diff options
author | Robert Yang <liezhi.yang@windriver.com> | 2015-07-08 00:23:46 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2015-07-08 13:13:16 +0100 |
commit | 505f351ede9dd1eb0e6f01080ea24080697dadf4 (patch) | |
tree | 8f125efa0432abb86f43802366ae7aa7792432eb /meta | |
parent | 3d4380bb36eb108dc75fee7215b615f7800b0990 (diff) | |
download | openembedded-core-505f351ede9dd1eb0e6f01080ea24080697dadf4.tar.gz openembedded-core-505f351ede9dd1eb0e6f01080ea24080697dadf4.tar.bz2 openembedded-core-505f351ede9dd1eb0e6f01080ea24080697dadf4.zip |
less: 471 -> 478
* Remove backport patch 0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch.
* The LICENSE's checksum changed because of year changed, the contents
are the same.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch | 49 | ||||
-rw-r--r-- | meta/recipes-extended/less/less_478.bb (renamed from meta/recipes-extended/less/less_471.bb) | 7 |
2 files changed, 3 insertions, 53 deletions
diff --git a/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch b/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch deleted file mode 100644 index 455eafc492..0000000000 --- a/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch +++ /dev/null @@ -1,49 +0,0 @@ -From e0a1add063a657b98611c94debb3631b8ffa36fe Mon Sep 17 00:00:00 2001 -From: Junling Zheng <zhengjunling@huawei.com> -Date: Fri, 24 Apr 2015 11:24:04 +0800 -Subject: [PATCH] Fix possible buffer overrun with invalid UTF-8 - -An out of bounds read access in the UTF-8 decoding can be triggered with -a malformed file in the tool less. The access happens in the function -is_utf8_well_formed due to a truncated multibyte character in the sample -file. - -The bug does not crash less, it can only be made visible by running less -with valgrind or compiling it with Address Sanitizer. - -Version 475 of less contains a fix for this issue. The file version.c -contains some entry mentioning this issue (without any credit): - - - v475 3/2/15 Fix possible buffer overrun with invalid UTF-8 - -The fix is in the file line.c. We derive this patch from: - -https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html - -Thank Claire Robinson for validating it on Mageia 4 i586. Refer to: - -https://bugs.mageia.org/show_bug.cgi?id=15567 - -Upstream Status: Backported - -Signed-off-by: Junling Zheng <zhengjunling@huawei.com> ---- - line.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/line.c b/line.c -index 89495a3..474be2c 100644 ---- a/line.c -+++ b/line.c -@@ -807,7 +807,7 @@ pappend(c, pos) - mbc_buf[mbc_buf_index++] = c; - if (mbc_buf_index < mbc_buf_len) - return (0); -- if (is_utf8_well_formed(mbc_buf)) -+ if (is_utf8_well_formed(mbc_buf, mbc_buf_index)) - r = do_append(get_wchar(mbc_buf), mbc_buf, mbc_pos); - else - /* Complete, but not shortest form, sequence. */ --- -1.9.1 - diff --git a/meta/recipes-extended/less/less_471.bb b/meta/recipes-extended/less/less_478.bb index 72d256276b..fc63774dbc 100644 --- a/meta/recipes-extended/less/less_471.bb +++ b/meta/recipes-extended/less/less_478.bb @@ -21,15 +21,14 @@ SECTION = "console/utils" LICENSE = "GPLv3+ | BSD-2-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \ - file://LICENSE;md5=866cc220f330b04ae4661fc3cdfedea7" + file://LICENSE;md5=48c26a307f91af700e1f00585f215aaf" DEPENDS = "ncurses" SRC_URI = "http://www.greenwoodsoftware.com/${BPN}/${BPN}-${PV}.tar.gz \ - file://0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch \ " -SRC_URI[md5sum] = "9a40d29a2d84b41f9f36d7dd90b4f950" -SRC_URI[sha256sum] = "37f613fa9a526378788d790a92217d59b523574cf7159f6538da8564b3fb27f8" +SRC_URI[md5sum] = "934fcc9f137b9ef66a943c224f413d39" +SRC_URI[sha256sum] = "495c7df52199a0c7e6bfbbe7697b2b54f4bf197c8b10b43957762d74483574ce" inherit autotools update-alternatives |