poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch - openbmc/openbmc - Gitiles

 CVE: CVE-2021-43618
 Upstream-Status: Backport
 Signed-off-by: Ross Burton <ross.burton@arm.com>

 # HG changeset patch
 # User Marco Bodrato <bodrato@mail.dm.unipi.it>
 # Date 1634836009 -7200
 # Node ID 561a9c25298e17bb01896801ff353546c6923dbd
 # Parent  e1fd9db13b475209a864577237ea4b9105b3e96e
 mpz/inp_raw.c: Avoid bit size overflows

 diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c
 --- a/mpz/inp_raw.c	Tue Dec 22 23:49:51 2020 +0100
 +++ b/mpz/inp_raw.c	Thu Oct 21 19:06:49 2021 +0200
 @@ -88,8 +88,11 @@

    abs_csize = ABS (csize);

 +  if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
 +    return 0; /* Bit size overflows */
 +
    /* round up to a multiple of limbs */
 -  abs_xsize = BITS_TO_LIMBS (abs_csize*8);
 +  abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);

    if (abs_xsize != 0)
      {
	CVE: CVE-2021-43618
	Upstream-Status: Backport
	Signed-off-by: Ross Burton <ross.burton@arm.com>

	# HG changeset patch
	# User Marco Bodrato <bodrato@mail.dm.unipi.it>
	# Date 1634836009 -7200
	# Node ID 561a9c25298e17bb01896801ff353546c6923dbd
	# Parent e1fd9db13b475209a864577237ea4b9105b3e96e
	mpz/inp_raw.c: Avoid bit size overflows

	diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c
	--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100
	+++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200
	@@ -88,8 +88,11 @@

	abs_csize = ABS (csize);

	+ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
	+ return 0; /* Bit size overflows */
	+
	/* round up to a multiple of limbs */
	- abs_xsize = BITS_TO_LIMBS (abs_csize*8);
	+ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);

	if (abs_xsize != 0)
	{