gmp: fix CVE-2021-43618

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

gmp: fix CVE-2021-43618
Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
ab7400bf · Pavel Zhukov · Andrei Gherzan · 72e4b40e · ab7400bf · ab7400bf
Commit ab7400bf authored 3 years ago by Pavel Zhukov Committed by Andrei Gherzan 3 years ago
--- a/meta-oniro-staging/recipes-support/gmp/gmp/CVE-2021-43618.patch
+++ b/meta-oniro-staging/recipes-support/gmp/gmp/CVE-2021-43618.patch
+# Upstream-status: Submitted/Backport
+# Upstream-URL: https://lists.openembedded.org/g/openembedded-core/message/158561
+# HG changeset patch
+# User Marco Bodrato <bodrato@mail.dm.unipi.it>
+# Date 1634836009 -7200
+# Node ID 561a9c25298e17bb01896801ff353546c6923dbd
+# Parent  e1fd9db13b475209a864577237ea4b9105b3e96e
+mpz/inp_raw.c: Avoid bit size overflows
+diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c
+--- a/mpz/inp_raw.c	Tue Dec 22 23:49:51 2020 +0100
+++ b/mpz/inp_raw.c	Thu Oct 21 19:06:49 2021 +0200
+@@ -88,8 +88,11 @@
+   abs_csize = ABS (csize);
+  if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
+    return 0; /* Bit size overflows */
+
+   /* round up to a multiple of limbs */
+-  abs_xsize = BITS_TO_LIMBS (abs_csize*8);
+  abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);
+   if (abs_xsize != 0)
+     {
--- a/meta-oniro-staging/recipes-support/gmp/gmp_6.2%.bbappend
+++ b/meta-oniro-staging/recipes-support/gmp/gmp_6.2%.bbappend
+# SPDX-FileCopyrightText: Huawei Inc.
+#
+# SPDX-License-Identifier: Apache-2.0
+FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+SRC_URI += "file://CVE-2021-43618.patch"