[kdelibs/f15] fix KTar for archives created by git archive (kde#258737)
Kevin Kofler
kkofler at fedoraproject.org
Fri Mar 9 02:34:21 UTC 2012
commit 657412153afe8d64692d53a395079a20f50b4559
Author: Kevin Kofler <Kevin at tigcc.ticalc.org>
Date: Fri Mar 9 03:33:49 2012 +0100
fix KTar for archives created by git archive (kde#258737)
* Fri Mar 09 2011 Kevin Kofler <Kevin at tigcc.ticalc.org> 4.6.5-11
- fix KTar for archives created by git archive (kde#258737)
kdelibs-4.6.5-ktar-kde#258737.patch | 66 +++++++++++++++++++++++++++++++++++
kdelibs.spec | 20 +++++++++--
2 files changed, 83 insertions(+), 3 deletions(-)
---
diff --git a/kdelibs-4.6.5-ktar-kde#258737.patch b/kdelibs-4.6.5-ktar-kde#258737.patch
new file mode 100644
index 0000000..d0570a8
--- /dev/null
+++ b/kdelibs-4.6.5-ktar-kde#258737.patch
@@ -0,0 +1,66 @@
+diff -ur kdelibs-4.6.5/kdecore/io/ktar.cpp kdelibs-4.6.5-ktar-kde#258737/kdecore/io/ktar.cpp
+--- kdelibs-4.6.5/kdecore/io/ktar.cpp 2011-04-01 15:56:18.000000000 +0200
++++ kdelibs-4.6.5-ktar-kde#258737/kdecore/io/ktar.cpp 2012-03-09 03:21:22.000000000 +0100
+@@ -179,7 +179,9 @@
+ qint64 KTar::KTarPrivate::readRawHeader( char *buffer ) {
+ // Read header
+ qint64 n = q->device()->read( buffer, 0x200 );
+- if ( n == 0x200 && buffer[0] != 0 ) {
++ // we need to test if there is a prefix value because the file name can be null
++ // and the prefix can have a value and in this case we don't reset n.
++ if ( n == 0x200 && (buffer[0] != 0 || buffer[0x159] != 0) ) {
+ // Make sure this is actually a tar header
+ if (strncmp(buffer + 257, "ustar", 5)) {
+ // The magic isn't there (broken/old tars), but maybe a correct checksum?
+@@ -234,7 +236,7 @@
+ }/*wend*/
+ // jump over the rest
+ const int skip = 0x200 - (n % 0x200);
+- if (skip < 0x200) {
++ if (skip <= 0x200) {
+ if (dev->read(buffer,skip) != skip)
+ return false;
+ }
+@@ -362,6 +364,7 @@
+ if (n == 0x200)
+ {
+ bool isdir = false;
++ bool isGlobalHeader = false;
+
+ if ( name.endsWith( QLatin1Char( '/' ) ) )
+ {
+@@ -369,6 +372,11 @@
+ name.truncate( name.length() - 1 );
+ }
+
++ QByteArray prefix = QByteArray(buffer + 0x159, 155);
++ if (prefix[0] != '\0') {
++ name = (QString::fromLatin1(prefix.constData()) + QLatin1Char('/') + name);
++ }
++
+ int pos = name.lastIndexOf( QLatin1Char('/') );
+ QString nm = ( pos == -1 ) ? name : name.mid( pos + 1 );
+
+@@ -393,7 +401,11 @@
+ char typeflag = buffer[ 0x9c ];
+ // '0' for files, '1' hard link, '2' symlink, '5' for directory
+ // (and 'L' for longlink fileNames, 'K' for longlink symlink targets)
+- // and 'D' for GNU tar extension DUMPDIR
++ // 'D' for GNU tar extension DUMPDIR, 'x' for Extended header referring
++ // to the next file in the archive and 'g' for Global extended header
++ if ( typeflag == 'g' )
++ isGlobalHeader = true;
++
+ if ( typeflag == '5' )
+ isdir = true;
+
+@@ -450,6 +462,9 @@
+ kWarning(7041) << "skipping" << skip << "failed";
+ }
+
++ if (isGlobalHeader)
++ continue;
++
+ if ( pos == -1 )
+ {
+ if (nm == QLatin1String(".")) { // special case
diff --git a/kdelibs.spec b/kdelibs.spec
index cfa31ee..fb6bef0 100644
--- a/kdelibs.spec
+++ b/kdelibs.spec
@@ -20,7 +20,7 @@
Summary: KDE Libraries
Version: 4.6.5
-Release: 10%{?dist}
+Release: 11%{?dist}
Name: kdelibs
Epoch: 6
@@ -123,9 +123,17 @@ Patch104: kdelibs-4.6.5-kconfig_sync-2.patch
Patch105: kdelibs-4.6.5-kconfig_sync-3.patch
## 4.7 upstream
-# https://projects.kde.org/projects/kde/kdelibs/repository/revisions/865e5fa4108bb3f470b9424ec34dc573d97e2473
+# http://commits.kde.org/kdelibs/865e5fa4108bb3f470b9424ec34dc573d97e2473
Patch150: kdelibs-fix_fd_leak_in_klockfile.patch
+## 4.8 upstream
+# fix KTar for archives created by git archive (kde#258737). Cumulative from:
+# http://commits.kde.org/kdelibs/380587aa431789bec06ae5653234cbb952315fc4
+# http://commits.kde.org/kdelibs/262cf5920c9c0d9619d384bcf0298615c2060b44
+# http://commits.kde.org/kdelibs/762136bc525d84215bfbcbedc995431e8b66b181
+# http://commits.kde.org/kdelibs/6e0d694b302b57883ed79a3b47c9d60bea20dc8e
+Patch160: kdelibs-4.6.5-ktar-kde#258737.patch
+
## security fix
# Not Upstreamed? why not ? -- Rex
@@ -136,7 +144,7 @@ Patch202: kdelibs-4.6.5-CVE-2011-3365-kssl.patch
# CVE-2010-0046, The Cascading Style Sheets (CSS) implementation in khtml/WebKit
# allows remote attackers to execute arbitrary code or cause a denial of service
# (memory corruption and application crash) via crafted format arguments.
-Patch203: kdelibs-4.6.5-CVE-2010-0046.patch
+Patch203: kdelibs-4.6.5-CVE-2010-0046.patch
## Fedora specific patches
# make forcefully hal-free build
@@ -323,6 +331,9 @@ sed -i -e "s|@@VERSION_RELEASE@@|%{version}-%{release}|" kio/kio/kprotocolmanage
# 4.7 backported patches
%patch150 -p1 -b .fix_leak_in_klockfile
+# 4.8 backported patches
+%patch160 -p1 -b .ktar-kde#258737
+
# security fix
%patch200 -p1 -b .CVE-2009-2702
%patch201 -p1 -b .CVE-2011-3365-kio
@@ -578,6 +589,9 @@ rm -rf %{buildroot}
%changelog
+* Fri Mar 09 2011 Kevin Kofler <Kevin at tigcc.ticalc.org> 4.6.5-11
+- fix KTar for archives created by git archive (kde#258737)
+
* Fri Nov 18 2011 Rex Dieter <rdieter at fedoraproject.org> 4.6.5-10
- CVE-2010-0046, security issue in khtml
More information about the scm-commits
mailing list