[OE-core] [PATCH 1/3] less: 471 -> 478
Robert Yang
liezhi.yang at windriver.com
Wed Jul 8 07:23:46 UTC 2015
* Remove backport patch 0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch.
* The LICENSE's checksum changed because of year changed, the contents
are the same.
Signed-off-by: Robert Yang <liezhi.yang at windriver.com>
---
...ossible-buffer-overrun-with-invalid-UTF-8.patch | 49 --------------------
.../less/{less_471.bb => less_478.bb} | 7 ++-
2 files changed, 3 insertions(+), 53 deletions(-)
delete mode 100644 meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch
rename meta/recipes-extended/less/{less_471.bb => less_478.bb} (78%)
diff --git a/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch b/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch
deleted file mode 100644
index 455eafc..0000000
--- a/meta/recipes-extended/less/less/0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From e0a1add063a657b98611c94debb3631b8ffa36fe Mon Sep 17 00:00:00 2001
-From: Junling Zheng <zhengjunling at huawei.com>
-Date: Fri, 24 Apr 2015 11:24:04 +0800
-Subject: [PATCH] Fix possible buffer overrun with invalid UTF-8
-
-An out of bounds read access in the UTF-8 decoding can be triggered with
-a malformed file in the tool less. The access happens in the function
-is_utf8_well_formed due to a truncated multibyte character in the sample
-file.
-
-The bug does not crash less, it can only be made visible by running less
-with valgrind or compiling it with Address Sanitizer.
-
-Version 475 of less contains a fix for this issue. The file version.c
-contains some entry mentioning this issue (without any credit):
-
- - v475 3/2/15 Fix possible buffer overrun with invalid UTF-8
-
-The fix is in the file line.c. We derive this patch from:
-
-https://blog.fuzzing-project.org/3-less-out-of-bounds-read-access-TFPA-0022014.html
-
-Thank Claire Robinson for validating it on Mageia 4 i586. Refer to:
-
-https://bugs.mageia.org/show_bug.cgi?id=15567
-
-Upstream Status: Backported
-
-Signed-off-by: Junling Zheng <zhengjunling at huawei.com>
----
- line.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/line.c b/line.c
-index 89495a3..474be2c 100644
---- a/line.c
-+++ b/line.c
-@@ -807,7 +807,7 @@ pappend(c, pos)
- mbc_buf[mbc_buf_index++] = c;
- if (mbc_buf_index < mbc_buf_len)
- return (0);
-- if (is_utf8_well_formed(mbc_buf))
-+ if (is_utf8_well_formed(mbc_buf, mbc_buf_index))
- r = do_append(get_wchar(mbc_buf), mbc_buf, mbc_pos);
- else
- /* Complete, but not shortest form, sequence. */
---
-1.9.1
-
diff --git a/meta/recipes-extended/less/less_471.bb b/meta/recipes-extended/less/less_478.bb
similarity index 78%
rename from meta/recipes-extended/less/less_471.bb
rename to meta/recipes-extended/less/less_478.bb
index 72d2562..fc63774 100644
--- a/meta/recipes-extended/less/less_471.bb
+++ b/meta/recipes-extended/less/less_478.bb
@@ -21,15 +21,14 @@ SECTION = "console/utils"
LICENSE = "GPLv3+ | BSD-2-Clause"
LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504 \
- file://LICENSE;md5=866cc220f330b04ae4661fc3cdfedea7"
+ file://LICENSE;md5=48c26a307f91af700e1f00585f215aaf"
DEPENDS = "ncurses"
SRC_URI = "http://www.greenwoodsoftware.com/${BPN}/${BPN}-${PV}.tar.gz \
- file://0001-Fix-possible-buffer-overrun-with-invalid-UTF-8.patch \
"
-SRC_URI[md5sum] = "9a40d29a2d84b41f9f36d7dd90b4f950"
-SRC_URI[sha256sum] = "37f613fa9a526378788d790a92217d59b523574cf7159f6538da8564b3fb27f8"
+SRC_URI[md5sum] = "934fcc9f137b9ef66a943c224f413d39"
+SRC_URI[sha256sum] = "495c7df52199a0c7e6bfbbe7697b2b54f4bf197c8b10b43957762d74483574ce"
inherit autotools update-alternatives
--
1.7.9.5
More information about the Openembedded-core
mailing list