[libarchive/el5] Fix ISO support, regression introduced with CVE-2011-1777 (#705849 coment 23)
Niels de Vos
devos at fedoraproject.org
Tue Mar 6 12:11:46 UTC 2012
commit 091b7b59b4b8b4eac9730a29f10f351fc2053346
Author: Niels de Vos <devos at fedoraproject.org>
Date: Tue Mar 6 12:47:28 2012 +0100
Fix ISO support, regression introduced with CVE-2011-1777 (#705849 coment 23)
libarchive-2.8.4-CVE-2011-1777.patch | 36 ++++++++++++++++++++++++---------
libarchive.spec | 5 +++-
2 files changed, 30 insertions(+), 11 deletions(-)
---
diff --git a/libarchive-2.8.4-CVE-2011-1777.patch b/libarchive-2.8.4-CVE-2011-1777.patch
index 6f77337..2657c04 100644
--- a/libarchive-2.8.4-CVE-2011-1777.patch
+++ b/libarchive-2.8.4-CVE-2011-1777.patch
@@ -1,6 +1,7 @@
-diff -urN a/libarchive/archive_read_support_format_iso9660.c b/libarchive/archive_read_support_format_iso9660.c
---- a/libarchive/archive_read_support_format_iso9660.c 2011-09-16 14:21:15.996720821 -0300
-+++ b/libarchive/archive_read_support_format_iso9660.c 2011-09-16 14:47:16.159293897 -0300
+Index: libarchive-2.8.4/libarchive/archive_read_support_format_iso9660.c
+===================================================================
+--- libarchive-2.8.4/libarchive/archive_read_support_format_iso9660.c
++++ libarchive-2.8.4/libarchive/archive_read_support_format_iso9660.c 2012-01-01 03:11:38.424123879 +0200
@@ -405,12 +405,12 @@
static inline void cache_add_to_next_of_parent(struct iso9660 *iso9660,
struct file_info *file);
@@ -17,18 +18,22 @@ diff -urN a/libarchive/archive_read_support_format_iso9660.c b/libarchive/archiv
#define next_entry(iso9660) \
heap_get_entry(&((iso9660)->pending_files))
-@@ -968,8 +968,9 @@
+@@ -967,10 +967,11 @@
+ child = parse_file_info(a, parent, p);
if (child == NULL)
return (ARCHIVE_FATAL);
- if (child->cl_offset)
+- if (child->cl_offset)
- heap_add_entry(&(iso9660->cl_files),
- child, child->cl_offset);
+- else {
++ if (child->cl_offset) {
+ if (heap_add_entry(a, &(iso9660->cl_files),
+ child, child->cl_offset) != ARCHIVE_OK)
+ return (ARCHIVE_FATAL);
- else {
++ } else {
if (child->multi_extent || multi != NULL) {
struct content *con;
+
@@ -993,15 +994,19 @@
con->next = NULL;
*multi->contents.last = con;
@@ -74,16 +79,19 @@ diff -urN a/libarchive/archive_read_support_format_iso9660.c b/libarchive/archiv
return (0);
}
-@@ -1063,20 +1071,23 @@
+@@ -1062,21 +1070,24 @@
+ (strcmp(file->name.s, "rr_moved") == 0 ||
strcmp(file->name.s, ".rr_moved") == 0)) {
iso9660->rr_moved = file;
- } else if (file->re)
+- } else if (file->re)
- heap_add_entry(&(iso9660->re_dirs), file,
- file->offset);
+- else
++ } else if (file->re) {
+ if (heap_add_entry(a, &(iso9660->re_dirs), file,
+ file->offset) != ARCHIVE_OK)
+ return (ARCHIVE_FATAL);
- else
++ } else
cache_add_entry(iso9660, file);
}
if (file != NULL)
@@ -146,7 +154,15 @@ diff -urN a/libarchive/archive_read_support_format_iso9660.c b/libarchive/archiv
memcpy(new_pending_files, heap->files,
heap->allocated * sizeof(new_pending_files[0]));
if (heap->files != NULL)
-@@ -2665,6 +2683,8 @@
+@@ -2658,13 +2676,15 @@
+ parent_key = heap->files[parent]->key;
+ if (file_key >= parent_key) {
+ heap->files[hole] = file;
+- return;
++ return (ARCHIVE_OK);
+ }
+ // Move parent into hole <==> move hole up tree.
+ heap->files[hole] = heap->files[parent];
hole = parent;
}
heap->files[0] = file;
diff --git a/libarchive.spec b/libarchive.spec
index 4c5c649..263e5ed 100644
--- a/libarchive.spec
+++ b/libarchive.spec
@@ -1,6 +1,6 @@
Name: libarchive
Version: 2.8.4
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: A library for handling streaming archive formats
Group: System Environment/Libraries
@@ -94,6 +94,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Sat Jan 14 2012 Niels de Vos <devos at fedoraproject.org> - 2.8.4-5
+- Fix ISO support, regression introduced with CVE-2011-1777 (#705849 coment 23)
+
* Sat Jan 14 2012 Niels de Vos <devos at fedoraproject.org> - 2.8.4-4
- Security fixes (CVE-2011-1777, CVE-2011-1778) (#773505)
More information about the scm-commits
mailing list