diff --git a/CVE-2019-15757.patch b/CVE-2019-15757.patch new file mode 100644 index 0000000..cf9d37d --- /dev/null +++ b/CVE-2019-15757.patch @@ -0,0 +1,24 @@ +Origin: https://gist.github.com/andreafioraldi/343d9ba64060b548c02362a5e61ec932 + +--- + images/image-nrg/parser.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +Index: libmirage-3.2.2/images/image-nrg/parser.c +=================================================================== +--- a/libmirage-3.2.2.orig/images/image-nrg/parser.c ++++ b/libmirage-3.2.2/images/image-nrg/parser.c +@@ -987,6 +987,13 @@ static MirageDisc *mirage_parser_nrg_loa + /* Set CD-ROM as default medium type, will be changed accordingly if there + is a MTYP block provided */ + mirage_disc_set_medium_type(self->priv->disc, MIRAGE_MEDIUM_CD); ++ /* Length integrity check */ ++ if (self->priv->nrg_data_length == 0) { ++ MIRAGE_DEBUG(self, MIRAGE_DEBUG_WARNING, "%s: rg_data_length must be greater than 0!\n", __debug__); ++ g_set_error(error, MIRAGE_ERROR, MIRAGE_ERROR_IMAGE_FILE_ERROR, Q_("nrg_data_length must be greater than 0!")); ++ succeeded = FALSE; ++ goto end; ++ } + + /* Read descriptor data */ + self->priv->nrg_data = g_malloc(self->priv->nrg_data_length); diff --git a/libmirage.changes b/libmirage.changes index 4bde7eb..7dca4b2 100644 --- a/libmirage.changes +++ b/libmirage.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Tue Sep 3 09:53:55 UTC 2019 - Jan Engelhardt + +- Add CVE-2019-15757.patch [boo#1148728] + ------------------------------------------------------------------- Mon Aug 26 08:28:33 UTC 2019 - Jan Engelhardt diff --git a/libmirage.spec b/libmirage.spec index 402d2b1..d873790 100644 --- a/libmirage.spec +++ b/libmirage.spec @@ -30,6 +30,7 @@ URL: http://cdemu.sf.net/about/libmirage/ Source: https://downloads.sf.net/cdemu/%name-%version.tar.bz2 Patch1: 0001-libMirage-CSO-filter-validate-part-size.patch Patch2: 0002-libMirage-CSO-filter-replaced-a-g_assert-with-error-.patch +Patch3: CVE-2019-15757.patch BuildRequires: cmake >= 2.8.5 BuildRequires: intltool >= 0.21 BuildRequires: pkg-config >= 0.16