summary refs log tree commit diff
diff options
context:
space:
mode:
authorLéo Le Bouter <lle-bout@zaclys.net>2021-03-10 09:50:14 +0100
committerLéo Le Bouter <lle-bout@zaclys.net>2021-03-10 09:54:27 +0100
commitb66fc0a64bbcf4c198c117f0eca1ee95661b5b4a (patch)
treec20b63aa7d2e0fa73374f6f8a3039d8a7e4ecb31
parent207ef1a2b4f6ffd4781d1f5aab8e5984bc515f4c (diff)
downloadguix-b66fc0a64bbcf4c198c117f0eca1ee95661b5b4a.tar.gz
gnu: bsdiff: Fix CVE-2014-9862.
* gnu/packages/patches/bsdiff-CVE-2014-9862.patch: New patch.
* gnu/local.mk (dist_patch_DATA): Register it.
* gnu/packages/compression.scm (bsdiff): Apply it.
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/compression.scm3
-rw-r--r--gnu/packages/patches/bsdiff-CVE-2014-9862.patch15
3 files changed, 18 insertions, 1 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index bcee06a97a..dcee722e79 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -840,6 +840,7 @@ dist_patch_DATA =						\
   %D%/packages/patches/bazaar-CVE-2017-14176.patch		\
   %D%/packages/patches/bc-fix-cross-compilation.patch		\
   %D%/packages/patches/bear-disable-preinstall-tests.patch	\
+  %D%/packages/patches/bsdiff-CVE-2014-9862.patch		\
   %D%/packages/patches/bsd-games-2.17-64bit.patch		\
   %D%/packages/patches/bsd-games-add-configure-config.patch	\
   %D%/packages/patches/bsd-games-add-wrapper.patch		\
diff --git a/gnu/packages/compression.scm b/gnu/packages/compression.scm
index 32fd358ac8..fbe3b06347 100644
--- a/gnu/packages/compression.scm
+++ b/gnu/packages/compression.scm
@@ -963,7 +963,8 @@ tarballs.")
               (uri (string-append home-page name "-" version ".tar.gz"))
               (sha256
                (base32
-                "0j2zm3z271x5aw63mwhr3vymzn45p2vvrlrpm9cz2nywna41b0hq"))))
+                "0j2zm3z271x5aw63mwhr3vymzn45p2vvrlrpm9cz2nywna41b0hq"))
+              (patches (search-patches "bsdiff-CVE-2014-9862.patch"))))
     (build-system gnu-build-system)
     (arguments
      `(#:make-flags (list "INSTALL=install"
diff --git a/gnu/packages/patches/bsdiff-CVE-2014-9862.patch b/gnu/packages/patches/bsdiff-CVE-2014-9862.patch
new file mode 100644
index 0000000000..7aab818090
--- /dev/null
+++ b/gnu/packages/patches/bsdiff-CVE-2014-9862.patch
@@ -0,0 +1,15 @@
+diff --git a/bspatch.c b/bspatch.c
+index 8d95633..ab77722 100644
+--- a/bspatch.c
++++ b/bspatch.c
+
+@@ -187,6 +187,10 @@
+ 		};
+ 
+ 		/* Sanity-check */
++		if ((ctrl[0] < 0) || (ctrl[1] < 0))
++			errx(1,"Corrupt patch\n");
++
++		/* Sanity-check */
+ 		if(newpos+ctrl[0]>newsize)
+ 			errx(1,"Corrupt patch\n");