From 2d5212bcb06da4d006122a4b2d16894f498278af Mon Sep 17 00:00:00 2001
From: James Antill <jantill@redhat.com>
Date: Tue, 7 Jun 2022 00:08:44 -0400
Subject: [PATCH] Auto sync2gitlab import of squashfs-tools-4.3-20.el8.src.rpm

---
 bz2000637.patch     | 204 --------------------------------------------
 squashfs-tools.spec |   9 +-
 2 files changed, 1 insertion(+), 212 deletions(-)
 delete mode 100644 bz2000637.patch

diff --git a/bz2000637.patch b/bz2000637.patch
deleted file mode 100644
index 5fab064..0000000
--- a/bz2000637.patch
+++ /dev/null
@@ -1,204 +0,0 @@
-diff -Nupr a/squashfs-tools/Makefile b/squashfs-tools/Makefile
---- a/squashfs-tools/Makefile	2021-10-08 12:02:28.881477426 -0500
-+++ b/squashfs-tools/Makefile	2021-10-08 11:47:05.503307841 -0500
-@@ -117,7 +117,7 @@ MKSQUASHFS_OBJS = mksquashfs.o read_fs.o
- 	caches-queues-lists.o
- 
- UNSQUASHFS_OBJS = unsquashfs.o unsquash-1.o unsquash-2.o unsquash-3.o \
--	unsquash-4.o swap.o compressor.o unsquashfs_info.o
-+	unsquash-4.o unsquash-1234.o swap.o compressor.o unsquashfs_info.o
- 
- CFLAGS ?= -O2
- CFLAGS += $(EXTRA_CFLAGS) $(INCLUDEDIR) -D_FILE_OFFSET_BITS=64 \
-@@ -292,6 +292,8 @@ unsquash-3.o: unsquashfs.h unsquash-3.c
- unsquash-4.o: unsquashfs.h unsquash-4.c squashfs_fs.h squashfs_swap.h \
- 	read_fs.h
- 
-+unsquash-1234.o: unsquash-1234.c
-+
- unsquashfs_xattr.o: unsquashfs_xattr.c unsquashfs.h squashfs_fs.h xattr.h
- 
- unsquashfs_info.o: unsquashfs.h squashfs_fs.h
-diff -Nupr a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c
---- a/squashfs-tools/unsquash-1234.c	1969-12-31 18:00:00.000000000 -0600
-+++ b/squashfs-tools/unsquash-1234.c	2021-10-08 11:49:06.032243697 -0500
-@@ -0,0 +1,58 @@
-+/*
-+ * Unsquash a squashfs filesystem.  This is a highly compressed read only
-+ * filesystem.
-+ *
-+ * Copyright (c) 2021
-+ * Phillip Lougher <phillip@squashfs.org.uk>
-+ *
-+ * This program is free software; you can redistribute it and/or
-+ * modify it under the terms of the GNU General Public License
-+ * as published by the Free Software Foundation; either version 2,
-+ * or (at your option) any later version.
-+ *
-+ * This program is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-+ * GNU General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU General Public License
-+ * along with this program; if not, write to the Free Software
-+ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-+ *
-+ * unsquash-1234.c
-+ *
-+ * Helper functions used by unsquash-1, unsquash-2, unsquash-3 and
-+ * unsquash-4.
-+ */
-+
-+#define TRUE 1
-+#define FALSE 0
-+/*
-+ * Check name for validity, name should not
-+ *  - be ".", "./", or
-+ *  - be "..", "../" or
-+ *  - have a "/" anywhere in the name, or
-+ *  - be shorter than the expected size
-+ */
-+int check_name(char *name, int size)
-+{
-+	char *start = name;
-+
-+	if(name[0] == '.') {
-+		if(name[1] == '.')
-+			name++;
-+		if(name[1] == '/' || name[1] == '\0')
-+			return FALSE;
-+	}
-+
-+	while(name[0] != '/' && name[0] != '\0')
-+		name ++;
-+
-+	if(name[0] == '/')
-+		return FALSE;
-+
-+	if((name - start) != size)
-+		return FALSE;
-+
-+	return TRUE;
-+}
