OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tar?expand=0&rev=7

tar-1.17-paxlib-owl-alloca.patch

@@ -1,16 +1,20 @@
+Patch from Sergey Poznyakoff <gray@mirddin.farlep.net> for cpio
+based on patch:
 2007-08-15  Dmitry V. Levin <ldv@owl.openwall.com>
 
-	Do not use alloca to avoid stack overflow with untrusted input.
+        Do not use alloca to avoid stack overflow with untrusted input.
 
-	* lib/paxnames.c (hash_string_insert_direct): New function.
+        * lib/paxnames.c (hash_string_insert_direct): New function.
-	(hash_string_insert): Use it.
+        (hash_string_insert): Use it.
-	(hash_string_insert_data): New function.
+        (hash_string_insert_data): New function.
-	(safer_name_suffix): Use it instead of hash_string_insert()
+        (safer_name_suffix): Use it instead of hash_string_insert()
-	and alloca().
+        and alloca().
 
---- lib/paxnames.c
+Index: lib/paxnames.c
+===================================================================
+--- lib/paxnames.c.orig
 +++ lib/paxnames.c
-@@ -36,22 +36,50 @@
+@@ -36,15 +36,27 @@ hash_string_compare (void const *name1, 
    return strcmp (name1, name2) == 0;
  }
  
@@ -18,57 +22,70 @@
 -   copy of STRING to TABLE and return 1.  */
 -bool
 -hash_string_insert (Hash_table **table, char const *string)
-+/* Return zero if TABLE contains given STRING; otherwise, insert
++/* Return zero if TABLE contains a LEN-character long prefix of STRING,
-+   given STRING to TABLE and return 1.  */
++   otherwise, insert a newly allocated copy of this prefix to TABLE and
++   return 1.  If RETURN_PREFIX is not NULL, point it to the allocated
++   copy. */
 +static bool
-+hash_string_insert_direct (Hash_table **table, char const *string)
++hash_string_insert_prefix (Hash_table **table, char const *string, size_t len,
++                          const char **return_prefix)
  {
    Hash_table *t = *table;
 -  char *s = xstrdup (string);
++  char *s;
    char *e;
  
++  if (len)
++    {
++      s = xmalloc (len + 1);
++      memcpy (s, string, len);
++      s[len] = 0;
++    }
++  else
++    s = xstrdup (string);
++
    if (! ((t
  	  || (*table = t = hash_initialize (0, 0, hash_string_hasher,
  					    hash_string_compare, 0)))
--	 && (e = hash_insert (t, s))))
+@@ -52,7 +64,11 @@ hash_string_insert (Hash_table **table, 
-+	 && (e = hash_insert (t, string))))
      xalloc_die ();
  
--  if (e == s)
+   if (e == s)
-+  return (e == string);
+-    return 1;
-+}
++    {
-+
++      if (return_prefix)
++       *return_prefix = s;
++      return 1;
++    }
+   else
+     {
+       free (s);
+@@ -60,6 +76,14 @@ hash_string_insert (Hash_table **table, 
+     }
+ }
+ 
 +/* Return zero if TABLE contains a copy of STRING; otherwise, insert a
 +   copy of STRING to TABLE and return 1.  */
 +bool
 +hash_string_insert (Hash_table **table, char const *string)
 +{
-+  char *s = xstrdup (string);
++  return hash_string_insert_prefix (table, string, 0, NULL);
-+
-+  if (hash_string_insert_direct (table, s))
-+    return 1;
-+  else
-+    {
-+      free (s);
-+      return 0;
-+    }
 +}
 +
-+/* Return zero if TABLE contains a string which is a NULL-terminated
+ /* Return 1 if TABLE contains STRING.  */
-+   copy of DATA of given LENGTH; otherwise, insert a string which is a
+ bool
-+   NULL-terminated copy of DATA of given LENGTH to TABLE and return 1.  */
+ hash_string_lookup (Hash_table const *table, char const *string)
-+static bool
+@@ -88,7 +112,8 @@ removed_prefixes_p (void)
-+hash_string_insert_data (Hash_table **table, char const *data, size_t length)
+    If ABSOLUTE_NAMES is 0, strip filesystem prefix from the file name. */
-+{
+ 
-+  char *s = xmalloc (length + 1);
+ char *
-+  memcpy (s, data, length);
+-safer_name_suffix (char const *file_name, bool link_target, bool absolute_names)
-+  s[length] = '\0';
++safer_name_suffix (char const *file_name, bool link_target,
-+
++                  bool absolute_names)
-+  if (hash_string_insert_direct (table, s))
+ {
-     return 1;
+   char const *p;
-   else
+ 
-     {
+@@ -121,11 +146,9 @@ safer_name_suffix (char const *file_name
-@@ -121,18 +149,16 @@ safer_name_suffix (char const *file_name, bool link_target, bool absolute_names)
  
        if (prefix_len)
  	{
@@ -77,19 +94,9 @@
 -	  prefix[prefix_len] = '\0';
 -
 -	  if (hash_string_insert (&prefix_table[link_target], prefix))
-+	  if (hash_string_insert_data (&prefix_table[link_target],
++         const char *prefix;
-+				       file_name, prefix_len))
++         if (hash_string_insert_prefix (&prefix_table[link_target], file_name,
++                                        prefix_len, &prefix))
  	    {
  	      static char const *const diagnostic[] =
  	      {
--		N_("Removing leading `%s' from member names"),
--		N_("Removing leading `%s' from hard link targets")
-+		N_("Removing leading `%.*s' from member names"),
-+		N_("Removing leading `%.*s' from hard link targets")
- 	      };
--	      WARN ((0, 0, _(diagnostic[link_target]), prefix));
-+	      WARN ((0, 0, _(diagnostic[link_target]),
-+			   (unsigned)prefix_len, file_name));
- 	    }
- 	}
-     }

tar.changes

@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon Aug 20 17:56:38 CEST 2007 - mkoenig@suse.de
+
+- use correct patch for paxlib stack overflow [#301416] 
+
 -------------------------------------------------------------------
 Fri Aug 17 14:14:39 CEST 2007 - lmichnovic@suse.cz
 

tar.spec

@@ -19,7 +19,7 @@ Provides:       base:/bin/tar
 PreReq:         %install_info_prereq
 Autoreqprov:    on
 Version:        1.17
-Release:        11
+Release:        13
 Summary:        GNU implementation of tar ((t)ape (ar)chiver)
 Source0:        %name-%version.tar.bz2
 Patch0:         tar-disable_languages.patch
@@ -108,6 +108,8 @@ rm -r %buildroot/usr/libexec
 rm -rf $RPM_BUILD_ROOT
 
 %changelog
+* Mon Aug 20 2007 - mkoenig@suse.de
+- use correct patch for paxlib stack overflow [#301416]
 * Fri Aug 17 2007 - lmichnovic@suse.cz
 - upstream fix: use of alloca can cause stack overflow
   (paxlib-owl-alloca.patch)