mirror of
https://abf.rosa.ru/djam/glibc.git
synced 2025-02-23 15:02:47 +00:00
closed CVE-2021-35942
This commit is contained in:
slava86
parent
6a997e9e09
commit
4661cd4f70
2 changed files with 42 additions and 2 deletions
39
CVE-2021-35942.patch
Normal file
39
CVE-2021-35942.patch
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Schwab <schwab@linux-m68k.org>
|
||||
Date: Fri, 25 Jun 2021 15:02:47 +0200
|
||||
Subject: [PATCH] wordexp: handle overflow in positional parameter number (bug
|
||||
28011)
|
||||
|
||||
Use strtoul instead of atoi so that overflow can be detected.
|
||||
---
|
||||
posix/wordexp-test.c | 1 +
|
||||
posix/wordexp.c | 2 +-
|
||||
2 files changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
|
||||
index f93a546d7e..9df02dbbb3 100644
|
||||
--- a/posix/wordexp-test.c
|
||||
+++ b/posix/wordexp-test.c
|
||||
@@ -183,6 +183,7 @@ struct test_case_struct
|
||||
{ 0, NULL, "$var", 0, 0, { NULL, }, IFS },
|
||||
{ 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS },
|
||||
{ 0, NULL, "", 0, 0, { NULL, }, IFS },
|
||||
+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS },
|
||||
|
||||
/* Flags not already covered (testit() has special handling for these) */
|
||||
{ 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS },
|
||||
diff --git a/posix/wordexp.c b/posix/wordexp.c
|
||||
index bcbe96e48d..1f3b09f721 100644
|
||||
--- a/posix/wordexp.c
|
||||
+++ b/posix/wordexp.c
|
||||
@@ -1399,7 +1399,7 @@ envsubst:
|
||||
/* Is it a numeric parameter? */
|
||||
else if (isdigit (env[0]))
|
||||
{
|
||||
- int n = atoi (env);
|
||||
+ unsigned long n = strtoul (env, NULL, 10);
|
||||
|
||||
if (n >= __libc_argc)
|
||||
/* Substitute NULL. */
|
||||
--
|
||||
2.27.0
|
||||
|
|
@ -46,7 +46,7 @@
|
|||
%define _disable_ld_no_undefined 1
|
||||
|
||||
# (tpg) optimize it a bit
|
||||
%global optflags %{optflags} -O3
|
||||
%global optflags %{optflags} -O3 -fno-strict-aliasing
|
||||
|
||||
%global platform %{_target_vendor}-%{_target_os}%{?_gnu}
|
||||
%global target_cpu %{_target_cpu}
|
||||
|
|
@ -132,7 +132,7 @@ Source0: http://ftp.gnu.org/gnu/glibc/%{oname}-%{ver}.tar.xz
|
|||
#Source1: http://ftp.gnu.org/gnu/glibc/%{oname}-%{ver}.tar.xz.sig
|
||||
#endif
|
||||
%endif
|
||||
Release: 10
|
||||
Release: 11
|
||||
License: LGPLv2+ and LGPLv2+ with exceptions and GPLv2+
|
||||
Group: System/Libraries
|
||||
Url: http://www.gnu.org/software/libc/
|
||||
|
|
@ -255,6 +255,7 @@ Patch1044: Fix-buffer-overrun-in-EUC-KR-conversion-module-bz-24.patch
|
|||
Patch1045: gconv-Fix-assertion-failure-in-ISO-2022-JP-3-module-.patch
|
||||
Patch1046: CVE-2020-27618.patch
|
||||
Patch1047: CVE-2021-27645.patch
|
||||
Patch1048: CVE-2021-35942.patch
|
||||
# These generatiors are exeperimentally disabled while
|
||||
# bootstrapping aarch64 to try to get rid of them
|
||||
%ifnarch aarch64
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue