grep: Fix CVE-2015-1345 heap buffer overrun

author Julen Landa Alustiza <julen@zokormazo.info>

Tue, 17 Feb 2015 11:50:51 +0000 (12:50 +0100)

committer Jo-Philipp Wich <jow@openwrt.org>

Tue, 17 Feb 2015 11:59:59 +0000 (12:59 +0100)
author Julen Landa Alustiza <julen@zokormazo.info>
Tue, 17 Feb 2015 11:50:51 +0000 (12:50 +0100)
committer Jo-Philipp Wich <jow@openwrt.org>
Tue, 17 Feb 2015 11:59:59 +0000 (12:59 +0100)
diff --git a/utils/grep/Makefile b/utils/grep/Makefile

index 42a4ef64fea5419b785d2f871faee909a97d1964..c4703bc56915772bf85814ac28c201edab07ca04 100644 (file)
--- a/utils/grep/Makefile
+++ b/utils/grep/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
  
  PKG_NAME:=grep
  PKG_VERSION:=2.21
-PKG_RELEASE:=1
+PKG_RELEASE:=2
  
  PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
  PKG_SOURCE_URL:=@GNU/grep
diff --git a/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch b/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch

new file mode 100644 (file)

index 0000000..df70359
--- /dev/null
+++ b/utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch
@@ -0,0 +1,15 @@
+diff --git a/src/kwset.c b/src/kwset.c
+index 4003c8d..376f7c3 100644
+--- a/src/kwset.c
++++ b/src/kwset.c
+@@ -643,6 +643,8 @@ bmexec_trans (kwset_t kwset, char const *text, size_t size)
+                     if (! tp)
+                       return -1;
+                     tp++;
++                    if (ep <= tp)
++                      break;
+                   }
+               }
+           }
+--
+cgit v0.9.0.2
author	Julen Landa Alustiza <julen@zokormazo.info>
	Tue, 17 Feb 2015 11:50:51 +0000 (12:50 +0100)
committer	Jo-Philipp Wich <jow@openwrt.org>
	Tue, 17 Feb 2015 11:59:59 +0000 (12:59 +0100)
utils/grep/Makefile		patch \| blob \| history
utils/grep/patches/0001-grep-F-fix-a-heap-buffer-read-overrun.patch	[new file with mode: 0644]	patch \| blob