diff options
| author | Leo <thinkabit.ukim@gmail.com> | 2020-03-26 15:03:23 -0300 |
|---|---|---|
| committer | Leo <thinkabit.ukim@gmail.com> | 2020-03-26 15:06:04 -0300 |
| commit | f370aec8dce498f800720394c0be31954ac54505 (patch) | |
| tree | b4d22c1f4bfcbfbc8d35316afc4899552493082e | |
| parent | e61670a8667332918c6a88a0f52c50aed9c1a0cd (diff) | |
| download | aports-f370aec8dce498f800720394c0be31954ac54505.tar.bz2 aports-f370aec8dce498f800720394c0be31954ac54505.tar.xz | |
main/libmspack: fix CVE-2019-1010305
see #10814
| -rw-r--r-- | main/libmspack/APKBUILD | 12 | ||||
| -rw-r--r-- | main/libmspack/CVE-2019-1010305.patch | 39 |
2 files changed, 47 insertions, 4 deletions
diff --git a/main/libmspack/APKBUILD b/main/libmspack/APKBUILD index 6d69fd8cd3..04f38710b9 100644 --- a/main/libmspack/APKBUILD +++ b/main/libmspack/APKBUILD @@ -2,7 +2,7 @@ pkgname=libmspack pkgver=0.8_alpha _ver=${pkgver/_/} -pkgrel=0 +pkgrel=1 pkgdesc="Library for CAB and related files compression and decompression" url="https://www.cabextract.org.uk/libmspack/" arch="all" @@ -10,13 +10,16 @@ license="LGPL-2.0" depends="" depends_dev="" makedepends="$depends_dev" -install="" subpackages="$pkgname-dev" -source="https://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz" +source="https://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz + CVE-2019-1010305.patch + " _builddir="$srcdir"/libmspack-$_ver # secfixes: +# 0.8_alpha-r1: +# - CVE-2019-1010305 # 0.8_alpha-r0: # - CVE-2018-18584 # - CVE-2018-18585 @@ -61,4 +64,5 @@ package() { make DESTDIR="$pkgdir" install || return 1 } -sha512sums="d178afc4d2eded204594c81af1c91be17d3be4f1a09829e08c103023aa7badc6b2595e9ec13cc7f77e3262d2cd874ed40ce6da01695c5c839682562740d2bf0a libmspack-0.8alpha.tar.gz" +sha512sums="d178afc4d2eded204594c81af1c91be17d3be4f1a09829e08c103023aa7badc6b2595e9ec13cc7f77e3262d2cd874ed40ce6da01695c5c839682562740d2bf0a libmspack-0.8alpha.tar.gz +4c5f5ab9d597538303ce2adf27014db715603afdde50904cd3cb363077f2ff883086cf9ccf1072fa516f73df4652bec3bddd81854aeac5f11c0698d1cfb59cdf CVE-2019-1010305.patch" diff --git a/main/libmspack/CVE-2019-1010305.patch b/main/libmspack/CVE-2019-1010305.patch new file mode 100644 index 0000000000..af113af2d3 --- /dev/null +++ b/main/libmspack/CVE-2019-1010305.patch @@ -0,0 +1,39 @@ +diff --git a/mspack/chmd.c b/mspack/chmd.c +index 1d198bf..26c1b18 100644 +--- a/mspack/chmd.c ++++ b/mspack/chmd.c +@@ -482,21 +482,19 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh, + fi->filename[name_len] = '\0'; + + if (name[0] == ':' && name[1] == ':') { +- /* system file */ +- if (mspack_memcmp(&name[2], &content_name[2], 31L) == 0) { +- if (mspack_memcmp(&name[33], &content_name[33], 8L) == 0) { +- chm->sec1.content = fi; +- } +- else if (mspack_memcmp(&name[33], &control_name[33], 11L) == 0) { +- chm->sec1.control = fi; +- } +- else if (mspack_memcmp(&name[33], &spaninfo_name[33], 8L) == 0) { +- chm->sec1.spaninfo = fi; +- } +- else if (mspack_memcmp(&name[33], &rtable_name[33], 72L) == 0) { +- chm->sec1.rtable = fi; +- } +- } ++ /* system file */ ++ if (name_len == 40 && memcmp(name, content_name, 40) == 0) { ++ chm->sec1.content = fi; ++ } ++ else if (name_len == 44 && memcmp(name, control_name, 44) == 0) { ++ chm->sec1.control = fi; ++ } ++ else if (name_len == 41 && memcmp(name, spaninfo_name, 41) == 0) { ++ chm->sec1.spaninfo = fi; ++ } ++ else if (name_len == 105 && memcmp(name, rtable_name, 105) == 0) { ++ chm->sec1.rtable = fi; ++ } + fi->next = chm->sysfiles; + chm->sysfiles = fi; + } |