aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2015-10-25 13:58:09 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2015-10-25 13:58:09 +0000
commitef0283a0d7ea693662fd2ec83d62c6e4ca5f2ed3 (patch)
tree9303e6c81e513550fb98823ea8f98a82e241d96f
parent3cf1f6aadb7df2bfaa3b525af1a6931282864de4 (diff)
downloadaports-ef0283a0d7ea693662fd2ec83d62c6e4ca5f2ed3.tar.bz2
aports-ef0283a0d7ea693662fd2ec83d62c6e4ca5f2ed3.tar.xz
main/musl: fix single-byte overflow of malloc'd buffer in getdelim
from upstream: http://git.musl-libc.org/cgit/musl/commit/?id=b114190b29417fff6f701eea3a3b3b6030338280
-rw-r--r--main/musl/APKBUILD6
-rw-r--r--main/musl/fix-single-byte-overflow.patch32
2 files changed, 37 insertions, 1 deletions
diff --git a/main/musl/APKBUILD b/main/musl/APKBUILD
index a6075980df..f0691874aa 100644
--- a/main/musl/APKBUILD
+++ b/main/musl/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Timo Teräs <timo.teras@iki.fi>
pkgname=musl
pkgver=1.1.12
-pkgrel=0
+pkgrel=1
pkgdesc="the musl c library (libc) implementation"
url="http://www.musl-libc.org/"
arch="all"
@@ -12,6 +12,7 @@ depends_dev="!uclibc-dev"
makedepends="$depends_dev"
subpackages="$pkgname-dev $pkgname-utils $pkgname-dbg libc6-compat:compat"
source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz
+ fix-single-byte-overflow.patch
ldconfig
__stack_chk_fail_local.c
@@ -128,18 +129,21 @@ compat() {
}
md5sums="42875e0c111aa1cb9d08663f8d42c799 musl-1.1.12.tar.gz
+9aeeaaa70c75608e0b3ed6b6de5b3a37 fix-single-byte-overflow.patch
830d01f7821b978df770b06db3790921 ldconfig
0df687757221bbb0fc1aa67f1bd646f9 __stack_chk_fail_local.c
57ef2c63b9ec6a2041694ace97d4ffa2 getconf.c
2b941c4251cac44988a4abfc50e21267 getent.c
45f92f8d59cf84d765de698a9578dbf4 iconv.c"
sha256sums="720b83c7e276b4b679c0bffe9509340d5f81fd601508e607e708177df0d31c0e musl-1.1.12.tar.gz
+370daa951d0547dc77d699945e5f49eb941516ead5aee51c5e9ca30061c7c5f8 fix-single-byte-overflow.patch
b4a2c06db38742e8c42c3c9838b285a7d8cdac6c091ff3df5ff9a15f1e41b9c7 ldconfig
299a7d75a09de3e2e11e7fb4acc3182e4a14e868093d2f30938fce9bfcff13da __stack_chk_fail_local.c
d87d0cbb3690ae2c5d8cc218349fd8278b93855dd625deaf7ae50e320aad247c getconf.c
68373a55e89ce85c562d941ccf588337d6cc6c9c17689d695f65cd7607134bbe getent.c
f79a2930a2e5bb0624321589edf8b889d1e9b603e01e6b7ae214616605b3fdd7 iconv.c"
sha512sums="7cabbe2665e32bd3408c8865f89f474106e982b4e5de81d0cdeea19e19e20b4d2496faf1adc6b2811d996f30f39258184ba347e8eb5f3811eab89179e8f52d70 musl-1.1.12.tar.gz
+75e5c98a27924ed6a2ce5113f56ecff2774506a82c2ad65c815998083ef812d9a36e61e270a40b29b436ca91cf28563a7138f6eb5f206bbd1422eeae0346012c fix-single-byte-overflow.patch
8d3a2d5315fc56fee7da9abb8b89bb38c6046c33d154c10d168fb35bfde6b0cf9f13042a3bceee34daf091bc409d699223735dcf19f382eeee1f6be34154f26f ldconfig
062bb49fa54839010acd4af113e20f7263dde1c8a2ca359b5fb2661ef9ed9d84a0f7c3bc10c25dcfa10bb3c5a4874588dff636ac43d5dbb3d748d75400756d0b __stack_chk_fail_local.c
0d80f37b34a35e3d14b012257c50862dfeb9d2c81139ea2dfa101d981d093b009b9fa450ba27a708ac59377a48626971dfc58e20a3799084a65777a0c32cbc7d getconf.c
diff --git a/main/musl/fix-single-byte-overflow.patch b/main/musl/fix-single-byte-overflow.patch
new file mode 100644
index 0000000000..ffc5b3551c
--- /dev/null
+++ b/main/musl/fix-single-byte-overflow.patch
@@ -0,0 +1,32 @@
+From b114190b29417fff6f701eea3a3b3b6030338280 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Sat, 24 Oct 2015 22:42:10 -0400
+Subject: fix single-byte overflow of malloc'd buffer in getdelim
+
+the buffer enlargement logic here accounted for the terminating null
+byte, but not for the possibility of hitting the delimiter in the
+buffer-refill code path that uses getc_unlocked, in which case two
+additional bytes (the delimiter and the null termination) are written
+without another chance to enlarge the buffer.
+
+this patch and the corresponding bug report are by Felix Janda.
+---
+ src/stdio/getdelim.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/stdio/getdelim.c b/src/stdio/getdelim.c
+index a88c393..3077490 100644
+--- a/src/stdio/getdelim.c
++++ b/src/stdio/getdelim.c
+@@ -27,7 +27,7 @@ ssize_t getdelim(char **restrict s, size_t *restrict n, int delim, FILE *restric
+ for (;;) {
+ z = memchr(f->rpos, delim, f->rend - f->rpos);
+ k = z ? z - f->rpos + 1 : f->rend - f->rpos;
+- if (i+k >= *n) {
++ if (i+k+1 >= *n) {
+ if (k >= SIZE_MAX/2-i) goto oom;
+ *n = i+k+2;
+ if (*n < SIZE_MAX/4) *n *= 2;
+--
+cgit v0.11.2
+