summaryrefslogtreecommitdiff
path: root/app-arch/bzip2
diff options
context:
space:
mode:
Diffstat (limited to 'app-arch/bzip2')
-rw-r--r--app-arch/bzip2/Manifest3
-rw-r--r--app-arch/bzip2/bzip2-1.0.6-r11.ebuild (renamed from app-arch/bzip2/bzip2-1.0.6-r10.ebuild)1
-rw-r--r--app-arch/bzip2/files/bzip2-1.0.6-nselectors-upper-bound-check.patch30
3 files changed, 33 insertions, 1 deletions
diff --git a/app-arch/bzip2/Manifest b/app-arch/bzip2/Manifest
index 557c57f9a695..cc2a8b1ad11c 100644
--- a/app-arch/bzip2/Manifest
+++ b/app-arch/bzip2/Manifest
@@ -4,10 +4,11 @@ AUX bzip2-1.0.4-makefile-CFLAGS.patch 577 BLAKE2B adc265fbd71745e1f688c85386e483
AUX bzip2-1.0.4-man-links.patch 402 BLAKE2B 9a3cabc0e3964f75408445d7a2d94422ffa38e22d0869e4f97b252ef2947173ab9a504f0c1cd82fc7479494038f899f4a2429e39729d6f3d80e570ca8ef97797 SHA512 91abd3af9ffb339cbf85e28cc65b9193d8799d81281320d4709e234f3f40483b390fd9517ad3a8aab8d240f011786df8f17e9240104a43d1292bca983c1c22cc
AUX bzip2-1.0.6-CVE-2016-3189.patch 594 BLAKE2B b4a9f6e0267637d1f815e1b8cdbddfdd5e54fcc05cbd2f31c7e64494626b7531f2bb2b5ae8b288ce0ca116abc131235dbf31f32411b58b91e156a136adbc7ad1 SHA512 0b1d5814b93397c588c9b22a7bba57e2a7360ec30a781ca3c9236781089fb8e9f0393a9fd93c880517d084f54712b631302cffa4af81a91dff791717645ec81b
AUX bzip2-1.0.6-mingw.patch 556 BLAKE2B 1885f5fe9a895e365606fd48d616553a23aa40d381ee87de8f725ed39b936e778ab517d00807a3a84120802d23fc5b54df48b3d33bebb18c7f9ba1c9afa961cc SHA512 e28442acc456c996eb6bc1866cd3814a9aea9c8a4ac2767a59bd03273ee95e34efdb4d00a17c64242a3395056b38c7083ec6f4c986e91d02f5348af1af2a35c8
+AUX bzip2-1.0.6-nselectors-upper-bound-check.patch 1061 BLAKE2B 884403bac278b7a6ed486372a948ba5b96b9faab3cd43548e0c1ec58f15c713d0acf09b4180dc33f4135511f259f5c23794d061bf9790195034b0e0260870709 SHA512 f7a17bfe8e6a420b3ad0e2a37e34201318d4a869ad0e626a7247a005823efb4460a7aec5d3f465ebdd02a02ad9076fab3ddbcb6262044f03c60e6cb104eeb32d
AUX bzip2-1.0.6-out-of-tree-build.patch 2121 BLAKE2B ff2d18e161e2ed437b3452639b352984e1037bbfa86857d90836994f306ddc375353c36a0afad15c58ad84021f1180bcdd10002c0ce546acc9426a68d263570b SHA512 f4a85c8b9ba0fe0ffadcb058550bb948e84c51f4c213957ffeb1072258efb1caa957c496ce0a0fb4d4b5f7dfdf062995a819487b9475389cfb25583fa061143e
AUX bzip2-1.0.6-progress.patch 5716 BLAKE2B 8f89dcc1f9d95440cba7df54ee80e861e02e8f88d1ad906ef4bcecf4796ec125434b0e4d56f83715f30114d808aad9811b72cc890e85ace1901350d96f9d3f91 SHA512 e72ada256b08b539e4489d714d4d8612c643549cd25b1ec4e455b2c769c0955fe0e1f54504b259db213f3c72aa78c08d1f0513ce1ae113182691b504bd9c09b7
AUX bzip2-1.0.6-saneso.patch 443 BLAKE2B b496406e6f3c520886fff99c9206d6d1a01dc0e55a8491bec0318741dc53ad6da321553e73c8929c5fb4938e7275671c04d4b5c86730b580a042a18bb81b7116 SHA512 b9798368d12ab3547ccd3bb614e3a81f1b232990c0f9e3e4472532a8070a3c212274d5b9d093cd046cfee7c8d25da9cfd368c7ca4bd86fbb67f34510107159ab
AUX bzip2-1.0.6-ubsan-error.patch 921 BLAKE2B a2d746725ed9e40f24ac7c83cdbea06884e0013121bad5a2c748975817293c8f300735d46c85e646e008a54d49d002331a86a31726bc7231451514e628ad4637 SHA512 871ad39056b5b5dba35d90f30e1753569241f1054a2564f115d65186232fd84c427c92199e88ba012b4a646d9f18469b3681ef2992ec028b1004f6b7e13a110d
