rpms/libmspack
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8
Branches Tags
rpms:c8
rpms:c10s
rpms:c8s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c9s
rpms:imports/c10s/libmspack-0.10.1-0.14.alpha.el10
rpms:imports/c10s/libmspack-0.10.1-0.13.alpha.el10
rpms:imports/c9/libmspack-0.10.1-0.7.alpha.el9
rpms:imports/c9-beta/libmspack-0.10.1-0.7.alpha.el9
rpms:imports/c8-beta/libmspack-0.7-0.3.alpha.el8.4
rpms:imports/c8-beta/libmspack-0.7-0.1.alpha.el8.3
rpms:imports/c8s/libmspack-0.7-0.3.alpha.el8.4
rpms:imports/c8/libmspack-0.7-0.3.alpha.el8.4
rpms:imports/c8/libmspack-0.7-0.1.alpha.el8.3
...
pull from: rpms:c9
Branches Tags
rpms:c10s
rpms:c8s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c8
rpms:c9s
rpms:imports/c10s/libmspack-0.10.1-0.14.alpha.el10
rpms:imports/c10s/libmspack-0.10.1-0.13.alpha.el10
rpms:imports/c9/libmspack-0.10.1-0.7.alpha.el9
rpms:imports/c9-beta/libmspack-0.10.1-0.7.alpha.el9
rpms:imports/c8-beta/libmspack-0.7-0.3.alpha.el8.4
rpms:imports/c8-beta/libmspack-0.7-0.1.alpha.el8.3
rpms:imports/c8s/libmspack-0.7-0.3.alpha.el8.4
rpms:imports/c8/libmspack-0.7-0.3.alpha.el8.4
rpms:imports/c8/libmspack-0.7-0.1.alpha.el8.3

No commits in common. "c8" and "c9" have entirely different histories.
c8 ... c9

7 changed files with 50 additions and 204 deletions
Show Stats Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/libmspack-v0.7alpha.tar.gz SOURCES/libmspack-0.10.1alpha.tar.gz

2
.libmspack.metadata
View File

@ -1 +1 @@
06dfa4e7157ec817f81a62320596f238c66220f6 SOURCES/libmspack-v0.7alpha.tar.gz 82a6a102a2422d4d61bdd00f059bd3978409ca5f SOURCES/libmspack-0.10.1alpha.tar.gz

36
SOURCES/0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch
View File

@ -1,36 +0,0 @@
From b86a2e455cc4d3f586367ab05af1f1be00c6df65 Mon Sep 17 00:00:00 2001
From: Stuart Caie <kyzer@cabextract.org.uk>
Date: Wed, 17 Oct 2018 11:29:03 +0100
Subject: [PATCH 1/3] Avoid returning CHM file entries that are "blank" because
they have embedded null bytes
(cherry picked from commit 8759da8db6ec9e866cb8eb143313f397f925bb4f)
---
libmspack/mspack/chmd.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/libmspack/mspack/chmd.c b/libmspack/mspack/chmd.c
index b3f7fee..1d198bf 100644
--- a/libmspack/mspack/chmd.c
+++ b/libmspack/mspack/chmd.c
@@ -447,14 +447,14 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
while (num_entries--) {
READ_ENCINT(name_len);
if (name_len > (unsigned int) (end - p)) goto chunk_end;
- /* consider blank filenames to be an error */
- if (name_len == 0) goto chunk_end;
name = p; p += name_len;
-
READ_ENCINT(section);
READ_ENCINT(offset);
READ_ENCINT(length);
+ /* ignore blank or one-char (e.g. "/") filenames we'd return as blank */
+ if (name_len < 2 || !name[0] || !name[1]) continue;
+
/* empty files and directory names are stored as a file entry at
* offset 0 with length 0. We want to keep empty files, but not
* directory names, which end with a "/" */
--
2.22.0

