From 8e5eb416cb4f0661ea5623a4a777da253a80ca8a Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Tue, 27 Sep 2022 16:03:55 -0400
Subject: [PATCH] import gdisk-1.0.3-11.el8

---
 SOURCES/gdisk-1.0.3-byteswap.patch | 24 +++++++++++------
 SOURCES/gdisk-CVE-2020-0256.patch  | 43 ++++++++++++++++++++++++++++++
 SOURCES/gdisk-CVE-2021-0308.patch  | 27 +++++++++++++++++++
 SPECS/gdisk.spec                   | 18 ++++++++++++-
 4 files changed, 103 insertions(+), 9 deletions(-)
 create mode 100644 SOURCES/gdisk-CVE-2020-0256.patch
 create mode 100644 SOURCES/gdisk-CVE-2021-0308.patch

diff --git a/SOURCES/gdisk-1.0.3-byteswap.patch b/SOURCES/gdisk-1.0.3-byteswap.patch
index 53fb016..865091a 100644
--- a/SOURCES/gdisk-1.0.3-byteswap.patch
+++ b/SOURCES/gdisk-1.0.3-byteswap.patch
@@ -1,4 +1,4 @@
-From 904ce2993978f6cfbec986e051e55e34ad5d7292 Mon Sep 17 00:00:00 2001
+From a7eaefd9bc4a91a4ca26146f784d40725cfe15fa Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nikola=20Forr=C3=B3?= <nforro@redhat.com>
 Date: Wed, 29 Sep 2021 15:33:33 +0200
 Subject: [PATCH] Fix incorrect byte order of partition names on big-endian
@@ -7,12 +7,12 @@ Subject: [PATCH] Fix incorrect byte order of partition names on big-endian
 ---
  gdisk.8    |  8 ++++++++
  gptcl.cc   | 11 +++++++++++
- gptpart.cc | 13 +++++++------
+ gptpart.cc | 14 +++++++-------
  gptpart.h  |  1 +
  gpttext.cc | 20 ++++++++++++++++++++
  gpttext.h  |  1 +
  sgdisk.8   |  8 ++++++++
- 7 files changed, 56 insertions(+), 6 deletions(-)
+ 7 files changed, 56 insertions(+), 7 deletions(-)
 
 diff --git a/gdisk.8 b/gdisk.8
 index c2cf83d..071756c 100644
@@ -70,10 +70,18 @@ index 6c36738..58afc8a 100644
                    SaveGPTBackup(backupFile);
                    free(backupFile);
 diff --git a/gptpart.cc b/gptpart.cc
-index 17d6f15..c2b6500 100644
+index 17d6f15..82aeab0 100644
 --- a/gptpart.cc
 +++ b/gptpart.cc
-@@ -234,7 +234,6 @@ void GPTPart::SetName(const string & theName) {
+@@ -83,7 +83,6 @@ string GPTPart::GetDescription(void) {
+    size_t pos = 0 ;
+    while ( ( pos < NAME_SIZE ) && ( name[ pos ] != 0 ) ) {
+       uint16_t cp = name[ pos ++ ] ;
+-      if ( ! IsLittleEndian() ) ReverseBytes( & cp , 2 ) ;
+       // first to utf32
+       uint32_t uni ;
+       if ( cp < 0xd800 || cp > 0xdfff ) {
+@@ -234,7 +233,6 @@ void GPTPart::SetName(const string & theName) {
        // then to utf16le
        if ( uni < 0x10000 ) {
           name[ pos ] = (uint16_t) uni ;
@@ -81,7 +89,7 @@ index 17d6f15..c2b6500 100644
           pos ++ ;
        } // if
        else {
-@@ -244,10 +243,8 @@ void GPTPart::SetName(const string & theName) {
+@@ -244,10 +242,8 @@ void GPTPart::SetName(const string & theName) {
           } // if
           uni -= 0x10000 ;
           name[ pos ] = (uint16_t)( uni >> 10 ) | 0xd800 ;
@@ -92,7 +100,7 @@ index 17d6f15..c2b6500 100644
           pos ++ ;
        }
     } // for
-@@ -407,14 +404,18 @@ int GPTPart::DoTheyOverlap(const GPTPart & other) {
+@@ -407,14 +403,18 @@ int GPTPart::DoTheyOverlap(const GPTPart & other) {
  // Reverse the bytes of integral data types and of the UTF-16LE name;
  // used on big-endian systems.
  void GPTPart::ReversePartBytes(void) {
@@ -203,5 +211,5 @@ index 2cb18b9..3bc51f2 100644
  .B \-c, \-\-change\-name=partnum:name
  Change the GPT name of a partition. This name is encoded as a UTF\-16
 -- 
-2.32.0
+2.35.1
 
