[OE-core] [meta][dunfell][PATCH 1/3] gmp: Fix for CVE-2021-43618

Thu, 02 Dec 2021 02:18:52 -0800 

From: Ranjitsinh Rathod <ranjitsinh.rat...@kpit.com>

Add patch to fix CVE-2021-43618
Link: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e

Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rat...@kpit.com>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1...@gmail.com>
---
 .../gmp/gmp/CVE-2021-43618.patch              | 29 +++++++++++++++++++
 meta/recipes-support/gmp/gmp_6.2.0.bb         |  1 +
 2 files changed, 30 insertions(+)
 create mode 100644 meta/recipes-support/gmp/gmp/CVE-2021-43618.patch

diff --git a/meta/recipes-support/gmp/gmp/CVE-2021-43618.patch 
b/meta/recipes-support/gmp/gmp/CVE-2021-43618.patch
new file mode 100644
index 0000000000..0323a45c27
--- /dev/null
+++ b/meta/recipes-support/gmp/gmp/CVE-2021-43618.patch
@@ -0,0 +1,29 @@
+
+# HG changeset patch
+# User Marco Bodrato <bodr...@mail.dm.unipi.it>
+# Date 1634836009 -7200
+# Node ID 561a9c25298e17bb01896801ff353546c6923dbd
+# Parent  e1fd9db13b475209a864577237ea4b9105b3e96e
+mpz/inp_raw.c: Avoid bit size overflows
+
+CVE: CVE-2021-43618
+Upstream-Status: Backport [https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e]
+Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rat...@kpit.com>
+
+diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c
+--- a/mpz/inp_raw.c    Tue Dec 22 23:49:51 2020 +0100
++++ b/mpz/inp_raw.c    Thu Oct 21 19:06:49 2021 +0200
+@@ -88,8 +88,11 @@
+ 
+   abs_csize = ABS (csize);
+ 
++  if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
++    return 0; /* Bit size overflows */
++
+   /* round up to a multiple of limbs */
+-  abs_xsize = BITS_TO_LIMBS (abs_csize*8);
++  abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);
+ 
+   if (abs_xsize != 0)
+     {
+
diff --git a/meta/recipes-support/gmp/gmp_6.2.0.bb 
b/meta/recipes-support/gmp/gmp_6.2.0.bb
index a19c74fca8..bd88aa95ef 100644
--- a/meta/recipes-support/gmp/gmp_6.2.0.bb
+++ b/meta/recipes-support/gmp/gmp_6.2.0.bb
@@ -12,6 +12,7 @@ SRC_URI = 
"https://gmplib.org/download/${BPN}/${BP}${REVISION}.tar.bz2 \
            file://use-includedir.patch \
            
file://0001-Append-the-user-provided-flags-to-the-auto-detected-.patch \
            file://0001-confiure.ac-Believe-the-cflags-from-environment.patch \
+           file://CVE-2021-43618.patch \
            "
 SRC_URI[md5sum] = "c24161e0dd44cae78cd5f67193492a21"
 SRC_URI[sha256sum] = 
"f51c99cb114deb21a60075ffb494c1a210eb9d7cb729ed042ddb7de9534451ea"
-- 
2.17.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#159079): 
https://lists.openembedded.org/g/openembedded-core/message/159079
Mute This Topic: https://lists.openembedded.org/mt/87449895/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to