import libmspack-0.7-0.3.alpha.el8.4

2020-01-21 16:30:28 -05:00 · 2020-01-21 16:30:28 -05:00 · 511e1bc2c3
commit 511e1bc2c3
7 changed files with 374 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+SOURCES/libmspack-v0.7alpha.tar.gz
--- a/.libmspack.metadata
+++ b/.libmspack.metadata
@ -0,0 +1 @@
+06dfa4e7157ec817f81a62320596f238c66220f6 SOURCES/libmspack-v0.7alpha.tar.gz
--- a/SOURCES/0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch
+++ b/SOURCES/0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch
@ -0,0 +1,36 @@
+From b86a2e455cc4d3f586367ab05af1f1be00c6df65 Mon Sep 17 00:00:00 2001
+From: Stuart Caie <kyzer@cabextract.org.uk>
+Date: Wed, 17 Oct 2018 11:29:03 +0100
+Subject: [PATCH 1/3] Avoid returning CHM file entries that are "blank" because
+ they have embedded null bytes
+
+(cherry picked from commit 8759da8db6ec9e866cb8eb143313f397f925bb4f)
+---
+ libmspack/mspack/chmd.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/libmspack/mspack/chmd.c b/libmspack/mspack/chmd.c
+index b3f7fee..1d198bf 100644
+--- a/libmspack/mspack/chmd.c
+++ b/libmspack/mspack/chmd.c
+@@ -447,14 +447,14 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
+     while (num_entries--) {
+       READ_ENCINT(name_len);
+       if (name_len > (unsigned int) (end - p)) goto chunk_end;
+-      /* consider blank filenames to be an error */
+-      if (name_len == 0) goto chunk_end;
+       name = p; p += name_len;
+-
+       READ_ENCINT(section);
+       READ_ENCINT(offset);
+       READ_ENCINT(length);
+ 
+      /* ignore blank or one-char (e.g. "/") filenames we'd return as blank */
+      if (name_len < 2 || !name[0] || !name[1]) continue;
+
+       /* empty files and directory names are stored as a file entry at
+        * offset 0 with length 0. We want to keep empty files, but not
+        * directory names, which end with a "/" */
+-- 
+2.22.0
+
--- a/SOURCES/0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch
+++ b/SOURCES/0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch
@ -0,0 +1,49 @@
+From e31767785bc0922a953bbd1ef6428bf319ba2d2b Mon Sep 17 00:00:00 2001
+From: Stuart Caie <kyzer@cabextract.org.uk>
+Date: Wed, 17 Oct 2018 11:33:35 +0100
+Subject: [PATCH 2/3] CAB block input buffer is one byte too small for maximal
+ Quantum block
+
+(cherry picked from commit 40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2)
+---
+ libmspack/mspack/cab.h | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/libmspack/mspack/cab.h b/libmspack/mspack/cab.h
+index 59cf95e..25cebcb 100644
+--- a/libmspack/mspack/cab.h
+++ b/libmspack/mspack/cab.h
+@@ -1,5 +1,5 @@
+ /* This file is part of libmspack.
+- * (C) 2003-2004 Stuart Caie.
+ * (C) 2003-2018 Stuart Caie.
+  *
+  * libmspack is free software; you can redistribute it and/or modify it under
+  * the terms of the GNU Lesser General Public License (LGPL) version 2.1
+@@ -70,6 +70,14 @@
+ #define CAB_BLOCKMAX (32768)
+ #define CAB_INPUTMAX (CAB_BLOCKMAX+6144)
+ 
+/* input buffer needs to be CAB_INPUTMAX + 1 byte to allow for max-sized block
+ * plus 1 trailer byte added by cabd_sys_read_block() for Quantum alignment.
+ *
+ * When MSCABD_PARAM_SALVAGE is set, block size is not checked so can be
+ * up to 65535 bytes, so max input buffer size needed is 65535 + 1
+ */
+#define CAB_INPUTBUF (65535 + 1)
+
+ /* There are no more than 65535 data blocks per folder, so a folder cannot
+  * be more than 32768*65535 bytes in length. As files cannot span more than
+  * one folder, this is also their max offset, length and offset+length limit.
