diff options
Diffstat (limited to 'poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch')
-rw-r--r-- | poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch b/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch new file mode 100644 index 0000000000..7655200350 --- /dev/null +++ b/poky/meta/recipes-core/ncurses/files/CVE-2021-39537.patch @@ -0,0 +1,30 @@ +$NetBSD: patch-ncurses_tinfo_captoinfo.c,v 1.1 2021/10/09 07:52:36 wiz Exp $ + +Fix for CVE-2021-39537 from upstream: +https://github.com/ThomasDickey/ncurses-snapshots/commit/63ca9e061f4644795d6f3f559557f3e1ed8c738b#diff-7e95c7bc5f213e9be438e69a9d5d0f261a14952bcbd692f7b9014217b8047340 + +CVE: CVE-2021-39537 +Upstream-Status: Backport [http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/Attic/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup] +Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@kpit.com> + +--- a/ncurses/tinfo/captoinfo.c 2020-02-02 23:34:34.000000000 +0000 ++++ b/ncurses/tinfo/captoinfo.c +@@ -216,12 +216,15 @@ cvtchar(register const char *sp) + } + break; + case '^': ++ len = 2; + c = UChar(*++sp); +- if (c == '?') ++ if (c == '?') { + c = 127; +- else ++ } else if (c == '\0') { ++ len = 1; ++ } else { + c &= 0x1f; +- len = 2; ++ } + break; + default: + c = UChar(*sp); |