1 files changed, 0 insertions, 280 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-support/curl/curl/CVE-2022-32207-fopen-add-Curl_fopen-for-better-overwriting-of-fi.patch b/meta-openbmc-mods/meta-common/recipes-support/curl/curl/CVE-2022-32207-fopen-add-Curl_fopen-for-better-overwriting-of-fi.patch
deleted file mode 100644
index 9b4c128d9..000000000
--- a/meta-openbmc-mods/meta-common/recipes-support/curl/curl/CVE-2022-32207-fopen-add-Curl_fopen-for-better-overwriting-of-fi.patch
+++ /dev/null
@@ -1,280 +0,0 @@
-From 20f9dd6bae50b7223171b17ba7798946e74f877f Mon Sep 17 00:00:00 2001
-From: Daniel Stenberg <daniel@haxx.se>
-Date: Wed, 25 May 2022 10:09:53 +0200
-Subject: [PATCH] fopen: add Curl_fopen() for better overwriting of files
-
-Bug: https://curl.se/docs/CVE-2022-32207.html
-CVE-2022-32207
-Reported-by: Harry Sintonen
-Closes #9050
----
- CMakeLists.txt          |   1 +
- configure.ac            |   1 +
- lib/Makefile.inc        |   2 +
- lib/cookie.c            |  19 ++-----
- lib/curl_config.h.cmake |   3 ++
- lib/fopen.c             | 113 ++++++++++++++++++++++++++++++++++++++++
- lib/fopen.h             |  30 +++++++++++
- 7 files changed, 154 insertions(+), 15 deletions(-)
- create mode 100644 lib/fopen.c
- create mode 100644 lib/fopen.h
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 45d763d5a9c1d..ad20777f3d688 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -1067,6 +1067,7 @@ elseif(HAVE_LIBSOCKET)
-   set(CMAKE_REQUIRED_LIBRARIES socket)
- endif()
- 
-+check_symbol_exists(fchmod        "${CURL_INCLUDES}" HAVE_FCHMOD)
- check_symbol_exists(basename      "${CURL_INCLUDES}" HAVE_BASENAME)
- check_symbol_exists(socket        "${CURL_INCLUDES}" HAVE_SOCKET)
- check_symbol_exists(select        "${CURL_INCLUDES}" HAVE_SELECT)
-diff --git a/configure.ac b/configure.ac
-index b0245b99a669f..de2dee5a484ed 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -3438,6 +3438,7 @@ AC_CHECK_DECLS([getpwuid_r], [], [AC_DEFINE(HAVE_DECL_GETPWUID_R_MISSING, 1, "Se
- 
- 
- AC_CHECK_FUNCS([fnmatch \
-+  fchmod \
-   geteuid \
-   getpass_r \
-   getppid \
-diff --git a/lib/Makefile.inc b/lib/Makefile.inc
-index 533e16df97020..9bd8e324bd1c1 100644
---- a/lib/Makefile.inc
-+++ b/lib/Makefile.inc
-@@ -137,6 +137,7 @@ LIB_CFILES =         \
-   escape.c           \
-   file.c             \
-   fileinfo.c         \
-+  fopen.c            \
-   formdata.c         \
-   ftp.c              \
-   ftplistparser.c    \
-@@ -270,6 +271,7 @@ LIB_HFILES =         \
-   escape.h           \
-   file.h             \
-   fileinfo.h         \
-+  fopen.h            \
-   formdata.h         \
-   ftp.h              \
-   ftplistparser.h    \
-diff --git a/lib/cookie.c b/lib/cookie.c
-index a1ab89532033b..cb57b86387191 100644
---- a/lib/cookie.c
-+++ b/lib/cookie.c
-@@ -99,8 +99,8 @@ Example set of cookies:
- #include "curl_get_line.h"
- #include "curl_memrchr.h"
- #include "parsedate.h"
--#include "rand.h"
- #include "rename.h"
-+#include "fopen.h"
- 
- /* The last 3 #include files should be in this order */
- #include "curl_printf.h"
-@@ -1641,20 +1641,9 @@ static CURLcode cookie_output(struct Curl_easy *data,
-     use_stdout = TRUE;
-   }
-   else {
--    unsigned char randsuffix[9];
--
--    if(Curl_rand_hex(data, randsuffix, sizeof(randsuffix)))
--      return 2;
--
--    tempstore = aprintf("%s.%s.tmp", filename, randsuffix);
--    if(!tempstore)
--      return CURLE_OUT_OF_MEMORY;
--
--    out = fopen(tempstore, FOPEN_WRITETEXT);
--    if(!out) {
--      error = CURLE_WRITE_ERROR;
-+    error = Curl_fopen(data, filename, &out, &tempstore);
-+    if(error)
-       goto error;
--    }
-   }
- 
-   fputs("# Netscape HTTP Cookie File\n"
-@@ -1701,7 +1690,7 @@ static CURLcode cookie_output(struct Curl_easy *data,
-   if(!use_stdout) {
-     fclose(out);
-     out = NULL;
--    if(Curl_rename(tempstore, filename)) {
-+    if(tempstore && Curl_rename(tempstore, filename)) {
-       unlink(tempstore);
-       error = CURLE_WRITE_ERROR;
-       goto error;
-diff --git a/lib/curl_config.h.cmake b/lib/curl_config.h.cmake
-index cd4b568d89948..eb2c62b971453 100644
---- a/lib/curl_config.h.cmake
-+++ b/lib/curl_config.h.cmake
-@@ -159,6 +159,9 @@
- /* Define to 1 if you have the <assert.h> header file. */
- #cmakedefine HAVE_ASSERT_H 1
- 
-+/* Define to 1 if you have the `fchmod' function. */
-+#cmakedefine HAVE_FCHMOD 1
-+
- /* Define to 1 if you have the `basename' function. */
- #cmakedefine HAVE_BASENAME 1
- 
-diff --git a/lib/fopen.c b/lib/fopen.c
-new file mode 100644
-index 0000000000000..ad3691ba9d158
---- /dev/null
-+++ b/lib/fopen.c
-@@ -0,0 +1,113 @@
-+/***************************************************************************
-+ *                                  _   _ ____  _
-+ *  Project                     ___| | | |  _ \| |
-+ *                             / __| | | | |_) | |
-+ *                            | (__| |_| |  _ <| |___
-+ *                             \___|\___/|_| \_\_____|
-+ *
-+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
-+ *
-+ * This software is licensed as described in the file COPYING, which
-+ * you should have received as part of this distribution. The terms
-+ * are also available at https://curl.se/docs/copyright.html.
