bzip2-CVE-2010-0405.patch (bnc#636978)

OBS-URL: https://build.opensuse.org/package/show/Archiving/bzip2?expand=0&rev=11
2010-09-21 14:03:08 +00:00 · 2010-09-21 14:03:08 +00:00 · 2bb416d80b
commit 2bb416d80b
parent 32f3339c0c
3 changed files with 36 additions and 5 deletions
--- a/bzip2-CVE-2010-0405.patch
+++ b/bzip2-CVE-2010-0405.patch
@ -0,0 +1,18 @@
+Index: bzip2-1.0.5/decompress.c
+===================================================================
+--- bzip2-1.0.5.orig/decompress.c
+++ bzip2-1.0.5/decompress.c
+@@ -394,6 +394,13 @@ Int32 BZ2_decompress ( DState* s )
+             es = -1;
+             N = 1;
+             do {
+               /* Check that N doesn't get too big, so that es doesn't
+                  go negative.  The maximum value that can be
+                  RUNA/RUNB encoded is equal to the block size (post
+                  the initial RLE), viz, 900k, so bounding N at 2
+                  million should guard against overflow without
+                  rejecting any legitimate inputs. */
+               if (N >= 2*1024*1024) RETURN(BZ_DATA_ERROR);
+                if (nextSym == BZ_RUNA) es = es + (0+1) * N; else
+                if (nextSym == BZ_RUNB) es = es + (1+1) * N;
+                N = N * 2;
--- a/bzip2.changes
+++ b/bzip2.changes
@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Tue Sep 21 13:54:31 UTC 2010 - puzel@novell.com
+
+- add bzip2-CVE-2010-0405.patch (bnc#636978) 
+- fix copy-paste error in profile_bzip2()
+
+-------------------------------------------------------------------
+Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de
+
+- use %_smp_mflags
+
 -------------------------------------------------------------------
 Wed Dec 16 10:53:20 CET 2009 - jengelh@medozas.de

--- a/bzip2.spec
+++ b/bzip2.spec
@ -1,7 +1,7 @@
 #
 # spec file for package bzip2 (Version 1.0.5)
 #
-# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -20,7 +20,7 @@

 Name:           bzip2
 Version:        1.0.5
-Release:        38
+Release:        39
 Provides:       bzip
 Obsoletes:      bzip
 BuildRequires:  pkg-config
@ -45,6 +45,7 @@ Patch:          http://pack.suse.cz/sbrabec/bzip2/for_downstream/bzip2-1.0.5-aut
 Patch2:         bzip2-maxlen20.patch
 Patch3:         bzip2-faster.patch
 Patch5:         bzip2-unsafe_strcpy.patch
+Patch6:         bzip2-CVE-2010-0405.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build

 %description
@ -108,12 +109,13 @@ Authors:
 %patch2
 %patch3
 %patch5
+%patch6 -p1

 %build
 profile_bzip2()
 {
    tmpfile=$(mktemp)
-    trap "rm -f $tmpfile $tmpfile.gz" EXIT
+    trap "rm -f $tmpfile $tmpfile.bz2" EXIT
    tar -cjf $tmpfile.bz2 /usr/src || true
   # time ./bzip2 $tmpfile
    time ./bzip2 -d < $tmpfile.bz2 > /dev/null
@ -126,7 +128,7 @@ export CFLAGS="$RPM_OPT_FLAGS %{cflags_profile_generate}"
 	--libdir=/%{_lib}\
 	--disable-static
 %if %{do_profiling}
-make %{?jobs:-j %jobs}
+make %{?_smp_mflags}
 profile_bzip2
 mkdir .libs.save
 mv .libs/*.gcda .libs.save/
@ -137,7 +139,7 @@ export CFLAGS="$RPM_OPT_FLAGS %{cflags_profile_feedback}"
 	--libdir=/%{_lib}\
 	--disable-static
 %endif
-make %{?jobs:-j %jobs}
+make %{?_smp_mflags}

 %install
 %makeinstall pkgconfigdir=%{_libdir}/pkgconfig