fix CVE-2017-12613

2020-06-24 17:31:17 +08:00 · 2020-06-24 17:31:17 +08:00 · 10a509424e
commit 10a509424e
parent 03ed364cef
2 changed files with 66 additions and 6 deletions
--- a/Bounds-check-human-readable-date-fields-credit-Stefa.patch
+++ b/Bounds-check-human-readable-date-fields-credit-Stefa.patch
@ -0,0 +1,53 @@
+From ad958385a4180d7a83d90589689fcd36e3bbc57a Mon Sep 17 00:00:00 2001
+From: Nick Kew <niq@apache.org>
+Date: Sun, 10 Sep 2017 22:30:14 +0000
+Subject: [PATCH] Bounds-check human-readable date fields (credit: Stefan
+ Sperling)
+
+git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1807975 13f79535-47bb-0310-9956-ffa450edef68
+---
+ time/unix/time.c  | 3 +++
+ time/win32/time.c | 6 ++++++
+ 2 files changed, 9 insertions(+)
+
+diff --git a/time/unix/time.c b/time/unix/time.c
+index dfa45e6..7f09581 100644
+--- a/time/unix/time.c
+++ b/time/unix/time.c
+@@ -142,6 +142,9 @@ APR_DECLARE(apr_status_t) apr_time_exp_get(apr_time_t *t, apr_time_exp_t *xt)
+     static const int dayoffset[12] =
+     {306, 337, 0, 31, 61, 92, 122, 153, 184, 214, 245, 275};
+ 
+    if (xt->tm_mon < 0 || xt->tm_mon >= 12)
+        return APR_EBADDATE;
+
+     /* shift new year to 1st March in order to make leap year calc easy */
+ 
+     if (xt->tm_mon < 2)
+diff --git a/time/win32/time.c b/time/win32/time.c
+index 2349799..1a70544 100644
+--- a/time/win32/time.c
+++ b/time/win32/time.c
+@@ -54,6 +54,9 @@ static void SystemTimeToAprExpTime(apr_time_exp_t *xt, SYSTEMTIME *tm)
+     static const int dayoffset[12] =
+     {0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334};
+ 
+    if (tm->wMonth < 1 || tm->wMonth > 12)
+        return APR_EBADDATE;
+
+     /* Note; the caller is responsible for filling in detailed tm_usec,
+      * tm_gmtoff and tm_isdst data when applicable.
+      */
+@@ -224,6 +227,9 @@ APR_DECLARE(apr_status_t) apr_time_exp_get(apr_time_t *t,
+     static const int dayoffset[12] =
+     {306, 337, 0, 31, 61, 92, 122, 153, 184, 214, 245, 275};
+ 
+    if (xt->tm_mon < 0 || xt->tm_mon >= 12)
+        return APR_EBADDATE;
+
+     /* shift new year to 1st March in order to make leap year calc easy */
+ 
+     if (xt->tm_mon < 2)
+-- 
+1.8.3.1
+
--- a/apr.spec
+++ b/apr.spec
@ -2,7 +2,7 @@

 Name: apr
 Version: 1.6.5
-Release: 4
+Release: 5
 Summary: Apache Portable Runtime.
 License: ASL 2.0 and BSD with advertising and ISC and BSD
 URL: http://apr.apache.org
@ -12,11 +12,12 @@ Source1: apr-wrapper.h
 Patch0: apr-1.2.2-libdir.patch
 Patch1: apr-1.2.7-pkgconf.patch

-Patch6000: Merge-r1834494-from-trunk.patch
-Patch6001: test-testlock.c-test_timeoutcond-Increase-fudge-fact.patch
-Patch6002: Split-apr_pool_check_integrity-into-two-parts.patch
-Patch6003: Pool-debugging-fixes.patch
-Patch6004: Fix-pool-debugging-output-so-that-creation-events-ar.patch
+Patch0000: Merge-r1834494-from-trunk.patch
+Patch0001: test-testlock.c-test_timeoutcond-Increase-fudge-fact.patch
+Patch0002: Split-apr_pool_check_integrity-into-two-parts.patch
+Patch0003: Pool-debugging-fixes.patch
+Patch0004: Fix-pool-debugging-output-so-that-creation-events-ar.patch
+Patch0005: Bounds-check-human-readable-date-fields-credit-Stefa.patch

 BuildRequires: gcc autoconf libtool libuuid-devel python3 lksctp-tools-devel

@ -100,6 +101,12 @@ make check
 %doc docs/incomplete_types docs/non_apr_programs

 %changelog
+* Wed Jun 24 2020 linwei<linwei54@huawei.com> - 1.6.5-5
+- Type: cves
+- ID: CVE-2017-12613
+- SUG: restart
+- DESC: fix CVE-2017-12613
+
 * Tue Dec 17 2019 openEuler Buildteam <buildteam@openeuler.org> - 1.6.5-4
 - quality enhancement synchronization github patch