-diff -Nupr a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c
---- a/squashfs-tools/unsquash-1.c	2014-03-08 23:31:59.000000000 -0600
-+++ b/squashfs-tools/unsquash-1.c	2021-10-08 11:51:18.827274779 -0500
-@@ -2,7 +2,7 @@
-  * Unsquash a squashfs filesystem.  This is a highly compressed read only
-  * filesystem.
-  *
-- * Copyright (c) 2009, 2010, 2011, 2012
-+ * Copyright (c) 2009, 2010, 2011, 2012, 2021
-  * Phillip Lougher <phillip@squashfs.org.uk>
-  *
-  * This program is free software; you can redistribute it and/or
-@@ -285,6 +285,13 @@ struct dir *squashfs_opendir_1(unsigned
- 			memcpy(dire->name, directory_table + bytes,
- 				dire->size + 1);
- 			dire->name[dire->size + 1] = '\0';
-+
-+			/* check name for invalid characters (i.e /, ., ..) */
-+			if(check_name(dire->name, dire->size + 1) == FALSE) {
-+				ERROR("File system corrupted: invalid characters in name\n");
-+				goto corrupted;
-+			}
-+
- 			TRACE("squashfs_opendir: directory entry %s, inode "
- 				"%d:%d, type %d\n", dire->name,
- 				dirh.start_block, dire->offset, dire->type);
-diff -Nupr a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c
---- a/squashfs-tools/unsquash-3.c	2014-03-08 23:31:59.000000000 -0600
-+++ b/squashfs-tools/unsquash-3.c	2021-10-08 11:56:30.881697731 -0500
-@@ -2,7 +2,7 @@
-  * Unsquash a squashfs filesystem.  This is a highly compressed read only
-  * filesystem.
-  *
-- * Copyright (c) 2009, 2010, 2011, 2012, 2013
-+ * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2021
-  * Phillip Lougher <phillip@squashfs.org.uk>
-  *
-  * This program is free software; you can redistribute it and/or
-@@ -363,6 +363,13 @@ struct dir *squashfs_opendir_3(unsigned
- 			memcpy(dire->name, directory_table + bytes,
- 				dire->size + 1);
- 			dire->name[dire->size + 1] = '\0';
-+
-+			/* check name for invalid characters (i.e /, ., ..) */
-+			if(check_name(dire->name, dire->size + 1) == FALSE) {
-+				ERROR("File system corrupted: invalid characters in name\n");
-+				goto corrupted;
-+			}
-+			
- 			TRACE("squashfs_opendir: directory entry %s, inode "
- 				"%d:%d, type %d\n", dire->name,
- 				dirh.start_block, dire->offset, dire->type);
-diff -Nupr a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
---- a/squashfs-tools/unsquash-4.c	2021-10-08 12:02:28.879477411 -0500
-+++ b/squashfs-tools/unsquash-4.c	2021-10-08 11:57:20.357081890 -0500
-@@ -2,7 +2,7 @@
-  * Unsquash a squashfs filesystem.  This is a highly compressed read only
-  * filesystem.
-  *
-- * Copyright (c) 2009, 2010, 2011, 2012, 2013
-+ * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2021
-  * Phillip Lougher <phillip@squashfs.org.uk>
-  *
-  * This program is free software; you can redistribute it and/or
-@@ -332,6 +332,13 @@ struct dir *squashfs_opendir_4(unsigned
- 			memcpy(dire->name, directory_table + bytes,
- 				dire->size + 1);
- 			dire->name[dire->size + 1] = '\0';
-+
-+			/* check name for invalid characters (i.e /, ., ..) */
-+			if(check_name(dire->name, dire->size + 1) == FALSE) {
-+				ERROR("File system corrupted: invalid characters in name\n");
-+				goto corrupted;
-+			}
-+