49
SOURCES/0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch
View File

@ -1,49 +0,0 @@
From e31767785bc0922a953bbd1ef6428bf319ba2d2b Mon Sep 17 00:00:00 2001
From: Stuart Caie <kyzer@cabextract.org.uk>
Date: Wed, 17 Oct 2018 11:33:35 +0100
Subject: [PATCH 2/3] CAB block input buffer is one byte too small for maximal
Quantum block
(cherry picked from commit 40ef1b4093d77ad3a5cfcee1f5cb6108b3a3bcc2)
---
libmspack/mspack/cab.h | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/libmspack/mspack/cab.h b/libmspack/mspack/cab.h
index 59cf95e..25cebcb 100644
--- a/libmspack/mspack/cab.h
+++ b/libmspack/mspack/cab.h
@@ -1,5 +1,5 @@
/* This file is part of libmspack.
- * (C) 2003-2004 Stuart Caie.
+ * (C) 2003-2018 Stuart Caie.
*
* libmspack is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License (LGPL) version 2.1
@@ -70,6 +70,14 @@
#define CAB_BLOCKMAX (32768)
#define CAB_INPUTMAX (CAB_BLOCKMAX+6144)
+/* input buffer needs to be CAB_INPUTMAX + 1 byte to allow for max-sized block
+ * plus 1 trailer byte added by cabd_sys_read_block() for Quantum alignment.
+ *
+ * When MSCABD_PARAM_SALVAGE is set, block size is not checked so can be
+ * up to 65535 bytes, so max input buffer size needed is 65535 + 1
+ */
+#define CAB_INPUTBUF (65535 + 1)
+
/* There are no more than 65535 data blocks per folder, so a folder cannot
* be more than 32768*65535 bytes in length. As files cannot span more than
* one folder, this is also their max offset, length and offset+length limit.
@@ -100,7 +108,7 @@ struct mscabd_decompress_state {
struct mspack_file *infh; /* input file handle */
struct mspack_file *outfh; /* output file handle */
unsigned char *i_ptr, *i_end; /* input data consumed, end */
- unsigned char input[CAB_INPUTMAX]; /* one input block of data */
+ unsigned char input[CAB_INPUTBUF]; /* one input block of data */
};
struct mscab_decompressor_p {
--
2.22.0

56
SOURCES/0003-length-checks-when-looking-for-control-files.patch
View File

@ -1,56 +0,0 @@
From e50806b8d3eb2af019def3fa932e7edf602ce51f Mon Sep 17 00:00:00 2001
From: Stuart Caie <kyzer@cabextract.org.uk>
Date: Mon, 18 Feb 2019 13:04:58 +0000
Subject: [PATCH 3/3] length checks when looking for control files
(cherry picked from commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d)
---
libmspack/mspack/chmd.c | 32 +++++++++++++++-----------------
1 file changed, 15 insertions(+), 17 deletions(-)
diff --git a/libmspack/mspack/chmd.c b/libmspack/mspack/chmd.c
index 1d198bf..4c46db8 100644
--- a/libmspack/mspack/chmd.c
+++ b/libmspack/mspack/chmd.c
@@ -482,23 +482,21 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
fi->filename[name_len] = '\0';
if (name[0] == ':' && name[1] == ':') {
- /* system file */
- if (mspack_memcmp(&name[2], &content_name[2], 31L) == 0) {
- if (mspack_memcmp(&name[33], &content_name[33], 8L) == 0) {
- chm->sec1.content = fi;
- }
- else if (mspack_memcmp(&name[33], &control_name[33], 11L) == 0) {
- chm->sec1.control = fi;
- }
- else if (mspack_memcmp(&name[33], &spaninfo_name[33], 8L) == 0) {
- chm->sec1.spaninfo = fi;
- }
- else if (mspack_memcmp(&name[33], &rtable_name[33], 72L) == 0) {
- chm->sec1.rtable = fi;
- }
- }
- fi->next = chm->sysfiles;
- chm->sysfiles = fi;
+ /* system file */
+ if (name_len == 40 && mspack_memcmp(name, content_name, 40) == 0) {
+ chm->sec1.content = fi;
+ }
+ else if (name_len == 44 && mspack_memcmp(name, control_name, 44) == 0) {
+ chm->sec1.control = fi;
+ }
+ else if (name_len == 41 && mspack_memcmp(name, spaninfo_name, 41) == 0) {
+ chm->sec1.spaninfo = fi;
+ }
+ else if (name_len == 105 && mspack_memcmp(name, rtable_name, 105) == 0) {
+ chm->sec1.rtable = fi;
+ }
+ fi->next = chm->sysfiles;
+ chm->sysfiles = fi;
}
else {
/* normal file */
--
2.22.0

