powerel7
/
gui
2
0
Fork 0
Code Issues Pull Requests Releases Activity
Browse Source

gcap package update 

Signed-off-by: guibuilder_pel7x64builder0 <guibuilder@powerel.org>
master
guibuilder_pel7x64builder0 6 years ago
parent
8b2eede3a0
commit
d177426528
6 changed files with 343 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 47
      SOURCES/0001-Do-not-crash-when-ncbytes-is-larger-than-the-buffer-.patch
  2. 53
      SOURCES/0001-Fix-a-few-Dereference-of-null-pointer-warnings.patch
  3. 30
      SOURCES/0002-Always-check-the-return-value-when-writing-to-the-st.patch
  4. 29
      SOURCES/0003-Fix-a-theoretical-crash-when-building-the-table-entr.patch
  5. 27
      SOURCES/0004-Fix-buffer-overrun-when-generating-Huffman-codes.patch
  6. 157
      SPECS/gcab.spec

47
SOURCES/0001-Do-not-crash-when-ncbytes-is-larger-than-the-buffer-.patch
Unescape View File

@ -0,0 +1,47 @@ @@ -0,0 +1,47 @@
diff --git a/libgcab/cabinet.c b/libgcab/cabinet.c
index a675d1b..9847f1c 100644
--- a/libgcab/cabinet.c
+++ b/libgcab/cabinet.c
@@ -460,18 +460,38 @@ cdata_read (cdata_t *cd, u1 res_data, gint comptype,
gboolean success = FALSE;
int ret, zret = Z_OK;
gint compression = comptype & GCAB_COMPRESSION_MASK;
- guint8 *buf = compression == GCAB_COMPRESSION_NONE ? cd->out : cd->in;
+ gsize buf_sz;
+ guint8 *buf = NULL;
CHECKSUM datacsum;
- if (compression > GCAB_COMPRESSION_MSZIP &&
- compression != GCAB_COMPRESSION_LZX) {
+ /* decompress directly into ->out for no decompression */
+ switch (compression) {
+ case GCAB_COMPRESSION_NONE:
+ buf = cd->out;
+ buf_sz = sizeof(cd->out);
+ break;
+ case GCAB_COMPRESSION_MSZIP:
+ case GCAB_COMPRESSION_LZX:
+ buf = cd->in;
+ buf_sz = sizeof(cd->in);
+ break;
+ default:
g_set_error (error, GCAB_ERROR, GCAB_ERROR_FAILED,
_("unsupported compression method %d"), compression);
- return FALSE;
+ break;
}
+ if (buf == NULL)
+ return FALSE;
R4 (cd->checksum);
R2 (cd->ncbytes);
+ if (cd->ncbytes > buf_sz) {
+ g_set_error (error, GCAB_ERROR, GCAB_ERROR_FAILED,
+ "tried to decompress %" G_GUINT16_FORMAT " bytes "
+ "into buffer of size %" G_GSIZE_FORMAT,
+ cd->ncbytes, buf_sz);
+ return FALSE;
+ }
R2 (cd->nubytes);
cd->reserved = g_malloc (res_data);
RN (cd->reserved, res_data);

53
SOURCES/0001-Fix-a-few-Dereference-of-null-pointer-warnings.patch
Unescape View File

@ -0,0 +1,53 @@ @@ -0,0 +1,53 @@
From 411ce03bdeddd7cbf69cb7c68845c99908657bf9 Mon Sep 17 00:00:00 2001
From: Richard Hughes <richard@hughsie.com>
Date: Wed, 1 Mar 2017 16:39:27 +0000
Subject: [PATCH 1/4] Fix a few 'Dereference of null pointer' warnings

---
libgcab/cabinet.c | 2 +-
libgcab/gcab-cabinet.c | 2 +-
libgcab/gcab-folder.c | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/libgcab/cabinet.c b/libgcab/cabinet.c
index 1fa2af8..4df9024 100644
--- a/libgcab/cabinet.c
+++ b/libgcab/cabinet.c
@@ -562,7 +562,7 @@ end:
g_set_error (error, GCAB_ERROR, GCAB_ERROR_FAILED,
"zlib failed: %s", zError (zret));
- if (!*error && !success)
+ if (error != NULL && *error == NULL && !success)
g_set_error (error, GCAB_ERROR, GCAB_ERROR_FAILED,
"Invalid cabinet chunk");
diff --git a/libgcab/gcab-cabinet.c b/libgcab/gcab-cabinet.c
index e81b052..a6cc4f0 100644
--- a/libgcab/gcab-cabinet.c
+++ b/libgcab/gcab-cabinet.c
@@ -257,7 +257,7 @@ gcab_cabinet_write (GCabCabinet *self,
g_clear_object (&in);
in = G_INPUT_STREAM (g_file_read (file->file, cancellable, error));
- if (*error)
+ if (in == NULL)
goto end;
while ((len = g_input_stream_read (in,
diff --git a/libgcab/gcab-folder.c b/libgcab/gcab-folder.c
index e724097..dc33b6a 100644
--- a/libgcab/gcab-folder.c
+++ b/libgcab/gcab-folder.c
@@ -240,7 +240,7 @@ gcab_folder_add_file (GCabFolder *self, GCabFile *file,
g_return_val_if_fail (G_IS_FILE (gfile), FALSE);
GFileInfo *info = g_file_query_info (gfile, FILE_ATTRS, 0, NULL, error);
- if (*error)
+ if (info == NULL)
return FALSE;
success = add_file_info (self, file, info,
--
2.9.3

