diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2021-05-31 20:59:14 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2021-05-31 20:59:14 +0100 |
commit | e748ba9741f6540f4675c23e3e37b73e822c13a4 (patch) | |
tree | 23dece8beabb3a3d7c6c0273b0eb40b21c62a889 /app-arch/upx/files | |
parent | 908778078736bd36f7a60a2d576d415cb8e000fa (diff) |
gentoo resync : 31.05.2021
Diffstat (limited to 'app-arch/upx/files')
-rw-r--r-- | app-arch/upx/files/upx-3.96_CVE-2020-24119.patch | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch new file mode 100644 index 000000000000..7e6de04948bd --- /dev/null +++ b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch @@ -0,0 +1,34 @@ +From 87b73e5cfdc12da94c251b2cd83bb01c7d9f616c Mon Sep 17 00:00:00 2001 +From: John Reiser <jreiser@BitWagon.com> +Date: Wed, 22 Jul 2020 19:34:27 -0700 +Subject: [PATCH] Unpack: Phdrs must be within expansion of first compressed + block + +https://github.com/upx/upx/issues/388 + modified: p_lx_elf.cpp +--- + src/p_lx_elf.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp +index cd9e4ec97..453d5c457 100644 +--- a/src/p_lx_elf.cpp ++++ b/src/p_lx_elf.cpp +@@ -4550,7 +4550,7 @@ void PackLinuxElf64::unpack(OutputFile *fo) + unsigned c_adler = upx_adler32(NULL, 0); + unsigned u_adler = upx_adler32(NULL, 0); + #define MAX_ELF_HDR 1024 +- if ((MAX_ELF_HDR - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) { ++ if ((umin64(MAX_ELF_HDR, ph.u_len) - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) { + throwCantUnpack("bad compressed e_phnum"); + } + #undef MAX_ELF_HDR +@@ -5617,7 +5617,7 @@ void PackLinuxElf32::unpack(OutputFile *fo) + unsigned c_adler = upx_adler32(NULL, 0); + unsigned u_adler = upx_adler32(NULL, 0); + #define MAX_ELF_HDR 512 +- if ((MAX_ELF_HDR - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) { ++ if ((umin(MAX_ELF_HDR, ph.u_len) - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) { + throwCantUnpack("bad compressed e_phnum"); + } + #undef MAX_ELF_HDR |