xref: /OK3568_Linux_fs/yocto/poky/meta/recipes-support/gmp/gmp/cve-2021-43618.patch (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1CVE: CVE-2021-43618
2Upstream-Status: Backport
3Signed-off-by: Ross Burton <ross.burton@arm.com>
4
5# HG changeset patch
6# User Marco Bodrato <bodrato@mail.dm.unipi.it>
7# Date 1634836009 -7200
8# Node ID 561a9c25298e17bb01896801ff353546c6923dbd
9# Parent  e1fd9db13b475209a864577237ea4b9105b3e96e
10mpz/inp_raw.c: Avoid bit size overflows
11
12diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c
13--- a/mpz/inp_raw.c	Tue Dec 22 23:49:51 2020 +0100
14+++ b/mpz/inp_raw.c	Thu Oct 21 19:06:49 2021 +0200
15@@ -88,8 +88,11 @@
16
17   abs_csize = ABS (csize);
18
19+  if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8))
20+    return 0; /* Bit size overflows */
21+
22   /* round up to a multiple of limbs */
23-  abs_xsize = BITS_TO_LIMBS (abs_csize*8);
24+  abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8);
25
26   if (abs_xsize != 0)
27     {
28