+@@ -100,7 +108,7 @@ struct mscabd_decompress_state {
+   struct mspack_file *infh;          /* input file handle                    */
+   struct mspack_file *outfh;         /* output file handle                   */
+   unsigned char *i_ptr, *i_end;      /* input data consumed, end             */
+-  unsigned char input[CAB_INPUTMAX]; /* one input block of data              */
+  unsigned char input[CAB_INPUTBUF]; /* one input block of data              */
+ };
+ 
+ struct mscab_decompressor_p {
+-- 
+2.22.0
+
--- a/SOURCES/0003-length-checks-when-looking-for-control-files.patch
+++ b/SOURCES/0003-length-checks-when-looking-for-control-files.patch
@ -0,0 +1,56 @@
+From e50806b8d3eb2af019def3fa932e7edf602ce51f Mon Sep 17 00:00:00 2001
+From: Stuart Caie <kyzer@cabextract.org.uk>
+Date: Mon, 18 Feb 2019 13:04:58 +0000
+Subject: [PATCH 3/3] length checks when looking for control files
+
+(cherry picked from commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d)
+---
+ libmspack/mspack/chmd.c | 32 +++++++++++++++-----------------
+ 1 file changed, 15 insertions(+), 17 deletions(-)
+
+diff --git a/libmspack/mspack/chmd.c b/libmspack/mspack/chmd.c
+index 1d198bf..4c46db8 100644
+--- a/libmspack/mspack/chmd.c
+++ b/libmspack/mspack/chmd.c
+@@ -482,23 +482,21 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
+       fi->filename[name_len] = '\0';
+ 
+       if (name[0] == ':' && name[1] == ':') {
+-	/* system file */
+-	if (mspack_memcmp(&name[2], &content_name[2], 31L) == 0) {
+-	  if (mspack_memcmp(&name[33], &content_name[33], 8L) == 0) {
+-	    chm->sec1.content = fi;
+-	  }
+-	  else if (mspack_memcmp(&name[33], &control_name[33], 11L) == 0) {
+-	    chm->sec1.control = fi;
+-	  }
+-	  else if (mspack_memcmp(&name[33], &spaninfo_name[33], 8L) == 0) {
+-	    chm->sec1.spaninfo = fi;
+-	  }
+-	  else if (mspack_memcmp(&name[33], &rtable_name[33], 72L) == 0) {
+-	    chm->sec1.rtable = fi;
+-	  }
+-	}
+-	fi->next = chm->sysfiles;
+-	chm->sysfiles = fi;
+        /* system file */
+        if (name_len == 40 && mspack_memcmp(name, content_name, 40) == 0) {
+          chm->sec1.content = fi;
+        }
+        else if (name_len == 44 && mspack_memcmp(name, control_name, 44) == 0) {
+          chm->sec1.control = fi;
+        }
+        else if (name_len == 41 && mspack_memcmp(name, spaninfo_name, 41) == 0) {
+          chm->sec1.spaninfo = fi;
+        }
+        else if (name_len == 105 && mspack_memcmp(name, rtable_name, 105) == 0) {
+          chm->sec1.rtable = fi;
+        }
+        fi->next = chm->sysfiles;
+        chm->sysfiles = fi;
+       }
+       else {
+ 	/* normal file */
+-- 
+2.22.0
+
--- a/SOURCES/libmspack-0.4alpha-doc.patch
+++ b/SOURCES/libmspack-0.4alpha-doc.patch
@ -0,0 +1,12 @@
+diff -up libmspack-0.4alpha/doc/Doxyfile.in.orig libmspack-0.4alpha/doc/Doxyfile.in
+--- libmspack-0.4alpha/doc/Doxyfile.in.orig	2013-05-28 12:25:42.000000000 +0200
+++ libmspack-0.4alpha/doc/Doxyfile.in	2013-05-28 17:30:57.000000000 +0200
+@@ -10,7 +10,7 @@ SHOW_USED_FILES        = YES
+ INPUT                  = @top_srcdir@/mspack/mspack.h
+ FULL_PATH_NAMES        = NO
+ GENERATE_HTML          = YES
+-HTML_OUTPUT            = .
