Revert the previous patch (RHEL-71143)
Resolves: RHEL-71141
This commit is contained in:
Jakub Martisko
parent
353240681d
commit
fc546512bf
@ -1,32 +0,0 @@
|
||||
From 74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc Mon Sep 17 00:00:00 2001
|
||||
From: Albert Astals Cid <aacid@kde.org>
|
||||
Date: Tue, 28 May 2019 19:35:18 +0200
|
||||
Subject: [PATCH] Make sure nSelectors is not out of range
|
||||
|
||||
nSelectors is used in a loop from 0 to nSelectors to access selectorMtf
|
||||
which is
|
||||
UChar selectorMtf[BZ_MAX_SELECTORS];
|
||||
so if nSelectors is bigger than BZ_MAX_SELECTORS it'll do an invalid memory
|
||||
access
|
||||
|
||||
Fixes out of bounds access discovered while fuzzying karchive
|
||||
---
|
||||
decompress.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/decompress.c b/decompress.c
|
||||
index ab6a624..f3db91d 100644
|
||||
--- a/decompress.c
|
||||
+++ b/decompress.c
|
||||
@@ -287,7 +287,7 @@ Int32 BZ2_decompress ( DState* s )
|
||||
GET_BITS(BZ_X_SELECTOR_1, nGroups, 3);
|
||||
if (nGroups < 2 || nGroups > BZ_N_GROUPS) RETURN(BZ_DATA_ERROR);
|
||||
GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
|
||||
- if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
|
||||
+ if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
|
||||
for (i = 0; i < nSelectors; i++) {
|
||||
j = 0;
|
||||
while (True) {
|
||||
--
|
||||
GitLab
|
||||
|
||||
10
bzip2.spec
10
bzip2.spec
@ -3,7 +3,7 @@
|
||||
Summary: A file compression utility
|
||||
Name: bzip2
|
||||
Version: 1.0.8
|
||||
Release: 9%{?dist}
|
||||
Release: 10%{?dist}
|
||||
License: BSD
|
||||
URL: http://www.bzip.org/
|
||||
#Source0: http://www.bzip.org/%{version}/%{name}-%{version}.tar.gz
|
||||
@ -14,7 +14,6 @@ Patch0: bzip2-saneso.patch
|
||||
Patch1: bzip2-cflags.patch
|
||||
Patch2: bzip2-ldflags.patch
|
||||
Patch3: man_gzipdiff.patch
|
||||
Patch4: bzip2-out_of_bounds.patch
|
||||
|
||||
BuildRequires: gcc
|
||||
BuildRequires: make
|
||||
@ -59,7 +58,6 @@ Static libraries for applications using the bzip2 compression format.
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p2
|
||||
%patch4 -p1
|
||||
|
||||
cp -a %{SOURCE1} .
|
||||
sed -i "s|^libdir=|libdir=%{_libdir}|" bzip2.pc
|
||||
@ -138,8 +136,12 @@ ln -s bzgrep.1 $RPM_BUILD_ROOT%{_mandir}/man1/bzfgrep.1
|
||||
%{_libdir}/pkgconfig/bzip2.pc
|
||||
|
||||
%changelog
|
||||
* Thu Dec 19 2024 Jakub Martisko <jamartis@redhat.com> - 1.0.8-10
|
||||
- Revert the previous commit (introduced a regression)
|
||||
Resolves: CVE-2019-12900
|
||||
|
||||
* Mon Oct 04 2024 Jakub Martisko <jamartis@redhat.com> - 1.0.8-9
|
||||
- Fix out of boinds access in BZ2_decompress
|
||||
- Fix out of bounds access in BZ2_decompress
|
||||
Resolves: RHEL-65198
|
||||
|
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.0.8-8
|
||||
|
||||
Loading…
Reference in New Issue
Block a user