import libtar-1.2.20-17.el8
This commit is contained in:
parent
4369215213
commit
eb38d4f64a
40
SOURCES/libtar-1.2.20-CVE-2021-33643-CVE-2021-33644.patch
Normal file
40
SOURCES/libtar-1.2.20-CVE-2021-33643-CVE-2021-33644.patch
Normal file
@ -0,0 +1,40 @@
|
||||
From 3936c7aa74d89e7a91dfbb2c1b7bfcad58a0355d Mon Sep 17 00:00:00 2001
|
||||
From: shixuantong <1726671442@qq.com>
|
||||
Date: Wed, 6 Apr 2022 17:40:57 +0800
|
||||
Subject: [PATCH 1/2] Ensure that sz is greater than 0.
|
||||
|
||||
---
|
||||
lib/block.c | 10 ++++++++++
|
||||
1 file changed, 10 insertions(+)
|
||||
|
||||
diff --git a/lib/block.c b/lib/block.c
|
||||
index 092bc28..f12c4bc 100644
|
||||
--- a/lib/block.c
|
||||
+++ b/lib/block.c
|
||||
@@ -118,6 +118,11 @@ th_read(TAR *t)
|
||||
if (TH_ISLONGLINK(t))
|
||||
{
|
||||
sz = th_get_size(t);
|
||||
+ if ((int)sz <= 0)
|
||||
+ {
|
||||
+ errno = EINVAL;
|
||||
+ return -1;
|
||||
+ }
|
||||
blocks = (sz / T_BLOCKSIZE) + (sz % T_BLOCKSIZE ? 1 : 0);
|
||||
if (blocks > ((size_t)-1 / T_BLOCKSIZE))
|
||||
{
|
||||
@@ -168,6 +173,11 @@ th_read(TAR *t)
|
||||
if (TH_ISLONGNAME(t))
|
||||
{
|
||||
sz = th_get_size(t);
|
||||
+ if ((int)sz <= 0)
|
||||
+ {
|
||||
+ errno = EINVAL;
|
||||
+ return -1;
|
||||
+ }
|
||||
blocks = (sz / T_BLOCKSIZE) + (sz % T_BLOCKSIZE ? 1 : 0);
|
||||
if (blocks > ((size_t)-1 / T_BLOCKSIZE))
|
||||
{
|
||||
--
|
||||
2.37.1
|
||||
|
30
SOURCES/libtar-1.2.20-CVE-2021-33645-CVE-2021-33646.patch
Normal file
30
SOURCES/libtar-1.2.20-CVE-2021-33645-CVE-2021-33646.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From 78e95da690556874baac96dd1d655e577c6d8e95 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Tue, 4 Oct 2022 10:39:35 +0200
|
||||
Subject: [PATCH] free memory allocated by gnu_long* fields
|
||||
|
||||
---
|
||||
lib/handle.c | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/lib/handle.c b/lib/handle.c
|
||||
index 28a7dc2..18bd8dc 100644
|
||||
--- a/lib/handle.c
|
||||
+++ b/lib/handle.c
|
||||
@@ -122,8 +122,11 @@ tar_close(TAR *t)
|
||||
libtar_hash_free(t->h, ((t->oflags & O_ACCMODE) == O_RDONLY
|
||||
? free
|
||||
: (libtar_freefunc_t)tar_dev_free));
|
||||
- if (t->th_pathname != NULL)
|
||||
- free(t->th_pathname);
|
||||
+
|
||||
+ free(t->th_pathname);
|
||||
+ free(t->th_buf.gnu_longname);
|
||||
+ free(t->th_buf.gnu_longlink);
|
||||
+
|
||||
free(t);
|
||||
|
||||
return i;
|
||||
--
|
||||
2.38.1
|
||||
|
@ -1,7 +1,7 @@
|
||||
Summary: Tar file manipulation API
|
||||
Name: libtar
|
||||
Version: 1.2.20
|
||||
Release: 15%{?dist}
|
||||
Release: 17%{?dist}
|
||||
License: MIT
|
||||
URL: http://repo.or.cz/libtar.git
|
||||
Source: http://repo.or.cz/libtar.git/snapshot/refs/tags/v1.2.20.tar.gz#/libtar-v1.2.20.tar.gz
|
||||
@ -14,6 +14,12 @@ Patch7: libtar-1.2.20-no-static-buffer.patch
|
||||
# fix programming mistakes detected by static analysis (#1602596)
|
||||
Patch8: libtar-1.2.20-static-analysis.patch
|
||||
|
||||
# fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644)
|
||||
Patch9: libtar-1.2.20-CVE-2021-33643-CVE-2021-33644.patch
|
||||
|
||||
# fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646)
|
||||
Patch10: libtar-1.2.20-CVE-2021-33645-CVE-2021-33646.patch
|
||||
|
||||
BuildRequires: libtool
|
||||
BuildRequires: zlib-devel
|
||||
|
||||
@ -71,6 +77,13 @@ rm $RPM_BUILD_ROOT%{_libdir}/*.la
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Dec 19 2022 Kamil Dudka <kdudka@redhat.com> - 1.2.20-17
|
||||
- fix use-after-free bugs introduced by incorrect memleak fixes (CVE-2021-33640)
|
||||
|
||||
* Fri Aug 26 2022 Kamil Dudka <kdudka@redhat.com> - 1.2.20-16
|
||||
- fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646)
|
||||
- fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644)
|
||||
|
||||
* Wed Nov 07 2018 Kamil Dudka <kdudka@redhat.com> - 1.2.20-15
|
||||
- fix programming mistakes detected by static analysis (#1602596)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user