12
SOURCES/libmspack-0.4alpha-doc.patch
View File

@ -1,12 +0,0 @@
diff -up libmspack-0.4alpha/doc/Doxyfile.in.orig libmspack-0.4alpha/doc/Doxyfile.in
--- libmspack-0.4alpha/doc/Doxyfile.in.orig 2013-05-28 12:25:42.000000000 +0200
+++ libmspack-0.4alpha/doc/Doxyfile.in 2013-05-28 17:30:57.000000000 +0200
@@ -10,7 +10,7 @@ SHOW_USED_FILES = YES
INPUT = @top_srcdir@/mspack/mspack.h
FULL_PATH_NAMES = NO
GENERATE_HTML = YES
-HTML_OUTPUT = .
+HTML_OUTPUT = html
HTML_FILE_EXTENSION = .html
HTML_TIMESTAMP = NO
GENERATE_HTMLHELP = NO

97
SPECS/libmspack.spec
View File

@ -1,26 +1,19 @@
Name: libmspack Name: libmspack
Version: 0.7 Version: 0.10.1
Release: 0.3.alpha%{?dist}.4 Release: 0.7.alpha%{?dist}
Summary: Library for CAB and related files compression and decompression Summary: Library for CAB and related files compression and decompression
Group: System Environment/Libraries
License: LGPLv2 License: LGPLv2
URL: http://www.cabextract.org.uk/libmspack/ URL: http://www.cabextract.org.uk/libmspack/
#Source0: http://www.cabextract.org.uk/libmspack/%{name}-%{version}alpha.tar.gz Source0: http://www.cabextract.org.uk/libmspack/%{name}-%{version}alpha.tar.gz
Source0: https://github.com/kyz/libmspack/archive/v0.7alpha/%{name}-v0.7alpha.tar.gz #Source0: https://github.com/kyz/libmspack/archive/v%{version}alpha/%{name}-v%{version}alpha.tar.gz
Patch0: %{name}-0.4alpha-doc.patch
# Fixes for CVE-2018-18584 CVE-2018-18585
Patch1: 0001-Avoid-returning-CHM-file-entries-that-are-blank-beca.patch
Patch2: 0002-CAB-block-input-buffer-is-one-byte-too-small-for-max.patch
# Fix for CVE-CVE-2019-1010305
Patch3: 0003-length-checks-when-looking-for-control-files.patch
BuildRequires: doxygen BuildRequires: doxygen
BuildRequires: gcc BuildRequires: gcc
BuildRequires: make
# Temporarily while building from github tarball: # Temporarily while building from github tarball:
BuildRequires: autoconf, automake, libtool #BuildRequires: autoconf, automake, libtool
%description %description
@ -29,8 +22,7 @@ some loosely related file formats used by Microsoft.
%package devel %package devel
Summary: Development files for %{name} Summary: Development files for %{name}
Group: Development/Libraries Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: %{name} = %{version}-%{release}
Obsoletes: %{name}-doc < 0.2 Obsoletes: %{name}-doc < 0.2
%description devel %description devel
@ -39,31 +31,27 @@ for developing applications that use %{name}.
%prep %prep
%setup -q -n %{name}-%{version}alpha/libmspack %setup -q -n %{name}-%{version}alpha
%patch0 -p1
%patch1 -p2
%patch2 -p2
%patch3 -p2
chmod a-x mspack/mspack.h chmod a-x mspack/mspack.h
# Temporarily while building from github tarball: # Temporarily while building from github tarball:
autoreconf -i #autoreconf -fi
%build %build
CFLAGS="%{optflags} -fno-strict-aliasing" \
%configure --disable-static --disable-silent-rules %configure --disable-static --disable-silent-rules
# disable rpath the hard way # disable rpath the hard way
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
make %{?_smp_mflags} %make_build
%install %install
make install DESTDIR=$RPM_BUILD_ROOT INSTALL='install -p' %make_install
rm $RPM_BUILD_ROOT%{_libdir}/libmspack.la rm $RPM_BUILD_ROOT%{_libdir}/libmspack.la
