From: Ranjitsinh Rathod <ranjitsinh.rat...@kpit.com> Add a patch to fix CVE-2022-4743 security issue "A potential memory leak issue was discovered in SDL2 in GLES_CreateTexture() function in SDL_render_gles.c. The vulnerability allows an attacker to cause a denial of service attack. The vulnerability affects SDL2 v2.0.4 and above. SDL-1.x are not affected." as per NVD
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rat...@kpit.com> Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1...@gmail.com> --- .../libsdl2/libsdl2/CVE-2022-4743.patch | 38 +++++++++++++++++++ .../libsdl2/libsdl2_2.0.12.bb | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch diff --git a/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch new file mode 100644 index 0000000000..b02a2169a6 --- /dev/null +++ b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch @@ -0,0 +1,38 @@ +From 00b67f55727bc0944c3266e2b875440da132ce4b Mon Sep 17 00:00:00 2001 +From: zhailiangliang <zhailiangli...@loongson.cn> +Date: Wed, 21 Sep 2022 10:30:38 +0800 +Subject: [PATCH] Fix potential memory leak in GLES_CreateTexture + + +CVE: CVE-2022-4743 +Upstream-Status: Backport [https://github.com/libsdl-org/SDL/commit/00b67f55727bc0944c3266e2b875440da132ce4b.patch] +Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rat...@kpit.com> + +--- + src/render/opengles/SDL_render_gles.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/render/opengles/SDL_render_gles.c b/src/render/opengles/SDL_render_gles.c +index a5fbab309eda..ba08a46e2805 100644 +--- a/src/render/opengles/SDL_render_gles.c ++++ b/src/render/opengles/SDL_render_gles.c +@@ -359,6 +359,9 @@ GLES_CreateTexture(SDL_Renderer * renderer, SDL_Texture * texture) + renderdata->glGenTextures(1, &data->texture); + result = renderdata->glGetError(); + if (result != GL_NO_ERROR) { ++ if (texture->access == SDL_TEXTUREACCESS_STREAMING) { ++ SDL_free(data->pixels); ++ } + SDL_free(data); + return GLES_SetError("glGenTextures()", result); + } +@@ -387,6 +390,9 @@ GLES_CreateTexture(SDL_Renderer * renderer, SDL_Texture * texture) + + result = renderdata->glGetError(); + if (result != GL_NO_ERROR) { ++ if (texture->access == SDL_TEXTUREACCESS_STREAMING) { ++ SDL_free(data->pixels); ++ } + SDL_free(data); + return GLES_SetError("glTexImage2D()", result); + } diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb index 44d36fca22..fa29bc99ac 100644 --- a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb +++ b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb @@ -22,6 +22,7 @@ SRC_URI = "http://www.libsdl.org/release/SDL2-${PV}.tar.gz \ file://directfb-renderfillrect-fix.patch \ file://CVE-2020-14409-14410.patch \ file://CVE-2021-33657.patch \ + file://CVE-2022-4743.patch \ " S = "${WORKDIR}/SDL2-${PV}" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#176701): https://lists.openembedded.org/g/openembedded-core/message/176701 Mute This Topic: https://lists.openembedded.org/mt/96700171/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
