From 511e1bc2c37ff9c606d4da96db1910cb70445954 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 21 Jan 2020 16:30:28 -0500 Subject: [PATCH] import libmspack-0.7-0.3.alpha.el8.4 --- .gitignore | 1 + .libmspack.metadata | 1 + ...CHM-file-entries-that-are-blank-beca.patch | 36 +++ ...buffer-is-one-byte-too-small-for-max.patch | 49 ++++ ...hecks-when-looking-for-control-files.patch | 56 +++++ SOURCES/libmspack-0.4alpha-doc.patch | 12 + SPECS/libmspack.spec | 219 ++++++++++++++++++ 7 files changed, 374 insertions(+) create mode 100644 .gitignore create mode 100644 .libmspack.metadata create mode 100644 SOURCES/0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch create mode 100644 SOURCES/0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch create mode 100644 SOURCES/0003-length-checks-when-looking-for-control-files.patch create mode 100644 SOURCES/libmspack-0.4alpha-doc.patch create mode 100644 SPECS/libmspack.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..a397b1a --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/libmspack-v0.7alpha.tar.gz diff --git a/.libmspack.metadata b/.libmspack.metadata new file mode 100644 index 0000000..29d9db5 --- /dev/null +++ b/.libmspack.metadata @@ -0,0 +1 @@ +06dfa4e7157ec817f81a62320596f238c66220f6 SOURCES/libmspack-v0.7alpha.tar.gz diff --git a/SOURCES/0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch b/SOURCES/0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch new file mode 100644 index 0000000..2cc17a6 --- /dev/null +++ b/SOURCES/0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch @@ -0,0 +1,36 @@ +From b86a2e455cc4d3f586367ab05af1f1be00c6df65 Mon Sep 17 00:00:00 2001 +From: Stuart Caie +Date: Wed, 17 Oct 2018 11:29:03 +0100 +Subject: [PATCH 1/3] Avoid returning CHM file entries that are "blank" because + they have embedded null bytes + +(cherry picked from commit 8759da8db6ec9e866cb8eb143313f397f925bb4f) +--- + libmspack/mspack/chmd.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/libmspack/mspack/chmd.c b/libmspack/mspack/chmd.c +index b3f7fee..1d198bf 100644 +--- a/libmspack/mspack/chmd.c ++++ b/libmspack/mspack/chmd.c +@@ -447,14 +447,14 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh, + while (num_entries--) { + READ_ENCINT(name_len); + if (name_len > (unsigned int) (end - p)) goto chunk_end; +- /* consider blank filenames to be an error */ +- if (name_len == 0) goto chunk_end; + name = p; p += name_len; +- + READ_ENCINT(section); + READ_ENCINT(offset); + READ_ENCINT(length); + ++ /* ignore blank or one-char (e.g. "/") filenames we'd return as blank */ ++ if (name_len < 2 || !name[0] || !name[1]) continue; ++ + /* empty files and directory names are stored as a file entry at + * offset 0 with length 0. We want to keep empty files, but not + * directory names, which end with a "/" */ +-- +2.22.0 + diff --git a/SOURCES/0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch b/SOURCES/0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch new file mode 100644 index 0000000..970b178 --- /dev/null +++ b/SOURCES/0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch @@ -0,0 +1,49 @@ +From e31767785bc0922a953bbd1ef6428bf319ba2d2b Mon Sep 17 00:00:00 2001 +From: Stuart Caie +Date: Wed, 17 Oct 2018 11:33:35 +0100 +Subject: [PATCH 2/3] CAB block input buffer is one byte too small for maximal + Quantum block + +(cherry picked from commit 40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2) +--- + libmspack/mspack/cab.h | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/libmspack/mspack/cab.h b/libmspack/mspack/cab.h +index 59cf95e..25cebcb 100644 +--- a/libmspack/mspack/cab.h ++++ b/libmspack/mspack/cab.h +@@ -1,5 +1,5 @@ + /* This file is part of libmspack. +- * (C) 2003-2004 Stuart Caie. ++ * (C) 2003-2018 Stuart Caie. + * + * libmspack is free software; you can redistribute it and/or modify it under + * the terms of the GNU Lesser General Public License (LGPL) version 2.1 +@@ -70,6 +70,14 @@ + #define CAB_BLOCKMAX (32768) + #define CAB_INPUTMAX (CAB_BLOCKMAX+6144) + ++/* input buffer needs to be CAB_INPUTMAX + 1 byte to allow for max-sized block ++ * plus 1 trailer byte added by cabd_sys_read_block() for Quantum alignment. ++ * ++ * When MSCABD_PARAM_SALVAGE is set, block size is not checked so can be ++ * up to 65535 bytes, so max input buffer size needed is 65535 + 1 ++ */ ++#define CAB_INPUTBUF (65535 + 1) ++ + /* There are no more than 65535 data blocks per folder, so a folder cannot + * be more than 32768*65535 bytes in length. As files cannot span more than + * one folder, this is also their max offset, length and offset+length limit. +@@ -100,7 +108,7 @@ struct mscabd_decompress_state { + struct mspack_file *infh; /* input file handle */ + struct mspack_file *outfh; /* output file handle */ + unsigned char *i_ptr, *i_end; /* input data consumed, end */ +- unsigned char input[CAB_INPUTMAX]; /* one input block of data */ ++ unsigned char input[CAB_INPUTBUF]; /* one input block of data */ + }; + + struct mscab_decompressor_p { +-- +2.22.0 + diff --git a/SOURCES/0003-length-checks-when-looking-for-control-files.patch b/SOURCES/0003-length-checks-when-looking-for-control-files.patch new file mode 100644 index 0000000..220561c --- /dev/null +++ b/SOURCES/0003-length-checks-when-looking-for-control-files.patch @@ -0,0 +1,56 @@ +From e50806b8d3eb2af019def3fa932e7edf602ce51f Mon Sep 17 00:00:00 2001 +From: Stuart Caie +Date: Mon, 18 Feb 2019 13:04:58 +0000 +Subject: [PATCH 3/3] length checks when looking for control files + +(cherry picked from commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d) +--- + libmspack/mspack/chmd.c | 32 +++++++++++++++----------------- + 1 file changed, 15 insertions(+), 17 deletions(-) + +diff --git a/libmspack/mspack/chmd.c b/libmspack/mspack/chmd.c +index 1d198bf..4c46db8 100644 +--- a/libmspack/mspack/chmd.c ++++ b/libmspack/mspack/chmd.c +@@ -482,23 +482,21 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh, + fi->filename[name_len] = '\0'; + + if (name[0] == ':' && name[1] == ':') { +- /* system file */ +- if (mspack_memcmp(&name[2], &content_name[2], 31L) == 0) { +- if (mspack_memcmp(&name[33], &content_name[33], 8L) == 0) { +- chm->sec1.content = fi; +- } +- else if (mspack_memcmp(&name[33], &control_name[33], 11L) == 0) { +- chm->sec1.control = fi; +- } +- else if (mspack_memcmp(&name[33], &spaninfo_name[33], 8L) == 0) { +- chm->sec1.spaninfo = fi; +- } +- else if (mspack_memcmp(&name[33], &rtable_name[33], 72L) == 0) { +- chm->sec1.rtable = fi; +- } +- } +- fi->next = chm->sysfiles; +- chm->sysfiles = fi; ++ /* system file */ ++ if (name_len == 40 && mspack_memcmp(name, content_name, 40) == 0) { ++ chm->sec1.content = fi; ++ } ++ else if (name_len == 44 && mspack_memcmp(name, control_name, 44) == 0) { ++ chm->sec1.control = fi; ++ } ++ else if (name_len == 41 && mspack_memcmp(name, spaninfo_name, 41) == 0) { ++ chm->sec1.spaninfo = fi; ++ } ++ else if (name_len == 105 && mspack_memcmp(name, rtable_name, 105) == 0) { ++ chm->sec1.rtable = fi; ++ } ++ fi->next = chm->sysfiles; ++ chm->sysfiles = fi; + } + else { + /* normal file */ +-- +2.22.0 + diff --git a/SOURCES/libmspack-0.4alpha-doc.patch b/SOURCES/libmspack-0.4alpha-doc.patch new file mode 100644 index 0000000..78396ec --- /dev/null +++ b/SOURCES/libmspack-0.4alpha-doc.patch @@ -0,0 +1,12 @@ +diff -up libmspack-0.4alpha/doc/Doxyfile.in.orig