/[packages]/updates/1/libarchive/current/SOURCES/libarchive-CVE-2013-0211.patch
ViewVC logotype

Contents of /updates/1/libarchive/current/SOURCES/libarchive-CVE-2013-0211.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 409186 - (show annotations) (download)
Tue Apr 9 15:32:51 2013 UTC (8 years, 3 months ago) by luigiwalser
File size: 1106 byte(s)
re-diff upstream patch to fix CVE-2013-0211
1 From 22531545514043e04633e1c015c7540b9de9dbe4 Mon Sep 17 00:00:00 2001
2 From: Tim Kientzle <kientzle@acm.org>
3 Date: Fri, 22 Mar 2013 23:48:41 -0700
4 Subject: [PATCH] Limit write requests to at most INT_MAX. This prevents a
5 certain common programming error (passing -1 to write) from leading to other
6 problems deeper in the library.
7
8 ---
9 libarchive/archive_write.c | 5 +++++
10 1 file changed, 5 insertions(+)
11
12 diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c
13 index eede5e0..be85621 100644
14 --- a/libarchive/archive_write.c
15 +++ b/libarchive/archive_write.c
16 @@ -459,8 +459,13 @@ struct archive_write_filter *
17 _archive_write_data(struct archive *_a, const void *buff, size_t s)
18 {
19 struct archive_write *a = (struct archive_write *)_a;
20 + const size_t max_write = INT_MAX;
21 +
22 __archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
23 ARCHIVE_STATE_DATA, "archive_write_data");
24 + /* In particular, this catches attempts to pass negative values. */
25 + if (s > max_write)
26 + s = max_write;
27 archive_clear_error(&a->archive);
28 return ((a->format_write_data)(a, buff, s));
29 }
30 --
31 1.8.1.5
32

  ViewVC Help
Powered by ViewVC 1.1.28