diff options
Diffstat (limited to 'poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch')
-rw-r--r-- | poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch new file mode 100644 index 000000000..fb9b41a5e --- /dev/null +++ b/poky/meta/recipes-devtools/perl/perl/CVE-2018-6798-2.patch @@ -0,0 +1,37 @@ +From f65da1ca2eee74696d9c120e9d69af37b4fa1920 Mon Sep 17 00:00:00 2001 +From: Tony Cook <tony@develop-help.com> +Date: Mon, 19 Feb 2018 15:11:42 +1100 +Subject: [PATCH] (perl #132063) we should no longer warn for this code + +The first patch for 132063 prevented the buffer read overflow when +dumping the warning but didn't fix the underlying problem. + +The next change treats the supplied buffer correctly, preventing the +non-UTF-8 SV from being treated as UTF-8, preventing the warning. + +(cherry picked from commit 1e8b61488f195e1396aa801c685340b156104f4f) + +CVE: CVE-2018-6798 +Upstream-Status: Backport [https://perl5.git.perl.org/perl.git/commitdiff/f65da1ca2eee74696d9c120e9d69af37b4fa1920] + +Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> +--- + t/lib/warnings/regexec | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/t/lib/warnings/regexec b/t/lib/warnings/regexec +index 6635142dea..c370ddc3c7 100644 +--- a/t/lib/warnings/regexec ++++ b/t/lib/warnings/regexec +@@ -262,8 +262,5 @@ setlocale(&POSIX::LC_CTYPE, $utf8_locale); + EXPECT + ######## + # NAME perl #132063, read beyond buffer end +-# OPTION fatal + "\xff" =~ /(?il)\x{100}|\x{100}/; + EXPECT +-Malformed UTF-8 character: \xff (too short; 1 byte available, need 13) in pattern match (m//) at - line 2. +-Malformed UTF-8 character (fatal) at - line 2. +-- +2.15.1-424-g9478a660812 + |