diff --git a/SOURCES/gdisk-CVE-2020-0256.patch b/SOURCES/gdisk-CVE-2020-0256.patch
new file mode 100644
index 0000000..2c706ee
--- /dev/null
+++ b/SOURCES/gdisk-CVE-2020-0256.patch
@@ -0,0 +1,43 @@
+From e44306f00bd12f4dca2db20eaba103ff2f260d87 Mon Sep 17 00:00:00 2001
+From: Rod Smith <rodsmith@rodsbooks.com>
+Date: Mon, 14 Sep 2020 10:08:18 -0400
+Subject: [PATCH 1/2] Fix segfault on some weird data structures
+
+---
+ gpt.cc | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/gpt.cc b/gpt.cc
+index 03a2156..d0242d3 100644
+--- a/gpt.cc
++++ b/gpt.cc
+@@ -983,6 +983,14 @@ int GPTData::LoadHeader(struct GPTHeader *header, DiskIO & disk, uint64_t sector
+    } // if
+    *crcOk = CheckHeaderCRC(&tempHeader);
+ 
++   if (tempHeader.sizeOfPartitionEntries != sizeof(GPTPart)) {
++       cerr << "Warning: Partition table header claims that the size of partition table\n";
++       cerr << "entries is " << tempHeader.sizeOfPartitionEntries << " bytes, but this program ";
++       cerr << " supports only " << sizeof(GPTPart) << "-byte entries.\n";
++       cerr << "Adjusting accordingly, but partition table may be garbage.\n";
++       tempHeader.sizeOfPartitionEntries = sizeof(GPTPart);
++   }
++
+    if (allOK && (numParts != tempHeader.numParts) && *crcOk) {
+       allOK = SetGPTSize(tempHeader.numParts, 0);
+    }
+@@ -1000,7 +1008,10 @@ int GPTData::LoadPartitionTable(const struct GPTHeader & header, DiskIO & disk,
+    uint32_t sizeOfParts, newCRC;
+    int retval;
+ 
+-   if (disk.OpenForRead()) {
++   if (header.sizeOfPartitionEntries != sizeof(GPTPart)) {
++      cerr << "Error! GPT header contains invalid partition entry size!\n";
++      retval = 0;
++   } else if (disk.OpenForRead()) {
+       if (sector == 0) {
+          retval = disk.Seek(header.partitionEntriesLBA);
+       } else {
+-- 
+2.35.1
+
diff --git a/SOURCES/gdisk-CVE-2021-0308.patch b/SOURCES/gdisk-CVE-2021-0308.patch
new file mode 100644
index 0000000..d41a3e3
--- /dev/null
+++ b/SOURCES/gdisk-CVE-2021-0308.patch
@@ -0,0 +1,27 @@
+From 28ac93e737ae4e2055ff23f2ea6021b1127b40a2 Mon Sep 17 00:00:00 2001
+From: Rod Smith <rodsmith@rodsbooks.com>
+Date: Wed, 13 Jan 2021 10:29:24 -0500
+Subject: [PATCH 2/2] Fix bug that could cause crash if a badly-formatted MBR
+ disk was read.
+
+---
+ basicmbr.cc | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/basicmbr.cc b/basicmbr.cc
+index 8fbffd1..2da56db 100644
+--- a/basicmbr.cc
++++ b/basicmbr.cc
+@@ -258,7 +258,8 @@ int BasicMBRData::ReadLogicalParts(uint64_t extendedStart, int partNum) {
+          if (EbrLocations[i] == offset) { // already read this one; infinite logical partition loop!
+             cerr << "Logical partition infinite loop detected! This is being corrected.\n";
+             allOK = -1;
+-            partNum -= 1;
++            if (partNum > 0) //don't go negative
++               partNum -= 1;
+          } // if
+       } // for
+       EbrLocations[partNum] = offset;
+-- 
+2.35.1
+
diff --git a/SPECS/gdisk.spec b/SPECS/gdisk.spec
index b35d14d..2eca406 100644
--- a/SPECS/gdisk.spec
+++ b/SPECS/gdisk.spec
@@ -1,12 +1,14 @@
 Summary:       An fdisk-like partitioning tool for GPT disks
 Name:          gdisk
 Version:       1.0.3
-Release:       8%{?dist}
+Release:       11%{?dist}
 License:       GPLv2
 URL:           http://www.rodsbooks.com/gdisk/
 Group:         System Environment/Base
 Source0:       http://downloads.sourceforge.net/gptfdisk/gptfdisk-%{version}.tar.gz
 Patch0:        gdisk-1.0.3-byteswap.patch
+Patch1:        gdisk-CVE-2020-0256.patch
+Patch2:        gdisk-CVE-2021-0308.patch
 BuildRequires: popt-devel
 BuildRequires: libuuid-devel
 BuildRequires: ncurses-devel
@@ -20,6 +22,8 @@ tables, and the ability to convert MBR disks to GPT format.
 %prep
 %setup -q -n gptfdisk-%{version}
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
 chmod 0644 gdisk_test.sh
 
 %build
@@ -44,6 +48,18 @@ done
 %{_mandir}/man8/fixparts.8*
 
 %changelog
+* Tue Mar 15 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-11
+- Fix double byteswap on big-endian systems also while reading partition names
+  resolves: #2065205
+
+* Wed Mar 02 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-10
+- Fix CVE-2021-0308
+  resolves: #2052364
+
+* Wed Mar 02 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-9
+- Fix CVE-2020-0256
+  resolves: #2052365
+
 * Mon Oct 25 2021 Nikola Forró <nforro@redhat.com> - 1.0.3-8
 - Add upstream tests as a gating test
   related: #1899990