From 18f97faa411078b95d042d207f5fff32bc8ece1d Mon Sep 17 00:00:00 2001
From: P Dheeraj Srujan Kumar
Date: Thu, 31 Mar 2022 02:50:48 +0530
Subject: Update to internal 1-0.91
Signed-off-by: P Dheeraj Srujan Kumar
---
.../CVE-2021-43618-Avoid-bit-size-overflows.patch | 25 ++++++++++++++++++++++
.../meta-common/recipes-support/gmp/gmp_%.bbappend | 4 ++++
2 files changed, 29 insertions(+)
create mode 100644 meta-openbmc-mods/meta-common/recipes-support/gmp/gmp/CVE-2021-43618-Avoid-bit-size-overflows.patch
create mode 100644 meta-openbmc-mods/meta-common/recipes-support/gmp/gmp_%.bbappend
(limited to 'meta-openbmc-mods/meta-common/recipes-support')
diff --git a/meta-openbmc-mods/meta-common/recipes-support/gmp/gmp/CVE-2021-43618-Avoid-bit-size-overflows.patch b/meta-openbmc-mods/meta-common/recipes-support/gmp/gmp/CVE-2021-43618-Avoid-bit-size-overflows.patch
new file mode 100644
index 000000000..f74197243
--- /dev/null
+++ b/meta-openbmc-mods/meta-common/recipes-support/gmp/gmp/CVE-2021-43618-Avoid-bit-size-overflows.patch
@@ -0,0 +1,25 @@
+
+# HG changeset patch
+# User Marco Bodrato
+# Date 1634836009 -7200
+# Node ID 561a9c25298e17bb01896801ff353546c6923dbd
+# Parent e1fd9db13b475209a864577237ea4b9105b3e96e
+mpz/inp_raw.c: Avoid bit size overflows
+
+diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c
+--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100
++++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200
+@@ -88,8 +88,11 @@
+
+ abs_csize = ABS (csize);
+
++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
++ return 0; /* Bit size overflows */
++
+ /* round up to a multiple of limbs */
+- abs_xsize = BITS_TO_LIMBS (abs_csize*8);
++ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);
+
+ if (abs_xsize != 0)
+ {
+
diff --git a/meta-openbmc-mods/meta-common/recipes-support/gmp/gmp_%.bbappend b/meta-openbmc-mods/meta-common/recipes-support/gmp/gmp_%.bbappend
new file mode 100644
index 000000000..7d77ea4b6
--- /dev/null
+++ b/meta-openbmc-mods/meta-common/recipes-support/gmp/gmp_%.bbappend
@@ -0,0 +1,4 @@
+FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:"
+SRC_URI += " \
+ file://CVE-2021-43618-Avoid-bit-size-overflows.patch \
+ "
--
cgit v1.2.3