raw)
To: nat.bailey; +Cc: Openembedded-devel, randy.macleod
it does not look like its for master branch. Please prefix subject
line with correct release infor to help route it better.
On Wed, May 31, 2023 at 3:41 PM Nat Bailey via lists.openembedded.org
<nat.bailey=windriver.com@lists.openembedded.org> wrote:
>
> From: Natasha Bailey <nat.bailey@windriver.com>
>
> This patch fixes a bug in libyang which could cause a null
> pointer dereference from a call to strcmp.
>
> Since this recipe includes ptests, the tests were run twice
> (once before the patch and once after) with the same results:
> all tests passing except utest_types, which is skipped.
>
> Signed-off-by: Natasha Bailey <nat.bailey@windriver.com>
> Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
> ---
> .../libyang/libyang/CVE-2023-26916.patch | 57 +++++++++++++++++++
> .../libyang/libyang_2.0.164.bb | 1 +
> 2 files changed, 58 insertions(+)
> create mode 100644 meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
>
> diff --git a/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
> new file mode 100644
> index 000000000..f3af3dbff
> --- /dev/null
> +++ b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
> @@ -0,0 +1,57 @@
> +From dc668d296f9f05aeab6315d44cff3208641e3096 Mon Sep 17 00:00:00 2001
> +From: Michal Vasko <mvasko@cesnet.cz>
> +Date: Mon, 13 Feb 2023 10:23:13 +0100
> +Subject: [PATCH] schema compile UPDATE do not implement 2 same modules
> +
> +CVE: CVE-2023-26916
> +Upstream-Status: Backport [https://github.com/CESNET/libyang/commit/dc668d296f9f05aeab6315d44cff3208641e3096]
> +
> +Refs #1979
> +---
> + src/schema_compile.c | 20 +++++++-------------
> + 1 file changed, 7 insertions(+), 13 deletions(-)
> +
> +diff --git a/src/schema_compile.c b/src/schema_compile.c
> +index ed768ba0..68c0d681 100644
> +--- a/src/schema_compile.c
> ++++ b/src/schema_compile.c
> +@@ -1748,7 +1748,7 @@ lys_has_compiled_import_r(struct lys_module *mod)
> + LY_ERR
> + lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unres *unres)
> + {
> +- LY_ERR ret;
> ++ LY_ERR r;
> + struct lys_module *m;
> +
> + assert(!mod->implemented);
> +@@ -1757,21 +1757,15 @@ lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unr
> + m = ly_ctx_get_module_implemented(mod->ctx, mod->name);
> + if (m) {
> + assert(m != mod);
> +- if (!strcmp(mod->name, "yang") && (strcmp(m->revision, mod->revision) > 0)) {
> +- /* special case for newer internal module, continue */
> +- LOGVRB("Internal module \"%s@%s\" is already implemented in revision \"%s\", using it instead.",
> +- mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
> +- } else {
> +- LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".",
> +- mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
> +- return LY_EDENIED;
> +- }
> ++ LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".",
> ++ mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
> ++ return LY_EDENIED;
> + }
> +
> + /* set features */
> +- ret = lys_set_features(mod->parsed, features);
> +- if (ret && (ret != LY_EEXIST)) {
> +- return ret;
> ++ r = lys_set_features(mod->parsed, features);
> ++ if (r && (r != LY_EEXIST)) {
> ++ return r;
> + }
> +
> + /*
> +--
> +2.34.1
> +
> diff --git a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
> index 2817be7c8..7875c1ef7 100644
> --- a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
> +++ b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
> @@ -11,6 +11,7 @@ SRCREV = "a0cc89516ab5eca84d01c85309f320a94752a64c"
> SRC_URI = "git://github.com/CESNET/libyang.git;branch=master;protocol=https \
> file://libyang-add-stdint-h.patch \
> file://run-ptest \
> + file://CVE-2023-26916.patch \
> "
>
> S = "${WORKDIR}/git"
> --
> 2.34.1
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#103075): https://lists.openembedded.org/g/openembedded-devel/message/103075
> Mute This Topic: https://lists.openembedded.org/mt/99253028/1997914
> Group Owner: openembedded-devel+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [raj.khem@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 -> For kirkstone !
2023-05-31 22:34 [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 Nat Bailey
2023-06-01 2:23 ` [oe] " Khem Raj
@ 2023-06-01 17:48 ` Randy MacLeod
2023-06-01 20:38 ` akuster808
1 sibling, 1 reply; 4+ messages in thread
From: Randy MacLeod @ 2023-06-01 17:48 UTC (permalink / raw)
To: Nat Bailey, Openembedded-devel, Armin Kuster, Khem Raj
[-- Attachment #1: Type: text/plain, Size: 4190 bytes --]
Oops, Nat forgot the branch prefix.
