diff options
| author |   Lars Wendler <polynomial-c@gentoo.org> | 2016-10-31 22:28:26 +0100 |
|---|---|---|
| committer | Lars Wendler <polynomial-c@gentoo.org> | 2016-10-31 23:38:53 +0100 |
| commit | 6709a4dd32310b2280e4e90e37c4000fa9c13e27 (patch) | |
| tree | 12f4946883421d8424726dbbe10f2c8d50f0d024 /app-arch/libarchive/files | |
| parent | app-arch/libarchive: Security bump to version 3.2.2 (bug #596568). (diff) | |
| download | gentoo-6709a4dd32310b2280e4e90e37c4000fa9c13e27.tar.gz gentoo-6709a4dd32310b2280e4e90e37c4000fa9c13e27.tar.bz2 gentoo-6709a4dd32310b2280e4e90e37c4000fa9c13e27.zip | |
app-arch/libarchive: Removed old.
Package-Manager: portage-2.3.2
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
Diffstat (limited to 'app-arch/libarchive/files')
3 files changed, 0 insertions, 128 deletions
diff --git a/app-arch/libarchive/files/libarchive-3.1.2-CVE-2013-0211.patch b/app-arch/libarchive/files/libarchive-3.1.2-CVE-2013-0211.patch deleted file mode 100644 index 78427ce47740..000000000000 --- a/app-arch/libarchive/files/libarchive-3.1.2-CVE-2013-0211.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 22531545514043e04633e1c015c7540b9de9dbe4 Mon Sep 17 00:00:00 2001 -From: Tim Kientzle <kientzle@acm.org> -Date: Fri, 22 Mar 2013 23:48:41 -0700 -Subject: [PATCH] Limit write requests to at most INT_MAX. This prevents a - certain common programming error (passing -1 to write) from leading to other - problems deeper in the library. - ---- - libarchive/archive_write.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c -index eede5e0..be85621 100644 ---- a/libarchive/archive_write.c -+++ b/libarchive/archive_write.c -@@ -673,8 +673,13 @@ static ssize_t - _archive_write_data(struct archive *_a, const void *buff, size_t s) - { - struct archive_write *a = (struct archive_write *)_a; -+ const size_t max_write = INT_MAX; -+ - archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC, - ARCHIVE_STATE_DATA, "archive_write_data"); -+ /* In particular, this catches attempts to pass negative values. */ -+ if (s > max_write) -+ s = max_write; - archive_clear_error(&a->archive); - return ((a->format_write_data)(a, buff, s)); - } --- -1.8.1 - diff --git a/app-arch/libarchive/files/libarchive-3.1.2-CVE-2016-1541.patch b/app-arch/libarchive/files/libarchive-3.1.2-CVE-2016-1541.patch deleted file mode 100644 index 63c6a7474562..000000000000 --- a/app-arch/libarchive/files/libarchive-3.1.2-CVE-2016-1541.patch +++ /dev/null @@ -1,67 +0,0 @@ -From d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7 Mon Sep 17 00:00:00 2001 -From: Tim Kientzle <kientzle@acm.org> -Date: Sun, 24 Apr 2016 17:13:45 -0700 -Subject: [PATCH] Issue #656: Fix CVE-2016-1541, VU#862384 - -When reading OS X metadata entries in Zip archives that were stored -without compression, libarchive would use the uncompressed entry size -to allocate a buffer but would use the compressed entry size to limit -the amount of data copied into that buffer. Since the compressed -and uncompressed sizes are provided by data in the archive itself, -an attacker could manipulate these values to write data beyond -the end of the allocated buffer. - -This fix provides three new checks to guard against such -manipulation and to make libarchive generally more robust when -handling this type of entry: - 1. If an OS X metadata entry is stored without compression, - abort the entire archive if the compressed and uncompressed - data sizes do not match. - 2. When sanity-checking the size of an OS X metadata entry, - abort this entry if either the compressed or uncompressed - size is larger than 4MB. - 3. When copying data into the allocated buffer, check the copy - size against both the compressed entry size and uncompressed - entry size. ---- - libarchive/archive_read_support_format_zip.