/[packages]/updates/1/libarchive/current/SOURCES/libarchive-CVE-2013-0211.patch
ViewVC logotype

Annotation of /updates/1/libarchive/current/SOURCES/libarchive-CVE-2013-0211.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 409186 - (hide annotations) (download)
Tue Apr 9 15:32:51 2013 UTC (10 years, 11 months ago) by luigiwalser
File size: 1106 byte(s)
re-diff upstream patch to fix CVE-2013-0211
1 luigiwalser 409186 From 22531545514043e04633e1c015c7540b9de9dbe4 Mon Sep 17 00:00:00 2001
2     From: Tim Kientzle <kientzle@acm.org>
3     Date: Fri, 22 Mar 2013 23:48:41 -0700
4     Subject: [PATCH] Limit write requests to at most INT_MAX. This prevents a
5     certain common programming error (passing -1 to write) from leading to other
6     problems deeper in the library.
7    
8     ---
9     libarchive/archive_write.c | 5 +++++
10     1 file changed, 5 insertions(+)
11    
12     diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
13     index eede5e0..be85621 100644
14     --- a/libarchive/archive_write.c
15     +++ b/libarchive/archive_write.c
16     @@ -459,8 +459,13 @@ struct archive_write_filter *
17     _archive_write_data(struct archive *_a, const void *buff, size_t s)
18     {
19     struct archive_write *a = (struct archive_write *)_a;
20     + const size_t max_write = INT_MAX;
21     +
22     __archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
23     ARCHIVE_STATE_DATA, "archive_write_data");
24     + /* In particular, this catches attempts to pass negative values. */
25     + if (s > max_write)
26     + s = max_write;
27     archive_clear_error(&a->archive);
28     return ((a->format_write_data)(a, buff, s));
29     }
30     --
31     1.8.1.5
32    

  ViewVC Help
Powered by ViewVC 1.1.30