- 			TRACE("squashfs_opendir: directory entry %s, inode "
- 				"%d:%d, type %d\n", dire->name,
- 				dirh.start_block, dire->offset, dire->type);
-diff -Nupr a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c
---- a/squashfs-tools/unsquashfs.c	2021-10-08 12:02:28.888477481 -0500
-+++ b/squashfs-tools/unsquashfs.c	2021-10-08 11:59:29.508084687 -0500
-@@ -3,7 +3,7 @@
-  * filesystem.
-  *
-  * Copyright (c) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011,
-- * 2012, 2013, 2014
-+ * 2012, 2013, 2014, 2021
-  * Phillip Lougher <phillip@squashfs.org.uk>
-  *
-  * This program is free software; you can redistribute it and/or
-@@ -2478,8 +2478,8 @@ int parse_number(char *arg, int *res)
- 
- 
- #define VERSION() \
--	printf("unsquashfs version 4.3 (2014/05/12)\n");\
--	printf("copyright (C) 2014 Phillip Lougher "\
-+	printf("unsquashfs version 4.3 (2021/10/8)\n");\
-+	printf("copyright (C) 2021 Phillip Lougher "\
- 		"<phillip@squashfs.org.uk>\n\n");\
-     	printf("This program is free software; you can redistribute it and/or"\
- 		"\n");\
-diff -Nupr a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h
---- a/squashfs-tools/unsquashfs.h	2014-05-09 23:54:13.000000000 -0500
-+++ b/squashfs-tools/unsquashfs.h	2021-10-08 12:01:00.424790607 -0500
-@@ -4,7 +4,7 @@
-  * Unsquash a squashfs filesystem.  This is a highly compressed read only
-  * filesystem.
-  *
-- * Copyright (c) 2009, 2010, 2013, 2014
-+ * Copyright (c) 2009, 2010, 2013, 2014, 2021
-  * Phillip Lougher <phillip@squashfs.org.uk>
-  *
-  * This program is free software; you can redistribute it and/or
-@@ -275,4 +275,7 @@ extern struct inode *read_inode_4(unsign
- extern struct dir *squashfs_opendir_4(unsigned int, unsigned int,
- 	struct inode **);
- extern int read_uids_guids_4();
-+
-+/* unsquash-1234.c */
-+extern int check_name(char *, int);
- #endif
diff --git a/squashfs-tools.spec b/squashfs-tools.spec
index 6736a04..9e804ff 100644
--- a/squashfs-tools.spec
+++ b/squashfs-tools.spec
@@ -1,7 +1,7 @@
 Summary: Utility for the creation of squashfs filesystems
 Name: squashfs-tools
 Version: 4.3
-Release: 21%{?dist}
+Release: 20%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 URL: http://squashfs.sourceforge.net/
@@ -37,8 +37,6 @@ Patch8: bz1716278.patch
 Patch9: bz1754815.patch
 # rhbz 1895017
 Patch10: bz1895017.patch
-# rhbz 2000637 - CVE-2021-40153
-Patch11: bz2000637.patch
 
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires: zlib-devel
@@ -64,7 +62,6 @@ contains the utilities for manipulating squashfs filesystems.
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
-%patch11 -p1
 
 %build
 pushd squashfs-tools
@@ -91,10 +88,6 @@ rm -rf %{buildroot}
 %{_sbindir}/unsquashfs
 
 %changelog
-* Fri Jun 03 2022 Abhi Das <adas@redhat.com> - 4.3-21
-- rhbz#2000637 - CVE-2021-40153 squashfs-tools: unvalidated filepaths allow writing outside of destination
-  Resolves: rhbz#2000637
-
 * Thu Feb 25 2021 Abhi Das <adas@redhat.com> - 4.3-20
 - rhbz#1895017 - unsquashfs does not preserve file capabilities
   rhbz#1754815 - Kdump: Building kdump initramfs img may fail with 'dracut: Failed making squash image' occasionally