-+ *
-+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
-+ * copies of the Software, and permit persons to whom the Software is
-+ * furnished to do so, under the terms of the COPYING file.
-+ *
-+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-+ * KIND, either express or implied.
-+ *
-+ * SPDX-License-Identifier: curl
-+ *
-+ ***************************************************************************/
-+
-+#include "curl_setup.h"
-+
-+#if !defined(CURL_DISABLE_COOKIES) || !defined(CURL_DISABLE_ALTSVC) ||  \
-+  !defined(CURL_DISABLE_HSTS)
-+
-+#ifdef HAVE_FCNTL_H
-+#include <fcntl.h>
-+#endif
-+
-+#include "urldata.h"
-+#include "rand.h"
-+#include "fopen.h"
-+/* The last 3 #include files should be in this order */
-+#include "curl_printf.h"
-+#include "curl_memory.h"
-+#include "memdebug.h"
-+
-+/*
-+ * Curl_fopen() opens a file for writing with a temp name, to be renamed
-+ * to the final name when completed. If there is an existing file using this
-+ * name at the time of the open, this function will clone the mode from that
-+ * file.  if 'tempname' is non-NULL, it needs a rename after the file is
-+ * written.
-+ */
-+CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
-+                    FILE **fh, char **tempname)
-+{
-+  CURLcode result = CURLE_WRITE_ERROR;
-+  unsigned char randsuffix[9];
-+  char *tempstore = NULL;
-+  struct_stat sb;
-+  int fd = -1;
-+  *tempname = NULL;
-+
-+  if(stat(filename, &sb) == -1 || !S_ISREG(sb.st_mode)) {
-+    /* a non-regular file, fallback to direct fopen() */
-+    *fh = fopen(filename, FOPEN_WRITETEXT);
-+    if(*fh)
-+      return CURLE_OK;
-+    goto fail;
-+  }
-+
-+  result = Curl_rand_hex(data, randsuffix, sizeof(randsuffix));
-+  if(result)
-+    goto fail;
-+
-+  tempstore = aprintf("%s.%s.tmp", filename, randsuffix);
-+  if(!tempstore) {
-+    result = CURLE_OUT_OF_MEMORY;
-+    goto fail;
-+  }
-+
-+  result = CURLE_WRITE_ERROR;
-+  fd = open(tempstore, O_WRONLY | O_CREAT | O_EXCL, 0600);
-+  if(fd == -1)
-+    goto fail;
-+
-+#ifdef HAVE_FCHMOD
-+  {
-+    struct_stat nsb;
-+    if((fstat(fd, &nsb) != -1) &&
-+       (nsb.st_uid == sb.st_uid) && (nsb.st_gid == sb.st_gid)) {
-+      /* if the user and group are the same, clone the original mode */
-+      if(fchmod(fd, sb.st_mode) == -1)
-+        goto fail;
-+    }
-+  }
-+#endif
-+
-+  *fh = fdopen(fd, FOPEN_WRITETEXT);
-+  if(!*fh)
-+    goto fail;
-+
-+  *tempname = tempstore;
-+  return CURLE_OK;
-+
-+fail:
-+  if(fd != -1) {
-+    close(fd);
-+    unlink(tempstore);
-+  }
-+
-+  free(tempstore);
-+
-+  *tempname = NULL;
-+  return result;
-+}
-+
-+#endif /* ! disabled */
-diff --git a/lib/fopen.h b/lib/fopen.h
-new file mode 100644
-index 0000000000000..289e55f2afd24
---- /dev/null
-+++ b/lib/fopen.h
-@@ -0,0 +1,30 @@
-+#ifndef HEADER_CURL_FOPEN_H
-+#define HEADER_CURL_FOPEN_H
-+/***************************************************************************
-+ *                                  _   _ ____  _
-+ *  Project                     ___| | | |  _ \| |
-+ *                             / __| | | | |_) | |
-+ *                            | (__| |_| |  _ <| |___
-+ *                             \___|\___/|_| \_\_____|
-+ *
-+ * Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
-+ *
-+ * This software is licensed as described in the file COPYING, which
-+ * you should have received as part of this distribution. The terms
-+ * are also available at https://curl.se/docs/copyright.html.
-+ *
-+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
-+ * copies of the Software, and permit persons to whom the Software is
-+ * furnished to do so, under the terms of the COPYING file.
-+ *
-+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-+ * KIND, either express or implied.
-+ *
-+ * SPDX-License-Identifier: curl
-+ *
-+ ***************************************************************************/
-+
-+CURLcode Curl_fopen(struct Curl_easy *data, const char *filename,
-+                    FILE **fh, char **tempname);
-+
-+#endif