1 files changed, 47 insertions, 0 deletions

diff --git a/meta-openbmc-mods/meta-common/recipes-core/ncurses/ncurses/0001-Fix-heap-buffer-overflow-in-captoinfo.patch b/meta-openbmc-mods/meta-common/recipes-core/ncurses/ncurses/0001-Fix-heap-buffer-overflow-in-captoinfo.patch
new file mode 100644
index 000000000..420a19b41
--- /dev/null
+++ b/meta-openbmc-mods/meta-common/recipes-core/ncurses/ncurses/0001-Fix-heap-buffer-overflow-in-captoinfo.patch
@@ -0,0 +1,47 @@
+From ad135388ac66b7c8276b0899d9b43433e2faffa6 Mon Sep 17 00:00:00 2001
+From: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
+Date: Tue, 7 Dec 2021 23:58:53 +0000
+Subject: [PATCH] Fix heap-buffer-overflow in captoinfo
+
+This has been picked up from http://cvsweb.netbsd.org/
+bsdweb.cgi/pkgsrc/devel/ncurses/patches/Attic/
+patch-ncurses_tinfo_captoinfo.c
+?rev=1.1&content-type=text/x-cvsweb-markup
+
+Thomas Dickey is the owner of this patch.
+This fix is a part of
+https://github.com/ThomasDickey/ncurses-snapshots/
+commit/63ca9e061f4644795d6f3f559557f3e1ed8c738b#diff-
+7e95c7bc5f213e9be438e69a9d5d0f261a14952bcbd692f7b9014217b8047340
+
+Signed-off-by: P Dheeraj Srujan Kumar <p.dheeraj.srujan.kumar@intel.com>
+---
+ ncurses/tinfo/captoinfo.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/ncurses/tinfo/captoinfo.c b/ncurses/tinfo/captoinfo.c
+index 8b3b83d1..c9741405 100644
+--- a/ncurses/tinfo/captoinfo.c
++++ b/ncurses/tinfo/captoinfo.c
+@@ -216,12 +216,15 @@ cvtchar(register const char *sp)
+ 	}
+ 	break;
+     case '^':
++	len = 2;
+ 	c = UChar(*++sp);
+-	if (c == '?')
++        if (c == '?') {
+ 	    c = 127;
+-	else
++        } else if (c == '\0') {
++            len = 1;
++        } else {
+ 	    c &= 0x1f;
+-	len = 2;
++	}
+ 	break;
+     default:
+ 	c = UChar(*sp);
+-- 
+2.17.1
+