Accepting request 732929 from home:pmonrealgonzalez:branches:Base:System
- Security fix: [bsc#1150114, CVE-2019-16167] * Memory corruption due to an Integer Overflow in remap_struct() in sa_common.c * Added sysstat-CVE-2019-16167.patch OBS-URL: https://build.opensuse.org/request/show/732929 OBS-URL: https://build.opensuse.org/package/show/Base:System/sysstat?expand=0&rev=98
This commit is contained in:
parent
71cafbb53e
commit
9496561316
40
sysstat-CVE-2019-16167.patch
Normal file
40
sysstat-CVE-2019-16167.patch
Normal file
@ -0,0 +1,40 @@
|
||||
Index: sysstat-12.0.6/sa_common.c
|
||||
===================================================================
|
||||
--- sysstat-12.0.6.orig/sa_common.c
|
||||
+++ sysstat-12.0.6/sa_common.c
|
||||
@@ -1298,6 +1298,10 @@ void remap_struct(unsigned int gtypes_nr
|
||||
/* Remap [unsigned] long fields */
|
||||
d = gtypes_nr[0] - ftypes_nr[0];
|
||||
if (d) {
|
||||
+ if (ftypes_nr[0] * ULL_ALIGNMENT_WIDTH < ftypes_nr[0])
|
||||
+ /* Overflow */
|
||||
+ return;
|
||||
+
|
||||
n = MINIMUM(f_size - ftypes_nr[0] * ULL_ALIGNMENT_WIDTH,
|
||||
g_size - gtypes_nr[0] * ULL_ALIGNMENT_WIDTH);
|
||||
if ((ftypes_nr[0] * ULL_ALIGNMENT_WIDTH >= b_size) ||
|
||||
@@ -1314,6 +1318,11 @@ void remap_struct(unsigned int gtypes_nr
|
||||
/* Remap [unsigned] int fields */
|
||||
d = gtypes_nr[1] - ftypes_nr[1];
|
||||
if (d) {
|
||||
+ if (gtypes_nr[0] * ULL_ALIGNMENT_WIDTH +
|
||||
+ ftypes_nr[1] * UL_ALIGNMENT_WIDTH < ftypes_nr[1])
|
||||
+ /* Overflow */
|
||||
+ return;
|
||||
+
|
||||
n = MINIMUM(f_size - ftypes_nr[0] * ULL_ALIGNMENT_WIDTH
|
||||
- ftypes_nr[1] * UL_ALIGNMENT_WIDTH,
|
||||
g_size - gtypes_nr[0] * ULL_ALIGNMENT_WIDTH
|
||||
@@ -1338,6 +1347,12 @@ void remap_struct(unsigned int gtypes_nr
|
||||
/* Remap possible fields (like strings of chars) following int fields */
|
||||
d = gtypes_nr[2] - ftypes_nr[2];
|
||||
if (d) {
|
||||
+ if (gtypes_nr[0] * ULL_ALIGNMENT_WIDTH +
|
||||
+ gtypes_nr[1] * UL_ALIGNMENT_WIDTH +
|
||||
+ ftypes_nr[2] * U_ALIGNMENT_WIDTH < ftypes_nr[2])
|
||||
+ /* Overflow */
|
||||
+ return;
|
||||
+
|
||||
n = MINIMUM(f_size - ftypes_nr[0] * ULL_ALIGNMENT_WIDTH
|
||||
- ftypes_nr[1] * UL_ALIGNMENT_WIDTH
|
||||
- ftypes_nr[2] * U_ALIGNMENT_WIDTH,
|
@ -1,3 +1,11 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Sep 10 11:10:11 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
||||
|
||||
- Security fix: [bsc#1150114, CVE-2019-16167]
|
||||
* Memory corruption due to an Integer Overflow in remap_struct()
|
||||
in sa_common.c
|
||||
* Added sysstat-CVE-2019-16167.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 27 15:53:53 UTC 2019 - Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
|
||||
|
||||
|
@ -33,6 +33,8 @@ Patch0: sysstat-8.1.6-sa1sa2lock.diff
|
||||
# PATCH-FIX-OPENSUSE should be upstreamed
|
||||
# use getpagesize() instead of kb_shift for hugetable archs
|
||||
Patch2: sysstat-8.0.4-pagesize.diff
|
||||
# PATCH-FIX-UPSTREAM bsc#1150114 CVE-2019-16167 sysstat-CVE-2019-16167.patch
|
||||
Patch3: sysstat-CVE-2019-16167.patch
|
||||
BuildRequires: findutils
|
||||
BuildRequires: gettext-runtime
|
||||
BuildRequires: pkgconfig
|
||||
@ -71,6 +73,7 @@ from a sysstat package.
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
cp %{SOURCE1} %{SOURCE2} %{SOURCE4} .
|
||||
# remove date and time from objects
|
||||
find ./ -name \*.c -exec sed -i -e 's: " compiled " __DATE__ " " __TIME__::g' {} \;
|
||||
|
Loading…
Reference in New Issue
Block a user