DIST bzip2-1.0.6.tar.gz 782025 BLAKE2B b31533af7c71d715e6600874bb0a11b9b3aebbb08af0414a6d88bd5a2ad879a482ad408338159cb6c241815da8f48798d2ea7789ea971431d0be42ee827b0a7e SHA512 00ace5438cfa0c577e5f578d8a808613187eff5217c35164ffe044fbafdfec9e98f4192c02a7d67e01e5a5ccced630583ad1003c37697219b0f147343a3fdd12
-EBUILD bzip2-1.0.6-r10.ebuild 3092 BLAKE2B eb789aadd7a6b0273e43d6fb81992dda2356065fc8133a4c694576168dcc23398f984e594384d505670c77cd6092ef35bf42d2944dde0048abe2ac82f45ed7c0 SHA512 f37a912a252e609e2b2d35ab6104eb9ff2efcd9a6155b9580af55010f27a20357afc0fa13029603fa68426f72f9748e1726ae68da8b1b2951d1e04c2b330666b
+EBUILD bzip2-1.0.6-r11.ebuild 3154 BLAKE2B 376f69d5aa805dc48313e30ec48cc6baf19349f8ed33a720e809e6565620e00081a22a1b5d3aaabe25f89f2a4e493e236994313033886a96b90e6a42377126e3 SHA512 292a50b3ea4a72131a33a50a71c9784845bf4760da8591cf564ee5b50a27219af2b7d61eedf9a338da54950293f07a4ce56e785bde5542c4498605369f8d7591
MISC metadata.xml 332 BLAKE2B b949c1c7d17334fcb499bbbd042cb217092743b6ae29fc64e634f7957767bf8c6a46f865b1681ce165d60143307795ebc417887fa8ba7a69afee95062411ea07 SHA512 1a7f730b73728875e428e7b123cd8e7773e8ea88a02d6891727775b50196854c608ae541846063a258874a83aab38800dc697b37196fe1c75162abe21b8f92d0
diff --git a/app-arch/bzip2/bzip2-1.0.6-r10.ebuild b/app-arch/bzip2/bzip2-1.0.6-r11.ebuild
index 5fb91d277fa8..646f6a08d890 100644
--- a/app-arch/bzip2/bzip2-1.0.6-r10.ebuild
+++ b/app-arch/bzip2/bzip2-1.0.6-r11.ebuild
@@ -28,6 +28,7 @@ PATCHES=(
"${FILESDIR}"/${PN}-1.0.6-out-of-tree-build.patch
"${FILESDIR}"/${PN}-1.0.6-CVE-2016-3189.patch #620466
"${FILESDIR}"/${PN}-1.0.6-ubsan-error.patch
+ "${FILESDIR}"/${PN}-1.0.6-nselectors-upper-bound-check.patch
)
DOCS=( CHANGES README{,.COMPILATION.PROBLEMS,.XML.STUFF} manual.pdf )
diff --git a/app-arch/bzip2/files/bzip2-1.0.6-nselectors-upper-bound-check.patch b/app-arch/bzip2/files/bzip2-1.0.6-nselectors-upper-bound-check.patch
new file mode 100644
index 000000000000..a7731f7de8f7
--- /dev/null
+++ b/app-arch/bzip2/files/bzip2-1.0.6-nselectors-upper-bound-check.patch
@@ -0,0 +1,30 @@
+From 13ca8fee0c897121ae79ae644a212418398dfea7 Mon Sep 17 00:00:00 2001
+From: Amin Hassani <ahassani@chromium.org>
+Date: Fri, 8 Mar 2019 09:58:20 -0800
+Subject: [PATCH] Check for upper bounds of nselectors.
+
+Currently there is no check for the upper bounds of the
+nselectors. Hence, a corrupt input can cause a segfault.
+
+This issue was discovered by one of our fuzzers. The actual error was:
+
+../bzip2-1.0.6/decompress.c:299:10: runtime error: index 18002 out of bounds for type 'UChar [18002]'
+---
+ decompress.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/decompress.c b/decompress.c
+index 311f566..391552d 100644
+--- a/decompress.c
++++ b/decompress.c
+@@ -288,6 +288,7 @@ Int32 BZ2_decompress ( DState* s )
+ if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR);
+ GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
+ if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
++ if (nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
+ for (i = 0; i < nSelectors; i++) {
+ j = 0;
+ while (True) {
+--
+2.21.0.360.g471c308f928-goog
+