diff options
Diffstat (limited to 'external/poky/meta/recipes-devtools/perl/perl/CVE-2018-18313.patch')
-rw-r--r-- | external/poky/meta/recipes-devtools/perl/perl/CVE-2018-18313.patch | 60 |
1 files changed, 0 insertions, 60 deletions
diff --git a/external/poky/meta/recipes-devtools/perl/perl/CVE-2018-18313.patch b/external/poky/meta/recipes-devtools/perl/perl/CVE-2018-18313.patch deleted file mode 100644 index 540aa073..00000000 --- a/external/poky/meta/recipes-devtools/perl/perl/CVE-2018-18313.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 3458f6115ca8e8d11779948c12b7e1cc5803358c Mon Sep 17 00:00:00 2001 -From: Karl Williamson <khw@cpan.org> -Date: Sat, 25 Mar 2017 15:00:22 -0600 -Subject: [PATCH 2/3] regcomp.c: Convert some strchr to memchr - -This allows things to work properly in the face of embedded NULs. -See the branch merge message for more information. - -(cherry picked from commit 43b2f4ef399e2fd7240b4eeb0658686ad95f8e62) - -CVE: CVE-2018-18313 -Upstream-Status: Backport -[https://perl5.git.perl.org/perl.git/commit/c1c28ce6ba90ee05aa96b11ad551a6063680f3b9] - -Signed-off-by: Dan Tran <dantran@microsoft.com> ---- - regcomp.c | 13 ++++++++----- - 1 file changed, 8 insertions(+), 5 deletions(-) - -diff --git a/regcomp.c b/regcomp.c -index 00d26d9290..2688979882 100644 ---- a/regcomp.c -+++ b/regcomp.c -@@ -11783,8 +11783,9 @@ S_grok_bslash_N(pTHX_ RExC_state_t *pRExC_state, - - RExC_parse++; /* Skip past the '{' */ - -- if (! (endbrace = strchr(RExC_parse, '}')) /* no trailing brace */ -- || ! (endbrace == RExC_parse /* nothing between the {} */ -+ endbrace = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); -+ if ((! endbrace) /* no trailing brace */ -+ || ! (endbrace == RExC_parse /* nothing between the {} */ - || (endbrace - RExC_parse >= 2 /* U+ (bad hex is checked... */ - && strnEQ(RExC_parse, "U+", 2)))) /* ... below for a better - error msg) */ -@@ -12483,9 +12484,11 @@ S_regatom(pTHX_ RExC_state_t *pRExC_state, I32 *flagp, U32 depth) - else { - STRLEN length; - char name = *RExC_parse; -- char * endbrace; -+ char * endbrace = NULL; - RExC_parse += 2; -- endbrace = strchr(RExC_parse, '}'); -+ if (RExC_parse < RExC_end) { -+ endbrace = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); -+ } - - if (! endbrace) { - vFAIL2("Missing right brace on \\%c{}", name); -@@ -15939,7 +15942,7 @@ S_regclass(pTHX_ RExC_state_t *pRExC_state, I32 *flagp, U32 depth, - vFAIL2("Empty \\%c", (U8)value); - if (*RExC_parse == '{') { - const U8 c = (U8)value; -- e = strchr(RExC_parse, '}'); -+ e = (char *) memchr(RExC_parse, '}', RExC_end - RExC_parse); - if (!e) { - RExC_parse++; - vFAIL2("Missing right brace on \\%c{}", c); --- -2.22.0.vfs.1.1.57.gbaf16c8 |