summary refs log tree commit diff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2014-08-26 12:00:26 -0400
committerMark H Weaver <mhw@netris.org>2014-08-26 12:05:37 -0400
commit48abd130217bd1645fefc4ca1817862672c6d782 (patch)
treebcb7bb4ab869d1303ff53484b7cff98a98b6b523 /gnu/packages/patches
parent5cc4517590d4d517bf9e29db5d9c5e03e4e0ad26 (diff)
downloadguix-48abd130217bd1645fefc4ca1817862672c6d782.tar.gz
gnu: file: Update to 5.19; add fix for CVE-2014-3587.
* gnu/packages/patches/file-CVE-2014-3587.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/file.scm (file): Update to 5.19.  Add patch.
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/file-CVE-2014-3587.patch16
1 files changed, 16 insertions, 0 deletions
diff --git a/gnu/packages/patches/file-CVE-2014-3587.patch b/gnu/packages/patches/file-CVE-2014-3587.patch
new file mode 100644
index 0000000000..cf88bf5f3e
--- /dev/null
+++ b/gnu/packages/patches/file-CVE-2014-3587.patch
@@ -0,0 +1,16 @@
+Fixes CVE-2014-3587.  Copied from upstream commit
+0641e56be1af003aa02c7c6b0184466540637233.
+
+--- file-5.19/src/cdf.c.orig	2014-06-09 09:04:37.000000000 -0400
++++ file-5.19/src/cdf.c	2014-08-26 11:55:23.887118898 -0400
+@@ -824,6 +824,10 @@
+ 		q = (const uint8_t *)(const void *)
+ 		    ((const char *)(const void *)p + ofs
+ 		    - 2 * sizeof(uint32_t));
++		if (q < p) {
++			DPRINTF(("Wrapped around %p < %p\n", q, p));
++			goto out;
++		}
+ 		if (q > e) {
+ 			DPRINTF(("Ran of the end %p > %p\n", q, e));
+ 			goto out;