aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2014-10-11 22:49:15 -0400
committerMark H Weaver <mhw@netris.org>2014-10-11 23:21:37 -0400
commit1b7d5242c36d82242f1148cc583ea362d3e83577 (patch)
tree811341494f3aadb17d5954483c8c7ba610c8bf6b
parent36ae58488bfeeb3bc2b314bd16ba37d06b3a13af (diff)
downloadguix-1b7d5242c36d82242f1148cc583ea362d3e83577.tar
guix-1b7d5242c36d82242f1148cc583ea362d3e83577.tar.gz
gnu: libarchive: Apply fixes including for CVE-2013-0211.
* gnu/packages/patches/libarchive-CVE-2013-0211.patch, gnu/packages/patches/libarchive-fix-lzo-test-case.patch, gnu/packages/patches/libarchive-mtree-filename-length-fix.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/backup.scm (libarchive)[source]: Add patches.
-rw-r--r--gnu-system.am3
-rw-r--r--gnu/packages/backup.scm6
-rw-r--r--gnu/packages/patches/libarchive-CVE-2013-0211.patch21
-rw-r--r--gnu/packages/patches/libarchive-fix-lzo-test-case.patch83
-rw-r--r--gnu/packages/patches/libarchive-mtree-filename-length-fix.patch18
5 files changed, 130 insertions, 1 deletions
diff --git a/gnu-system.am b/gnu-system.am
index 6028527e44..2d2eb0631f 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -359,6 +359,9 @@ dist_patch_DATA = \
gnu/packages/patches/inkscape-stray-comma.patch \
gnu/packages/patches/jbig2dec-ignore-testtest.patch \
gnu/packages/patches/kmod-module-directory.patch \
+ gnu/packages/patches/libarchive-CVE-2013-0211.patch \
+ gnu/packages/patches/libarchive-fix-lzo-test-case.patch \
+ gnu/packages/patches/libarchive-mtree-filename-length-fix.patch \
gnu/packages/patches/libbonobo-activation-test-race.patch \
gnu/packages/patches/libevent-dns-tests.patch \
gnu/packages/patches/liboop-mips64-deplibs-fix.patch \
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index f4f6d0c42c..1aef75e05b 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -138,7 +138,11 @@ backups (called chunks) to allow easy burning to CD/DVD.")
version ".tar.gz"))
(sha256
(base32
- "0pixqnrcf35dnqgv0lp7qlcw7k13620qkhgxr288v7p4iz6ym1zb"))))
+ "0pixqnrcf35dnqgv0lp7qlcw7k13620qkhgxr288v7p4iz6ym1zb"))
+ (patches
+ (list (search-patch "libarchive-mtree-filename-length-fix.patch")
+ (search-patch "libarchive-fix-lzo-test-case.patch")
+ (search-patch "libarchive-CVE-2013-0211.patch")))))
(build-system gnu-build-system)
(inputs
`(("zlib" ,zlib)
diff --git a/gnu/packages/patches/libarchive-CVE-2013-0211.patch b/gnu/packages/patches/libarchive-CVE-2013-0211.patch
new file mode 100644
index 0000000000..b024a7d4a8
--- /dev/null
+++ b/gnu/packages/patches/libarchive-CVE-2013-0211.patch
@@ -0,0 +1,21 @@
+Description: Fix CVE-2013-0211: read buffer overflow on 64-bit systems
+Origin: upstream
+Bug-Debian: http://bugs.debian.org/703957
+Forwarded: not-needed
+
+--- libarchive-3.0.4.orig/libarchive/archive_write.c
++++ libarchive-3.0.4/libarchive/archive_write.c
+@@ -665,8 +665,13 @@ static ssize_t
+ _archive_write_data(struct archive *_a, const void *buff, size_t s)
+ {
+ struct archive_write *a = (struct archive_write *)_a;
++ const size_t max_write = INT_MAX;
++
+ archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
+ ARCHIVE_STATE_DATA, "archive_write_data");
++ /* In particular, this catches attempts to pass negative values. */
++ if (s > max_write)
++ s = max_write;
+ archive_clear_error(&a->archive);
+ return ((a->format_write_data)(a, buff, s));
+ }
diff --git a/gnu/packages/patches/libarchive-fix-lzo-test-case.patch b/gnu/packages/patches/libarchive-fix-lzo-test-case.patch
new file mode 100644
index 0000000000..ffdc0db922
--- /dev/null
+++ b/gnu/packages/patches/libarchive-fix-lzo-test-case.patch
@@ -0,0 +1,83 @@
+Description: This patch fixes test cases for LZO write support in various
+ architectures, such as armhf. Writing a certain amount of files would
+ cause the LZO compressor level 9 to produce a bigger archive than the
+ default compressor level.
