[libcap/f18] add patch from Mark Wielaard to fix use of uninitialized memory in _fcaps_load, rhbz #911878
Karsten Hopp
karsten at fedoraproject.org
Tue May 14 09:54:14 UTC 2013
commit b86f2aecd78befd7a9758046843257d767afa917
Author: Karsten Hopp <karsten at redhat.com>
Date: Tue May 14 11:54:08 2013 +0200
add patch from Mark Wielaard to fix use of uninitialized memory in _fcaps_load, rhbz #911878
libcap-2.22-signed-sizeof-compare.patch | 21 +++++++++++++++++++++
libcap.spec | 8 +++++++-
2 files changed, 28 insertions(+), 1 deletions(-)
---
diff --git a/libcap-2.22-signed-sizeof-compare.patch b/libcap-2.22-signed-sizeof-compare.patch
new file mode 100644
index 0000000..4ada3fa
--- /dev/null
+++ b/libcap-2.22-signed-sizeof-compare.patch
@@ -0,0 +1,21 @@
+diff -up libcap-2.22/libcap/cap_file.c.911878 libcap-2.22/libcap/cap_file.c
+--- libcap-2.22/libcap/cap_file.c.911878 2013-05-14 11:45:25.569448468 +0200
++++ libcap-2.22/libcap/cap_file.c 2013-05-14 11:47:04.712036407 +0200
+@@ -187,7 +187,7 @@ cap_t cap_get_fd(int fildes)
+ /* fill the capability sets via a system call */
+ sizeofcaps = fgetxattr(fildes, XATTR_NAME_CAPS,
+ &rawvfscap, sizeof(rawvfscap));
+- if (sizeofcaps < sizeof(rawvfscap.magic_etc)) {
++ if (sizeofcaps < (int) sizeof(rawvfscap.magic_etc)) {
+ cap_free(result);
+ result = NULL;
+ } else {
+@@ -217,7 +217,7 @@ cap_t cap_get_file(const char *filename)
+ /* fill the capability sets via a system call */
+ sizeofcaps = getxattr(filename, XATTR_NAME_CAPS,
+ &rawvfscap, sizeof(rawvfscap));
+- if (sizeofcaps < sizeof(rawvfscap.magic_etc)) {
++ if (sizeofcaps < (int) sizeof(rawvfscap.magic_etc)) {
+ cap_free(result);
+ result = NULL;
+ } else {
diff --git a/libcap.spec b/libcap.spec
index d377c60..f5b1d03 100644
--- a/libcap.spec
+++ b/libcap.spec
@@ -1,8 +1,9 @@
Name: libcap
Version: 2.22
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: Library for getting and setting POSIX.1e capabilities
Source: http://www.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/%{name}-%{version}.tar.bz2
+Patch0: libcap-2.22-signed-sizeof-compare.patch
URL: http://ftp.kernel.org/pub/linux/libs/security/linux-privs/kernel-2.6/
License: LGPLv2+
@@ -30,6 +31,7 @@ libcap.
%prep
%setup -q
+%patch0 -p1
%build
# libcap can not be build with _smp_mflags:
@@ -76,6 +78,10 @@ chmod +x ${RPM_BUILD_ROOT}/%{_lib}/*.so.*
rm -rf ${RPM_BUILD_ROOT}
%changelog
+* Tue May 14 2013 Karsten Hopp <karsten at redhat.com> 2.22-4
+- add patch from Mark Wielaard to fix use of uninitialized memory in _fcaps_load
+ rhbz #911878
+
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.22-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
More information about the scm-commits
mailing list