diff options
| author | Hongxu Jia <hongxu.jia@windriver.com> | 2018-10-14 02:45:59 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-10-14 16:03:22 +0100 |
| commit | e2fa6bc137faebba3c440cac93c88092421e8e82 (patch) | |
| tree | 48bcf68f97e037e08f0a4226546e5e21aa9038ed | |
| parent | 7535797e0df1e5f88d8b4bf251e6eab3279707d6 (diff) | |
| download | openembedded-core-e2fa6bc137faebba3c440cac93c88092421e8e82.tar.gz openembedded-core-e2fa6bc137faebba3c440cac93c88092421e8e82.tar.bz2 openembedded-core-e2fa6bc137faebba3c440cac93c88092421e8e82.zip | |
nasm: fix CVE-2018-10016
Previously fix of CVE-2018-10016 caused ovmf build failure,
I reported the failure to upstream and it replied with
this V2 fix.
Details at:
https://bugzilla.nasm.us/show_bug.cgi?id=3392473
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-devtools/nasm/nasm/0001-eval-Eliminate-division-by-zero.patch | 40 | ||||
| -rw-r--r-- | meta/recipes-devtools/nasm/nasm_2.13.03.bb | 1 |
2 files changed, 41 insertions, 0 deletions
diff --git a/meta/recipes-devtools/nasm/nasm/0001-eval-Eliminate-division-by-zero.patch b/meta/recipes-devtools/nasm/nasm/0001-eval-Eliminate-division-by-zero.patch new file mode 100644 index 0000000000..6c332497c9 --- /dev/null +++ b/meta/recipes-devtools/nasm/nasm/0001-eval-Eliminate-division-by-zero.patch @@ -0,0 +1,40 @@ +From ceec0d818798aeaa75ed4907e6135b0247ed46b2 Mon Sep 17 00:00:00 2001 +From: Cyrill Gorcunov <gorcunov@gmail.com> +Date: Sun, 14 Oct 2018 01:26:19 +0300 +Subject: [PATCH] eval: Eliminate division by zero + +When doing division we should detect if the value we're +divided by is not zero. Instead of is_unknown() helper +we should use is_just_unknown(). + +https://bugzilla.nasm.us/show_bug.cgi?id=3392515 +https://bugzilla.nasm.us/show_bug.cgi?id=3392473 + +Reported-by: Jun <jxx13@psu.edu> +Reported-by: stuartly <situlingyun@gmail.com> +Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com> + +Upstream-Status: Backport [https://github.com/netwide-assembler/nasm/commit/ceec0d818798aeaa75ed4907e6135b0247ed46b2.patch] +CVE: CVE-2018-10016 +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> + +--- + asm/eval.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/asm/eval.c b/asm/eval.c +index 1a6680f..7e727a4 100644 +--- a/asm/eval.c ++++ b/asm/eval.c +@@ -580,7 +580,7 @@ static expr *expr5(int critical) + " scalar values"); + return NULL; + } +- if (j != '*' && !is_unknown(f) && reloc_value(f) == 0) { ++ if (j != '*' && !is_just_unknown(f) && reloc_value(f) == 0) { + nasm_error(ERR_NONFATAL, "division by zero"); + return NULL; + } +-- +2.10.2 + diff --git a/meta/recipes-devtools/nasm/nasm_2.13.03.bb b/meta/recipes-devtools/nasm/nasm_2.13.03.bb index 6a02df4854..730db1d8c2 100644 --- a/meta/recipes-devtools/nasm/nasm_2.13.03.bb +++ b/meta/recipes-devtools/nasm/nasm_2.13.03.bb @@ -8,6 +8,7 @@ SRC_URI = "http://www.nasm.us/pub/nasm/releasebuilds/${PV}/nasm-${PV}.tar.bz2 \ file://0001-assemble-Check-global-line-limit.patch \ file://0001-fix-CVE-2018-8882.patch \ file://0001-Verify-that-we-are-not-reading-past-end-of-a-buffer.patch \ + file://0001-eval-Eliminate-division-by-zero.patch \ " SRC_URI[md5sum] = "0c581d482f39d5111879ca9601938f74" |