Date
1 - 1 of 1
[dunfell][PATCH] libsdl2: Add fix for CVE-2022-4743
Ranjitsinh Rathod
From: Ranjitsinh Rathod <ranjitsinh.rathod@...>
Add a patch to fix CVE-2022-4743 security issue "A potential memory leak
issue was discovered in SDL2 in GLES_CreateTexture() function in
SDL_render_gles.c. The vulnerability allows an attacker to cause a
denial of service attack. The vulnerability affects SDL2 v2.0.4 and
above. SDL-1.x are not affected." as per NVD
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@...>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@...>
---
.../libsdl2/libsdl2/CVE-2022-4743.patch | 38 +++++++++++++++++++
.../libsdl2/libsdl2_2.0.12.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch
diff --git a/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch
new file mode 100644
index 0000000000..b02a2169a6
--- /dev/null
+++ b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch
@@ -0,0 +1,38 @@
+From 00b67f55727bc0944c3266e2b875440da132ce4b Mon Sep 17 00:00:00 2001
+From: zhailiangliang <zhailiangliang@...>
+Date: Wed, 21 Sep 2022 10:30:38 +0800
+Subject: [PATCH] Fix potential memory leak in GLES_CreateTexture
+
+
+CVE: CVE-2022-4743
+Upstream-Status: Backport [https://github.com/libsdl-org/SDL/commit/00b67f55727bc0944c3266e2b875440da132ce4b.patch]
+Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@...>
+
+---
+ src/render/opengles/SDL_render_gles.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/render/opengles/SDL_render_gles.c b/src/render/opengles/SDL_render_gles.c
+index a5fbab309eda..ba08a46e2805 100644
+--- a/src/render/opengles/SDL_render_gles.c
++++ b/src/render/opengles/SDL_render_gles.c
+@@ -359,6 +359,9 @@ GLES_CreateTexture(SDL_Renderer * renderer, SDL_Texture * texture)
+ renderdata->glGenTextures(1, &data->texture);
+ result = renderdata->glGetError();
+ if (result != GL_NO_ERROR) {
++ if (texture->access == SDL_TEXTUREACCESS_STREAMING) {
++ SDL_free(data->pixels);
++ }
+ SDL_free(data);
+ return GLES_SetError("glGenTextures()", result);
+ }
+@@ -387,6 +390,9 @@ GLES_CreateTexture(SDL_Renderer * renderer, SDL_Texture * texture)
+
+ result = renderdata->glGetError();
+ if (result != GL_NO_ERROR) {
++ if (texture->access == SDL_TEXTUREACCESS_STREAMING) {
++ SDL_free(data->pixels);
++ }
+ SDL_free(data);
+ return GLES_SetError("glTexImage2D()", result);
+ }
diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
index 44d36fca22..fa29bc99ac 100644
--- a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
+++ b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
@@ -22,6 +22,7 @@ SRC_URI = "http://www.libsdl.org/release/SDL2-${PV}.tar.gz \
file://directfb-renderfillrect-fix.patch \
file://CVE-2020-14409-14410.patch \
file://CVE-2021-33657.patch \
+ file://CVE-2022-4743.patch \
"
S = "${WORKDIR}/SDL2-${PV}"
--
2.25.1
Add a patch to fix CVE-2022-4743 security issue "A potential memory leak
issue was discovered in SDL2 in GLES_CreateTexture() function in
SDL_render_gles.c. The vulnerability allows an attacker to cause a
denial of service attack. The vulnerability affects SDL2 v2.0.4 and
above. SDL-1.x are not affected." as per NVD
Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@...>
Signed-off-by: Ranjitsinh Rathod <ranjitsinhrathod1991@...>
---
.../libsdl2/libsdl2/CVE-2022-4743.patch | 38 +++++++++++++++++++
.../libsdl2/libsdl2_2.0.12.bb | 1 +
2 files changed, 39 insertions(+)
create mode 100644 meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch
diff --git a/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch
new file mode 100644
index 0000000000..b02a2169a6
--- /dev/null
+++ b/meta/recipes-graphics/libsdl2/libsdl2/CVE-2022-4743.patch
@@ -0,0 +1,38 @@
+From 00b67f55727bc0944c3266e2b875440da132ce4b Mon Sep 17 00:00:00 2001
+From: zhailiangliang <zhailiangliang@...>
+Date: Wed, 21 Sep 2022 10:30:38 +0800
+Subject: [PATCH] Fix potential memory leak in GLES_CreateTexture
+
+
+CVE: CVE-2022-4743
+Upstream-Status: Backport [https://github.com/libsdl-org/SDL/commit/00b67f55727bc0944c3266e2b875440da132ce4b.patch]
+Signed-off-by: Ranjitsinh Rathod <ranjitsinh.rathod@...>
+
+---
+ src/render/opengles/SDL_render_gles.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/render/opengles/SDL_render_gles.c b/src/render/opengles/SDL_render_gles.c
+index a5fbab309eda..ba08a46e2805 100644
+--- a/src/render/opengles/SDL_render_gles.c
++++ b/src/render/opengles/SDL_render_gles.c
+@@ -359,6 +359,9 @@ GLES_CreateTexture(SDL_Renderer * renderer, SDL_Texture * texture)
+ renderdata->glGenTextures(1, &data->texture);
+ result = renderdata->glGetError();
+ if (result != GL_NO_ERROR) {
++ if (texture->access == SDL_TEXTUREACCESS_STREAMING) {
++ SDL_free(data->pixels);
++ }
+ SDL_free(data);
+ return GLES_SetError("glGenTextures()", result);
+ }
+@@ -387,6 +390,9 @@ GLES_CreateTexture(SDL_Renderer * renderer, SDL_Texture * texture)
+
+ result = renderdata->glGetError();
+ if (result != GL_NO_ERROR) {
++ if (texture->access == SDL_TEXTUREACCESS_STREAMING) {
++ SDL_free(data->pixels);
++ }
+ SDL_free(data);
+ return GLES_SetError("glTexImage2D()", result);
+ }
diff --git a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
index 44d36fca22..fa29bc99ac 100644
--- a/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
+++ b/meta/recipes-graphics/libsdl2/libsdl2_2.0.12.bb
@@ -22,6 +22,7 @@ SRC_URI = "http://www.libsdl.org/release/SDL2-${PV}.tar.gz \
file://directfb-renderfillrect-fix.patch \
file://CVE-2020-14409-14410.patch \
file://CVE-2021-33657.patch \
+ file://CVE-2022-4743.patch \
"
S = "${WORKDIR}/SDL2-${PV}"
--
2.25.1