libmspack-0.4alpha/doc/Doxyfile.in +--- libmspack-0.4alpha/doc/Doxyfile.in.orig 2013-05-28 12:25:42.000000000 +0200 ++++ libmspack-0.4alpha/doc/Doxyfile.in 2013-05-28 17:30:57.000000000 +0200 +@@ -10,7 +10,7 @@ SHOW_USED_FILES = YES + INPUT = @top_srcdir@/mspack/mspack.h + FULL_PATH_NAMES = NO + GENERATE_HTML = YES +-HTML_OUTPUT = . ++HTML_OUTPUT = html + HTML_FILE_EXTENSION = .html + HTML_TIMESTAMP = NO + GENERATE_HTMLHELP = NO diff --git a/SPECS/libmspack.spec b/SPECS/libmspack.spec new file mode 100644 index 0000000..11a0afb --- /dev/null +++ b/SPECS/libmspack.spec @@ -0,0 +1,219 @@ +Name: libmspack +Version: 0.7 +Release: 0.3.alpha%{?dist}.4 +Summary: Library for CAB and related files compression and decompression + +Group: System Environment/Libraries +License: LGPLv2 +URL: http://www.cabextract.org.uk/libmspack/ +#Source0: http://www.cabextract.org.uk/libmspack/%{name}-%{version}alpha.tar.gz +Source0: https://github.com/kyz/libmspack/archive/v0.7alpha/%{name}-v0.7alpha.tar.gz +Patch0: %{name}-0.4alpha-doc.patch + +# Fixes for CVE-2018-18584 CVE-2018-18585 +Patch1: 0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch +Patch2: 0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch +# Fix for CVE-CVE-2019-1010305 +Patch3: 0003-length-checks-when-looking-for-control-files.patch + +BuildRequires: doxygen +BuildRequires: gcc + +# Temporarily while building from github tarball: +BuildRequires: autoconf, automake, libtool + + +%description +The purpose of libmspack is to provide both compression and decompression of +some loosely related file formats used by Microsoft. + +%package devel +Summary: Development files for %{name} +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} +Obsoletes: %{name}-doc < 0.2 + +%description devel +The %{name}-devel package contains libraries, header files and documentation +for developing applications that use %{name}. + + +%prep +%setup -q -n %{name}-%{version}alpha/libmspack +%patch0 -p1 +%patch1 -p2 +%patch2 -p2 +%patch3 -p2 + +chmod a-x mspack/mspack.h + +# Temporarily while building from github tarball: +autoreconf -i + + +%build +CFLAGS="%{optflags} -fno-strict-aliasing" \ +%configure --disable-static --disable-silent-rules + +# disable rpath the hard way +sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool +sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool + +make %{?_smp_mflags} + + +%install +make install DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p' +rm $RPM_BUILD_ROOT%{_libdir}/libmspack.la + +iconv -f ISO_8859-1 -t utf8 ChangeLog --output Changelog.utf8 +touch -r ChangeLog Changelog.utf8 +mv Changelog.utf8 ChangeLog + +pushd doc +doxygen +find html -type f | xargs touch -r %{SOURCE0} +rm -f html/installdox +popd + +# CVE-2018-18586: The upstream author didn't intend these examples to +# be installed and shipped, and in libmspack 0.9 they are moved into +# an examples directory in the source. chmextract contains a +# directory traversal exploit. Remove the binaries. +rm $RPM_BUILD_ROOT%{_bindir}/cabrip +rm $RPM_BUILD_ROOT%{_bindir}/chmextract +rm $RPM_BUILD_ROOT%{_bindir}/msexpand +rm $RPM_BUILD_ROOT%{_bindir}/oabextract + + +%files +%doc README TODO COPYING.LIB ChangeLog AUTHORS +%{_libdir}/%{name}.so.