+HTML_OUTPUT            = html
+ HTML_FILE_EXTENSION    = .html
+ HTML_TIMESTAMP         = NO
+ GENERATE_HTMLHELP      = NO
--- a/SPECS/libmspack.spec
+++ b/SPECS/libmspack.spec
@ -0,0 +1,219 @@
+Name:           libmspack
+Version:        0.7
+Release:        0.3.alpha%{?dist}.4
+Summary:        Library for CAB and related files compression and decompression
+
+Group:          System Environment/Libraries
+License:        LGPLv2
+URL:            http://www.cabextract.org.uk/libmspack/
+#Source0:        http://www.cabextract.org.uk/libmspack/%{name}-%{version}alpha.tar.gz
+Source0:        https://github.com/kyz/libmspack/archive/v0.7alpha/%{name}-v0.7alpha.tar.gz
+Patch0:         %{name}-0.4alpha-doc.patch
+
+# Fixes for CVE-2018-18584 CVE-2018-18585
+Patch1:         0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch
+Patch2:         0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch
+# Fix for CVE-CVE-2019-1010305
+Patch3:         0003-length-checks-when-looking-for-control-files.patch
+
+BuildRequires:  doxygen
+BuildRequires:  gcc
+
+# Temporarily while building from github tarball:
+BuildRequires:  autoconf, automake, libtool
+
+
+%description
+The purpose of libmspack is to provide both compression and decompression of 
+some loosely related file formats used by Microsoft.
+
+%package        devel
+Summary:        Development files for %{name}
+Group:          Development/Libraries
+Requires:       %{name} = %{version}-%{release}
+Obsoletes:      %{name}-doc < 0.2
+
+%description    devel
+The %{name}-devel package contains libraries, header files and documentation
+for developing applications that use %{name}.
+
+
+%prep
+%setup -q -n %{name}-%{version}alpha/libmspack
+%patch0 -p1
+%patch1 -p2
+%patch2 -p2
+%patch3 -p2
+
+chmod a-x mspack/mspack.h
+
+# Temporarily while building from github tarball:
+autoreconf -i
+
+
+%build
+CFLAGS="%{optflags} -fno-strict-aliasing" \
+%configure --disable-static --disable-silent-rules
+
+# disable rpath the hard way
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
+
+make %{?_smp_mflags}
+
+
+%install
+make install DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p'
+rm $RPM_BUILD_ROOT%{_libdir}/libmspack.la
+
+iconv -f ISO_8859-1 -t utf8 ChangeLog --output Changelog.utf8
+touch -r ChangeLog Changelog.utf8
+mv Changelog.utf8 ChangeLog
+
+pushd doc
+doxygen
+find html -type f | xargs touch -r %{SOURCE0}
+rm -f html/installdox
+popd
+
+# CVE-2018-18586: The upstream author didn't intend these examples to
+# be installed and shipped, and in libmspack 0.9 they are moved into
+# an examples directory in the source.  chmextract contains a
+# directory traversal exploit.  Remove the binaries.
+rm $RPM_BUILD_ROOT%{_bindir}/cabrip
+rm $RPM_BUILD_ROOT%{_bindir}/chmextract
+rm $RPM_BUILD_ROOT%{_bindir}/msexpand
+rm $RPM_BUILD_ROOT%{_bindir}/oabextract
+
+
+%files
+%doc README TODO COPYING.LIB ChangeLog AUTHORS
+%{_libdir}/%{name}.so.*
+
+%files devel
+%doc doc/html
+%{_includedir}/mspack.h
+%{_libdir}/%{name}.so
+%{_libdir}/pkgconfig/%{name}.pc
+
+
+%changelog
+* Fri Aug  2 2019 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.2.alpha.4
+- Fix for CVE-2019-1010305
+- Remove "fix" for CVE-2018-14680 as this fix is included in base tar ball.
