5 files changed, 71 insertions, 12 deletions

diff --git a/sys-fs/fuseiso/Manifest b/sys-fs/fuseiso/Manifest
index 5456aed72557..576f33370664 100644
--- a/sys-fs/fuseiso/Manifest
+++ b/sys-fs/fuseiso/Manifest
@@ -1,5 +1,7 @@
+AUX fuseiso-20070708-CVE-2015-8837.patch 1480 BLAKE2B 53eb28eb86b963963631955f5b402fdf48b34111278634953a41228ef0b56cc2668deb86b18e9f837261ce3fa7a2b539425070304be8e318e2aa220e9cc8f211 SHA512 3bf7e2b199d0521de8eabda9db9dc6ac64ed6356ab675c0d7ca1264a37f57b19a86a79ed2dd471d90b80d033207ce870b56020e0f0408854edb60c6af18595ff
 AUX fuseiso-20070708-fix-typo.patch 683 BLAKE2B a6467bc243f7dcf37e843ccbdc044b05b94458fd3324a359793267008f144cc2514e379b713c4d0571afafe621f1455c321b94083d760e49cdbeb0eed79e8091 SHA512 ccfbcdba2c81d834d658f399f378feb6fec9d920c0fcc5cce3cd744f26cb94708a739c34e9e7cc374d31920a84bc6fbcc5b3ff841ee0d352de96a90cdc7c266e
+AUX fuseiso-20070708-integer-overflow.patch 721 BLAKE2B 1ae8dcde6d4618a6da264ffe072d0e8273fe0de2eb4afc03a6decad683caa728f70a208ff646e3bb84cb81b16b838bdafb1325d8b5c3a2804c6ba974e787281c SHA512 61a2ce687eb6a88f1e07398df08eb360167826f70d97570a89a67a3c263e37661ed9664173b2df36db0b6a25533cddcd53efa706f89be7bbb73fe2a821d4580e
 AUX fuseiso-20070708-largeiso.patch 2583 BLAKE2B 90374aca589c81aa760301c1fbd98bc1199c8d69d20d26f42d343ca80e17f3656b5c1b5dd5c7088d4e2f242e536db6726f6d3a44f712f78fa7472c114af63f56 SHA512 f3268473d771de520f80d6ccdc6147fdc0c250f4b28070b7cb7b75734b893431ee3e20c46acb54f51f177c2e60f554c5ae8c2e3a514aa97a4208f514512be9cf
 DIST fuseiso-20070708.tar.bz2 239960 BLAKE2B b794d7381d707c42ad8082c999ba2702d76b4b37971e9cad37ccf80657a68e0d4aa5a6b8628c324e81b7fe0c031d91398c82c3d5f40ee0ed12711ef5d7cad1f6 SHA512 d9d8153101494434fe4ec9c684cec46a1eee46fd3ce06e97fa27f4746990f866e1f23f256b2659e60296d2362cea05d259a0a2ef669ecddf7a0a7e44110c4ae0
-EBUILD fuseiso-20070708-r2.ebuild 596 BLAKE2B 46b709c6aac399c06335e04d2833c6470282e1bc4620b1f2ccfc7c8e5052ac48c3fd8f43f67355fdd4372cbaaf061b47e428ae7b7a7156ec4e5914b54d790e1e SHA512 877c0dcd58a31a9e8f482ac610fc31696352335d8520c811e5eda7ecc3a13c18f07953c71c361e6b1603562f606009ef779b3529dfca0741ab6aae8190e892d9
-MISC metadata.xml 420 BLAKE2B ab7884f79bd4e597cb7cd131ffa708353fbebc814578bcfedeb1d16bfd9b28163e1b66455b325ee7c2e811febca207568a376166d6d91b46e7aabf43ae3344ef SHA512 03659deebcb170d3144010e020528bf2ab8fc946f324a70da5b68db30d0ce89864b355abc358287ee01b3758d3495c246bc102e2a0d61fc54e8c549dad9228e6
+EBUILD fuseiso-20070708-r3.ebuild 667 BLAKE2B d490108be3b3132cf64bf4482ecd9940dee6b6d8374684c084ac5e031cddef90d63cfa9ead2004d4bbc81964638d4d73d85d87eda2b8fcf9f0f4266f4bbe4379 SHA512 32a1299f5cd439bb4a733284138a37099de09c18a5a63e67e3be16b3d8656f29a44cb4d4b11e390f7c6176680f0da2217bf1829a71540ebecc9846a339fc3e92
+MISC metadata.xml 244 BLAKE2B b8fe725610fb85711c3dcae43435062521d9102cf3f87cef36d2f0decff44f0d769ab8bd6fb9ecf610ab6d130aa74568f1d9a9649b7f7374094960971782b466 SHA512 386ec4723a0de60b693f2bc258b75e05be36b2809d93b637cde00f484deafb235b8b1d359b940321ddcf3947bc091e1c3a60cece5c7d57418fbeeb126b02e178
diff --git a/sys-fs/fuseiso/files/fuseiso-20070708-CVE-2015-8837.patch b/sys-fs/fuseiso/files/fuseiso-20070708-CVE-2015-8837.patch
new file mode 100644
index 000000000000..a5ab828ee637
--- /dev/null
+++ b/sys-fs/fuseiso/files/fuseiso-20070708-CVE-2015-8837.patch
@@ -0,0 +1,38 @@
+https://sources.debian.org/patches/fuseiso/20070708-3.2/02-prevent-buffer-overflow.patch/
+https://bugs.gentoo.org/713328
+----
+Description: Prevent stack-based buffer overflow on too-long path names
+Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
+
+--- a/src/isofs.c
++++ b/src/isofs.c
+@@ -1532,13 +1532,23 @@
+             if(path[1] != '\0') { // not root dir
+                 strcat(absolute_entry, "/");
+             };
+-            strcat(absolute_entry, entry);
+-            if(g_hash_table_lookup(lookup_table, absolute_entry)) {
+-                // already in lookup cache
++
++            if(strlen(absolute_entry) + strlen(entry) <= PATH_MAX-1) {
++                strcat(absolute_entry, entry);
++                if(g_hash_table_lookup(lookup_table, absolute_entry)) {
++                    // already in lookup cache
++                    isofs_free_inode(inode);
++                } else {
++                    g_hash_table_insert(lookup_table, g_strdup(absolute_entry), inode);
++                };
++            }
++            else {
++                printf("readdir: absolute path name for entry '%s' exceeding PATH_MAX (%d)\n", entry, PATH_MAX);
+                 isofs_free_inode(inode);
+-            } else {
+-                g_hash_table_insert(lookup_table, g_strdup(absolute_entry), inode);
+-            };
++                free(buf);
++                free(entry);
++                return -EIO;
++            }
+             
+             free(entry);
+             
diff --git a/sys-fs/fuseiso/files/fuseiso-20070708-integer-overflow.patch b/sys-fs/fuseiso/files/fuseiso-20070708-integer-overflow.patch
new file mode 100644
index 000000000000..9f20b9b8c51e
--- /dev/null
+++ b/sys-fs/fuseiso/files/fuseiso-20070708-integer-overflow.patch
@@ -0,0 +1,19 @@
+https://sources.debian.org/patches/fuseiso/20070708-3.2/03-prevent-integer-overflow.patch/
+https://bugs.gentoo.org/713328
+----
+Description: Prevent integer overflow in ZISO code
+Author: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
+
+--- a/src/isofs.c
++++ b/src/isofs.c
+@@ -1618,6 +1618,10 @@
+ };
+ 
+ static int isofs_real_read_zf(isofs_inode *inode, char *out_buf, size_t size, off_t offset) {
++    if( inode->zf_block_shift > 17 ) {
++        fprintf(stderr, "isofs_real_read_zf: can't handle ZF block size of 2^%d\n", inode->zf_block_shift);
++        return -EIO;
++    }
+     int zf_block_size = 1 << inode->zf_block_shift;
+     int zf_start = offset / zf_block_size;
+     int zf_end = (offset + size) / zf_block_size;
diff --git a/sys-fs/fuseiso/fuseiso-20070708-r2.ebuild b/sys-fs/fuseiso/fuseiso-20070708-r3.ebuild
index e5d22bb4de7c..4ac8844af9f9 100644
--- a/sys-fs/fuseiso/fuseiso-20070708-r2.ebuild
+++ b/sys-fs/fuseiso/fuseiso-20070708-r3.ebuild
@@ -1,11 +1,11 @@
-# Copyright 1999-2019 Gentoo Authors
+# Copyright 1999-2020 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=7
 
