From: Mathieu Dubois-Briand <mathieu.dubois-bri...@hyprua.org> Signed-off-by: Mathieu Dubois-Briand <mbri...@witekio.com> Signed-off-by: Steve Sakoman <st...@sakoman.com> --- .../curl/curl/CVE-2022-35260.patch | 68 +++++++++++++++++++ meta/recipes-support/curl/curl_7.69.1.bb | 1 + 2 files changed, 69 insertions(+) create mode 100644 meta/recipes-support/curl/curl/CVE-2022-35260.patch
diff --git a/meta/recipes-support/curl/curl/CVE-2022-35260.patch b/meta/recipes-support/curl/curl/CVE-2022-35260.patch new file mode 100644 index 0000000000..476c996b0a --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2022-35260.patch @@ -0,0 +1,68 @@ +From 3ff3989ec53d9ddcf4bdd99f5d5788dd87486768 Mon Sep 17 00:00:00 2001 +From: Daniel Stenberg <dan...@haxx.se> +Date: Tue, 4 Oct 2022 14:37:24 +0200 +Subject: [PATCH] netrc: replace fgets with Curl_get_line + +Upstream-Status: Backport +CVE: CVE-2022-35260 +Reference to upstream patch: https://github.com/curl/curl/commit/c97ec984fb2bc919a3aa863e0476dffa377b184c + +Make the parser only accept complete lines and avoid problems with +overly long lines. + +Reported-by: Hiroki Kurosawa + +Closes #9789 +--- + lib/curl_get_line.c | 4 ++-- + lib/netrc.c | 5 +++-- + 2 files changed, 5 insertions(+), 4 deletions(-) + +diff --git a/lib/curl_get_line.c b/lib/curl_get_line.c +index c4194851ae09..4b9eea9e631c 100644 +--- a/lib/curl_get_line.c ++++ b/lib/curl_get_line.c +@@ -28,8 +28,8 @@ + #include "memdebug.h" + + /* +- * get_line() makes sure to only return complete whole lines that fit in 'len' +- * bytes and end with a newline. ++ * Curl_get_line() makes sure to only return complete whole lines that fit in ++ * 'len' bytes and end with a newline. + */ + char *Curl_get_line(char *buf, int len, FILE *input) + { +diff --git a/lib/netrc.c b/lib/netrc.c +index 1c9da31993c9..93239132c9d8 100644 +--- a/lib/netrc.c ++++ b/lib/netrc.c +@@ -31,6 +31,7 @@ + #include "netrc.h" + #include "strtok.h" + #include "strcase.h" ++#include "curl_get_line.h" + + /* The last 3 #include files should be in this order */ + #include "curl_printf.h" +@@ -83,7 +84,7 @@ static int parsenetrc(const char *host, + char netrcbuffer[4096]; + int netrcbuffsize = (int)sizeof(netrcbuffer); + +- while(!done && fgets(netrcbuffer, netrcbuffsize, file)) { ++ while(!done && Curl_get_line(netrcbuffer, netrcbuffsize, file)) { + tok = strtok_r(netrcbuffer, " \t\n", &tok_buf); + if(tok && *tok == '#') + /* treat an initial hash as a comment line */ +@@ -169,7 +170,7 @@ static int parsenetrc(const char *host, + + tok = strtok_r(NULL, " \t\n", &tok_buf); + } /* while(tok) */ +- } /* while fgets() */ ++ } /* while Curl_get_line() */ + + out: + if(!retcode) { +-- +2.34.1 + diff --git a/meta/recipes-support/curl/curl_7.69.1.bb b/meta/recipes-support/curl/curl_7.69.1.bb index 31aa9d7185..63faae6296 100644 --- a/meta/recipes-support/curl/curl_7.69.1.bb +++ b/meta/recipes-support/curl/curl_7.69.1.bb @@ -40,6 +40,7 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://CVE-2022-32208.patch \ file://CVE-2022-35252.patch \ file://CVE-2022-32221.patch \ + file://CVE-2022-35260.patch \ " SRC_URI[md5sum] = "ec5fc263f898a3dfef08e805f1ecca42" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#174747): https://lists.openembedded.org/g/openembedded-core/message/174747 Mute This Topic: https://lists.openembedded.org/mt/95710964/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
