From ab53c1dbf7bf9e375aaebe7c71160d4ae22481cd Mon Sep 17 00:00:00 2001 From: jackey_1024 Date: Sat, 20 Aug 2022 18:15:41 +0800 Subject: [PATCH] busybox: fix CVE-2022-30065 Signed-off-by: jackey_1024 --- backport-CVE-2022-30065.patch | 46 +++++++++++++++++++++++++++++++++++ busybox.spec | 9 ++++++- 2 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 backport-CVE-2022-30065.patch diff --git a/backport-CVE-2022-30065.patch b/backport-CVE-2022-30065.patch new file mode 100644 index 0000000..12bee31 --- /dev/null +++ b/backport-CVE-2022-30065.patch @@ -0,0 +1,46 @@ +From 4ec641f81717e19198fc6375cf06b514ac381ab9 Mon Sep 17 00:00:00 2001 +From: jackey_1024 +Date: Sat, 20 Aug 2022 18:07:04 +0800 +Subject: [PATCH] busybox: fix CVE-2022-30065 + +backport from upstream: +https://git.busybox.net/busybox/commit/?id=e63d7cdfdac78c6fd27e9e63150335767592b85e + +Signed-off-by: jackey_1024 +--- + editors/awk.c | 3 +++ + testsuite/awk.tests | 6 ++++++ + 2 files changed, 9 insertions(+) + +diff --git a/editors/awk.c b/editors/awk.c +index 62cd019..66d2646 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -3094,6 +3094,9 @@ static var *evaluate(node *op, var *res) + + case XC( OC_MOVE ): + debug_printf_eval("MOVE\n"); ++ /* make sure that we never return a temp var */ ++ if (L.v == TMPVAR0) ++ L.v = res; + /* if source is a temporary string, jusk relink it to dest */ + if (R.v == TMPVAR1 + && !(R.v->type & VF_NUMBER) +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index 64ca9fd..2200488 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -463,4 +463,10 @@ testing "awk \"cmd\" | getline" \ + "HELLO\n" \ + '' '' + ++testing 'awk assign while test' \ ++ "awk '\$1==\$1=\"foo\" {print \$1}'" \ ++ "foo\n" \ ++ "" \ ++ "foo" ++ + exit $FAILCOUNT +-- +2.25.1 + diff --git a/busybox.spec b/busybox.spec index 17c801b..b572ba4 100644 --- a/busybox.spec +++ b/busybox.spec @@ -4,7 +4,7 @@ %endif %if "%{!?RELEASE:1}" -%define RELEASE 12 +%define RELEASE 13 %endif Name: busybox @@ -26,6 +26,7 @@ Patch6003: backport-CVE-2021-42377.patch Patch6004: backport-CVE-2021-42376.patch Patch6005: backport-fix-awk-cve.patch Patch6006: backport-CVE-2022-28391.patch +Patch6007: backport-CVE-2022-30065.patch BuildRoot: %_topdir/BUILDROOT #Dependency @@ -101,6 +102,12 @@ install -m 644 docs/busybox.dynamic.1 $RPM_BUILD_ROOT/%{_mandir}/man1/busybox.1 %{_mandir}/man1/busybox.petitboot.1.gz %changelog +* Fri Aug 19 2022 jikui - 1:1.31.1-13 +- Type:CVE +- Id:NA +- SUG:NA +- DESC: fix CVE-2022-30065 + * Tue Apr 19 2022 jikui - 1:1.31.1-12 - Type:CVE - Id:NA -- Gitee