diff options
author | Sam James <sam@gentoo.org> | 2020-07-19 19:06:17 +0000 |
---|---|---|
committer | Sam James <sam@gentoo.org> | 2020-07-19 19:06:17 +0000 |
commit | 675031ceeb5731701376347641f857d3d00c8322 (patch) | |
tree | 12430b39af2f6dd213921a24d28170e611e7385f /sys-fs | |
parent | gnome-extra/gnome-user-docs: bump to 3.36.2 (diff) | |
download | gentoo-675031ceeb5731701376347641f857d3d00c8322.tar.gz gentoo-675031ceeb5731701376347641f857d3d00c8322.tar.bz2 gentoo-675031ceeb5731701376347641f857d3d00c8322.zip |
sys-fs/fuseiso: revbump for security patches
This fixes CVE-2015-8837 and another possible
vulnerability using patches from Debian.
Bug: https://bugs.gentoo.org/713328
Package-Manager: Portage-2.3.103, Repoman-2.3.23
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'sys-fs')
-rw-r--r-- | sys-fs/fuseiso/files/fuseiso-20070708-CVE-2015-8837.patch | 35 | ||||
-rw-r--r-- | sys-fs/fuseiso/files/fuseiso-20070708-integer-overflow.patch | 16 | ||||
-rw-r--r-- | sys-fs/fuseiso/fuseiso-20070708-r3.ebuild | 28 |
3 files changed, 79 insertions, 0 deletions
diff --git a/sys-fs/fuseiso/files/fuseiso-20070708-CVE-2015-8837.patch b/sys-fs/fuseiso/files/fuseiso-20070708-CVE-2015-8837.patch new file mode 100644 index 000000000000..1e760fd89f66 --- /dev/null +++ b/sys-fs/fuseiso/files/fuseiso-20070708-CVE-2015-8837.patch @@ -0,0 +1,35 @@ +Description: Prevent stack-based buffer overflow on too-long path names +Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> + +--- a/src/isofs.c ++++ b/src/isofs.c +@@ -1532,13 +1532,23 @@ + if(path[1] != '\0') { // not root dir + strcat(absolute_entry, "/"); + }; +- strcat(absolute_entry, entry); +- if(g_hash_table_lookup(lookup_table, absolute_entry)) { +- // already in lookup cache ++ ++ if(strlen(absolute_entry) + strlen(entry) <= PATH_MAX-1) { ++ strcat(absolute_entry, entry); ++ if(g_hash_table_lookup(lookup_table, absolute_entry)) { ++ // already in lookup cache ++ isofs_free_inode(inode); ++ } else { ++ g_hash_table_insert(lookup_table, g_strdup(absolute_entry), inode); ++ }; ++ } ++ else { ++ printf("readdir: absolute path name for entry '%s' exceeding PATH_MAX (%d)\n", entry, PATH_MAX); + isofs_free_inode(inode); +- } else { +- g_hash_table_insert(lookup_table, g_strdup(absolute_entry), inode); +- }; ++ free(buf); ++ free(entry); ++ return -EIO; ++ } + + free(entry); + diff --git a/sys-fs/fuseiso/files/fuseiso-20070708-integer-overflow.patch b/sys-fs/fuseiso/files/fuseiso-20070708-integer-overflow.patch new file mode 100644 index 000000000000..83c2c9451a61 --- /dev/null +++ b/sys-fs/fuseiso/files/fuseiso-20070708-integer-overflow.patch @@ -0,0 +1,16 @@ +Description: Prevent integer overflow in ZISO code +Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de> + +--- a/src/isofs.c ++++ b/src/isofs.c +@@ -1618,6 +1618,10 @@ + }; + + static int isofs_real_read_zf(isofs_inode *inode, char *out_buf, size_t size, off_t offset) { ++ if( inode->zf_block_shift > 17 ) { ++ fprintf(stderr, "isofs_real_read_zf: can't handle ZF block size of 2^%d\n", inode->zf_block_shift); ++ return -EIO; ++ } + int zf_block_size = 1 << inode->zf_block_shift; + int zf_start = offset / zf_block_size; + int zf_end = (offset + size) / zf_block_size; diff --git a/sys-fs/fuseiso/fuseiso-20070708-r3.ebuild b/sys-fs/fuseiso/fuseiso-20070708-r3.ebuild new file mode 100644 index 000000000000..a49b359127b3 --- /dev/null +++ b/sys-fs/fuseiso/fuseiso-20070708-r3.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +DESCRIPTION="Fuse module to mount ISO9660" +HOMEPAGE="https://sourceforge.net/projects/fuseiso" +SRC_URI="http://superb-dca2.dl.sourceforge.net/project/${PN}/${PN}/${PV}/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~ppc64 ~x86" + +RDEPEND="sys-fs/fuse:0= + sys-libs/zlib + dev-libs/glib:2" + +DEPEND="${RDEPEND}" +BDEPEND="virtual/pkgconfig" + +DOCS=( AUTHORS ChangeLog NEWS README ) + +PATCHES=( + "${FILESDIR}/${P}-largeiso.patch" + "${FILESDIR}/${P}-fix-typo.patch" + "${FILESDIR}/${P}-CVE-2015-8837.patch" + "${FILESDIR}/${P}-integer-overflow.patch" +) |