import sysstat-11.7.3-5.el8

2020-11-03 06:53:00 -05:00 · 2020-11-03 06:53:00 -05:00 · 9d4c82f72c
parent e5b93a5cdd
commit 9d4c82f72c
2 changed files with 57 additions and 1 deletions
--- a/SOURCES/CVE-2019-16167_memory-corruption-due-to-an-integer-overflow.patch
+++ b/SOURCES/CVE-2019-16167_memory-corruption-due-to-an-integer-overflow.patch
@ -0,0 +1,43 @@
+--- sa_common.c
+++ sa_common.c
+@@ -1249,6 +1249,11 @@
+ 	/* Remap [unsigned] long fields */
+ 	d = gtypes_nr[0] - ftypes_nr[0];
+ 	if (d) {
+    
+    if (ftypes_nr[0] * ULL_ALIGNMENT_WIDTH < ftypes_nr[0])
+			/* Overflow */
+			return;
+
+ 		memmove(((char *) ps) + gtypes_nr[0] * ULL_ALIGNMENT_WIDTH,
+ 			((char *) ps) + ftypes_nr[0] * ULL_ALIGNMENT_WIDTH,
+ 			st_size - ftypes_nr[0] * ULL_ALIGNMENT_WIDTH);
+@@ -1260,7 +1265,13 @@
+ 	/* Remap [unsigned] int fields */
+ 	d = gtypes_nr[1] - ftypes_nr[1];
+ 	if (d) {
+-		memmove(((char *) ps) + gtypes_nr[0] * ULL_ALIGNMENT_WIDTH
+		
+    if (gtypes_nr[0] * ULL_ALIGNMENT_WIDTH +
+		  ftypes_nr[1] * UL_ALIGNMENT_WIDTH < ftypes_nr[1])
+        /* Overflow */
+			  return;
+
+    memmove(((char *) ps) + gtypes_nr[0] * ULL_ALIGNMENT_WIDTH
+ 				      + gtypes_nr[1] * UL_ALIGNMENT_WIDTH,
+ 			((char *) ps) + gtypes_nr[0] * ULL_ALIGNMENT_WIDTH
+ 				      + ftypes_nr[1] * UL_ALIGNMENT_WIDTH,
+@@ -1275,6 +1286,13 @@
+ 	/* Remap possible fields (like strings of chars) following int fields */
+ 	d = gtypes_nr[2] - ftypes_nr[2];
+ 	if (d) {
+		
+    if (gtypes_nr[0] * ULL_ALIGNMENT_WIDTH +
+		  gtypes_nr[1] * UL_ALIGNMENT_WIDTH +
+		  ftypes_nr[2] * U_ALIGNMENT_WIDTH < ftypes_nr[2])	
+        /* Overflow */
+			  return;
+
+ 		memmove(((char *) ps) + gtypes_nr[0] * ULL_ALIGNMENT_WIDTH
+ 				      + gtypes_nr[1] * UL_ALIGNMENT_WIDTH
+ 				      + gtypes_nr[2] * U_ALIGNMENT_WIDTH,
--- a/SPECS/sysstat.spec
+++ b/SPECS/sysstat.spec
@ -1,7 +1,7 @@
 Summary: Collection of performance monitoring tools for Linux
 Name: sysstat
 Version: 11.7.3
-Release: 2%{?dist}
+Release: 5%{?dist}
 License: GPLv2+
 Group: Applications/System
 URL: http://sebastien.godard.pagesperso-orange.fr/
@ -11,6 +11,9 @@ Source: http://pagesperso-orange.fr/sebastien.godard/%{name}-%{version}.tar.xz
 Source10: colorsysstat.csh
 Source11: colorsysstat.sh

+# Downstream patches
+Patch01: CVE-2019-16167_memory-corruption-due-to-an-integer-overflow.patch
+
 BuildRequires: gettext, lm_sensors-devel, systemd

 Requires: findutils, xz
@ -38,6 +41,7 @@ The cifsiostat command reports I/O statistics for CIFS file systems.

 %prep
 %setup -q
+%patch01 -p0

 %build
 export CFLAGS="$RPM_OPT_FLAGS -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld"
@ -86,6 +90,15 @@ fi
 %{_localstatedir}/log/sa

 %changelog
+* Fri Jul 10 2020 Jan Macku <jamacku@redhat.com> - 11.7.3-5
+- Rebuild
+
+* Fri Apr 17 2020 Jan Macku <jamacku@redhat.com> - 11.7.3-4
+- Package onboarded to gating
+
+* Thu Feb 20 2020 Jan Macku <jamacku@redhat.com> - 11.7.3-3
+- Fix memory corruption bug due to integer overflow (#1790608)
+
 * Thu Oct 25 2018 Michal Sekletár <msekleta@redhat.com> - 11.7.3-2
 - sysstat's buildsystem doesn't really use LDFLAGS, we have to merge CFLAGS and LDFLAGS to get binaries with full RELRO (#1624177)