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c -index 0f8262c..0a0be96 100644 ---- a/libarchive/archive_read_support_format_zip.c -+++ b/libarchive/archive_read_support_format_zip.c -@@ -2778,6 +2778,11 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry, - - switch(rsrc->compression) { - case 0: /* No compression. */ -+ if (rsrc->uncompressed_size != rsrc->compressed_size) { -+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, -+ "Malformed OS X metadata entry: inconsistent size"); -+ return (ARCHIVE_FATAL); -+ } - #ifdef HAVE_ZLIB_H - case 8: /* Deflate compression. */ - #endif -@@ -2798,6 +2803,12 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry, - (intmax_t)rsrc->uncompressed_size); - return (ARCHIVE_WARN); - } -+ if (rsrc->compressed_size > (4 * 1024 * 1024)) { -+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, -+ "Mac metadata is too large: %jd > 4M bytes", -+ (intmax_t)rsrc->compressed_size); -+ return (ARCHIVE_WARN); -+ } - - metadata = malloc((size_t)rsrc->uncompressed_size); - if (metadata == NULL) { -@@ -2836,6 +2847,8 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry, - bytes_avail = remaining_bytes; - switch(rsrc->compression) { - case 0: /* No compression. */ -+ if ((size_t)bytes_avail > metadata_bytes) -+ bytes_avail = metadata_bytes; - memcpy(mp, p, bytes_avail); - bytes_used = (size_t)bytes_avail; - metadata_bytes -= bytes_used; diff --git a/app-arch/libarchive/files/libarchive-3.1.2-outofsource.patch b/app-arch/libarchive/files/libarchive-3.1.2-outofsource.patch deleted file mode 100644 index 6545c6132391..000000000000 --- a/app-arch/libarchive/files/libarchive-3.1.2-outofsource.patch +++ /dev/null @@ -1,29 +0,0 @@ ---- a/Makefile.am 2013-02-09 12:23:03.000000000 -0500 -+++ b/Makefile.am 2016-01-08 16:43:00.868186895 -0500 -@@ -508,7 +508,7 @@ - # Building it automatically provides a sanity-check on libarchive_test_SOURCES - # above. - libarchive/test/list.h: Makefile -- cat $(top_srcdir)/libarchive/test/test_*.c | grep DEFINE_TEST > libarchive/test/list.h -+ mkdir -p libarchive/test && cat $(top_srcdir)/libarchive/test/test_*.c | grep DEFINE_TEST > libarchive/test/list.h - - libarchive_TESTS_ENVIRONMENT= LIBARCHIVE_TEST_FILES=`cd $(top_srcdir);/bin/pwd`/libarchive/test LRZIP=NOCONFIG - -@@ -835,7 +835,7 @@ - $(PLATFORMCPPFLAGS) - - tar/test/list.h: Makefile -- cat $(top_srcdir)/tar/test/test_*.c | grep DEFINE_TEST > tar/test/list.h -+ mkdir -p tar/test && cat $(top_srcdir)/tar/test/test_*.c | grep DEFINE_TEST > tar/test/list.h - - if BUILD_BSDTAR - bsdtar_test_programs= bsdtar_test -@@ -975,7 +975,7 @@ - bsdcpio_test_LDADD=libarchive_fe.la - - cpio/test/list.h: Makefile -- cat $(top_srcdir)/cpio/test/test_*.c | grep DEFINE_TEST > cpio/test/list.h -+ mkdir -p cpio/test && cat $(top_srcdir)/cpio/test/test_*.c | grep DEFINE_TEST > cpio/test/list.h - - if BUILD_BSDCPIO - bsdcpio_test_programs= bsdcpio_test |