summary refs log tree commit diff
path: root/gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch')
-rw-r--r--gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch88
1 files changed, 0 insertions, 88 deletions
diff --git a/gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch b/gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch
deleted file mode 100644
index 75313cbefa..0000000000
--- a/gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-Partially fix CVE-2014-9112, part 5/5.  Backported to 2.11.
-
-From f6a8a2cbd2d5ca40ea94900b55b845dd5ca87328 Mon Sep 17 00:00:00 2001
-From: Sergey Poznyakoff <gray@gnu.org.ua>
-Date: Thu, 11 Dec 2014 13:21:40 +0000
-Subject: Fix symlink-bad-length test for 64-bit architectures.
-
-* src/util.c: Return non-zero exit code if EOF is hit prematurely.
-* tests/symlink-bad-length.at: Revert to original archive: there's
-no use testing for recovery, because that depends on the host
-architecture.  Don't test for exit code as well (same reason).
-Account for eventual warning messages.
----
-diff --git a/src/util.c b/src/util.c
-index 6c483f8..39c9813 100644
---- a/src/util.c
-+++ b/src/util.c
-@@ -206,10 +206,7 @@ tape_fill_input_buffer (int in_des, int
-   if (input_size < 0)
-     error (1, errno, _("read error"));
-   if (input_size == 0)
--    {
--      error (0, 0, _("premature end of file"));
--      exit (1);
--    }
-+    error (PAXEXIT_FAILURE, 0, _("premature end of file"));
-   input_bytes += input_size;
- }
- 
-diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
-index 4dbeaa3..e1a7093 100644
---- a/tests/symlink-bad-length.at
-+++ b/tests/symlink-bad-length.at
-@@ -24,9 +24,9 @@ AT_SETUP([symlink-bad-length])
- AT_KEYWORDS([symlink-long copyout])
- 
- AT_DATA([ARCHIVE.base64],
--[x3ECCJ1jtIHoA2QAAQAAAIlUwl0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxAgidHv+h6ANk
--AAEAAACJVHFtBQD/////TElOSwAARklMRcdxAgieHqSB6ANkAAEAAACJVDJuBgAAABIARklMRTIA
--c29tZSBtb3JlIGNvbnRlbnQKx3EAAAAAAAAAAAAAAQAAAAAAAAALAAAAAABUUkFJTEVSISEhAAAA
-+[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
-+JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
-+UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-@@ -35,25 +35,30 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
- ])
- 
-+# The exact error message and exit status depend on the host architecture,
-+# therefore strderr is filtered out and error code is not checked.
-+
-+# So far the only case when cpio would exit with code 0 is when it skips
-+# several bytes and encounters a valid record header.  Perhaps it should
-+# exit with code 2 (non-critical error), if at least one byte was skipped,
-+# but that could hurt backward compatibility.
-+
- AT_CHECK([
- base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
--TZ=UTC cpio -ntv < ARCHIVE 2>stderr
--rc=$?
-+TZ=UTC cpio -ntv < ARCHIVE 2>stderr 
- cat stderr | grep -v \
-     -e 'stored filename length is out of range' \
-     -e 'premature end of file' \
-     -e 'archive header has reverse byte-order' \
-     -e 'memory exhausted' \
-+    -e 'skipped [[0-9][0-9]*] bytes of junk' \
-+    -e '[[0-9][0-9]*] block' \
-     >&2
- echo >&2 STDERR
--test "$rc" -ne 0
- ],
--[1],
--[-rw-rw-r--   1 1000     100            13 Dec 11 09:02 FILE
---rw-r--r--   1 1000     100            18 Dec 11 10:13 FILE2
--],[cpio: warning: skipped 4 bytes of junk
--1 block
--STDERR
-+[0],
-+[-rw-rw-r--   1 10029    10031          13 Nov 25 11:52 FILE
-+],[STDERR
- ])
- 
- AT_CLEANUP
---
-cgit v0.9.0.2