I almost always let patches sit for 3 or more days to allow people time to comment.
This is now merged. Bruce On Fri, Sep 28, 2018 at 10:45 PM ChenQi <[email protected]> wrote: > > ping > > On 09/26/2018 10:36 AM, Chen Qi wrote: > > Backport patch to fix the following CVE. > > > > CVE: CVE-2018-10911 > > > > Signed-off-by: Chen Qi <[email protected]> > > --- > > ...-negative-key-value-length-while-unserial.patch | 39 > > ++++++++++++++++++++++ > > recipes-extended/glusterfs/glusterfs.inc | 1 + > > 2 files changed, 40 insertions(+) > > create mode 100644 > > recipes-extended/glusterfs/files/0001-dict-handle-negative-key-value-length-while-unserial.patch > > > > diff --git > > a/recipes-extended/glusterfs/files/0001-dict-handle-negative-key-value-length-while-unserial.patch > > > > b/recipes-extended/glusterfs/files/0001-dict-handle-negative-key-value-length-while-unserial.patch > > new file mode 100644 > > index 0000000..cb3400b > > --- /dev/null > > +++ > > b/recipes-extended/glusterfs/files/0001-dict-handle-negative-key-value-length-while-unserial.patch > > @@ -0,0 +1,39 @@ > > +From 428ee988df7d6cbe6e18becffcee5cdfb0fa9d17 Mon Sep 17 00:00:00 2001 > > +From: Amar Tumballi <[email protected]> > > +Date: Tue, 24 Jul 2018 13:25:12 +0530 > > +Subject: [PATCH 1/7] dict: handle negative key/value length while > > unserialize > > + > > +Fixes: bz#1625089 > > +Change-Id: Ie56df0da46c242846a1ba51ccb9e011af118b119 > > +Signed-off-by: Amar Tumballi <[email protected]> > > + > > +Upstream-Status: Backport > > + > > +Fix CVE-2018-10911 > > + > > +Signed-off-by: Chen Qi <[email protected]> > > +--- > > + libglusterfs/src/dict.c | 7 +++++++ > > + 1 file changed, 7 insertions(+) > > + > > +diff --git a/libglusterfs/src/dict.c b/libglusterfs/src/dict.c > > +index 839b426..ac0a677 100644 > > +--- a/libglusterfs/src/dict.c > > ++++ b/libglusterfs/src/dict.c > > +@@ -2751,6 +2751,13 @@ dict_unserialize (char *orig_buf, int32_t size, > > dict_t **fill) > > + vallen = ntoh32 (hostord); > > + buf += DICT_DATA_HDR_VAL_LEN; > > + > > ++ if ((keylen < 0) || (vallen < 0)) { > > ++ gf_msg_callingfn ("dict", GF_LOG_ERROR, 0, > > ++ LG_MSG_UNDERSIZED_BUF, > > ++ "undersized length passed " > > ++ "key:%d val:%d", keylen, > > vallen); > > ++ goto out; > > ++ } > > + if ((buf + keylen) > (orig_buf + size)) { > > + gf_msg_callingfn ("dict", GF_LOG_ERROR, 0, > > + LG_MSG_UNDERSIZED_BUF, > > +-- > > +2.7.4 > > + > > diff --git a/recipes-extended/glusterfs/glusterfs.inc > > b/recipes-extended/glusterfs/glusterfs.inc > > index ab63a9a..ea5f2b7 100644 > > --- a/recipes-extended/glusterfs/glusterfs.inc > > +++ b/recipes-extended/glusterfs/glusterfs.inc > > @@ -23,6 +23,7 @@ SRC_URI += "file://glusterd.init \ > > > > file://0001-shared-storage-Prevent-mounting-shared-storage-from-.patch \ > > > > file://0002-server-auth-add-option-for-strict-authentication.patch \ > > > > file://0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch \ > > + > > file://0001-dict-handle-negative-key-value-length-while-unserial.patch \ > > " > > > > LICENSE = "(LGPLv3+ | GPLv2) & GPLv3+ & LGPLv3+ & GPLv2+ & LGPLv2+ & > > LGPLv2.1+ & Apache-2.0" > > > -- > _______________________________________________ > meta-virtualization mailing list > [email protected] > https://lists.yoctoproject.org/listinfo/meta-virtualization -- "Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end" -- _______________________________________________ meta-virtualization mailing list [email protected] https://lists.yoctoproject.org/listinfo/meta-virtualization