* + +%files devel +%doc doc/html +%{_includedir}/mspack.h +%{_libdir}/%{name}.so +%{_libdir}/pkgconfig/%{name}.pc + + +%changelog +* Fri Aug 2 2019 Richard W.M. Jones - 0.7-0.2.alpha.4 +- Fix for CVE-2019-1010305 +- Remove "fix" for CVE-2018-14680 as this fix is included in base tar ball. + resolves: rhbz#1736745, rhbz#1736743 + +* Thu Mar 21 2019 Richard W.M. Jones - 0.7-0.2.alpha.3 +- Add gating tests resolves: rhbz#1682770 + +* Mon Dec 10 2018 Richard W.M. Jones - 0.7-0.1.alpha.3 +- Fix for CVE-2018-14680 + resolves: rhbz#1610937 + +* Fri Dec 7 2018 Richard W.M. Jones - 0.7-0.1.alpha.2 +- Fixes for CVE-2018-18584 CVE-2018-18585. + resolves: rhbz#1644220 + +* Wed Nov 14 2018 Richard W.M. Jones - 0.7-0.1.alpha.1 +- Remove examples (CVE-2018-18586) + resolves: rhbz#1648376 + +* Wed Aug 01 2018 Richard W.M. Jones - 0.7-0.1.alpha +- New upstream version 0.7alpha. +- No tarball was uploaded so temporarily use tarball from github. +- Fixes CVE-2018-14679 libmspack: off-by-one error in the CHM PMGI/PMGL + chunk number validity checks + +* Fri Jul 13 2018 Fedora Release Engineering - 0.6-0.3.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Feb 07 2018 Fedora Release Engineering - 0.6-0.2.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Sep 19 2017 Dan Horák - 0.6-0.1.alpha +- updated to 0.6alpha (fixes CVE-2017-6419 and CVE-2017-11423) + +* Thu Aug 03 2017 Fedora Release Engineering - 0.5-0.10.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 0.5-0.9.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Fri Feb 10 2017 Fedora Release Engineering - 0.5-0.8.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Jul 27 2016 Dan Horák - 0.5-0.7.alpha +- install the actual expand binary + +* Wed Jul 27 2016 Dan Horák - 0.5-0.6.alpha +- install the expand tool as msexpand (#1319357) + +* Thu Feb 04 2016 Fedora Release Engineering - 0.5-0.5.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Jul 30 2015 Richard W.M. Jones - 0.5-0.4.alpha +- Avoid 'test/md5.c:126:3: warning: dereferencing type-punned pointer + will break strict-aliasing rules' by adding -fno-strict-aliasing flag. + +* Wed Jun 17 2015 Fedora Release Engineering - 0.5-0.2.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue Mar 03 2015 Dan Horák - 0.5-0.1.alpha +- updated to 0.5alpha + +* Sun Aug 17 2014 Fedora Release Engineering - 0.4-0.4.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 0.4-0.3.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sat Aug 03 2013 Fedora Release Engineering - 0.4-0.2.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue May 28 2013 Dan Horák - 0.4-0.1.alpha +- updated to 0.4alpha + +* Thu Feb 14 2013 Fedora Release Engineering - 0.3-0.4.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Jul 19 2012 Fedora Release Engineering - 0.3-0.3.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jan 13 2012 Fedora Release Engineering - 0.3-0.2.alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon May 16 2011 Dan Horák - 0.3-0.1.alpha +- updated to 0.3alpha + +* Tue Feb 08 2011 Fedora Release Engineering - 0.2-0.2.20100723alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Aug 30 2010 Dan Horák - 0.2-0.1.20100723alpha +- updated to 0.2alpha released 2010/07/23 +- merged the doc subpackage with devel + +* Fri Jul 24 2009 Fedora Release Engineering - 0.0-0.7.20060920alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed Feb 25 2009 Fedora Release Engineering - 0.0-0.6.20060920alpha +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Wed Feb 13 2008 Marc Wiriadisastra - 0.0-0.5-20060920alpha +- Rebuild for gcc4.3 + +* Sun Jan 20 2008 Marc Wiriadisastra - 0.0-0.4.20060920alpha +- installed documentation into html subdir +- manually installed doc's for main package + +* Sun Jan 20 2008 Marc Wiriadisastra - 0.0-0.3.20060920alpha +- Got source using wget -N +- Removed some doc's +- Shifted doc line for doc package +- Added install -p + +* Sun Jan 20 2008 Marc Wiriadisastra - 0.0-0.2.20060920alpha +- Changed install script for doc package +- Fixed rpmlint issue with debug package + +* Fri Jan 18 2008 Marc Wiriadisastra - 20060920cvs.a-1 +- Initial release