首頁 探索 說明
登入
PUBLIC_REPOS
/
buildroot
镜像来自 git://git.buildroot.net/buildroot
2
1
複刻 0
檔案
目錄樹: 875f5670aa
分支列表 標籤列表
buildroot
/
package
/
yasm
/
0001-fix-null-pointer-dereference-in-yasm_expr_get_intnum.patch

0001-fix-null-pointer-dereference-in-yasm_expr_get_intnum.patch 1.1 KB
文件歷史 原始文件

1234567891011121314151617181920212223242526272829303132 
  1. From 48ced849ed621a05cec4c04d4567323af3a76e81 Mon Sep 17 00:00:00 2001
    2. 

  2. From: dataisland <dataisland@outlook.com>
    3. 

  3. Date: Fri, 15 Sep 2023 18:20:49 +0000
    4. 

  4. Subject: [PATCH] Fix null-pointer-dereference in yasm_expr_get_intnum
    5. 

  5. 

  6. Fixes the following CVE:
    7. 

  7.   - CVE-2021-33454: NULL pointer dereference in yasm_expr_get_intnum() in libyasm/expr.c
    8. 

  8. 

  9. For more info see:
    10. 

  10.   - https://nvd.nist.gov/vuln/detail/CVE-2021-33454
    11. 

  11.   - https://github.com/yasm/yasm/pull/244
    12. 

  12. 

  13. Upstream: https://github.com/yasm/yasm/pull/244
    14. 

  14. 

  15. Signed-off-by: Titouan Christophe <titouan.christophe@mind.be>
    16. 

  16. ---
    17. 

  17.  libyasm/expr.c | 2 +-
    18. 

  18.  1 file changed, 1 insertion(+), 1 deletion(-)
    19. 

  19. 

  20. diff --git a/libyasm/expr.c b/libyasm/expr.c
    21. 

  21. index c2c868ede..6838eca56 100644
    22. 

  22. --- a/libyasm/expr.c
    23. 

  23. +++ b/libyasm/expr.c
    24. 

  24. @@ -1260,7 +1260,7 @@ yasm_expr_get_intnum(yasm_expr **ep, int calc_bc_dist)
    25. 

  25.  {
    26. 

  26.      *ep = yasm_expr_simplify(*ep, calc_bc_dist);
    27. 

  27.  
    28. 

  28. -    if ((*ep)->op == YASM_EXPR_IDENT && (*ep)->terms[0].type == YASM_EXPR_INT)
    29. 

  29. +    if (*ep && (*ep)->op == YASM_EXPR_IDENT && (*ep)->terms[0].type == YASM_EXPR_INT)
    30. 

  30.          return (*ep)->terms[0].data.intn;
    31. 

  31.      else
    32. 

  32.          return (yasm_intnum *)NULL;
    33.