SHA256
1
0
forked from pool/gmp

- Add gmp-6.2.1-CVE-2021-43618.diff to fix buffer overflow on

malformed input to mpz_inp_raw.  [bsc#1192717, CVE-2021-43618]

OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/gmp?expand=0&rev=91
This commit is contained in:
Richard Biener 2021-11-16 07:39:19 +00:00 committed by Git OBS Bridge
parent 5d9088ca84
commit 749f35f705
3 changed files with 33 additions and 0 deletions

View File

@ -0,0 +1,25 @@
# HG changeset patch
# User Marco Bodrato <bodrato@mail.dm.unipi.it>
# Date 1634836009 -7200
# Node ID 561a9c25298e17bb01896801ff353546c6923dbd
# Parent e1fd9db13b475209a864577237ea4b9105b3e96e
mpz/inp_raw.c: Avoid bit size overflows
diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c
--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100
+++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200
@@ -88,8 +88,11 @@
abs_csize = ABS (csize);
+ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
+ return 0; /* Bit size overflows */
+
/* round up to a multiple of limbs */
- abs_xsize = BITS_TO_LIMBS (abs_csize*8);
+ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);
if (abs_xsize != 0)
{

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Tue Nov 16 07:33:41 UTC 2021 - Richard Biener <rguenther@suse.com>
- Add gmp-6.2.1-CVE-2021-43618.diff to fix buffer overflow on
malformed input to mpz_inp_raw. [bsc#1192717, CVE-2021-43618]
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Apr 20 12:59:35 UTC 2021 - Richard Biener <rguenther@suse.com> Tue Apr 20 12:59:35 UTC 2021 - Richard Biener <rguenther@suse.com>

View File

@ -30,6 +30,7 @@ Source2: %{name}.keyring
Source3: baselibs.conf Source3: baselibs.conf
# revert change causing bsc#1179751 # revert change causing bsc#1179751
Patch1: gmp-6.2.1-arm64-invert_limb.patch Patch1: gmp-6.2.1-arm64-invert_limb.patch
Patch2: gmp-6.2.1-CVE-2021-43618.patch
BuildRequires: fipscheck BuildRequires: fipscheck
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: m4 BuildRequires: m4
@ -78,6 +79,7 @@ huge numbers (integer and floating point).
%prep %prep
%setup -q %setup -q
%patch1 %patch1
%patch2 -p1
%build %build
export CFLAGS="%{optflags} -fexceptions" export CFLAGS="%{optflags} -fexceptions"