summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2007-10-28 21:40:20 +0000
committerMike Frysinger <vapier@gentoo.org>2007-10-28 21:40:20 +0000
commitc54a366a34599be4f7110a21dc59ffb9717628ea (patch)
treea50f188f4055700da8c6173af697ff77f9c323fd /app-arch/cpio/files
parentfix tgall's KEYWORDS breakage (diff)
downloadgentoo-2-c54a366a34599be4f7110a21dc59ffb9717628ea.tar.gz
gentoo-2-c54a366a34599be4f7110a21dc59ffb9717628ea.tar.bz2
gentoo-2-c54a366a34599be4f7110a21dc59ffb9717628ea.zip
Add fix for CVE-2007-4476 #196978.
(Portage version: 2.1.3.16)
Diffstat (limited to 'app-arch/cpio/files')
-rw-r--r--app-arch/cpio/files/cpio-2.9-CVE-2007-4476.patch90
-rw-r--r--app-arch/cpio/files/digest-cpio-2.9-r13
2 files changed, 93 insertions, 0 deletions
diff --git a/app-arch/cpio/files/cpio-2.9-CVE-2007-4476.patch b/app-arch/cpio/files/cpio-2.9-CVE-2007-4476.patch
new file mode 100644
index 000000000000..2edbb1eb1c56
--- /dev/null
+++ b/app-arch/cpio/files/cpio-2.9-CVE-2007-4476.patch
@@ -0,0 +1,90 @@
+http://bugs.gentoo.org/196978
+
+--- lib/paxnames.c
++++ lib/paxnames.c
+@@ -36,15 +36,27 @@
+ return strcmp (name1, name2) == 0;
+ }
+
+-/* Return zero if TABLE contains a copy of STRING; otherwise, insert a
+- copy of STRING to TABLE and return 1. */
+-bool
+-hash_string_insert (Hash_table **table, char const *string)
++/* Return zero if TABLE contains a LEN-character long prefix of STRING,
++ otherwise, insert a newly allocated copy of this prefix to TABLE and
++ return 1. If RETURN_PREFIX is not NULL, point it to the allocated
++ copy. */
++static bool
++hash_string_insert_prefix (Hash_table **table, char const *string, size_t len,
++ const char **return_prefix)
+ {
+ Hash_table *t = *table;
+- char *s = xstrdup (string);
++ char *s;
+ char *e;
+
++ if (len)
++ {
++ s = xmalloc (len + 1);
++ memcpy (s, string, len);
++ s[len] = 0;
++ }
++ else
++ s = xstrdup (string);
++
+ if (! ((t
+ || (*table = t = hash_initialize (0, 0, hash_string_hasher,
+ hash_string_compare, 0)))
+@@ -52,7 +64,11 @@
+ xalloc_die ();
+
+ if (e == s)
+- return 1;
++ {
++ if (return_prefix)
++ *return_prefix = s;
++ return 1;
++ }
+ else
+ {
+ free (s);
+@@ -60,6 +76,14 @@
+ }
+ }
+
++/* Return zero if TABLE contains a copy of STRING; otherwise, insert a
++ copy of STRING to TABLE and return 1. */
++bool
++hash_string_insert (Hash_table **table, char const *string)
++{
++ return hash_string_insert_prefix (table, string, 0, NULL);
++}
++
+ /* Return 1 if TABLE contains STRING. */
+ bool
+ hash_string_lookup (Hash_table const *table, char const *string)
+@@ -88,7 +112,8 @@
+ If ABSOLUTE_NAMES is 0, strip filesystem prefix from the file name. */
+
+ char *
+-safer_name_suffix (char const *file_name, bool link_target, bool absolute_names)
++safer_name_suffix (char const *file_name, bool link_target,
++ bool absolute_names)
+ {
+ char const *p;
+
+@@ -121,11 +146,9 @@
+
+ if (prefix_len)
+ {
+- char *prefix = alloca (prefix_len + 1);
+- memcpy (prefix, file_name, prefix_len);
+- prefix[prefix_len] = '\0';
+-
+- if (hash_string_insert (&prefix_table[link_target], prefix))
++ const char *prefix;
++ if (hash_string_insert_prefix (&prefix_table[link_target], file_name,
++ prefix_len, &prefix))
+ {
+ static char const *const diagnostic[] =
+ {
diff --git a/app-arch/cpio/files/digest-cpio-2.9-r1 b/app-arch/cpio/files/digest-cpio-2.9-r1
new file mode 100644
index 000000000000..3827e3d7fe96
--- /dev/null
+++ b/app-arch/cpio/files/digest-cpio-2.9-r1
@@ -0,0 +1,3 @@
+MD5 e387abfdae3a0b9a8a5f762db653a96d cpio-2.9.tar.bz2 758195
+RMD160 6fbd93755e266ad7ff9644cb7fe3c3e54d61ac44 cpio-2.9.tar.bz2 758195
+SHA256 bb9a5fa693a8f4ef4685eb447cea1dc5b787e37c302569928ef74df460724707 cpio-2.9.tar.bz2 758195