From dfa5b11bf6691798d1a16005e57e2c49d29c6f57 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Tue, 8 Nov 2022 01:55:39 -0500
Subject: [PATCH] import gdisk-1.0.3-11.el8

---
 SOURCES/gdisk-CVE-2020-0256.patch | 43 +++++++++++++++++++++++++++++++
 SOURCES/gdisk-CVE-2021-0308.patch | 27 +++++++++++++++++++
 SPECS/gdisk.spec                  | 18 ++++++++++---
 3 files changed, 85 insertions(+), 3 deletions(-)
 create mode 100644 SOURCES/gdisk-CVE-2020-0256.patch
 create mode 100644 SOURCES/gdisk-CVE-2021-0308.patch

diff --git a/SOURCES/gdisk-CVE-2020-0256.patch b/SOURCES/gdisk-CVE-2020-0256.patch
new file mode 100644
index 0000000..2c706ee
--- /dev/null
+++ b/SOURCES/gdisk-CVE-2020-0256.patch
@@ -0,0 +1,43 @@
+From e44306f00bd12f4dca2db20eaba103ff2f260d87 Mon Sep 17 00:00:00 2001
+From: Rod Smith <rodsmith@rodsbooks.com>
+Date: Mon, 14 Sep 2020 10:08:18 -0400
+Subject: [PATCH 1/2] Fix segfault on some weird data structures
+
+---
+ gpt.cc | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/gpt.cc b/gpt.cc
+index 03a2156..d0242d3 100644
+--- a/gpt.cc
++++ b/gpt.cc
+@@ -983,6 +983,14 @@ int GPTData::LoadHeader(struct GPTHeader *header, DiskIO & disk, uint64_t sector
+    } // if
+    *crcOk = CheckHeaderCRC(&tempHeader);
+ 
++   if (tempHeader.sizeOfPartitionEntries != sizeof(GPTPart)) {
++       cerr << "Warning: Partition table header claims that the size of partition table\n";
++       cerr << "entries is " << tempHeader.sizeOfPartitionEntries << " bytes, but this program ";
++       cerr << " supports only " << sizeof(GPTPart) << "-byte entries.\n";
++       cerr << "Adjusting accordingly, but partition table may be garbage.\n";
++       tempHeader.sizeOfPartitionEntries = sizeof(GPTPart);
++   }
++
+    if (allOK && (numParts != tempHeader.numParts) && *crcOk) {
+       allOK = SetGPTSize(tempHeader.numParts, 0);
+    }
+@@ -1000,7 +1008,10 @@ int GPTData::LoadPartitionTable(const struct GPTHeader & header, DiskIO & disk,
+    uint32_t sizeOfParts, newCRC;
+    int retval;
+ 
+-   if (disk.OpenForRead()) {
++   if (header.sizeOfPartitionEntries != sizeof(GPTPart)) {
++      cerr << "Error! GPT header contains invalid partition entry size!\n";
++      retval = 0;
++   } else if (disk.OpenForRead()) {
+       if (sector == 0) {
+          retval = disk.Seek(header.partitionEntriesLBA);
+       } else {
+-- 
+2.35.1
+
diff --git a/SOURCES/gdisk-CVE-2021-0308.patch b/SOURCES/gdisk-CVE-2021-0308.patch
new file mode 100644
index 0000000..d41a3e3
--- /dev/null
+++ b/SOURCES/gdisk-CVE-2021-0308.patch
@@ -0,0 +1,27 @@
+From 28ac93e737ae4e2055ff23f2ea6021b1127b40a2 Mon Sep 17 00:00:00 2001
+From: Rod Smith <rodsmith@rodsbooks.com>
+Date: Wed, 13 Jan 2021 10:29:24 -0500
+Subject: [PATCH 2/2] Fix bug that could cause crash if a badly-formatted MBR
+ disk was read.
+
+---
+ basicmbr.cc | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/basicmbr.cc b/basicmbr.cc
+index 8fbffd1..2da56db 100644
+--- a/basicmbr.cc
++++ b/basicmbr.cc
+@@ -258,7 +258,8 @@ int BasicMBRData::ReadLogicalParts(uint64_t extendedStart, int partNum) {
+          if (EbrLocations[i] == offset) { // already read this one; infinite logical partition loop!
+             cerr << "Logical partition infinite loop detected! This is being corrected.\n";
+             allOK = -1;
+-            partNum -= 1;
++            if (partNum > 0) //don't go negative
++               partNum -= 1;
+          } // if
+       } // for
+       EbrLocations[partNum] = offset;
+-- 
+2.35.1
+
diff --git a/SPECS/gdisk.spec b/SPECS/gdisk.spec
index 6dea99a..2eca406 100644
--- a/SPECS/gdisk.spec
+++ b/SPECS/gdisk.spec
@@ -1,12 +1,14 @@
 Summary:       An fdisk-like partitioning tool for GPT disks
 Name:          gdisk
 Version:       1.0.3
-Release:       9%{?dist}
+Release:       11%{?dist}
 License:       GPLv2
 URL:           http://www.rodsbooks.com/gdisk/
 Group:         System Environment/Base
 Source0:       http://downloads.sourceforge.net/gptfdisk/gptfdisk-%{version}.tar.gz
 Patch0:        gdisk-1.0.3-byteswap.patch
+Patch1:        gdisk-CVE-2020-0256.patch
+Patch2:        gdisk-CVE-2021-0308.patch
 BuildRequires: popt-devel
 BuildRequires: libuuid-devel
 BuildRequires: ncurses-devel
@@ -20,6 +22,8 @@ tables, and the ability to convert MBR disks to GPT format.
 %prep
 %setup -q -n gptfdisk-%{version}
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
 chmod 0644 gdisk_test.sh
 
 %build
@@ -44,9 +48,17 @@ done
 %{_mandir}/man8/fixparts.8*
 
 %changelog
-* Tue Mar 15 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-9
+* Tue Mar 15 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-11
 - Fix double byteswap on big-endian systems also while reading partition names
-  related: #1899990
+  resolves: #2065205
+
+* Wed Mar 02 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-10
+- Fix CVE-2021-0308
+  resolves: #2052364
+
+* Wed Mar 02 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-9
+- Fix CVE-2020-0256
+  resolves: #2052365
 
 * Mon Oct 25 2021 Nikola Forró <nforro@redhat.com> - 1.0.3-8
 - Add upstream tests as a gating test