+Author: Andres Mejia <amejia@debian.org>
+
+--- a/libarchive/test/test_write_filter_lzop.c
++++ b/libarchive/test/test_write_filter_lzop.c
+@@ -39,7 +39,7 @@
+ size_t buffsize, datasize;
+ char path[16];
+ size_t used1, used2;
+- int i, r, use_prog = 0;
++ int i, r, use_prog = 0, filecount;
+
+ assert((a = archive_write_new()) != NULL);
+ r = archive_write_add_filter_lzop(a);
+@@ -58,9 +58,10 @@
+
+ datasize = 10000;
+ assert(NULL != (data = (char *)calloc(1, datasize)));
++ filecount = 10;
+
+ /*
+- * Write a 100 files and read them all back.
++ * Write a filecount files and read them all back.
+ */
+ assert((a = archive_write_new()) != NULL);
+ assertEqualIntA(a, ARCHIVE_OK, archive_write_set_format_ustar(a));
+@@ -77,7 +78,7 @@
+ assert((ae = archive_entry_new()) != NULL);
+ archive_entry_set_filetype(ae, AE_IFREG);
+ archive_entry_set_size(ae, datasize);
+- for (i = 0; i < 100; i++) {
++ for (i = 0; i < filecount; i++) {
+ sprintf(path, "file%03d", i);
+ archive_entry_copy_pathname(ae, path);
+ assertEqualIntA(a, ARCHIVE_OK, archive_write_header(a, ae));
+@@ -97,7 +98,7 @@
+ } else {
+ assertEqualIntA(a, ARCHIVE_OK,
+ archive_read_open_memory(a, buff, used1));
+- for (i = 0; i < 100; i++) {
++ for (i = 0; i < filecount; i++) {
+ sprintf(path, "file%03d", i);
+ if (!assertEqualInt(ARCHIVE_OK,
+ archive_read_next_header(a, &ae)))
+@@ -133,7 +134,7 @@
+ archive_write_set_options(a, "lzop:compression-level=9"));
+ assertEqualIntA(a, ARCHIVE_OK,
+ archive_write_open_memory(a, buff, buffsize, &used2));
+- for (i = 0; i < 100; i++) {
++ for (i = 0; i < filecount; i++) {
+ sprintf(path, "file%03d", i);
+ assert((ae = archive_entry_new()) != NULL);
+ archive_entry_copy_pathname(ae, path);
+@@ -161,7 +162,7 @@
+ archive_read_support_filter_all(a));
+ assertEqualIntA(a, ARCHIVE_OK,
+ archive_read_open_memory(a, buff, used2));
+- for (i = 0; i < 100; i++) {
++ for (i = 0; i < filecount; i++) {
+ sprintf(path, "file%03d", i);
+ if (!assertEqualInt(ARCHIVE_OK,
+ archive_read_next_header(a, &ae)))
+@@ -186,7 +187,7 @@
+ archive_write_set_filter_option(a, NULL, "compression-level", "1"));
+ assertEqualIntA(a, ARCHIVE_OK,
+ archive_write_open_memory(a, buff, buffsize, &used2));
+- for (i = 0; i < 100; i++) {
++ for (i = 0; i < filecount; i++) {
+ sprintf(path, "file%03d", i);
+ assert((ae = archive_entry_new()) != NULL);
+ archive_entry_copy_pathname(ae, path);
+@@ -216,7 +217,7 @@
+ } else {
+ assertEqualIntA(a, ARCHIVE_OK,
+ archive_read_open_memory(a, buff, used2));
+- for (i = 0; i < 100; i++) {
++ for (i = 0; i < filecount; i++) {
+ sprintf(path, "file%03d", i);
+ if (!assertEqualInt(ARCHIVE_OK,
+ archive_read_next_header(a, &ae)))
diff --git a/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch b/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch
new file mode 100644
index 0000000000..ad94592c05
--- /dev/null
+++ b/gnu/packages/patches/libarchive-mtree-filename-length-fix.patch
@@ -0,0 +1,18 @@
+Description: Patch to fix filename length calculation when writing mtree archives.
+Author: Dave Reisner <dreisner@archlinux.org>
+Origin: upstream
+
+--- a/libarchive/archive_write_set_format_mtree.c
++++ b/libarchive/archive_write_set_format_mtree.c
+@@ -1855,9 +1855,9 @@
+ return (ret);
+ }
+
+- /* Make a basename from dirname and slash */
++ /* Make a basename from file->parentdir.s and slash */
+ *slash = '\0';
+- file->parentdir.length = slash - dirname;
++ file->parentdir.length = slash - file->parentdir.s;
+ archive_strcpy(&(file->basename), slash + 1);
+ return (ret);
+ }