diff --git a/microcode_ctl-1.17-getopt.patch b/microcode_ctl-1.17-getopt.patch new file mode 100644 index 0000000..ce5b295 --- /dev/null +++ b/microcode_ctl-1.17-getopt.patch @@ -0,0 +1,23 @@ +diff -up microcode_ctl-1.17/microcode_ctl.c.getopt microcode_ctl-1.17/microcode_ctl.c +--- microcode_ctl-1.17/microcode_ctl.c.getopt 2011-12-22 13:15:55.073783568 +0100 ++++ microcode_ctl-1.17/microcode_ctl.c 2011-12-22 13:14:22.000000000 +0100 +@@ -151,7 +151,8 @@ int main(int argc, char *argv[]) + break; + + case 'd': +- strcpy(device, optarg); ++ strncpy(device, optarg, sizeof(device)); ++ device[sizeof(device)-1] = '\0'; /* ensure null terminated */ + break; + + case 'u': /* do a microcode upload */ +@@ -160,7 +161,8 @@ int main(int argc, char *argv[]) + + case 'f': /* set microcode file to optarg and upload */ + upload++; +- strcpy(filename, optarg); ++ strncpy(filename, optarg, sizeof(filename)); ++ filename[sizeof(filename)-1] = '\0'; /* ensure null terminated */ + break; + + case '?': diff --git a/microcode_ctl.spec b/microcode_ctl.spec index 1321e73..d1b91b4 100644 --- a/microcode_ctl.spec +++ b/microcode_ctl.spec @@ -1,7 +1,7 @@ Summary: Tool to update x86/x86-64 CPU microcode. Name: microcode_ctl Version: 1.17 -Release: 20%{?dist} +Release: 21%{?dist} Epoch: 1 Group: System Environment/Base License: GPLv2+ and Redistributable, no modification permitted @@ -23,6 +23,7 @@ ExclusiveArch: %{ix86} x86_64 Patch1: microcode_ctl.patch Patch2: microcode_ctl-manpage-0.patch +Patch3: microcode_ctl-1.17-getopt.patch %description microcode_ctl - updates the microcode on Intel and AMD x86/x86-64 CPU's @@ -31,6 +32,7 @@ microcode_ctl - updates the microcode on Intel and AMD x86/x86-64 CPU's %setup -q %patch1 -p1 %patch2 -p1 +%patch3 -p1 tar xf %{SOURCE3} %build @@ -83,6 +85,9 @@ exit 0 %changelog +* Thu Dec 22 2011 Anton Arapov 1.17-21 +- Fix a segfault that may be triggered by very long parameter [#768803] + * Tue Dec 13 2011 Anton Arapov 1.17-20 - Update to microcode-20111110.dat