From 8ad3c43248b35fa0fb1abc805c73c3bb65a63f58 Mon Sep 17 00:00:00 2001
From: Peter Marko <peter.marko@siemens.com>
Date: Tue, 29 Oct 2024 23:12:38 +0100
Subject: nss: patch CVE-2024-6602

Pick the same patch as Debian took for bullseye.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../recipes-support/nss/nss/CVE-2024-6602.patch    | 65 ++++++++++++++++++++++
 meta-oe/recipes-support/nss/nss_3.98.bb            |  1 +
 2 files changed, 66 insertions(+)
 create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch

diff --git a/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch b/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch
new file mode 100644
index 0000000000..f75d822d03
--- /dev/null
+++ b/meta-oe/recipes-support/nss/nss/CVE-2024-6602.patch
@@ -0,0 +1,65 @@
+From 7804e99346339bb31f801a2fcba63b6fbd8bca4a Mon Sep 17 00:00:00 2001
+From: John Schanck <jschanck@mozilla.com>
+Date: Mon, 20 May 2024 18:46:14 +0000
+Subject: [PATCH] Bug 1895032 - remove redundant AllocItem implementation.
+ r=nss-reviewers,rrelyea
+
+Differential Revision: https://phabricator.services.mozilla.com/D209476
+
+--HG--
+extra : moz-landing-system : lando
+
+CVE: CVE-2024-6602
+Upstream-Status: Backport [https://hg.mozilla.org/projects/nss/rev/f9b22115dc97be76e388dc9d0dca946dde955e64]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ nss/lib/util/secitem.c | 23 ++++-------------------
+ 1 file changed, 4 insertions(+), 19 deletions(-)
+
+diff --git a/nss/lib/util/secitem.c b/nss/lib/util/secitem.c
+index cd6996178..6ba11a551 100644
+--- a/nss/lib/util/secitem.c
++++ b/nss/lib/util/secitem.c
+@@ -238,35 +238,20 @@ SECITEM_ArenaDupItem(PLArenaPool *arena, const SECItem *from)
+     SECItem *to;
+ 
+     if (from == NULL) {
+-        return (NULL);
++        return NULL;
+     }
+ 
+-    if (arena != NULL) {
+-        to = (SECItem *)PORT_ArenaAlloc(arena, sizeof(SECItem));
+-    } else {
+-        to = (SECItem *)PORT_Alloc(sizeof(SECItem));
+-    }
++    to = SECITEM_AllocItem(arena, NULL, from->len);
+     if (to == NULL) {
+-        return (NULL);
++        return NULL;
+     }
+ 
+-    if (arena != NULL) {
+-        to->data = (unsigned char *)PORT_ArenaAlloc(arena, from->len);
+-    } else {
+-        to->data = (unsigned char *)PORT_Alloc(from->len);
+-    }
+-    if (to->data == NULL) {
+-        PORT_Free(to);
+-        return (NULL);
+-    }
+-
+-    to->len = from->len;
+     to->type = from->type;
+     if (to->len) {
+         PORT_Memcpy(to->data, from->data, to->len);
+     }
+ 
+-    return (to);
++    return to;
+ }
+ 
+ SECStatus
+-- 
+2.30.2
+
diff --git a/meta-oe/recipes-support/nss/nss_3.98.bb b/meta-oe/recipes-support/nss/nss_3.98.bb
index 01501362e2..b3ad6133b6 100644
--- a/meta-oe/recipes-support/nss/nss_3.98.bb
+++ b/meta-oe/recipes-support/nss/nss_3.98.bb
@@ -32,6 +32,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/security/nss/releases/${VERSION_DIR}/src/$
            file://system-pkcs11.txt \
            file://nss-fix-nsinstall-build.patch \
            file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \
+           file://CVE-2024-6602.patch \
            "
 SRC_URI[sha256sum] = "f549cc33d35c0601674bfacf7c6ad683c187595eb4125b423238d3e9aa4209ce"
 
-- 
cgit v1.2.3-54-g00ecf