import gdisk-1.0.3-11.el8
This commit is contained in:
parent
a569a8aa6f
commit
ffdc33b3cf
43
SOURCES/gdisk-CVE-2020-0256.patch
Normal file
43
SOURCES/gdisk-CVE-2020-0256.patch
Normal file
@ -0,0 +1,43 @@
|
||||
From e44306f00bd12f4dca2db20eaba103ff2f260d87 Mon Sep 17 00:00:00 2001
|
||||
From: Rod Smith <rodsmith@rodsbooks.com>
|
||||
Date: Mon, 14 Sep 2020 10:08:18 -0400
|
||||
Subject: [PATCH 1/2] Fix segfault on some weird data structures
|
||||
|
||||
---
|
||||
gpt.cc | 13 ++++++++++++-
|
||||
1 file changed, 12 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/gpt.cc b/gpt.cc
|
||||
index 03a2156..d0242d3 100644
|
||||
--- a/gpt.cc
|
||||
+++ b/gpt.cc
|
||||
@@ -983,6 +983,14 @@ int GPTData::LoadHeader(struct GPTHeader *header, DiskIO & disk, uint64_t sector
|
||||
} // if
|
||||
*crcOk = CheckHeaderCRC(&tempHeader);
|
||||
|
||||
+ if (tempHeader.sizeOfPartitionEntries != sizeof(GPTPart)) {
|
||||
+ cerr << "Warning: Partition table header claims that the size of partition table\n";
|
||||
+ cerr << "entries is " << tempHeader.sizeOfPartitionEntries << " bytes, but this program ";
|
||||
+ cerr << " supports only " << sizeof(GPTPart) << "-byte entries.\n";
|
||||
+ cerr << "Adjusting accordingly, but partition table may be garbage.\n";
|
||||
+ tempHeader.sizeOfPartitionEntries = sizeof(GPTPart);
|
||||
+ }
|
||||
+
|
||||
if (allOK && (numParts != tempHeader.numParts) && *crcOk) {
|
||||
allOK = SetGPTSize(tempHeader.numParts, 0);
|
||||
}
|
||||
@@ -1000,7 +1008,10 @@ int GPTData::LoadPartitionTable(const struct GPTHeader & header, DiskIO & disk,
|
||||
uint32_t sizeOfParts, newCRC;
|
||||
int retval;
|
||||
|
||||
- if (disk.OpenForRead()) {
|
||||
+ if (header.sizeOfPartitionEntries != sizeof(GPTPart)) {
|
||||
+ cerr << "Error! GPT header contains invalid partition entry size!\n";
|
||||
+ retval = 0;
|
||||
+ } else if (disk.OpenForRead()) {
|
||||
if (sector == 0) {
|
||||
retval = disk.Seek(header.partitionEntriesLBA);
|
||||
} else {
|
||||
--
|
||||
2.35.1
|
||||
|
27
SOURCES/gdisk-CVE-2021-0308.patch
Normal file
27
SOURCES/gdisk-CVE-2021-0308.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From 28ac93e737ae4e2055ff23f2ea6021b1127b40a2 Mon Sep 17 00:00:00 2001
|
||||
From: Rod Smith <rodsmith@rodsbooks.com>
|
||||
Date: Wed, 13 Jan 2021 10:29:24 -0500
|
||||
Subject: [PATCH 2/2] Fix bug that could cause crash if a badly-formatted MBR
|
||||
disk was read.
|
||||
|
||||
---
|
||||
basicmbr.cc | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/basicmbr.cc b/basicmbr.cc
|
||||
index 8fbffd1..2da56db 100644
|
||||
--- a/basicmbr.cc
|
||||
+++ b/basicmbr.cc
|
||||
@@ -258,7 +258,8 @@ int BasicMBRData::ReadLogicalParts(uint64_t extendedStart, int partNum) {
|
||||
if (EbrLocations[i] == offset) { // already read this one; infinite logical partition loop!
|
||||
cerr << "Logical partition infinite loop detected! This is being corrected.\n";
|
||||
allOK = -1;
|
||||
- partNum -= 1;
|
||||
+ if (partNum > 0) //don't go negative
|
||||
+ partNum -= 1;
|
||||
} // if
|
||||
} // for
|
||||
EbrLocations[partNum] = offset;
|
||||
--
|
||||
2.35.1
|
||||
|
@ -1,12 +1,14 @@
|
||||
Summary: An fdisk-like partitioning tool for GPT disks
|
||||
Name: gdisk
|
||||
Version: 1.0.3
|
||||
Release: 9%{?dist}
|
||||
Release: 11%{?dist}
|
||||
License: GPLv2
|
||||
URL: http://www.rodsbooks.com/gdisk/
|
||||
Group: System Environment/Base
|
||||
Source0: http://downloads.sourceforge.net/gptfdisk/gptfdisk-%{version}.tar.gz
|
||||
Patch0: gdisk-1.0.3-byteswap.patch
|
||||
Patch1: gdisk-CVE-2020-0256.patch
|
||||
Patch2: gdisk-CVE-2021-0308.patch
|
||||
BuildRequires: popt-devel
|
||||
BuildRequires: libuuid-devel
|
||||
BuildRequires: ncurses-devel
|
||||
@ -20,6 +22,8 @@ tables, and the ability to convert MBR disks to GPT format.
|
||||
%prep
|
||||
%setup -q -n gptfdisk-%{version}
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
chmod 0644 gdisk_test.sh
|
||||
|
||||
%build
|
||||
@ -44,9 +48,17 @@ done
|
||||
%{_mandir}/man8/fixparts.8*
|
||||
|
||||
%changelog
|
||||
* Tue Mar 15 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-9
|
||||
* Tue Mar 15 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-11
|
||||
- Fix double byteswap on big-endian systems also while reading partition names
|
||||
related: #1899990
|
||||
resolves: #2065205
|
||||
|
||||
* Wed Mar 02 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-10
|
||||
- Fix CVE-2021-0308
|
||||
resolves: #2052364
|
||||
|
||||
* Wed Mar 02 2022 Nikola Forró <nforro@redhat.com> - 1.0.3-9
|
||||
- Fix CVE-2020-0256
|
||||
resolves: #2052365
|
||||
|
||||
* Mon Oct 25 2021 Nikola Forró <nforro@redhat.com> - 1.0.3-8
|
||||
- Add upstream tests as a gating test
|
||||
|
Loading…
Reference in New Issue
Block a user