 DESCRIPTION="Fuse module to mount ISO9660"
 HOMEPAGE="https://sourceforge.net/projects/fuseiso"
-SRC_URI="http://superb-dca2.dl.sourceforge.net/project/fuseiso/fuseiso/20070708/fuseiso-20070708.tar.bz2"
+SRC_URI="http://superb-dca2.dl.sourceforge.net/project/${PN}/${PN}/${PV}/${P}.tar.bz2"
 
 LICENSE="GPL-2"
 SLOT="0"
@@ -19,4 +19,10 @@ DEPEND="${RDEPEND}"
 BDEPEND="virtual/pkgconfig"
 
 DOCS=( AUTHORS ChangeLog NEWS README )
-PATCHES=( ${FILESDIR}/${P}-largeiso.patch ${FILESDIR}/${P}-fix-typo.patch )
+
+PATCHES=(
+	"${FILESDIR}/${P}-largeiso.patch"
+	"${FILESDIR}/${P}-fix-typo.patch"
+	"${FILESDIR}/${P}-CVE-2015-8837.patch"
+	"${FILESDIR}/${P}-integer-overflow.patch"
+)
diff --git a/sys-fs/fuseiso/metadata.xml b/sys-fs/fuseiso/metadata.xml
index 220254c786eb..409729bbcacb 100644
--- a/sys-fs/fuseiso/metadata.xml
+++ b/sys-fs/fuseiso/metadata.xml
@@ -1,13 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
 <pkgmetadata>
-	<maintainer type="person">
-		<email>zhaoxiaoqiang007@gmail.com</email>
-	</maintainer>
-	<maintainer type="project">
-		<email>proxy-maint@gentoo.org</email>
-		<name>Proxy Maintainers</name>
-	</maintainer>
+	<!-- maintainer-needed -->
 	<upstream>
 		<remote-id type="sourceforge">fuseiso</remote-id>
 	</upstream>