diff options
| author | Hirokazu MORIKAWA <morikw2@gmail.com> | 2021-07-12 14:20:33 +0900 |
|---|---|---|
| committer | Hirokazu MORIKAWA <morikw2@gmail.com> | 2021-07-12 14:20:33 +0900 |
| commit | a374b76f9ea15dc4795055da94c851e561d89eee (patch) | |
| tree | 4f07dfddae1a427975715d2e9ea18acc46661b39 /libs/libuv | |
| parent | 8ece746b51f994ef74ca8ad20f5f05f370af2fbc (diff) | |
libuv: bump to 1.41.1
Update to 1.41.1
include fix CVE-2021-22918
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Diffstat (limited to 'libs/libuv')
| -rw-r--r-- | libs/libuv/Makefile | 4 | ||||
| -rw-r--r-- | libs/libuv/patches/CVE-2021-22918.patch | 166 |
2 files changed, 2 insertions, 168 deletions
diff --git a/libs/libuv/Makefile b/libs/libuv/Makefile index 251cc55f7..0eed2b408 100644 --- a/libs/libuv/Makefile +++ b/libs/libuv/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libuv -PKG_VERSION:=1.41.0 +PKG_VERSION:=1.41.1 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://dist.libuv.org/dist/v$(PKG_VERSION)/ -PKG_HASH:=1184533907e1ddad9c0dcd30a5abb0fe25288c287ff7fee303fff7b9b2d6eb6e +PKG_HASH:=65db0c7f2438bc8cd48865de282bf6670027f3557d6e3cb62fb65b2e350a687d PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-v$(PKG_VERSION) PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr> diff --git a/libs/libuv/patches/CVE-2021-22918.patch b/libs/libuv/patches/CVE-2021-22918.patch deleted file mode 100644 index 075800c2f..000000000 --- a/libs/libuv/patches/CVE-2021-22918.patch +++ /dev/null @@ -1,166 +0,0 @@ -From b7466e31e4bee160d82a68fca11b1f61d46debae Mon Sep 17 00:00:00 2001 -From: Ben Noordhuis <info@bnoordhuis.nl> -Date: Fri, 21 May 2021 11:23:36 +0200 -Subject: [PATCH] idna: fix OOB read in punycode decoder - -libuv was vulnerable to out-of-bounds reads in the uv__idna_toascii() -function which is used to convert strings to ASCII. This is called by -the DNS resolution function and can lead to information disclosures or -crashes. - -Reported by Eric Sesterhenn in collaboration with Cure53 and ExpressVPN. - -Reported-By: Eric Sesterhenn <eric.sesterhenn@x41-dsec.de> -Fixes: https://github.com/libuv/libuv/issues/3147 -PR-URL: https://github.com/libuv/libuv-private/pull/1 -Refs: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918 -Reviewed-By: Colin Ihrig <cjihrig@gmail.com> -Reviewed-By: Richard Lau <riclau@uk.ibm.com> ---- - src/idna.c | 49 +++++++++++++++++++++++++++++++++++------------- - test/test-idna.c | 19 +++++++++++++++++++ - test/test-list.h | 2 ++ - 3 files changed, 57 insertions(+), 13 deletions(-) - ---- a/src/idna.c -+++ b/src/idna.c -@@ -19,6 +19,7 @@ - - #include "uv.h" - #include "idna.h" -+#include <assert.h> - #include <string.h> - - static unsigned uv__utf8_decode1_slow(const char** p, -@@ -32,7 +33,7 @@ static unsigned uv__utf8_decode1_slow(co - if (a > 0xF7) - return -1; - -- switch (*p - pe) { -+ switch (pe - *p) { - default: - if (a > 0xEF) { - min = 0x10000; -@@ -62,6 +63,8 @@ static unsigned uv__utf8_decode1_slow(co - a = 0; - break; - } -+ /* Fall through. */ -+ case 0: - return -1; /* Invalid continuation byte. */ - } - -@@ -88,6 +91,8 @@ static unsigned uv__utf8_decode1_slow(co - unsigned uv__utf8_decode1(const char** p, const char* pe) { - unsigned a; - -+ assert(*p < pe); -+ - a = (unsigned char) *(*p)++; - - if (a < 128) -@@ -96,9 +101,6 @@ unsigned uv__utf8_decode1(const char** p - return uv__utf8_decode1_slow(p, pe, a); - } - --#define foreach_codepoint(c, p, pe) \ -- for (; (void) (*p <= pe && (c = uv__utf8_decode1(p, pe))), *p <= pe;) -- - static int uv__idna_toascii_label(const char* s, const char* se, - char** d, char* de) { - static const char alphabet[] = "abcdefghijklmnopqrstuvwxyz0123456789"; -@@ -121,15 +123,22 @@ static int uv__idna_toascii_label(const - ss = s; - todo = 0; - -- foreach_codepoint(c, &s, se) { -+ /* Note: after this loop we've visited all UTF-8 characters and know -+ * they're legal so we no longer need to check for decode errors. -+ */ -+ while (s < se) { -+ c = uv__utf8_decode1(&s, se); -+ -+ if (c == -1u) -+ return UV_EINVAL; -+ - if (c < 128) - h++; -- else if (c == (unsigned) -1) -- return UV_EINVAL; - else - todo++; - } - -+ /* Only write "xn--" when there are non-ASCII characters. */ - if (todo > 0) { - if (*d < de) *(*d)++ = 'x'; - if (*d < de) *(*d)++ = 'n'; -@@ -137,9 +146,13 @@ static int uv__idna_toascii_label(const - if (*d < de) *(*d)++ = '-'; - } - -+ /* Write ASCII characters. */ - x = 0; - s = ss; -- foreach_codepoint(c, &s, se) { -+ while (s < se) { -+ c = uv__utf8_decode1(&s, se); -+ assert(c != -1u); -+ - if (c > 127) - continue; - -@@ -166,10 +179,15 @@ static int uv__idna_toascii_label(const - while (todo > 0) { - m = -1; - s = ss; -- foreach_codepoint(c, &s, se) -+ -+ while (s < se) { -+ c = uv__utf8_decode1(&s, se); -+ assert(c != -1u); -+ - if (c >= n) - if (c < m) - m = c; -+ } - - x = m - n; - y = h + 1; -@@ -181,7 +199,10 @@ static int uv__idna_toascii_label(const - n = m; - - s = ss; -- foreach_codepoint(c, &s, se) { -+ while (s < se) { -+ c = uv__utf8_decode1(&s, se); -+ assert(c != -1u); -+ - if (c < n) - if (++delta == 0) - return UV_E2BIG; /* Overflow. */ -@@ -245,8 +266,6 @@ static int uv__idna_toascii_label(const - return 0; - } - --#undef foreach_codepoint -- - long uv__idna_toascii(const char* s, const char* se, char* d, char* de) { - const char* si; - const char* st; -@@ -256,10 +275,14 @@ long uv__idna_toascii(const char* s, con - - ds = d; - -- for (si = s; si < se; /* empty */) { -+ si = s; -+ while (si < se) { - st = si; - c = uv__utf8_decode1(&si, se); - -+ if (c == -1u) -+ return UV_EINVAL; -+ - if (c != '.') - if (c != 0x3002) /* 。 */ - if (c != 0xFF0E) /* . */ |