poky/meta/recipes-core/busybox/busybox/CVE-2022-30065.patch - openbmc/openbmc - Gitiles

 Fix use-after-free in awk.

 CVE: CVE-2022-30065
 Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2022-June/089768.html]
 Signed-off-by: Ross Burton <ross.burton@arm.com>

 fixes https://bugs.busybox.net/show_bug.cgi?id=14781

 Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
 ---
  editors/awk.c | 3 +++
  1 file changed, 3 insertions(+)

 diff --git a/editors/awk.c b/editors/awk.c
 index 079d0bde5..728ee8685 100644
 --- a/editors/awk.c
 +++ b/editors/awk.c
 @@ -3128,6 +3128,9 @@ static var *evaluate(node *op, var *res)

  		case XC( OC_MOVE ):
  			debug_printf_eval("MOVE\n");
 +			/* make sure that we never return a temp var */
 +			if (L.v == TMPVAR0)
 +				L.v = res;
  			/* if source is a temporary string, jusk relink it to dest */
  			if (R.v == TMPVAR1
  			 && !(R.v->type & VF_NUMBER)
 --
 2.36.1
	Fix use-after-free in awk.

	CVE: CVE-2022-30065
	Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2022-June/089768.html]
	Signed-off-by: Ross Burton <ross.burton@arm.com>

	fixes https://bugs.busybox.net/show_bug.cgi?id=14781

	Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
	---
	editors/awk.c \| 3 +++
	1 file changed, 3 insertions(+)

	diff --git a/editors/awk.c b/editors/awk.c
	index 079d0bde5..728ee8685 100644
	--- a/editors/awk.c
	+++ b/editors/awk.c
	@@ -3128,6 +3128,9 @@ static var evaluate(node op, var *res)

	case XC( OC_MOVE ):
	debug_printf_eval("MOVE\n");
	+ /* make sure that we never return a temp var */
	+ if (L.v == TMPVAR0)
	+ L.v = res;
	/* if source is a temporary string, jusk relink it to dest */
	if (R.v == TMPVAR1
	&& !(R.v->type & VF_NUMBER)
	--
	2.36.1