diff mbox series

[meta-oe,kirkstone,05/10] exiv2: patch CVE-2021-29623

Message ID 20251122193128.1703871-5-skandigraun@gmail.com
State New
Headers show
Series [meta-webserver,kirkstone,01/10] monkey: Update status for CVE-2013-2183 | expand

Commit Message

Gyorgy Sarvari Nov. 22, 2025, 7:31 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2021-29623

Pick the patch from the PR mentioned in teh nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../exiv2/exiv2/CVE-2021-29623.patch          | 29 +++++++++++++++++++
 meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb | 20 +++++++------
 2 files changed, 40 insertions(+), 9 deletions(-)
 create mode 100644 meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29623.patch
diff mbox series

Patch

diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29623.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29623.patch
new file mode 100644
index 0000000000..1c61d64e46
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29623.patch
@@ -0,0 +1,29 @@ 
+From 54ff4ef5f5cc82c276a079a66b307e9a6f70908c Mon Sep 17 00:00:00 2001
+From: Kevin Backhouse <kevinbackhouse@github.com>
+Date: Tue, 11 May 2021 12:14:33 +0100
+Subject: [PATCH] Use readOrThrow to check error conditions of iIo.read().
+
+CVE: CVE-2021-29623
+Upstream-Status: Backport [https://github.com/Exiv2/exiv2/commit/82e46b5524fb904e6660dadd2c6d8e5e47375a1a]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/webpimage.cpp | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/webpimage.cpp b/src/webpimage.cpp
+index 6248414..6578937 100644
+--- a/src/webpimage.cpp
++++ b/src/webpimage.cpp
+@@ -757,9 +757,9 @@ namespace Exiv2 {
+         byte webp[len];
+         byte data[len];
+         byte riff[len];
+-        iIo.read(riff, len);
+-        iIo.read(data, len);
+-        iIo.read(webp, len);
++        readOrThrow(iIo, riff, len, Exiv2::kerCorruptedMetadata);
++        readOrThrow(iIo, data, len, Exiv2::kerCorruptedMetadata);
++        readOrThrow(iIo, webp, len, Exiv2::kerCorruptedMetadata);
+         bool matched_riff = (memcmp(riff, RiffImageId, len) == 0);
+         bool matched_webp = (memcmp(webp, WebPImageId, len) == 0);
+         iIo.seek(-12, BasicIo::cur);
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
index b210fa6340..c8c5edbed4 100644
--- a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
@@ -4,19 +4,21 @@  LIC_FILES_CHKSUM = "file://COPYING;md5=625f055f41728f84a8d7938acc35bdc2"
 
 DEPENDS = "zlib expat"
 
-SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source.tar.gz"
+SRC_URI = "https://github.com/Exiv2/${BPN}/releases/download/v${PV}/${BP}-Source.tar.gz \
+           file://0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.patch \
+           file://CVE-2021-29457.patch \
+           file://CVE-2021-29458.patch \
+           file://CVE-2021-29463.patch \
+           file://CVE-2021-29464.patch \
+           file://CVE-2021-29470.patch \
+           file://CVE-2021-29473.patch \
+           file://CVE-2021-3482.patch \
+           file://CVE-2021-29623.patch \
+           "
 SRC_URI[sha256sum] = "a79f5613812aa21755d578a297874fb59a85101e793edc64ec2c6bd994e3e778"
 
 # Once patch is obsolete (project should be aware due to PRs), dos2unix can be removed either
 inherit dos2unix
-SRC_URI += "file://0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.patch \
-            file://CVE-2021-29457.patch \
-            file://CVE-2021-29458.patch \
-            file://CVE-2021-29463.patch \
-            file://CVE-2021-29464.patch \
-            file://CVE-2021-29470.patch \
-            file://CVE-2021-29473.patch \
-            file://CVE-2021-3482.patch"
 
 S = "${WORKDIR}/${BPN}-${PV}-Source"