busybox: add 2 upstream fixes

Signed-off-by: Nicolas Thill <nico@openwrt.org>

SVN-Revision: 43191
master
Nicolas Thill 10 years ago
parent 61a708154d
commit 1fe7cd5ed9
  1. 2
      package/utils/busybox/Makefile
  2. 59
      package/utils/busybox/patches/006-upstream_lzop_fix.patch
  3. 59
      package/utils/busybox/patches/007-upstream_zcat_no_ext_fix.patch

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=busybox
PKG_VERSION:=1.22.1
PKG_RELEASE:=3
PKG_RELEASE:=4
PKG_FLAGS:=essential
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2

@ -0,0 +1,59 @@
From a9dc7c2f59dc5e92870d2d46316ea5c1f14740e3 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Mon, 30 Jun 2014 10:14:34 +0200
Subject: [PATCH] lzop: add overflow check
See CVE-2014-4607
http://www.openwall.com/lists/oss-security/2014/06/26/20
function old new delta
lzo1x_decompress_safe 1010 1031 +21
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
archival/libarchive/liblzo.h | 2 ++
archival/libarchive/lzo1x_d.c | 3 +++
2 files changed, 5 insertions(+)
--- a/archival/libarchive/liblzo.h
+++ b/archival/libarchive/liblzo.h
@@ -76,11 +76,13 @@
# define TEST_IP (ip < ip_end)
# define NEED_IP(x) \
if ((unsigned)(ip_end - ip) < (unsigned)(x)) goto input_overrun
+# define TEST_IV(x) if ((x) > (unsigned)0 - (511)) goto input_overrun
# undef TEST_OP /* don't need both of the tests here */
# define TEST_OP 1
# define NEED_OP(x) \
if ((unsigned)(op_end - op) < (unsigned)(x)) goto output_overrun
+# define TEST_OV(x) if ((x) > (unsigned)0 - (511)) goto output_overrun
#define HAVE_ANY_OP 1
--- a/archival/libarchive/lzo1x_d.c
+++ b/archival/libarchive/lzo1x_d.c
@@ -92,6 +92,7 @@ int lzo1x_decompress_safe(const uint8_t*
ip++;
NEED_IP(1);
}
+ TEST_IV(t);
t += 15 + *ip++;
}
/* copy literals */
@@ -224,6 +225,7 @@ int lzo1x_decompress_safe(const uint8_t*
ip++;
NEED_IP(1);
}
+ TEST_IV(t);
t += 31 + *ip++;
}
#if defined(COPY_DICT)
@@ -265,6 +267,7 @@ int lzo1x_decompress_safe(const uint8_t*
ip++;
NEED_IP(1);
}
+ TEST_IV(t);
t += 7 + *ip++;
}
#if defined(COPY_DICT)

@ -0,0 +1,59 @@
From 28dd64a0e1a9cffcde7799f2849b66c0e16bb9cc Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Fri, 10 Jan 2014 14:06:57 +0100
Subject: [PATCH] libarchive: open_zipped() does not need to check extensions
for e.g. gzip
We only need to check for signature-less extensions,
currently only .lzma. The rest can be happily autodetected.
This fixes "zcat FILE_WITHOUT_GZ_EXT" case, among others.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
(cherry picked from commit 7c47b560a8fc97956dd8132bd7f1863d83c19866)
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
---
archival/libarchive/open_transformer.c | 23 +++++++++++------------
1 file changed, 11 insertions(+), 12 deletions(-)
--- a/archival/libarchive/open_transformer.c
+++ b/archival/libarchive/open_transformer.c
@@ -182,27 +182,26 @@ int FAST_FUNC setup_unzip_on_fd(int fd,
int FAST_FUNC open_zipped(const char *fname)
{
- char *sfx;
int fd;
fd = open(fname, O_RDONLY);
if (fd < 0)
return fd;
- sfx = strrchr(fname, '.');
- if (sfx) {
- sfx++;
- if (ENABLE_FEATURE_SEAMLESS_LZMA && strcmp(sfx, "lzma") == 0)
- /* .lzma has no header/signature, just trust it */
+ if (ENABLE_FEATURE_SEAMLESS_LZMA) {
+ /* .lzma has no header/signature, can only detect it by extension */
+ char *sfx = strrchr(fname, '.');
+ if (sfx && strcmp(sfx+1, "lzma") == 0) {
open_transformer_with_sig(fd, unpack_lzma_stream, "unlzma");
- else
- if ((ENABLE_FEATURE_SEAMLESS_GZ && strcmp(sfx, "gz") == 0)
- || (ENABLE_FEATURE_SEAMLESS_BZ2 && strcmp(sfx, "bz2") == 0)
- || (ENABLE_FEATURE_SEAMLESS_XZ && strcmp(sfx, "xz") == 0)
- ) {
- setup_unzip_on_fd(fd, /*fail_if_not_detected:*/ 1);
+ return fd;
}
}
+ if ((ENABLE_FEATURE_SEAMLESS_GZ)
+ || (ENABLE_FEATURE_SEAMLESS_BZ2)
+ || (ENABLE_FEATURE_SEAMLESS_XZ)
+ ) {
+ setup_unzip_on_fd(fd, /*fail_if_not_detected:*/ 1);
+ }
return fd;
}
Loading…
Cancel
Save