[arch-commits] Commit in libarchive/trunk (2 files)
Christian Hesse
eworm at archlinux.org
Sat Feb 4 17:43:32 UTC 2017
Date: Saturday, February 4, 2017 @ 17:43:31
Author: eworm
Revision: 288024
upgpkg: libarchive 3.2.2-4
fix CVE-2017-5601 [0] (FS#52840)
[0] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5601
Added:
libarchive/trunk/0002-fixes-a-heap-buffer-overflow.patch
Modified:
libarchive/trunk/PKGBUILD
-----------------------------------------+
0002-fixes-a-heap-buffer-overflow.patch | 24 ++++++++++++++++++++++++
PKGBUILD | 12 +++++++++---
2 files changed, 33 insertions(+), 3 deletions(-)
Added: 0002-fixes-a-heap-buffer-overflow.patch
===================================================================
--- 0002-fixes-a-heap-buffer-overflow.patch (rev 0)
+++ 0002-fixes-a-heap-buffer-overflow.patch 2017-02-04 17:43:31 UTC (rev 288024)
@@ -0,0 +1,24 @@
+From 98dcbbf0bf4854bf987557e55e55fff7abbf3ea9 Mon Sep 17 00:00:00 2001
+From: Martin Matuska <martin at matuska.org>
+Date: Thu, 19 Jan 2017 22:00:18 +0100
+Subject: [PATCH] Fail with negative lha->compsize in lha_read_file_header_1()
+ Fixes a heap buffer overflow reported in Secunia SA74169
+
+---
+ libarchive/archive_read_support_format_lha.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/libarchive/archive_read_support_format_lha.c b/libarchive/archive_read_support_format_lha.c
+index 52a5531..d77a7c2 100644
+--- a/libarchive/archive_read_support_format_lha.c
++++ b/libarchive/archive_read_support_format_lha.c
+@@ -924,6 +924,9 @@ lha_read_file_header_1(struct archive_read *a, struct lha *lha)
+ /* Get a real compressed file size. */
+ lha->compsize -= extdsize - 2;
+
++ if (lha->compsize < 0)
++ goto invalid; /* Invalid compressed file size */
++
+ if (sum_calculated != headersum) {
+ archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
+ "LHa header sum error");
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-02-04 17:21:16 UTC (rev 288023)
+++ PKGBUILD 2017-02-04 17:43:31 UTC (rev 288024)
@@ -3,7 +3,7 @@
pkgname=libarchive
pkgver=3.2.2
-pkgrel=3
+pkgrel=4
pkgdesc="library that can create and read several streaming archive formats"
arch=('i686' 'x86_64')
url="http://libarchive.org/"
@@ -12,9 +12,11 @@
options=('strip' 'debug' 'libtool')
provides=('libarchive.so')
source=("$pkgname-$pkgver.tar.gz::https://github.com/$pkgname/$pkgname/archive/v$pkgver.tar.gz"
- '0001-issue-822-try-harder-to-detect-directories-in-zip-archives.patch')
+ '0001-issue-822-try-harder-to-detect-directories-in-zip-archives.patch'
+ '0002-fixes-a-heap-buffer-overflow.patch')
sha256sums=('edfc2ee7d42dd03228d0fa3bb9cbaade454557b326b2608b2e32c27aae62bdd4'
- '79bd6b3889131ab36501af2c9460ccb940ba95d568a72578163fb5d212a7a7e5')
+ '79bd6b3889131ab36501af2c9460ccb940ba95d568a72578163fb5d212a7a7e5'
+ 'e6177bd052090a2111d62c7c68157df71cebf4ad359aad02ce89d5585c9e64a4')
prepare() {
cd "$pkgname-$pkgver"
@@ -21,6 +23,10 @@
# Issue #822: Try harder to detect directories in zip archives
patch -Np1 < "$srcdir"/0001-issue-822-try-harder-to-detect-directories-in-zip-archives.patch
+
+ # Fail with negative lha->compsize in lha_read_file_header_1()
+ # Fixes a heap buffer overflow reported in Secunia SA74169
+ patch -Np1 < "$srcdir"/0002-fixes-a-heap-buffer-overflow.patch
}
build() {
More information about the arch-commits
mailing list