summaryrefslogtreecommitdiffstats
path: root/external/poky/meta/recipes-extended/wget/wget/CVE-2019-5953.patch
diff options
context:
space:
mode:
Diffstat (limited to 'external/poky/meta/recipes-extended/wget/wget/CVE-2019-5953.patch')
-rw-r--r--external/poky/meta/recipes-extended/wget/wget/CVE-2019-5953.patch51
1 files changed, 0 insertions, 51 deletions
diff --git a/external/poky/meta/recipes-extended/wget/wget/CVE-2019-5953.patch b/external/poky/meta/recipes-extended/wget/wget/CVE-2019-5953.patch
deleted file mode 100644
index e43e8e54..00000000
--- a/external/poky/meta/recipes-extended/wget/wget/CVE-2019-5953.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From 692d5c5215de0db482c252492a92fc424cc6a97c Mon Sep 17 00:00:00 2001
-From: Tim Ruehsen <tim.ruehsen@gmx.de>
-Date: Fri, 5 Apr 2019 11:50:44 +0200
-Subject: [PATCH] Fix a buffer overflow vulnerability
-
-* src/iri.c(do_conversion): Reallocate the output buffer to a larger
- size if it is already full
-
-Upstream-Status: Backport
-http://git.savannah.gnu.org/cgit/wget.git/commit/?id=692d5c5215de0db482c252492a92fc424cc6a97c
-CVE: CVE-2019-5953
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- src/iri.c | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
-
-Index: wget-1.19.5/src/iri.c
-===================================================================
---- wget-1.19.5.orig/src/iri.c
-+++ wget-1.19.5/src/iri.c
-@@ -151,8 +151,11 @@ do_conversion (const char *tocode, const
- *out = s = xmalloc (outlen + 1);
- done = 0;
-
-+ DEBUGP (("iconv %s -> %s\n", tocode, fromcode));
-+
- for (;;)
- {
-+ DEBUGP (("iconv outlen=%d inlen=%d\n", outlen, inlen));
- if (iconv (cd, (ICONV_CONST char **) &in, &inlen, out, &outlen) != (size_t)(-1) &&
- iconv (cd, NULL, NULL, out, &outlen) != (size_t)(-1))
- {
-@@ -187,11 +190,14 @@ do_conversion (const char *tocode, const
- }
- else if (errno == E2BIG) /* Output buffer full */
- {
-+ logprintf (LOG_VERBOSE,
-+ _("Reallocate output buffer len=%d outlen=%d inlen=%d\n"), len, outlen, inlen);
- tooshort++;
- done = len;
-- len = outlen = done + inlen * 2;
-- s = xrealloc (s, outlen + 1);
-- *out = s + done;
-+ len = done + inlen * 2;
-+ s = xrealloc (s, len + 1);
-+ *out = s + done - outlen;
-+ outlen += inlen * 2;
- }
- else /* Weird, we got an unspecified error */
- {