forked from pool/pkgconf
Accepting request 1062028 from home:qzhao:branches:devel:tools
Add pkgconf-CVE-2023-24056.patch: Backport commit 628b2b2baf from upstream, test for, and stop string processing, on truncation (bsc#1207394 CVE-2023-24056). OBS-URL: https://build.opensuse.org/request/show/1062028 OBS-URL: https://build.opensuse.org/package/show/devel:tools/pkgconf?expand=0&rev=26
This commit is contained in:
parent
517f858857
commit
10f0d517c1
53
pkgconf-CVE-2023-24056.patch
Normal file
53
pkgconf-CVE-2023-24056.patch
Normal file
@ -0,0 +1,53 @@
|
||||
diff -Nura pkgconf-1.8.0/libpkgconf/tuple.c pkgconf-1.8.0_new/libpkgconf/tuple.c
|
||||
--- pkgconf-1.8.0/libpkgconf/tuple.c 2021-03-18 20:15:16.000000000 +0800
|
||||
+++ pkgconf-1.8.0_new/libpkgconf/tuple.c 2023-01-30 16:07:40.750297141 +0800
|
||||
@@ -293,12 +293,23 @@
|
||||
}
|
||||
}
|
||||
|
||||
+ PKGCONF_TRACE(client, "lookup tuple %s", varname);
|
||||
+
|
||||
+ size_t remain = PKGCONF_BUFSIZE - (bptr - buf);
|
||||
ptr += (pptr - ptr);
|
||||
kv = pkgconf_tuple_find_global(client, varname);
|
||||
if (kv != NULL)
|
||||
{
|
||||
- strncpy(bptr, kv, PKGCONF_BUFSIZE - (bptr - buf));
|
||||
- bptr += strlen(kv);
|
||||
+ size_t nlen = pkgconf_strlcpy(bptr, kv, remain);
|
||||
+ if (nlen > remain)
|
||||
+ {
|
||||
+ pkgconf_warn(client, "warning: truncating very long variable to 64KB\n");
|
||||
+
|
||||
+ bptr = buf + (PKGCONF_BUFSIZE - 1);
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ bptr += nlen;
|
||||
}
|
||||
else
|
||||
{
|
||||
@@ -306,12 +317,20 @@
|
||||
|
||||
if (kv != NULL)
|
||||
{
|
||||
+ size_t nlen;
|
||||
+
|
||||
parsekv = pkgconf_tuple_parse(client, vars, kv);
|
||||
+ nlen = pkgconf_strlcpy(bptr, parsekv, remain);
|
||||
+ free(parsekv);
|
||||
|
||||
- strncpy(bptr, parsekv, PKGCONF_BUFSIZE - (bptr - buf));
|
||||
- bptr += strlen(parsekv);
|
||||
+ if (nlen > remain)
|
||||
+ {
|
||||
+ pkgconf_warn(client, "warning: truncating very long variable to 64KB\n");
|
||||
+ bptr = buf + (PKGCONF_BUFSIZE - 1);
|
||||
+ break;
|
||||
+ }
|
||||
|
||||
- free(parsekv);
|
||||
+ bptr += nlen;
|
||||
}
|
||||
}
|
||||
}
|
@ -1,3 +1,10 @@
|
||||
-------------------------------------------------------------------
|
||||
Sun Jan 29 09:26:47 UTC 2023 - Cliff Zhao <qzhao@suse.com>
|
||||
|
||||
- Add pkgconf-CVE-2023-24056.patch: Backport commit 628b2b2baf from
|
||||
upstream, test for, and stop string processing, on truncation
|
||||
(bsc#1207394 CVE-2023-24056).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 23 09:18:29 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package pkgconf
|
||||
#
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
# Copyright (c) 2020 Neal Gompa <ngompa13@gmail.com>.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
@ -54,6 +54,8 @@ URL: http://pkgconf.org/
|
||||
Source0: https://distfiles.dereferenced.org/%{name}/%{name}-%{version}.tar.xz
|
||||
# Simple wrapper script to offer platform versions of pkgconfig from Fedora
|
||||
Source1: platform-pkg-config.in
|
||||
# PATCH-FIX-UPSTREAM pkgconf-CVE-2023-24056.patch bsc#1207394 CVE-2023-24056 qzhao@suse.com -- Backport commit 628b2b2baf from upstream, test for, and stop string processing, on truncation.
|
||||
Patch0: pkgconf-CVE-2023-24056.patch
|
||||
# For regenerating autotools scripts
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: automake
|
||||
|
Loading…
Reference in New Issue
Block a user