* gnu/packages/patches/cpio-CVE-2014-9112-pt1.patch, gnu/packages/patches/cpio-CVE-2014-9112-pt2.patch, gnu/packages/patches/cpio-CVE-2014-9112-pt3.patch, gnu/packages/patches/cpio-CVE-2014-9112-pt4.patch, gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/cpio.scm (cpio): Add patches. Add 'autoconf' to native-inputs.
		
			
				
	
	
		
			88 lines
		
	
	
	
		
			3.3 KiB
		
	
	
	
		
			Diff
		
	
	
	
	
	
			
		
		
	
	
			88 lines
		
	
	
	
		
			3.3 KiB
		
	
	
	
		
			Diff
		
	
	
	
	
	
| Partially fix CVE-2014-9112, part 5/5.  Backported to 2.11.
 | |
| 
 | |
| From f6a8a2cbd2d5ca40ea94900b55b845dd5ca87328 Mon Sep 17 00:00:00 2001
 | |
| From: Sergey Poznyakoff <gray@gnu.org.ua>
 | |
| Date: Thu, 11 Dec 2014 13:21:40 +0000
 | |
| Subject: Fix symlink-bad-length test for 64-bit architectures.
 | |
| 
 | |
| * src/util.c: Return non-zero exit code if EOF is hit prematurely.
 | |
| * tests/symlink-bad-length.at: Revert to original archive: there's
 | |
| no use testing for recovery, because that depends on the host
 | |
| architecture.  Don't test for exit code as well (same reason).
 | |
| Account for eventual warning messages.
 | |
| ---
 | |
| diff --git a/src/util.c b/src/util.c
 | |
| index 6c483f8..39c9813 100644
 | |
| --- a/src/util.c
 | |
| +++ b/src/util.c
 | |
| @@ -206,10 +206,7 @@ tape_fill_input_buffer (int in_des, int
 | |
|    if (input_size < 0)
 | |
|      error (1, errno, _("read error"));
 | |
|    if (input_size == 0)
 | |
| -    {
 | |
| -      error (0, 0, _("premature end of file"));
 | |
| -      exit (1);
 | |
| -    }
 | |
| +    error (PAXEXIT_FAILURE, 0, _("premature end of file"));
 | |
|    input_bytes += input_size;
 | |
|  }
 | |
|  
 | |
| diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
 | |
| index 4dbeaa3..e1a7093 100644
 | |
| --- a/tests/symlink-bad-length.at
 | |
| +++ b/tests/symlink-bad-length.at
 | |
| @@ -24,9 +24,9 @@ AT_SETUP([symlink-bad-length])
 | |
|  AT_KEYWORDS([symlink-long copyout])
 | |
|  
 | |
|  AT_DATA([ARCHIVE.base64],
 | |
| -[x3ECCJ1jtIHoA2QAAQAAAIlUwl0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxAgidHv+h6ANk
 | |
| -AAEAAACJVHFtBQD/////TElOSwAARklMRcdxAgieHqSB6ANkAAEAAACJVDJuBgAAABIARklMRTIA
 | |
| -c29tZSBtb3JlIGNvbnRlbnQKx3EAAAAAAAAAAAAAAQAAAAAAAAALAAAAAABUUkFJTEVSISEhAAAA
 | |
| +[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
 | |
| +JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
 | |
| +UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 | |
|  AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 | |
|  AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 | |
|  AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 | |
| @@ -35,25 +35,30 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 | |
|  AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
 | |
|  ])
 | |
|  
 | |
| +# The exact error message and exit status depend on the host architecture,
 | |
| +# therefore strderr is filtered out and error code is not checked.
 | |
| +
 | |
| +# So far the only case when cpio would exit with code 0 is when it skips
 | |
| +# several bytes and encounters a valid record header.  Perhaps it should
 | |
| +# exit with code 2 (non-critical error), if at least one byte was skipped,
 | |
| +# but that could hurt backward compatibility.
 | |
| +
 | |
|  AT_CHECK([
 | |
|  base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
 | |
| -TZ=UTC cpio -ntv < ARCHIVE 2>stderr
 | |
| -rc=$?
 | |
| +TZ=UTC cpio -ntv < ARCHIVE 2>stderr 
 | |
|  cat stderr | grep -v \
 | |
|      -e 'stored filename length is out of range' \
 | |
|      -e 'premature end of file' \
 | |
|      -e 'archive header has reverse byte-order' \
 | |
|      -e 'memory exhausted' \
 | |
| +    -e 'skipped [[0-9][0-9]*] bytes of junk' \
 | |
| +    -e '[[0-9][0-9]*] block' \
 | |
|      >&2
 | |
|  echo >&2 STDERR
 | |
| -test "$rc" -ne 0
 | |
|  ],
 | |
| -[1],
 | |
| -[-rw-rw-r--   1 1000     100            13 Dec 11 09:02 FILE
 | |
| --rw-r--r--   1 1000     100            18 Dec 11 10:13 FILE2
 | |
| -],[cpio: warning: skipped 4 bytes of junk
 | |
| -1 block
 | |
| -STDERR
 | |
| +[0],
 | |
| +[-rw-rw-r--   1 10029    10031          13 Nov 25 11:52 FILE
 | |
| +],[STDERR
 | |
|  ])
 | |
|  
 | |
|  AT_CLEANUP
 | |
| --
 | |
| cgit v0.9.0.2
 |