iconv -f ISO_8859-1 -t utf8 ChangeLog --output Changelog.utf8 iconv -f ISO_8859-1 -t utf8 ChangeLog --output Changelog.utf8
@ -76,19 +64,13 @@ find html -type f | xargs touch -r %{SOURCE0}
rm -f html/installdox rm -f html/installdox
popd popd
# CVE-2018-18586: The upstream author didn't intend these examples to
# be installed and shipped, and in libmspack 0.9 they are moved into
# an examples directory in the source. chmextract contains a
# directory traversal exploit. Remove the binaries.
rm $RPM_BUILD_ROOT%{_bindir}/cabrip
rm $RPM_BUILD_ROOT%{_bindir}/chmextract
rm $RPM_BUILD_ROOT%{_bindir}/msexpand
rm $RPM_BUILD_ROOT%{_bindir}/oabextract
%ldconfig_scriptlets
%files %files
%doc README TODO COPYING.LIB ChangeLog AUTHORS %doc README TODO ChangeLog AUTHORS
%{_libdir}/%{name}.so.* %license COPYING.LIB
%{_libdir}/%{name}.so.0*
%files devel %files devel
%doc doc/html %doc doc/html
@ -98,25 +80,42 @@ rm $RPM_BUILD_ROOT%{_bindir}/oabextract
%changelog %changelog
* Fri Aug 2 2019 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.2.alpha.4 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 0.10.1-0.7.alpha
- Fix for CVE-2019-1010305 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
- Remove "fix" for CVE-2018-14680 as this fix is included in base tar ball. Related: rhbz#1991688
resolves: rhbz#1736745, rhbz#1736743
* Thu Mar 21 2019 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.2.alpha.3 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.10.1-0.6.alpha
- Add gating tests resolves: rhbz#1682770 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Dec 10 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha.3 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.1-0.5.alpha
- Fix for CVE-2018-14680 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
resolves: rhbz#1610937
* Fri Dec 7 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha.2 * Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.1-0.4.alpha
- Fixes for CVE-2018-18584 CVE-2018-18585. - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
resolves: rhbz#1644220
* Wed Nov 14 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha.1 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.1-0.3.alpha
- Remove examples (CVE-2018-18586) - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
resolves: rhbz#1648376
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.10.1-0.2.alpha
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed Jul 17 2019 Dan Horák <dan[at]danny.cz> - 0.10.1-0.1.alpha
- updated to 0.10.1alpha (fixes CVE-2019-1010305)
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.9.1-0.2.alpha
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Nov 06 2018 Rex Dieter <rdieter@fedoraproject.org> - 0.9.1-0.1.alpha
- 0.9.1alpha
- libmspack-0.8-0.1.alpha corrupts extracted cab files (#1647033)
- examples no longer installed (by default)
* Tue Oct 30 2018 Rex Dieter <rdieter@fedoraproject.org> - 0.8-0.1.alpha
- 0.8alpha
- use %%make_build %%make_install %%ldconfig_scriptlets %%license
- devel: use %%{?_isa} to tighten dep on main pkg
- drop deprecated Group: tag
- %%files: tighten to include library soname
* Wed Aug 01 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha * Wed Aug 01 2018 Richard W.M. Jones <rjones@redhat.com> - 0.7-0.1.alpha
- New upstream version 0.7alpha. - New upstream version 0.7alpha.