diff options
Diffstat (limited to 'poky/meta/recipes-support/curl/curl/cve-2021-22945.patch')
-rw-r--r-- | poky/meta/recipes-support/curl/curl/cve-2021-22945.patch | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/poky/meta/recipes-support/curl/curl/cve-2021-22945.patch b/poky/meta/recipes-support/curl/curl/cve-2021-22945.patch new file mode 100644 index 0000000000..2cbe110332 --- /dev/null +++ b/poky/meta/recipes-support/curl/curl/cve-2021-22945.patch @@ -0,0 +1,34 @@ +CVE: CVE-2021-22945 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From 92cb3059dab2f9ef3e6ea614dad5c86917d19807 Mon Sep 17 00:00:00 2001 +From: z2_ on hackerone <> +Date: Tue, 24 Aug 2021 09:50:33 +0200 +Subject: [PATCH 1/3] mqtt: clear the leftovers pointer when sending succeeds + +CVE-2021-22945 + +Bug: https://curl.se/docs/CVE-2021-22945.html +--- + lib/mqtt.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/lib/mqtt.c b/lib/mqtt.c +index f077e6c3d..fcd40b41e 100644 +--- a/lib/mqtt.c ++++ b/lib/mqtt.c +@@ -128,6 +128,10 @@ static CURLcode mqtt_send(struct Curl_easy *data, + mq->sendleftovers = sendleftovers; + mq->nsend = nsend; + } ++ else { ++ mq->sendleftovers = NULL; ++ mq->nsend = 0; ++ } + return result; + } + +-- +2.25.1 + |