A use after free fix. * Add upstream patch but remove the testcase that didn't apply. Testcase isn't relevant for plugging the CVE. * Place patch in the ptx tag as it is part modified.
Signed-off-by: Christian Melki <christian.me...@t2data.com> --- ...wk-fix-use-after-free-CVE-2022-30065.patch | 29 +++++++++++++++++++ patches/busybox-1.35.0/series | 3 +- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 patches/busybox-1.35.0/0203-awk-fix-use-after-free-CVE-2022-30065.patch diff --git a/patches/busybox-1.35.0/0203-awk-fix-use-after-free-CVE-2022-30065.patch b/patches/busybox-1.35.0/0203-awk-fix-use-after-free-CVE-2022-30065.patch new file mode 100644 index 000000000..aff9faabc --- /dev/null +++ b/patches/busybox-1.35.0/0203-awk-fix-use-after-free-CVE-2022-30065.patch @@ -0,0 +1,29 @@ +From: Natanael Copa <nc...@alpinelinux.org> +Date: Fri, 17 Jun 2022 17:45:34 +0200 +Subject: [PATCH] awk: fix use after free (CVE-2022-30065) + +fixes https://bugs.busybox.net/show_bug.cgi?id=14781 + +function old new delta +evaluate 3343 3357 +14 + +Signed-off-by: Natanael Copa <nc...@alpinelinux.org> +Signed-off-by: Denys Vlasenko <vda.li...@googlemail.com> +--- + editors/awk.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/editors/awk.c b/editors/awk.c +index f6314ac7201a..654cbac33331 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -3114,6 +3114,9 @@ static var *evaluate(node *op, var *res) + + case XC( OC_MOVE ): + debug_printf_eval("MOVE\n"); ++ /* make sure that we never return a temp var */ ++ if (L.v == TMPVAR0) ++ L.v = res; + /* if source is a temporary string, jusk relink it to dest */ + if (R.v == TMPVAR1 + && !(R.v->type & VF_NUMBER) diff --git a/patches/busybox-1.35.0/series b/patches/busybox-1.35.0/series index ee5360887..3e1a02a16 100644 --- a/patches/busybox-1.35.0/series +++ b/patches/busybox-1.35.0/series @@ -6,4 +6,5 @@ 0200-reactivate-check-for-tty.patch 0201-build-system-only-pass-real-libs-to-SELINUX_LIBS.patch 0202-scripts-trylink-honour-SKIP_STRIP-and-don-t-strip-if.patch -# 9c0cc4baa8090165b429198c9a10e02c - git-ptx-patches magic +0203-awk-fix-use-after-free-CVE-2022-30065.patch +# e8b4a3103390b1bd27c9ce24d1e435d7 - git-ptx-patches magic -- 2.34.1