diff options
| -rw-r--r-- | meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch | 57 | ||||
| -rw-r--r-- | meta-oe/recipes-extended/libyang/libyang_2.0.164.bb | 1 |
2 files changed, 58 insertions, 0 deletions
diff --git a/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch new file mode 100644 index 0000000000..f3af3dbffd --- /dev/null +++ b/meta-oe/recipes-extended/libyang/libyang/CVE-2023-26916.patch | |||
| @@ -0,0 +1,57 @@ | |||
| 1 | From dc668d296f9f05aeab6315d44cff3208641e3096 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Michal Vasko <mvasko@cesnet.cz> | ||
| 3 | Date: Mon, 13 Feb 2023 10:23:13 +0100 | ||
| 4 | Subject: [PATCH] schema compile UPDATE do not implement 2 same modules | ||
| 5 | |||
| 6 | CVE: CVE-2023-26916 | ||
| 7 | Upstream-Status: Backport [https://github.com/CESNET/libyang/commit/dc668d296f9f05aeab6315d44cff3208641e3096] | ||
| 8 | |||
| 9 | Refs #1979 | ||
| 10 | --- | ||
| 11 | src/schema_compile.c | 20 +++++++------------- | ||
| 12 | 1 file changed, 7 insertions(+), 13 deletions(-) | ||
| 13 | |||
| 14 | diff --git a/src/schema_compile.c b/src/schema_compile.c | ||
| 15 | index ed768ba0..68c0d681 100644 | ||
| 16 | --- a/src/schema_compile.c | ||
| 17 | +++ b/src/schema_compile.c | ||
| 18 | @@ -1748,7 +1748,7 @@ lys_has_compiled_import_r(struct lys_module *mod) | ||
| 19 | LY_ERR | ||
| 20 | lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unres *unres) | ||
| 21 | { | ||
| 22 | - LY_ERR ret; | ||
| 23 | + LY_ERR r; | ||
| 24 | struct lys_module *m; | ||
| 25 | |||
| 26 | assert(!mod->implemented); | ||
| 27 | @@ -1757,21 +1757,15 @@ lys_implement(struct lys_module *mod, const char **features, struct lys_glob_unr | ||
| 28 | m = ly_ctx_get_module_implemented(mod->ctx, mod->name); | ||
| 29 | if (m) { | ||
| 30 | assert(m != mod); | ||
| 31 | - if (!strcmp(mod->name, "yang") && (strcmp(m->revision, mod->revision) > 0)) { | ||
| 32 | - /* special case for newer internal module, continue */ | ||
| 33 | - LOGVRB("Internal module \"%s@%s\" is already implemented in revision \"%s\", using it instead.", | ||
| 34 | - mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>"); | ||
| 35 | - } else { | ||
| 36 | - LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".", | ||
| 37 | - mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>"); | ||
| 38 | - return LY_EDENIED; | ||
| 39 | - } | ||
| 40 | + LOGERR(mod->ctx, LY_EDENIED, "Module \"%s@%s\" is already implemented in revision \"%s\".", | ||
| 41 | + mod->name, mod->revision ? mod->revision : "<none>", m->revision ? m->revision : "<none>"); | ||
| 42 | + return LY_EDENIED; | ||
| 43 | } | ||
| 44 | |||
| 45 | /* set features */ | ||
| 46 | - ret = lys_set_features(mod->parsed, features); | ||
| 47 | - if (ret && (ret != LY_EEXIST)) { | ||
| 48 | - return ret; | ||
| 49 | + r = lys_set_features(mod->parsed, features); | ||
| 50 | + if (r && (r != LY_EEXIST)) { | ||
| 51 | + return r; | ||
| 52 | } | ||
| 53 | |||
| 54 | /* | ||
| 55 | -- | ||
| 56 | 2.34.1 | ||
| 57 | |||
diff --git a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb index 2817be7c86..7875c1ef79 100644 --- a/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb +++ b/meta-oe/recipes-extended/libyang/libyang_2.0.164.bb | |||
| @@ -11,6 +11,7 @@ SRCREV = "a0cc89516ab5eca84d01c85309f320a94752a64c" | |||
| 11 | SRC_URI = "git://github.com/CESNET/libyang.git;branch=master;protocol=https \ | 11 | SRC_URI = "git://github.com/CESNET/libyang.git;branch=master;protocol=https \ |
| 12 | file://libyang-add-stdint-h.patch \ | 12 | file://libyang-add-stdint-h.patch \ |
| 13 | file://run-ptest \ | 13 | file://run-ptest \ |
| 14 | file://CVE-2023-26916.patch \ | ||
| 14 | " | 15 | " |
| 15 | 16 | ||
| 16 | S = "${WORKDIR}/git" | 17 | S = "${WORKDIR}/git" |