rpms/gzip/F-13 gzip-1.3.13-crc-error.patch, NONE, 1.1 gzip.spec, 1.53, 1.54
Karel Klíč
kklic at fedoraproject.org
Mon Jun 28 14:44:52 UTC 2010
- Previous message: File amanda-3.1.0.tar.gz uploaded to lookaside cache by jgorig
- Next message: rpms/amanda/devel amanda-3.1.0-example.patch, NONE, 1.1 amanda-3.1.0-ftbfs.patch, NONE, 1.1 .cvsignore, 1.17, 1.18 amanda-xinetd, 1.6, 1.7 amanda.spec, 1.70, 1.71 sources, 1.17, 1.18
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kklic
Update of /cvs/extras/rpms/gzip/F-13
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv28542
Modified Files:
gzip.spec
Added Files:
gzip-1.3.13-crc-error.patch
Log Message:
Added a patch to fix CRC error on valid file
gzip-1.3.13-crc-error.patch:
inflate.c | 2 +-
tests/memcpy-abuse | 1 -
2 files changed, 1 insertion(+), 2 deletions(-)
--- NEW FILE gzip-1.3.13-crc-error.patch ---
>From b9e94c93df914bd1d9eec9f150b2e4e00702ae7b Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering at redhat.com>
Date: Sun, 10 Jan 2010 19:53:10 +0000
Subject: gzip -d would fail with a CRC error...
...for some inputs, and some memcpy implementations. It is possible
that an offending input has to be compressed "from FAT filesystem
(MS-DOS, OS/2, NT)", since the sole reproducer no longer evokes a
CRC error when uncompressed and recompressed on a GNU/Linux system.
Also, using an unpatched reverse-memcpy-gzip on over 100,000 inputs
on a GNU/Linux system did not turn up another reproducer.
* inflate.c (inflate_codes): Don't call memcpy with overlapping regions.
Properly detect when source and destination overlap.
* tests/memcpy-abuse: New test, to trigger misbehavior.
* Makefile.am (TESTS): Add it.
* NEWS (Bug fixes): Mention it.
Reported by Alain Magloire in
http://thread.gmane.org/gmane.comp.gnu.gzip.bugs/307
---
diff --git a/inflate.c b/inflate.c
index affab37..5b68314 100644
--- a/inflate.c
+++ b/inflate.c
@@ -589,7 +589,7 @@ int bl, bd; /* number of bits decoded by tl[] and td[] */
do {
n -= (e = (e = WSIZE - ((d &= WSIZE-1) > w ? d : w)) > n ? n : e);
#if !defined(NOMEMCPY) && !defined(DEBUG)
- if (w - d >= e) /* (this test assumes unsigned comparison) */
+ if (d < w && w - d >= e)
{
memcpy(slide + w, slide + d, e);
w += e;
diff --git a/tests/memcpy-abuse b/tests/memcpy-abuse
new file mode 100755
index 0000000..8f2abd5
--
cgit v0.8.2.1
Index: gzip.spec
===================================================================
RCS file: /cvs/extras/rpms/gzip/F-13/gzip.spec,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -p -r1.53 -r1.54
--- gzip.spec 22 Feb 2010 15:54:07 -0000 1.53
+++ gzip.spec 28 Jun 2010 14:44:51 -0000 1.54
@@ -1,7 +1,7 @@
Summary: The GNU data compression program
Name: gzip
Version: 1.3.13
-Release: 3%{?dist}
+Release: 4%{?dist}
# info pages are under GFDL license
License: GPLv3+ and GFDL
Group: Applications/File
@@ -21,6 +21,9 @@ Patch10: gzip-1.3.12-cve-2010-0001.patch
# Fixed in upstream code.
# http://thread.gmane.org/gmane.comp.gnu.gzip.bugs/378
Patch11: gzip-1.3.13-noemptysuffix.patch
+# Fixed in upstream code.
+# http://git.savannah.gnu.org/cgit/gzip.git/commit/?id=b9e94c93df914bd1d9eec9f150b2e4e00702ae7b
+Patch12: gzip-1.3.13-crc-error.patch
URL: http://www.gzip.org/
Requires: /sbin/install-info
Requires: mktemp less
@@ -48,6 +51,7 @@ very commonly used data compression prog
%patch9 -p1 -b .ret
%patch10 -p1 -b .cve-2010-0001
%patch11 -p1 -b .noemptysuffix
+%patch12 -p1 -b .crc-error
%build
export DEFS="NO_ASM"
@@ -99,6 +103,9 @@ fi
%{_infodir}/gzip.info*
%changelog
+* Mon Jun 28 2010 Karel Klic <kklic at redhat.com> - 1.3.13-4
+- Added a patch to fix CRC error on valid file (rhbz#588644)
+
* Mon Feb 22 2010 Karel Klic <kklic at redhat.com> - 1.3.13-3
- Added a patch to disallow -S '' parameter (noemptysuffix)
- Previous message: File amanda-3.1.0.tar.gz uploaded to lookaside cache by jgorig
- Next message: rpms/amanda/devel amanda-3.1.0-example.patch, NONE, 1.1 amanda-3.1.0-ftbfs.patch, NONE, 1.1 .cvsignore, 1.17, 1.18 amanda-xinetd, 1.6, 1.7 amanda.spec, 1.70, 1.71 sources, 1.17, 1.18
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list