30
SOURCES/0002-Always-check-the-return-value-when-writing-to-the-st.patch
Unescape View File

@ -0,0 +1,30 @@ @@ -0,0 +1,30 @@
From 4d2c600f54d2f00d1604aaeb20e2285e9ab0cad9 Mon Sep 17 00:00:00 2001
From: Richard Hughes <richard@hughsie.com>
Date: Wed, 1 Mar 2017 16:40:05 +0000
Subject: [PATCH 2/4] Always check the return value when writing to the stream

---
libgcab/cabinet.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/libgcab/cabinet.c b/libgcab/cabinet.c
index 4df9024..a675d1b 100644
--- a/libgcab/cabinet.c
+++ b/libgcab/cabinet.c
@@ -190,9 +190,10 @@ cheader_write (cheader_t *ch, GDataOutputStream *out,
return FALSE;
if (ch->flags & CABINET_HEADER_RESERVE) {
- W2 (ch->res_header);
- W1 (ch->res_folder);
- W1 (ch->res_data);
+ if (!W2 (ch->res_header) ||
+ !W1 (ch->res_folder) ||
+ !W1 (ch->res_data))
+ return FALSE;
if (g_output_stream_write (stream, ch->reserved, ch->res_header,
cancellable, error) == -1)
return FALSE;
--
2.9.3

29
SOURCES/0003-Fix-a-theoretical-crash-when-building-the-table-entr.patch
Unescape View File

@ -0,0 +1,29 @@ @@ -0,0 +1,29 @@
From 42c5e4f6d227b0dcee7e01702e9338f15dfa1568 Mon Sep 17 00:00:00 2001
From: Richard Hughes <richard@hughsie.com>
Date: Wed, 1 Mar 2017 17:02:05 +0000
Subject: [PATCH 3/4] Fix a theoretical crash when building the table entries

I can't actually see a way to construct the ZIPstate with no tables, but this
at least this stops Coverity complaining.
---
libgcab/decomp.c | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/libgcab/decomp.c b/libgcab/decomp.c
index cce368e..52445e8 100644
--- a/libgcab/decomp.c
+++ b/libgcab/decomp.c
@@ -248,6 +248,10 @@ struct Ziphuft **t, cab_LONG *m, fdi_decomp_state *decomp_state)
i ^= j;
i ^= j;
+ /* no tables */
+ if (h < 0)
+ return 2; /* corrupt */
+
/* backup over finished tables */
while ((i & ((1 << w) - 1)) != ZIP(x)[h])
w -= l[--h]; /* don't need to update q */
--
2.9.3

27
SOURCES/0004-Fix-buffer-overrun-when-generating-Huffman-codes.patch
Unescape View File

@ -0,0 +1,27 @@ @@ -0,0 +1,27 @@
From 42a8b8af21af24bb35548bcd2499c792d1a8c1a3 Mon Sep 17 00:00:00 2001
From: Richard Hughes <richard@hughsie.com>
Date: Wed, 1 Mar 2017 17:15:10 +0000
Subject: [PATCH 4/4] Fix buffer overrun when generating Huffman codes

---
libgcab/decomp.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/libgcab/decomp.c b/libgcab/decomp.c
index 52445e8..3ee8f9b 100644
--- a/libgcab/decomp.c
+++ b/libgcab/decomp.c
@@ -190,7 +190,9 @@ struct Ziphuft **t, cab_LONG *m, fdi_decomp_state *decomp_state)
xp = ZIP(c) + k;
while (++j < z) /* try smaller tables up to z bits */
{
- if ((f <<= 1) <= *++xp)
+ if (*++xp > ZIPBMAX)
+ return 2; /* corrupt */
+ if ((f <<= 1) <= *xp)
break; /* enough codes to use up j bits */
f -= *xp; /* else deduct codes from patterns */
}
--
2.9.3

157
SPECS/gcab.spec
Unescape View File

@ -0,0 +1,157 @@ @@ -0,0 +1,157 @@
Name: gcab
Version: 0.7
Release: 4%{?dist}
Summary: Cabinet file library and tool

License: LGPLv2+
#VCS: git:git://git.gnome.org/gcab
URL: http://ftp.gnome.org/pub/GNOME/sources/gcab
Source0: http://ftp.gnome.org/pub/GNOME/sources/gcab/%{version}/%{name}-%{version}.tar.xz

