new/yocto/meta-openembedded/meta-oe/recipes-support/syslog-ng/files/CVE-2022-38725-0007.patch

From 8c6e2c1c41b0fcc5fbd464c35f4dac7102235396 Mon Sep 17 00:00:00 2001
From: Laszlo Varady <laszlo.varady@protonmail.com>
Date: Sat, 20 Aug 2022 14:30:22 +0200
Subject: [PATCH 7/8] timeutils: fix invalid calculation of ISO timestamp length
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

CVE: CVE-2022-38725

Upstream-Status: Backport
[https://github.com/syslog-ng/syslog-ng/commit/8c6e2c1c41b0fcc5fbd464c35f4dac7102235396]

Signed-off-by: László Várady <laszlo.varady@protonmail.com>

Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
---
 lib/timeutils/scan-timestamp.c            | 8 ++++++--
 lib/timeutils/tests/test_scan-timestamp.c | 7 +++++++
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/lib/timeutils/scan-timestamp.c b/lib/timeutils/scan-timestamp.c
index d22d50973..125264677 100644
--- a/lib/timeutils/scan-timestamp.c
+++ b/lib/timeutils/scan-timestamp.c
@@ -350,19 +350,21 @@ __parse_usec(const guchar **data, gint *length)
 static gboolean
 __has_iso_timezone(const guchar *src, gint length)
 {
-  return (length >= 5) &&
+  return (length >= 6) &&
          (*src == '+' || *src == '-') &&
          isdigit(*(src+1)) &&
          isdigit(*(src+2)) &&
          *(src+3) == ':' &&
          isdigit(*(src+4)) &&
          isdigit(*(src+5)) &&
-         !isdigit(*(src+6));
+         (length < 7 || !isdigit(*(src+6)));
 }
 
 static guint32
 __parse_iso_timezone(const guchar **data, gint *length)
 {
+  g_assert(*length >= 6);
+
   gint hours, mins;
   const guchar *src = *data;
   guint32 tz = 0;
@@ -372,8 +374,10 @@ __parse_iso_timezone(const guchar **data, gint *length)
   hours = (*(src + 1) - '0') * 10 + *(src + 2) - '0';
   mins = (*(src + 4) - '0') * 10 + *(src + 5) - '0';
   tz = sign * (hours * 3600 + mins * 60);
+
   src += 6;
   (*length) -= 6;
+
   *data = src;
   return tz;
 }
diff --git a/lib/timeutils/tests/test_scan-timestamp.c b/lib/timeutils/tests/test_scan-timestamp.c
index 468bbf779..d18bdc65d 100644
--- a/lib/timeutils/tests/test_scan-timestamp.c
+++ b/lib/timeutils/tests/test_scan-timestamp.c
@@ -264,6 +264,13 @@ Test(parse_timestamp, non_zero_terminated_rfc5424_input_is_handled_properly)
 
 }
 
+Test(parse_timestamp, non_zero_terminated_rfc5424_timestamp_only)
+{
+  const gchar *ts = "2022-08-17T05:02:28.417+03:00";
+  gint ts_len = strlen(ts);
+  _expect_rfc5424_timestamp_len_eq(ts, ts_len, ts);
+}
+
 
 Test(parse_timestamp, daylight_saving_behavior_at_spring_with_explicit_timezones)
 {
-- 
2.34.1
first commit 2025-05-10 21:58:58 +08:00			`From 8c6e2c1c41b0fcc5fbd464c35f4dac7102235396 Mon Sep 17 00:00:00 2001`
			`From: Laszlo Varady <laszlo.varady@protonmail.com>`
			`Date: Sat, 20 Aug 2022 14:30:22 +0200`
			`Subject: [PATCH 7/8] timeutils: fix invalid calculation of ISO timestamp length`
			`MIME-Version: 1.0`
			`Content-Type: text/plain; charset=UTF-8`
			`Content-Transfer-Encoding: 8bit`

			`CVE: CVE-2022-38725`

			`Upstream-Status: Backport`
			`[https://github.com/syslog-ng/syslog-ng/commit/8c6e2c1c41b0fcc5fbd464c35f4dac7102235396]`

			`Signed-off-by: László Várady <laszlo.varady@protonmail.com>`

			`Signed-off-by: Yogita Urade <yogita.urade@windriver.com>`
			`---`
			`lib/timeutils/scan-timestamp.c \| 8 ++++++--`
			`lib/timeutils/tests/test_scan-timestamp.c \| 7 +++++++`
			`2 files changed, 13 insertions(+), 2 deletions(-)`

			`diff --git a/lib/timeutils/scan-timestamp.c b/lib/timeutils/scan-timestamp.c`
			`index d22d50973..125264677 100644`
			`--- a/lib/timeutils/scan-timestamp.c`
			`+++ b/lib/timeutils/scan-timestamp.c`
			`@@ -350,19 +350,21 @@ __parse_usec(const guchar *data, gint length)`
			`static gboolean`
			`__has_iso_timezone(const guchar *src, gint length)`
			`{`
			`- return (length >= 5) &&`
			`+ return (length >= 6) &&`
			`(src == '+' \|\| src == '-') &&`
			`isdigit(*(src+1)) &&`
			`isdigit(*(src+2)) &&`
			`*(src+3) == ':' &&`
			`isdigit(*(src+4)) &&`
			`isdigit(*(src+5)) &&`
			`- !isdigit(*(src+6));`
			`+ (length < 7 \|\| !isdigit(*(src+6)));`
			`}`

			`static guint32`
			`__parse_iso_timezone(const guchar *data, gint length)`
			`{`
			`+ g_assert(*length >= 6);`
			`+`
			`gint hours, mins;`
			`const guchar src = data;`
			`guint32 tz = 0;`
			`@@ -372,8 +374,10 @@ __parse_iso_timezone(const guchar *data, gint length)`
			`hours = ((src + 1) - '0') 10 + *(src + 2) - '0';`
			`mins = ((src + 4) - '0') 10 + *(src + 5) - '0';`
			`tz = sign * (hours * 3600 + mins * 60);`
			`+`
			`src += 6;`
			`(*length) -= 6;`
			`+`
			`*data = src;`
			`return tz;`
			`}`
			`diff --git a/lib/timeutils/tests/test_scan-timestamp.c b/lib/timeutils/tests/test_scan-timestamp.c`
			`index 468bbf779..d18bdc65d 100644`
			`--- a/lib/timeutils/tests/test_scan-timestamp.c`
			`+++ b/lib/timeutils/tests/test_scan-timestamp.c`
			`@@ -264,6 +264,13 @@ Test(parse_timestamp, non_zero_terminated_rfc5424_input_is_handled_properly)`

			`}`

			`+Test(parse_timestamp, non_zero_terminated_rfc5424_timestamp_only)`
			`+{`
			`+ const gchar *ts = "2022-08-17T05:02:28.417+03:00";`
			`+ gint ts_len = strlen(ts);`
			`+ _expect_rfc5424_timestamp_len_eq(ts, ts_len, ts);`
			`+}`
			`+`

			`Test(parse_timestamp, daylight_saving_behavior_at_spring_with_explicit_timezones)`
			`{`
			`--`
			`2.34.1`