diff options
| author | Cem Keylan <cem@ckyln.com> | 2020-12-14 22:33:28 +0300 |
|---|---|---|
| committer | Cem Keylan <cem@ckyln.com> | 2020-12-14 22:33:28 +0300 |
| commit | 52a3c84d4794af5fd4a5963790c5fa5f22dd4571 (patch) | |
| tree | 163e3024f13059685f88960bfe62545b73e4906d /core | |
| parent | 265b5e8537db76137ff51cd9c544e0543793add2 (diff) | |
| download | repository-52a3c84d4794af5fd4a5963790c5fa5f22dd4571.tar.gz | |
musl: add patch fixing CVE2020-28928
Diffstat (limited to 'core')
| -rwxr-xr-x | core/musl/build | 2 | ||||
| -rw-r--r-- | core/musl/patches/CVE-2020-28928.patch | 64 | ||||
| -rw-r--r-- | core/musl/sources | 1 | ||||
| -rw-r--r-- | core/musl/version | 2 |
4 files changed, 68 insertions, 1 deletions
diff --git a/core/musl/build b/core/musl/build index e48ce47f..44b80ec1 100755 --- a/core/musl/build +++ b/core/musl/build @@ -16,6 +16,8 @@ kinstall_t() { done } +patch -p0 < CVE-2020-28928.patch + ./configure \ --prefix=/usr \ --syslibdir=/usr/lib diff --git a/core/musl/patches/CVE-2020-28928.patch b/core/musl/patches/CVE-2020-28928.patch new file mode 100644 index 00000000..9075ae1f --- /dev/null +++ b/core/musl/patches/CVE-2020-28928.patch @@ -0,0 +1,64 @@ +--- src/multibyte/wcsnrtombs.c ++++ src/multibyte/wcsnrtombs.c +@@ -1,41 +1,33 @@ + #include <wchar.h> ++#include <limits.h> ++#include <string.h> + + size_t wcsnrtombs(char *restrict dst, const wchar_t **restrict wcs, size_t wn, size_t n, mbstate_t *restrict st) + { +- size_t l, cnt=0, n2; +- char *s, buf[256]; + const wchar_t *ws = *wcs; +- const wchar_t *tmp_ws; +- +- if (!dst) s = buf, n = sizeof buf; +- else s = dst; +- +- while ( ws && n && ( (n2=wn)>=n || n2>32 ) ) { +- if (n2>=n) n2=n; +- tmp_ws = ws; +- l = wcsrtombs(s, &ws, n2, 0); +- if (!(l+1)) { +- cnt = l; +- n = 0; ++ size_t cnt = 0; ++ if (!dst) n=0; ++ while (ws && wn) { ++ char tmp[MB_LEN_MAX]; ++ size_t l = wcrtomb(n<MB_LEN_MAX ? tmp : dst, *ws, 0); ++ if (l==-1) { ++ cnt = -1; + break; + } +- if (s != buf) { +- s += l; ++ if (dst) { ++ if (n<MB_LEN_MAX) { ++ if (l>n) break; ++ memcpy(dst, tmp, l); ++ } ++ dst += l; + n -= l; + } +- wn = ws ? wn - (ws - tmp_ws) : 0; +- cnt += l; +- } +- if (ws) while (n && wn) { +- l = wcrtomb(s, *ws, 0); +- if ((l+1)<=1) { +- if (!l) ws = 0; +- else cnt = l; ++ if (!*ws) { ++ ws = 0; + break; + } +- ws++; wn--; +- /* safe - this loop runs fewer than sizeof(buf) times */ +- s+=l; n-=l; ++ ws++; ++ wn--; + cnt += l; + } + if (dst) *wcs = ws; + diff --git a/core/musl/sources b/core/musl/sources index 82fcf877..c23268c7 100644 --- a/core/musl/sources +++ b/core/musl/sources @@ -5,3 +5,4 @@ files/tree.h files/getconf.c files/getent files/__stack_chk_fail_local.c +patches/CVE-2020-28928.patch diff --git a/core/musl/version b/core/musl/version index cd3d02bc..28527bea 100644 --- a/core/musl/version +++ b/core/musl/version @@ -1 +1 @@ -1.2.1 1 +1.2.1 2 |