helium-3rd-party/meta-openembedded
1
0
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-04-02 02:49:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

nanopb: patch CVE-2024-53984

Browse Source 
Details: https://nvd.nist.gov/vuln/detail/CVE-2024-53984

Pick the patch referenced by the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This commit is contained in:
Gyorgy Sarvari 2025-12-25 13:51:34 +01:00
parent d07ae6a5c8
commit ef7ac09d7a
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
meta-oe/dynamic-layers/meta-python/recipes-devtools/nanopb/nanopb/CVE-2024-53984.patch Normal file
View File

@ -0,0 +1,36 @@
From 84e8fb3da74d3b83179700284ce47c98a8804ab1 Mon Sep 17 00:00:00 2001
From: Petteri Aimonen <jpa@git.mail.kapsi.fi>
Date: Sun, 1 Dec 2024 11:40:38 +0200
Subject: [PATCH] Fix memory not released on error return (GHSA-xwqq-qxmw-hj5r)
When all of the following conditions apply:
* Compile time option PB_ENABLE_MALLOC is enabled.
* Message contains at least one field with FT_POINTER field type.
* Custom stream callback is used with unknown stream length (stream.bytes_left = SIZE_MAX)
* pb_decode_ex() function is used with flag PB_DECODE_DELIMITED.
* The input message is corrupted (accidentally or maliciously) in the length prefix.
Then the pb_decode_ex() function does not automatically call pb_release(), like is done for other failure cases.
This could lead to memory leak and potential denial-of-service.
CVE: CVE-2024-53984
Upstream-Status: Backport [https://github.com/nanopb/nanopb/commit/2b86c255aa52250438d5aba124d0e86db495b378]
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
pb_decode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pb_decode.c b/pb_decode.c
index b194825..2a22607 100644
--- a/pb_decode.c
+++ b/pb_decode.c
@@ -1156,7 +1156,7 @@ bool checkreturn pb_decode_ex(pb_istream_t *stream, const pb_msgdesc_t *fields,
status = pb_decode_inner(&substream, fields, dest_struct, flags);
if (!pb_close_string_substream(stream, &substream))
- return false;
+ status = false;
}
#ifdef PB_ENABLE_MALLOC

4
meta-oe/dynamic-layers/meta-python/recipes-devtools/nanopb/nanopb_0.4.5.bb
View File

@ -4,7 +4,9 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=9db4b73a55a3994384112efcdb37c01f"
DEPENDS = "protobuf-native"
SRC_URI = "git://github.com/nanopb/nanopb.git;branch=master;protocol=https"
SRC_URI = "git://github.com/nanopb/nanopb.git;branch=master;protocol=https \
file://CVE-2024-53984.patch \
"
SRCREV = "c9124132a604047d0ef97a09c0e99cd9bed2c818"
S = "${WORKDIR}/git"