[Buildroot] [PATCH 1/1] package/libical: fix CVE-2016-9584
Fabrice Fontaine
fontaine.fabrice at gmail.com
Sat Mar 28 09:36:47 UTC 2020
libical allows remote attackers to cause a denial of service
(use-after-free) and possibly read heap memory via a crafted ics file.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
---
...ype_from_string-copy-the-reqstattype.patch | 27 +++++++++++++++++++
package/libical/libical.mk | 3 +++
2 files changed, 30 insertions(+)
create mode 100644 package/libical/0002-icaltypes-c-icalreqstattype_from_string-copy-the-reqstattype.patch
diff --git a/package/libical/0002-icaltypes-c-icalreqstattype_from_string-copy-the-reqstattype.patch b/package/libical/0002-icaltypes-c-icalreqstattype_from_string-copy-the-reqstattype.patch
new file mode 100644
index 0000000000..0d74835e44
--- /dev/null
+++ b/package/libical/0002-icaltypes-c-icalreqstattype_from_string-copy-the-reqstattype.patch
@@ -0,0 +1,27 @@
+From 6b9438d746cec6e4e632d78c5244f4be6314d1c9 Mon Sep 17 00:00:00 2001
+From: Allen Winter <allen.winter at kdab.com>
+Date: Sun, 28 May 2017 12:51:10 -0400
+Subject: [PATCH] icaltypes.c - icalreqstattype_from_string(), copy the
+ reqstattype's debug string into its own memory in the ring buffer.
+
+Issue#253
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
+[Retrieved (and backported) from:
+https://github.com/libical/libical/commit/6b9438d746cec6e4e632d78c5244f4be6314d1c9]
+---
+ src/libical/icaltypes.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libical/icaltypes.c b/src/libical/icaltypes.c
+index 70c50d29..85c33545 100644
+--- a/src/libical/icaltypes.c
++++ b/src/libical/icaltypes.c
+@@ -140,7 +140,7 @@ struct icalreqstattype icalreqstattype_from_string(const char *str)
+
+ p2 = strchr(p1+1,';');
+ if (p2 != 0 && *p2 != 0){
+- stat.debug = p2+1;
++ stat.debug = icalmemory_tmp_copy(p2+1);
+ }
+
+ return stat;
diff --git a/package/libical/libical.mk b/package/libical/libical.mk
index 7125aa8b19..f9a266026e 100644
--- a/package/libical/libical.mk
+++ b/package/libical/libical.mk
@@ -10,6 +10,9 @@ LIBICAL_INSTALL_STAGING = YES
LIBICAL_LICENSE = MPL-1.0 or LGPL-2.1
LIBICAL_LICENSE_FILES = LICENSE
+# 0002-icaltypes-c-icalreqstattype_from_string-copy-the-reqstattype.patch
+LIBICAL_IGNORE_CVES += CVE-2016-9584
+
# building without this option is broken, it is used by
# Gentoo/alpinelinux as well
LIBICAL_CONF_OPTS = -DSHARED_ONLY=true
--
2.25.1
More information about the buildroot
mailing list