+  resolves: rhbz#1736745, rhbz#1736743
+
+* Thu Mar 21 2019 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.2.alpha.3
+- Add gating tests resolves: rhbz#1682770
+
+* Mon Dec 10 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha.3
+- Fix for CVE-2018-14680
+  resolves: rhbz#1610937
+
+* Fri Dec  7 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha.2
+- Fixes for CVE-2018-18584 CVE-2018-18585.
+  resolves: rhbz#1644220
+
+* Wed Nov 14 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha.1
+- Remove examples (CVE-2018-18586)
+  resolves: rhbz#1648376
+
+* Wed Aug 01 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha
+- New upstream version 0.7alpha.
+- No tarball was uploaded so temporarily use tarball from github.
+- Fixes CVE-2018-14679 libmspack: off-by-one error in the CHM PMGI/PMGL
+  chunk number validity checks
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6-0.3.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.6-0.2.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Tue Sep 19 2017 Dan Horák <dan[at]danny.cz> - 0.6-0.1.alpha
+- updated to 0.6alpha (fixes CVE-2017-6419 and CVE-2017-11423)
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-0.10.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-0.9.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-0.8.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Wed Jul 27 2016 Dan Horák <dan[at]danny.cz> - 0.5-0.7.alpha
+- install the actual expand binary
+
+* Wed Jul 27 2016 Dan Horák <dan[at]danny.cz> - 0.5-0.6.alpha
+- install the expand tool as msexpand (#1319357)
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.5-0.5.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Thu Jul 30 2015 Richard W.M. Jones <rjones@redhat.com> - 0.5-0.4.alpha
+- Avoid 'test/md5.c:126:3: warning: dereferencing type-punned pointer
+  will break strict-aliasing rules' by adding -fno-strict-aliasing flag.
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.5-0.2.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Tue Mar 03 2015 Dan Horák <dan[at]danny.cz> - 0.5-0.1.alpha
+- updated to 0.5alpha
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4-0.4.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4-0.3.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4-0.2.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Tue May 28 2013 Dan Horák <dan[at]danny.cz> - 0.4-0.1.alpha
+- updated to 0.4alpha
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3-0.4.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3-0.3.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.3-0.2.alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Mon May 16 2011 Dan Horák <dan[at]danny.cz> - 0.3-0.1.alpha
+- updated to 0.3alpha
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2-0.2.20100723alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Mon Aug 30 2010 Dan Horák <dan[at]danny.cz> - 0.2-0.1.20100723alpha
+- updated to 0.2alpha released 2010/07/23
+- merged the doc subpackage with devel
+
+* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.0-0.7.20060920alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.0-0.6.20060920alpha
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Wed Feb 13 2008 Marc Wiriadisastra <marc@mwiriadi.id.au> - 0.0-0.5-20060920alpha
+- Rebuild for gcc4.3
+
+* Sun Jan 20 2008 Marc Wiriadisastra <marc@mwiriadi.id.au> - 0.0-0.4.20060920alpha
+- installed documentation into html subdir
+- manually installed doc's for main package
+
+* Sun Jan 20 2008 Marc Wiriadisastra <marc@mwiriadi.id.au> - 0.0-0.3.20060920alpha
+- Got source using wget -N
+- Removed some doc's
+- Shifted doc line for doc package
+- Added install -p
+
+* Sun Jan 20 2008 Marc Wiriadisastra <marc@mwiriadi.id.au> - 0.0-0.2.20060920alpha
+- Changed install script for doc package
+- Fixed rpmlint issue with debug package
+
+* Fri Jan 18 2008 Marc Wiriadisastra <marc@mwiriadi.id.au> - 20060920cvs.a-1
+- Initial release
				`@ -0,0 +1 @@`
				`06dfa4e7157ec817f81a62320596f238c66220f6 SOURCES/libmspack-v0.7alpha.tar.gz`