Shall she re-send ?
../Randy
On 2023-05-31 18:34, Nat Bailey wrote:
> From: Natasha Bailey<nat.bailey@windriver.com>
>
> This patch fixes a bug in libyang which could cause a null
> pointer dereference from a call to strcmp.
>
> Since this recipe includes ptests, the tests were run twice
> (once before the patch and once after) with the same results:
> all tests passing except utest_types, which is skipped.
>
> Signed-off-by: Natasha Bailey<nat.bailey@windriver.com>
> Signed-off-by: Randy MacLeod<Randy.MacLeod@windriver.com>
> ---
> .../libyang/libyang/CVE-2023-26916.patch | 57 +++++++++++++++++++
> .../libyang/libyang_2.0.164.bb | 1 +
> 2 files changed, 58 insertions(+)
> create mode 100644 meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
>
> diff --git a/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
> new file mode 100644
> index 000000000..f3af3dbff
> --- /dev/null
> +++ b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
> @@ -0,0 +1,57 @@
> +From dc668d296f9f05aeab6315d44cff3208641e3096 Mon Sep 17 00:00:00 2001
> +From: Michal Vasko<mvasko@cesnet.cz>
> +Date: Mon, 13 Feb 2023 10:23:13 +0100
> +Subject: [PATCH] schema compile UPDATE do not implement 2 same modules
> +
> +CVE: CVE-2023-26916
> +Upstream-Status: Backport [https://github.com/CESNET/libyang/commit/dc668d296f9f05aeab6315d44cff3208641e3096]
> +
> +Refs #1979
> +---
> + src/schema_compile.c | 20 +++++++-------------
> + 1 file changed, 7 insertions(+), 13 deletions(-)
> +
> +diff --git a/src/schema_compile.c b/src/schema_compile.c
> +index ed768ba0..68c0d681 100644
> +--- a/src/schema_compile.c
> ++++ b/src/schema_compile.c
> +@@ -1748,7 +1748,7 @@ lys_has_compiled_import_r(struct lys_module *mod)
> + LY_ERR
> + lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unres *unres)
> + {
> +- LY_ERR ret;
> ++ LY_ERR r;
> + struct lys_module *m;
> +
> + assert(!mod->implemented);
> +@@ -1757,21 +1757,15 @@ lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unr
> + m = ly_ctx_get_module_implemented(mod->ctx, mod->name);
> + if (m) {
> + assert(m != mod);
> +- if (!strcmp(mod->name, "yang") && (strcmp(m->revision, mod->revision) > 0)) {
> +- /* special case for newer internal module, continue */
> +- LOGVRB("Internal module \"%s@%s\" is already implemented in revision \"%s\", using it instead.",
> +- mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
> +- } else {
> +- LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".",
> +- mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
> +- return LY_EDENIED;
> +- }
> ++ LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".",
> ++ mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
> ++ return LY_EDENIED;
> + }
> +
> + /* set features */
> +- ret = lys_set_features(mod->parsed, features);
> +- if (ret && (ret != LY_EEXIST)) {
> +- return ret;
> ++ r = lys_set_features(mod->parsed, features);
> ++ if (r && (r != LY_EEXIST)) {
> ++ return r;
> + }
> +
> + /*
> +--
> +2.34.1
> +
> diff --git a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
> index 2817be7c8..7875c1ef7 100644
> --- a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
> +++ b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
> @@ -11,6 +11,7 @@ SRCREV = "a0cc89516ab5eca84d01c85309f320a94752a64c"
> SRC_URI = "git://github.com/CESNET/libyang.git;branch=master;protocol=https \
> file://libyang-add-stdint-h.patch \
> file://run-ptest \
> +file://CVE-2023-26916.patch \
> "
>
> S = "${WORKDIR}/git"
--
# Randy MacLeod
# Wind River Linux
[-- Attachment #2: Type: text/html, Size: 5653 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 -> For kirkstone !
2023-06-01 17:48 ` [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 -> For kirkstone ! Randy MacLeod
@ 2023-06-01 20:38 ` akuster808
0 siblings, 0 replies; 4+ messages in thread
From: akuster808 @ 2023-06-01 20:38 UTC (permalink / raw)
To: Randy MacLeod, Nat Bailey, Openembedded-devel, Khem Raj
On 6/1/23 1:48 PM, Randy MacLeod wrote:
> Oops, Nat forgot the branch prefix.
