Projetos/rpi-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
95c0e5ca9571ec1c8b82109588e0087d00a70b95
rpi-buildroot/package/poco/0001-fix-Net-A-SEGV-at-Net-src-MultipartReader-cpp.patch
Thomas Perale 99d80d51f7 package/poco: add patch for CVE-2025-6375 
This fixes the following vulnerability:

- CVE-2025-6375:

A vulnerability was found in poco up to 1.14.1. It has been rated as
problematic. Affected by this issue is the function MultipartInputStream
of the file Net/src/MultipartReader.cpp. The manipulation leads to null
pointer dereference. The attack needs to be approached locally. The
exploit has been disclosed to the public and may be used. Upgrading to
version 1.14.2 is able to address this issue. The patch is identified as
6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade
the affected component.

For more information see:
  - https://nvd.nist.gov//vuln/detail/CVE-2025-6375
  - 6f2f85913c

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 36357247d5)
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
2025-09-25 22:07:43 +02:00

35 lines
1.3 KiB
Diff
Raw Blame History

From 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnter=20Obiltschnig?= <guenter.obiltschnig@appinf.com>
Date: Wed, 16 Apr 2025 09:15:33 +0200
Subject: [PATCH] fix(Net): A SEGV at Net/src/MultipartReader.cpp:164:1 #4915
(move assertion out of ctor)
Upstream: https://github.com/pocoproject/poco/commit/6f2f85913c191ab9ddfb8fae781f5d66afccf3bf
CVE: CVE-2025-6375
Signed-off-by: Thomas Perale <thomas.perale@mind.be>
---
Net/src/MultipartReader.cpp | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/Net/src/MultipartReader.cpp b/Net/src/MultipartReader.cpp
index f3a2f2bba2..f4aa27dd86 100644
--- a/Net/src/MultipartReader.cpp
+++ b/Net/src/MultipartReader.cpp
@@ -36,7 +36,6 @@ MultipartStreamBuf::MultipartStreamBuf(std::istream& istr, const std::string& bo
_boundary(boundary),
_lastPart(false)
{
- poco_assert (!boundary.empty() && boundary.length() < STREAM_BUFFER_SIZE - 6);
}
@@ -47,7 +46,7 @@ MultipartStreamBuf::~MultipartStreamBuf()
int MultipartStreamBuf::readFromDevice(char* buffer, std::streamsize length)
{
- poco_assert_dbg (length >= _boundary.length() + 6);
+ poco_assert (!_boundary.empty() && _boundary.length() < length - 6);
static const int eof = std::char_traits<char>::eof();
std::streambuf& buf = *_istr.rdbuf();
Reference in New Issue View Git Blame Copy Permalink