From: Wang Mingyu <[email protected]> 0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch removed since it's included in 10.0.3
Changelog: =========== Do not crash on dhcpcd test run Add automated CI builds for Ubuntu, OpenBSD, FreeBSD and NetBSD dhcpcd: Fix off-by-one overflow when read() writes full BUFSIZ privsep: fix strlcpy overflow in psp_ifname ci: execute tests after successful build compat: update arc4random() to newer chacha20 based version from OpenBSD Support libcrypto for hmac and sha256 Use a local variable instead of the optind Send correct amount of used buffer for prefix exclude option compat: use OpenSSL RAND_priv_bytes() for entropy Signed-off-by: Wang Mingyu <[email protected]> --- .../{dhcpcd_10.0.2.bb => dhcpcd_10.0.3.bb} | 3 +- ...x-strlcpy-overflow-in-psp_ifname-239.patch | 33 ------------------- 2 files changed, 1 insertion(+), 35 deletions(-) rename meta/recipes-connectivity/dhcpcd/{dhcpcd_10.0.2.bb => dhcpcd_10.0.3.bb} (94%) delete mode 100644 meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.3.bb similarity index 94% rename from meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb rename to meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.3.bb index 0966edd1b8..cc0fb382df 100644 --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.3.bb @@ -15,10 +15,9 @@ SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=ma file://dhcpcd.service \ file://[email protected] \ file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \ - file://0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch \ " -SRCREV = "d2fbde99cf2d0072016af9dfe6a77032a5a9fc30" +SRCREV = "45fb8fd8dd281d2228c7abaddff7877d27e67146" S = "${WORKDIR}/git" inherit pkgconfig autotools-brokensep systemd useradd diff --git a/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch deleted file mode 100644 index d4fb1737a6..0000000000 --- a/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 1bd8fc7d4b34f752a32709d277a897e5ad202d97 Mon Sep 17 00:00:00 2001 -From: Tobias Heider <[email protected]> -Date: Tue, 15 Aug 2023 18:06:48 +0200 -Subject: [PATCH] privsep: fix strlcpy overflow in psp_ifname (#239) - -When running our Ubuntu tests with libc6 and strlcpy overflow checks -enabled we found that the wrong size is passed to strlcpy resulting -in a crash because of an overflow. - -Upstream-Status: Backport -[https://github.com/NetworkConfiguration/dhcpcd/commit/1bd8fc7d4b34f752a32709d277a897e5ad202d97] - -Signed-off-by: Yi Zhao <[email protected]> ---- - src/privsep.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/privsep.c b/src/privsep.c -index b11c0351..cfe54742 100644 ---- a/src/privsep.c -+++ b/src/privsep.c -@@ -1200,7 +1200,7 @@ ps_newprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid) - #endif - - if (!(ctx->options & DHCPCD_MANAGER)) -- strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_name)); -+ strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_ifname)); - TAILQ_INSERT_TAIL(&ctx->ps_processes, psp, next); - return psp; - } --- -2.25.1 - -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#189033): https://lists.openembedded.org/g/openembedded-core/message/189033 Mute This Topic: https://lists.openembedded.org/mt/101936378/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
