Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/yasm: add patch for CVE-2021-33454

This fixes a potential NULL pointer dereference

As a side note, this package has many opened CVEs, but upstream doesn't seem
to really consider them as security issues, see their disclaimer here:
https://github.com/yasm/yasm/blob/master/SECURITY.md

We could speculate that this disclaimer has been written as a consequence of
the many small CVEs opened in a short time, that don't have a substantial
security impact (besides the command line tool crashing). All of these small
CVEs have been opened for bug reports issued by a third party who used a
fuzzy tester to manipulate the assembler input

Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
Titouan Christophe 3 months ago
parent
b8e8cf6ea0
commit
875f5670aa
2 changed files with 35 additions and 0 deletions
Split View Show Diff Stats
  1. 32 0
      package/yasm/0001-fix-null-pointer-dereference-in-yasm_expr_get_intnum.patch
  2. 3 0
      package/yasm/yasm.mk

+ 32 - 0
package/yasm/0001-fix-null-pointer-dereference-in-yasm_expr_get_intnum.patch
View File 

@@ -0,0 +1,32 @@
 
+From 48ced849ed621a05cec4c04d4567323af3a76e81 Mon Sep 17 00:00:00 2001
 
+From: dataisland <dataisland@outlook.com>
 
+Date: Fri, 15 Sep 2023 18:20:49 +0000
 
+Subject: [PATCH] Fix null-pointer-dereference in yasm_expr_get_intnum
 
+
 
+Fixes the following CVE:
 
+  - CVE-2021-33454: NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c
 
+
 
+For more info see:
 
+  - https://nvd.nist.gov/vuln/detail/CVE-2021-33454
 
+  - https://github.com/yasm/yasm/pull/244
 
+
 
+Upstream: https://github.com/yasm/yasm/pull/244
 
+
 
+Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
 
+---
 
+ libyasm/expr.c | 2 +-
 
+ 1 file changed, 1 insertion(+), 1 deletion(-)
 
+
 
+diff --git a/libyasm/expr.c b/libyasm/expr.c
 
+index c2c868ede..6838eca56 100644
 
+--- a/libyasm/expr.c
 
++++ b/libyasm/expr.c
 
+@@ -1260,7 +1260,7 @@ yasm_expr_get_intnum(yasm_expr **ep, int calc_bc_dist)
 
+ {
 
+     *ep = yasm_expr_simplify(*ep, calc_bc_dist);
 
+ 
+-    if ((*ep)->op == YASM_EXPR_IDENT && (*ep)->terms[0].type == YASM_EXPR_INT)
 
++    if (*ep && (*ep)->op == YASM_EXPR_IDENT && (*ep)->terms[0].type == YASM_EXPR_INT)
 
+         return (*ep)->terms[0].data.intn;
 
+     else
 
+         return (yasm_intnum *)NULL;

+ 3 - 0
package/yasm/yasm.mk
View File 

@@ -10,6 +10,9 @@ YASM_LICENSE = BSD-2-Clause, BSD-3-Clause, Artistic, GPL-2.0, LGPL-2.0
 
 YASM_LICENSE_FILES = COPYING BSD.txt Artistic.txt GNU_GPL-2.0 GNU_LGPL-2.0
 
 YASM_CPE_ID_VENDOR = tortall
 
 
+# 0001-fix-null-pointer-dereference-in-yasm_expr_get_intnum.patch
 
+YASM_IGNORE_CVES += CVE-2021-33454
 
+
 
 # This sed prevents it compiling 2 programs (vsyasm and ytasm)
 
 # that are only of use on Microsoft Windows.
 
 define YASM_PRE_CONFIGURE_FIXUP