[ptxdist] [PATCH] busybox: Plug CVE-2022-30065.

Mon, 05 Dec 2022 02:39:30 -0800 

A use after free fix.

* Add upstream patch but remove the testcase that didn't apply.
Testcase isn't relevant for plugging the CVE.
* Place patch in the ptx tag as it is part modified.

Signed-off-by: Christian Melki <christian.me...@t2data.com>
---
 ...wk-fix-use-after-free-CVE-2022-30065.patch | 29 +++++++++++++++++++
 patches/busybox-1.35.0/series                 |  3 +-
 2 files changed, 31 insertions(+), 1 deletion(-)
 create mode 100644 
patches/busybox-1.35.0/0203-awk-fix-use-after-free-CVE-2022-30065.patch

diff --git 
a/patches/busybox-1.35.0/0203-awk-fix-use-after-free-CVE-2022-30065.patch 
b/patches/busybox-1.35.0/0203-awk-fix-use-after-free-CVE-2022-30065.patch
new file mode 100644
index 000000000..aff9faabc
--- /dev/null
+++ b/patches/busybox-1.35.0/0203-awk-fix-use-after-free-CVE-2022-30065.patch
@@ -0,0 +1,29 @@
+From: Natanael Copa <nc...@alpinelinux.org>
+Date: Fri, 17 Jun 2022 17:45:34 +0200
+Subject: [PATCH] awk: fix use after free (CVE-2022-30065)
+
+fixes https://bugs.busybox.net/show_bug.cgi?id=14781
+
+function                                             old     new   delta
+evaluate                                            3343    3357     +14
+
+Signed-off-by: Natanael Copa <nc...@alpinelinux.org>
+Signed-off-by: Denys Vlasenko <vda.li...@googlemail.com>
+---
+ editors/awk.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/editors/awk.c b/editors/awk.c
+index f6314ac7201a..654cbac33331 100644
+--- a/editors/awk.c
++++ b/editors/awk.c
+@@ -3114,6 +3114,9 @@ static var *evaluate(node *op, var *res)
+ 
+               case XC( OC_MOVE ):
+                       debug_printf_eval("MOVE\n");
++                      /* make sure that we never return a temp var */
++                      if (L.v == TMPVAR0)
++                              L.v = res;
+                       /* if source is a temporary string, jusk relink it to 
dest */
+                       if (R.v == TMPVAR1
+                        && !(R.v->type & VF_NUMBER)
diff --git a/patches/busybox-1.35.0/series b/patches/busybox-1.35.0/series
index ee5360887..3e1a02a16 100644
--- a/patches/busybox-1.35.0/series
+++ b/patches/busybox-1.35.0/series
@@ -6,4 +6,5 @@
 0200-reactivate-check-for-tty.patch
 0201-build-system-only-pass-real-libs-to-SELINUX_LIBS.patch
 0202-scripts-trylink-honour-SKIP_STRIP-and-don-t-strip-if.patch
-# 9c0cc4baa8090165b429198c9a10e02c  - git-ptx-patches magic
+0203-awk-fix-use-after-free-CVE-2022-30065.patch
+# e8b4a3103390b1bd27c9ce24d1e435d7  - git-ptx-patches magic
-- 
2.34.1

Reply via email to