helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

unixodbc: Fix CVE-2024-1013

Browse Source 
An out-of-bounds stack write flaw was found in unixODBC on 64-bit
architectures where the caller has 4 bytes and callee writes 8 bytes.
This issue may go unnoticed on little-endian architectures, while
big-endian architectures can be broken.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-1013

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Soumya Sambu 2024-06-07 12:42:19 +00:00 committed by Khem Raj
parent ae843182b4
commit 8d4c430973
No known key found for this signature in database
GPG Key ID: BB053355919D3314
2 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
meta-oe/recipes-support/unixodbc/files/CVE-2024-1013.patch Normal file
View File

@ -0,0 +1,53 @@
From 76beb0938ef14276123996bfd99df23b0c7f0982 Mon Sep 17 00:00:00 2001
From: Soumya Sambu <soumya.sambu@windriver.com>
Date: Fri, 7 Jun 2024 11:10:46 +0000
Subject: [PATCH] PostgreSQL driver: Fix incompatible pointer-to-integer types
These result in out-of-bounds stack writes on 64-bit architectures
(caller has 4 bytes, callee writes 8 bytes), and seem to have gone
unnoticed on little-endian architectures (although big-endian
architectures must be broken).
This change is required to avoid a build failure with GCC 14.
CVE: CVE-2024-1013
Upstream-Status: Backport [https://github.com/lurcher/unixODBC/commit/45f501e1be2db6b017cc242c79bfb9de32b332a1]
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
---
Drivers/Postgre7.1/info.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/Drivers/Postgre7.1/info.c b/Drivers/Postgre7.1/info.c
index 63ac91f..2216ecd 100644
--- a/Drivers/Postgre7.1/info.c
+++ b/Drivers/Postgre7.1/info.c
@@ -1779,14 +1779,14 @@ char *table_name;
char index_name[MAX_INFO_STRING];
short fields_vector[8];
char isunique[10], isclustered[10];
-SDWORD index_name_len, fields_vector_len;
+SQLLEN index_name_len, fields_vector_len;
TupleNode *row;
int i;
HSTMT hcol_stmt;
StatementClass *col_stmt, *indx_stmt;
char column_name[MAX_INFO_STRING], relhasrules[MAX_INFO_STRING];
char **column_names = 0;
-Int4 column_name_len;
+SQLLEN column_name_len;
int total_columns = 0;
char error = TRUE;
ConnInfo *ci;
@@ -2136,7 +2136,7 @@ HSTMT htbl_stmt;
StatementClass *tbl_stmt;
char tables_query[STD_STATEMENT_LEN];
char attname[MAX_INFO_STRING];
-SDWORD attname_len;
+SQLLEN attname_len;
char pktab[MAX_TABLE_LEN + 1];
Int2 result_cols;
--
2.40.0

1
meta-oe/recipes-support/unixodbc/unixodbc_2.3.12.bb
View File

@ -11,6 +11,7 @@ DEPENDS = "libtool readline"
SRC_URI = "https://www.unixodbc.org/unixODBC-${PV}.tar.gz \
file://do-not-use-libltdl-source-directory.patch \
file://0001-exe-Makefile.am-add-CROSS_LAUNCHER-to-run-odbc_confi.patch \
file://CVE-2024-1013.patch \
"
SRC_URI[sha256sum] = "f210501445ce21bf607ba51ef8c125e10e22dffdffec377646462df5f01915ec"