gentoo resync : 31.05.2021

1 files changed, 34 insertions, 0 deletions

diff --git a/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch
new file mode 100644
index 000000000000..7e6de04948bd
--- /dev/null
+++ b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch
@@ -0,0 +1,34 @@
+From 87b73e5cfdc12da94c251b2cd83bb01c7d9f616c Mon Sep 17 00:00:00 2001
+From: John Reiser <jreiser@BitWagon.com>
+Date: Wed, 22 Jul 2020 19:34:27 -0700
+Subject: [PATCH] Unpack: Phdrs must be within expansion of first compressed
+ block
+
+https://github.com/upx/upx/issues/388
+	modified:   p_lx_elf.cpp
+---
+ src/p_lx_elf.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp
+index cd9e4ec97..453d5c457 100644
+--- a/src/p_lx_elf.cpp
++++ b/src/p_lx_elf.cpp
+@@ -4550,7 +4550,7 @@ void PackLinuxElf64::unpack(OutputFile *fo)
+     unsigned c_adler = upx_adler32(NULL, 0);
+     unsigned u_adler = upx_adler32(NULL, 0);
+ #define MAX_ELF_HDR 1024
+-    if ((MAX_ELF_HDR - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) {
++    if ((umin64(MAX_ELF_HDR, ph.u_len) - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) {
+         throwCantUnpack("bad compressed e_phnum");
+     }
+ #undef MAX_ELF_HDR
+@@ -5617,7 +5617,7 @@ void PackLinuxElf32::unpack(OutputFile *fo)
+     unsigned c_adler = upx_adler32(NULL, 0);
+     unsigned u_adler = upx_adler32(NULL, 0);
+ #define MAX_ELF_HDR 512
+-    if ((MAX_ELF_HDR - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) {
++    if ((umin(MAX_ELF_HDR, ph.u_len) - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) {
+         throwCantUnpack("bad compressed e_phnum");
+     }
+ #undef MAX_ELF_HDR