diff mbox series

[meta-oe,dunfell,V2] c-ares: Backport fix for CVE-2024-25629

Message ID 20240312141024.27185-1-asharma@mvista.com
State New
Headers show
Series [meta-oe,dunfell,V2] c-ares: Backport fix for CVE-2024-25629 | expand

Commit Message

Ashish Sharma March 12, 2024, 2:10 p.m. UTC 
Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183]

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-25629
https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q
https://security-tracker.debian.org/tracker/CVE-2024-25629

Signed-off-by: Ashish Sharma <asharma@mvista.com>
---
 .../c-ares/c-ares/CVE-2024-25629.patch        | 32 +++++++++++++++++++
 .../recipes-support/c-ares/c-ares_1.18.1.bb   |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 meta-oe/recipes-support/c-ares/c-ares/CVE-2024-25629.patch
diff mbox series

Patch

diff --git a/meta-oe/recipes-support/c-ares/c-ares/CVE-2024-25629.patch b/meta-oe/recipes-support/c-ares/c-ares/CVE-2024-25629.patch
new file mode 100644
index 000000000..288763428
--- /dev/null
+++ b/meta-oe/recipes-support/c-ares/c-ares/CVE-2024-25629.patch
@@ -0,0 +1,32 @@ 
+From: a804c04ddc8245fc8adf0e92368709639125e183 Mon Sep 17 00:00:00 2001
+From: Brad House <brad@brad-house.com>
+Date: Mon, 11 Mar 2024 14:29:39 +0000
+Subject: [PATCH] Merge pull request from GHSA-mg26-v6qh-x48q
+
+CVE: CVE-2024-25629
+Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183]
+Signed-off-by: Ashish Sharma <asharma@mvista.com>
+---
+ src/lib/ares__read_line.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/lib/ares__read_line.c b/src/lib/ares__read_line.c
+index c62ad2a..d6625a3 100644
+--- a/src/lib/ares__read_line.c
++++ b/src/lib/ares__read_line.c
+@@ -49,6 +49,14 @@ int ares__read_line(FILE *fp, char **buf, size_t *bufsize)
+       if (!fgets(*buf + offset, bytestoread, fp))
+         return (offset != 0) ? 0 : (ferror(fp)) ? ARES_EFILE : ARES_EOF;
+       len = offset + strlen(*buf + offset);
++
++      /* Probably means there was an embedded NULL as the first character in
++       * the line, throw away line */
++      if (len == 0) {
++        offset = 0;
++        continue;
++      }
++
+       if ((*buf)[len - 1] == '\n')
+         {
+           (*buf)[len - 1] = 0;
+--
diff --git a/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb b/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb
index 2aa789760..b5936e1ad 100644
--- a/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb
+++ b/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb
@@ -10,6 +10,7 @@  SRC_URI = "git://github.com/c-ares/c-ares.git;branch=main;protocol=https \
            file://CVE-2023-31130.patch \
            file://CVE-2023-31147.patch \
            file://CVE-2023-32067.patch \
+           file://CVE-2024-25629.patch \
           "
 SRCREV = "2aa086f822aad5017a6f2061ef656f237a62d0ed"