>
> Shall she re-send ?
No need. I moved it to the correct folder.
thanks for highlighting it.
-armin
>
> ../Randy
>
> On 2023-05-31 18:34, Nat Bailey wrote:
>> From: Natasha Bailey<nat.bailey@windriver.com>
>>
>> This patch fixes a bug in libyang which could cause a null
>> pointer dereference from a call to strcmp.
>>
>> Since this recipe includes ptests, the tests were run twice
>> (once before the patch and once after) with the same results:
>> all tests passing except utest_types, which is skipped.
>>
>> Signed-off-by: Natasha Bailey<nat.bailey@windriver.com>
>> Signed-off-by: Randy MacLeod<Randy.MacLeod@windriver.com>
>> ---
>> .../libyang/libyang/CVE-2023-26916.patch | 57 +++++++++++++++++++
>> .../libyang/libyang_2.0.164.bb | 1 +
>> 2 files changed, 58 insertions(+)
>> create mode 100644 meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
>>
>> diff --git a/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
>> new file mode 100644
>> index 000000000..f3af3dbff
>> --- /dev/null
>> +++ b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch
>> @@ -0,0 +1,57 @@
>> +From dc668d296f9f05aeab6315d44cff3208641e3096 Mon Sep 17 00:00:00 2001
>> +From: Michal Vasko<mvasko@cesnet.cz>
>> +Date: Mon, 13 Feb 2023 10:23:13 +0100
>> +Subject: [PATCH] schema compile UPDATE do not implement 2 same modules
>> +
>> +CVE: CVE-2023-26916
>> +Upstream-Status: Backport [https://github.com/CESNET/libyang/commit/dc668d296f9f05aeab6315d44cff3208641e3096]
>> +
>> +Refs #1979
>> +---
>> + src/schema_compile.c | 20 +++++++-------------
>> + 1 file changed, 7 insertions(+), 13 deletions(-)
>> +
>> +diff --git a/src/schema_compile.c b/src/schema_compile.c
>> +index ed768ba0..68c0d681 100644
>> +--- a/src/schema_compile.c
>> ++++ b/src/schema_compile.c
>> +@@ -1748,7 +1748,7 @@ lys_has_compiled_import_r(struct lys_module *mod)
>> + LY_ERR
>> + lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unres *unres)
>> + {
>> +- LY_ERR ret;
>> ++ LY_ERR r;
>> + struct lys_module *m;
>> +
>> + assert(!mod->implemented);
>> +@@ -1757,21 +1757,15 @@ lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unr
>> + m = ly_ctx_get_module_implemented(mod->ctx, mod->name);
>> + if (m) {
>> + assert(m != mod);
>> +- if (!strcmp(mod->name, "yang") && (strcmp(m->revision, mod->revision) > 0)) {
>> +- /* special case for newer internal module, continue */
>> +- LOGVRB("Internal module \"%s@%s\" is already implemented in revision \"%s\", using it instead.",
>> +- mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
>> +- } else {
>> +- LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".",
>> +- mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
>> +- return LY_EDENIED;
>> +- }
>> ++ LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".",
>> ++ mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>");
>> ++ return LY_EDENIED;
>> + }
>> +
>> + /* set features */
>> +- ret = lys_set_features(mod->parsed, features);
>> +- if (ret && (ret != LY_EEXIST)) {
>> +- return ret;
>> ++ r = lys_set_features(mod->parsed, features);
>> ++ if (r && (r != LY_EEXIST)) {
>> ++ return r;
>> + }
>> +
>> + /*
>> +--
>> +2.34.1
>> +
>> diff --git a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
>> index 2817be7c8..7875c1ef7 100644
>> --- a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
>> +++ b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb
>> @@ -11,6 +11,7 @@ SRCREV = "a0cc89516ab5eca84d01c85309f320a94752a64c"
>> SRC_URI = "git://github.com/CESNET/libyang.git;branch=master;protocol=https \
>> file://libyang-add-stdint-h.patch \
>> file://run-ptest \
>> +file://CVE-2023-26916.patch \
>> "
>>
>> S = "${WORKDIR}/git"
>
>
> --
> # Randy MacLeod
> # Wind River Linux
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-06-01 20:38 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-05-31 22:34 [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 Nat Bailey
2023-06-01 2:23 ` [oe] " Khem Raj
2023-06-01 17:48 ` [meta-oe][PATCH] libyang: backport a fix for CVE-2023-26916 -> For kirkstone ! Randy MacLeod
2023-06-01 20:38 ` akuster808
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).