libpcre: Add fix for CVE-2020-14155

Added below patch in libpcre CVE-2020-14155.patch This patch fixes below error: PCRE could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in libpcre via a large number after (?C substring. By sending a request with a large number, an attacker can execute arbitrary code on the system or cause the application to crash. Tested-by: Rahul Taya <Rahul.Taya@kpit.com> (From OE-Core rev: 3f536edfa56ce3f93223c23ed48427a0c24ede1a) Signed-off-by: Saloni Jain <Saloni.Jain@kpit.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-02 02:49:11 +00:00 · 2020-07-30 14:11:51 +05:30 · 2020-07-30 14:11:51 +05:30 · fb9a4d23c3
commit fb9a4d23c3
parent 908d6ca32d
2 changed files with 42 additions and 0 deletions
--- a/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
+++ b/meta/recipes-support/libpcre/libpcre/CVE-2020-14155.patch
@ -0,0 +1,41 @@
+--- pcre-8.43/pcre_compile.c    2020-07-05 22:26:25.310501521 +0530
+++ pcre-8.43/pcre_compile1.c   2020-07-05 22:30:22.254489562 +0530
+
+CVE: CVE-2020-14155
+Upstream-Status: Backport [https://vcs.pcre.org/pcre/code/trunk/pcre_compile.c?view=patch&r1=1761&r2=1760&pathrev=1761]
+Signed-off-by: Rahul Taya<Rahul.Taya@kpit.com>
+
+@@ -6,7 +6,7 @@
+ and semantics are as close as possible to those of the Perl 5 language.
+
+                        Written by Philip Hazel
+-           Copyright (c) 1997-2018 University of Cambridge
+           Copyright (c) 1997-2020 University of Cambridge
+
+ -----------------------------------------------------------------------------
+ Redistribution and use in source and binary forms, with or without
+@@ -7130,17 +7130,19 @@
+           int n = 0;
+           ptr++;
+           while(IS_DIGIT(*ptr))
+           {
+             n = n * 10 + *ptr++ - CHAR_0;
+            if (n > 255)
+               {
+               *errorcodeptr = ERR38;
+               goto FAILED;
+               }
+            }
+           if (*ptr != CHAR_RIGHT_PARENTHESIS)
+             {
+             *errorcodeptr = ERR39;
+             goto FAILED;
+             }
+-          if (n > 255)
+-            {
+-            *errorcodeptr = ERR38;
+-            goto FAILED;
+-            }
+           *code++ = n;
+           PUT(code, 0, (int)(ptr - cd->start_pattern + 1)); /* Pattern offset */
+           PUT(code, LINK_SIZE, 0);                          /* Default length */
--- a/meta/recipes-support/libpcre/libpcre_8.43.bb
+++ b/meta/recipes-support/libpcre/libpcre_8.43.bb
@ -12,6 +12,7 @@ SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \
           file://out-of-tree.patch \
           file://run-ptest \
           file://Makefile \
+           file://CVE-2020-14155.patch \
 "

 SRC_URI[md5sum] = "636222e79e392c3d95dcc545f24f98c4"