# Already upstream
Patch1: 0001-Fix-a-few-Dereference-of-null-pointer-warnings.patch
Patch2: 0002-Always-check-the-return-value-when-writing-to-the-st.patch
Patch3: 0003-Fix-a-theoretical-crash-when-building-the-table-entr.patch
Patch4: 0004-Fix-buffer-overrun-when-generating-Huffman-codes.patch
Patch5: 0001-Do-not-crash-when-ncbytes-is-larger-than-the-buffer-.patch

BuildRequires: intltool
BuildRequires: vala-tools
BuildRequires: glib2-devel
BuildRequires: gobject-introspection-devel
BuildRequires: zlib-devel

Requires: libgcab1%{?_isa} = %{version}-%{release}

%description
gcab is a tool to manipulate Cabinet archive.

%package -n libgcab1
Summary: Library to create Cabinet archives

%description -n libgcab1
libgcab is a library to manipulate Cabinet archive using GIO/GObject.

%package -n libgcab1-devel
Summary: Development files to create Cabinet archives
Requires: libgcab1%{?_isa} = %{version}-%{release}
Requires: glib2-devel
Requires: pkgconfig

%description -n libgcab1-devel
libgcab is a library to manipulate Cabinet archive.

Libraries, includes, etc. to compile with the gcab library.

%prep
%setup -q
%patch1 -p1 -b .coverity1
%patch2 -p1 -b .coverity2
%patch3 -p1 -b .coverity3
%patch4 -p1 -b .coverity4
%patch5 -p1 -b .cve20185345

%build
%configure --disable-silent-rules --disable-static
make %{?_smp_mflags}

%install
rm -rf %{buildroot}
make DESTDIR=%{buildroot} install

rm -f %{buildroot}%{_libdir}/*.a
rm -f %{buildroot}%{_libdir}/*.la

%find_lang %{name}

%post -n libgcab1 -p /sbin/ldconfig
%postun -n libgcab1 -p /sbin/ldconfig

%files
%doc COPYING NEWS
%{_bindir}/gcab
%{_mandir}/man1/gcab.1*

%files -n libgcab1 -f %{name}.lang
%doc COPYING NEWS
%{_libdir}/girepository-1.0/GCab-1.0.typelib
%{_libdir}/libgcab-1.0.so.*

%files -n libgcab1-devel
%{_datadir}/gir-1.0/GCab-1.0.gir
%{_datadir}/gtk-doc/html/gcab/*
%{_datadir}/vala/vapi/libgcab-1.0.vapi
%{_includedir}/libgcab-1.0/*
%{_libdir}/libgcab-1.0.so
%{_libdir}/pkgconfig/libgcab-1.0.pc

%changelog
* Wed Feb 14 2018 Richard Hughes <rhughes@redhat.com> - 0.7-4
- Fixes the security issue known as CVE-2018-5345
- Resolves: #1533174

* Mon Mar 06 2017 Richard Hughes <rhughes@redhat.com> - 0.7-3
- Fix some more bugs spotted by coverity and RPMDiff.
- Resolves: #1388476

* Thu Mar 02 2017 Richard Hughes <rhughes@redhat.com> - 0.7-2
- Fix some bugs spotted by coverity and RPMDiff.
- Resolves: #1388476

* Wed Mar 09 2016 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.7-1
- 0.7 release update.

* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.6-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

* Tue Dec 01 2015 Fabiano Fidêncio <fidencio@redhat.com> - 0.6-5
- Bump NVR and rebuild due to a mistakenly deleted build

* Thu Jul 30 2015 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.6-4
- Fix wrong file modification date when creating cab.

* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

* Mon Mar 23 2015 Kalev Lember <kalevlember@gmail.com> - 0.6-2
- Pull in the base library package when installing -devel

* Tue Mar 17 2015 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.6-1
- Update to upstream release v0.6

* Tue Jan 06 2015 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.4-7
- Avoid directory traversal CVE-2015-0552. rhbz#1179126

* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

* Tue Jul 22 2014 Kalev Lember <kalevlember@gmail.com> - 0.4-5
- Rebuilt for gobject-introspection 1.41.4

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Tue Feb 12 2013 Simone Caronni <negativo17@gmail.com> - 0.4-2
- Removed rpm 4.5 macros/tags, it cannot be built with the vala in el5/el6.
- Removed redundant requirement on libgcab1%%{_isa}, added automatically by rpm.

* Fri Feb 8 2013 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.4-1
- Update to upstream v0.4.

* Fri Feb 8 2013 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.3-3
- Align more fields.
- Use double percentage in comment.
- Include COPYING file in gcab package too.

* Fri Feb 8 2013 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.3-2
- Untabify.
- Use %%{buildroot} consitantly.
- Do not use -1.0 in package names.
- Add more tags based on the el5 spec template.
- Re-add --enable-fast-install trick, to make gcab relink.

* Sun Jan 26 2013 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.3-1
- Initial package (rhbz#895757)
Write Preview
Loading…
Cancel
Save