-
Notifications
You must be signed in to change notification settings - Fork 688
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c. References: CESNET/libyang#1987 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
- Loading branch information
Showing
2 changed files
with
41 additions
and
0 deletions.
There are no files selected for viewing
40 changes: 40 additions & 0 deletions
40
meta-oe/recipes-extended/libyang/libyang/CVE-2023-26917.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
From cfa1a965a429e4bfc5ae1539a8e87a9cf71c3090 Mon Sep 17 00:00:00 2001 | ||
From: Michal Vasko <mvasko@cesnet.cz> | ||
Date: Tue, 18 Jul 2023 10:41:21 +0000 | ||
Subject: [PATCH] parser common BUGFIX handle missing YANG strings | ||
|
||
Fixes #1987 | ||
|
||
CVE: CVE-2023-26917 | ||
|
||
Upstream-Status: | ||
Backport[https://github.com/CESNET/libyang/commit/cfa1a965a429e4bfc5ae1539a8e87a9cf71c3090] | ||
|
||
Signed-off-by: Yogita Urade <yogita.urade@windriver.com> | ||
--- | ||
src/parser_stmt.c | 10 ++++++++++ | ||
1 file changed, 10 insertions(+) | ||
|
||
diff --git a/src/parser_stmt.c b/src/parser_stmt.c | ||
index 81ccbfca6..2ebf822ab 100644 | ||
--- a/src/parser_stmt.c | ||
+++ b/src/parser_stmt.c | ||
@@ -52,6 +52,16 @@ lysp_stmt_validate_value(struct lys_parser_ctx *ctx, enum yang_arg val_type, con | ||
uint32_t c; | ||
size_t utf8_char_len; | ||
|
||
+ if (!val) { | ||
+ if (val_type == Y_MAYBE_STR_ARG) { | ||
+ /* fine */ | ||
+ return LY_SUCCESS; | ||
+ } | ||
+ | ||
+ LOGVAL_PARSER(ctx, LYVE_SYNTAX, "Missing an expected string."); | ||
+ return LY_EVALID; | ||
+ } | ||
+ | ||
while (*val) { | ||
LY_CHECK_ERR_RET(ly_getutf8(&val, &c, &utf8_char_len), | ||
LOGVAL_PARSER(ctx, LY_VCODE_INCHAR, (val)[-utf8_char_len]), LY_EVALID); | ||
-- | ||
2.35.5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters