diff options
| author | CoprDistGit <infra@openeuler.org> | 2024-10-15 06:24:53 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2024-10-15 06:24:53 +0000 |
| commit | 2fb6e0cf79df2056e9750e29669c4633555e74b8 (patch) | |
| tree | a1ad5fd201e579ad1245110c036501053a8794b3 /Fix-CVE-2020-27618-iconv-Accept-redundant-shift-sequences.patch | |
| parent | 711949a2ac2288db2115787d9d9cca9cef093ccf (diff) | |
automatic import of glibcopeneuler22.03_LTS_SP3
Diffstat (limited to 'Fix-CVE-2020-27618-iconv-Accept-redundant-shift-sequences.patch')
| -rw-r--r-- | Fix-CVE-2020-27618-iconv-Accept-redundant-shift-sequences.patch | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/Fix-CVE-2020-27618-iconv-Accept-redundant-shift-sequences.patch b/Fix-CVE-2020-27618-iconv-Accept-redundant-shift-sequences.patch new file mode 100644 index 0000000..c26139f --- /dev/null +++ b/Fix-CVE-2020-27618-iconv-Accept-redundant-shift-sequences.patch @@ -0,0 +1,56 @@ +From 9a99c682144bdbd40792ebf822fe9264e0376fb5 Mon Sep 17 00:00:00 2001 +From: Arjun Shankar <arjun@redhat.com> +Date: Wed, 4 Nov 2020 12:19:38 +0100 +Subject: [PATCH] iconv: Accept redundant shift sequences in IBM1364 [BZ + #26224] + +The IBM1364, IBM1371, IBM1388, IBM1390 and IBM1399 character sets +share converter logic (iconvdata/ibm1364.c) which would reject +redundant shift sequences when processing input in these character +sets. This led to a hang in the iconv program (CVE-2020-27618). + +This commit adjusts the converter to ignore redundant shift sequences +and adds test cases for iconv_prog hangs that would be triggered upon +their rejection. This brings the implementation in line with other +converters that also ignore redundant shift sequences (e.g. IBM930 +etc., fixed in commit 692de4b3960d). + +Reviewed-by: Carlos O'Donell <carlos@redhat.com> +--- + iconvdata/ibm1364.c | 14 ++------------ + 1 files changed, 2 insertions(+), 12 deletions(-) + +diff --git a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c +index 49e7267ab45..521f0825b7f 100644 +--- a/iconvdata/ibm1364.c ++++ b/iconvdata/ibm1364.c +@@ -158,24 +158,14 @@ enum + \ + if (__builtin_expect (ch, 0) == SO) \ + { \ +- /* Shift OUT, change to DBCS converter. */ \ +- if (curcs == db) \ +- { \ +- result = __GCONV_ILLEGAL_INPUT; \ +- break; \ +- } \ ++ /* Shift OUT, change to DBCS converter (redundant escape okay). */ \ + curcs = db; \ + ++inptr; \ + continue; \ + } \ + if (__builtin_expect (ch, 0) == SI) \ + { \ +- /* Shift IN, change to SBCS converter. */ \ +- if (curcs == sb) \ +- { \ +- result = __GCONV_ILLEGAL_INPUT; \ +- break; \ +- } \ ++ /* Shift IN, change to SBCS converter (redundant escape okay). */ \ + curcs = sb; \ + ++inptr; \ + continue; \ +-- +2.25.1 + |