packages/file
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!4 reupload patches

Browse Source 
Merge pull request !4 from openeuler-storage/new
This commit is contained in:
openeuler-ci-bot 2019-12-26 10:38:55 +08:00 committed by Gitee
commit 357c79b74a
4 changed files with 101 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
6003-CVE-2019-18218.patch
View File

@ -9,35 +9,36 @@ index 9d639674..bb81d637 100644
--- a/src/cdf.c --- a/src/cdf.c
+++ b/src/cdf.c +++ b/src/cdf.c
@@ -1027,8 +1027,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, @@ -1027,8 +1027,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
goto out; goto out;
} }
nelements = CDF_GETUINT32(q, 1); nelements = CDF_GETUINT32(q, 1);
- if (nelements == 0) { - if (nelements == 0) {
- DPRINTF(("CDF_VECTOR with nelements == 0\n")); - DPRINTF(("CDF_VECTOR with nelements == 0\n"));
+ if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) { + if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
+ DPRINTF(("CDF_VECTOR with nelements == %" + DPRINTF(("CDF_VECTOR with nelements == %"
+ SIZE_T_FORMAT "u\n", nelements)); + SIZE_T_FORMAT "u\n", nelements));
goto out; goto out;
} }
slen = 2; slen = 2;
@@ -1070,8 +1071,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, @@ -1070,8 +1071,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
goto out; goto out;
inp += nelem; inp += nelem;
} }
- DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n", - DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
- nelements)); - nelements));
for (j = 0; j < nelements && i < sh.sh_properties; for (j = 0; j < nelements && i < sh.sh_properties;
j++, i++) j++, i++)
{ {
diff --git a/src/cdf.h b/src/cdf.h diff --git a/src/cdf.h b/src/cdf.h
index 2f7e554b..05056668 100644 index 2f7e554b..05056668 100644
--- a/src/cdf.h --- a/src/cdf.h
+++ b/src/cdf.h +++ b/src/cdf.h
@@ -48,6 +48,7 @@ @@ -48,6 +48,7 @@
typedef int32_t cdf_secid_t; typedef int32_t cdf_secid_t;
#define CDF_LOOP_LIMIT 10000
+#define CDF_ELEMENT_LIMIT 100000
#define CDF_SECID_NULL 0
#define CDF_SECID_FREE -1
#define CDF_LOOP_LIMIT 10000
+#define CDF_ELEMENT_LIMIT 100000
#define CDF_SECID_NULL 0
#define CDF_SECID_FREE -1

68
6004-Use-memmem-to-speed-up-searches-if-available-Michael.patch
View File

@ -15,11 +15,11 @@ index ec296aa4..402f75dd 100644
+++ b/configure.ac +++ b/configure.ac
@@ -151,7 +151,7 @@ else @@ -151,7 +151,7 @@ else
fi]) fi])
dnl Checks for functions dnl Checks for functions
-AC_CHECK_FUNCS(strerror strndup strtoul mkstemp mkostemp utimes utime wcwidth strtof newlocale uselocale freelocale setlocale) -AC_CHECK_FUNCS(strerror strndup strtoul mkstemp mkostemp utimes utime wcwidth strtof newlocale uselocale freelocale setlocale)
+AC_CHECK_FUNCS(strerror strndup strtoul mkstemp mkostemp utimes utime wcwidth strtof newlocale uselocale freelocale setlocale memmem) +AC_CHECK_FUNCS(strerror strndup strtoul mkstemp mkostemp utimes utime wcwidth strtof newlocale uselocale freelocale setlocale memmem)
dnl Provide implementation of some required functions if necessary dnl Provide implementation of some required functions if necessary
AC_REPLACE_FUNCS(getopt_long asprintf vasprintf strlcpy strlcat getline ctime_r asctime_r localtime_r gmtime_r pread strcasestr fmtcheck dprintf) AC_REPLACE_FUNCS(getopt_long asprintf vasprintf strlcpy strlcat getline ctime_r asctime_r localtime_r gmtime_r pread strcasestr fmtcheck dprintf)
diff --git a/src/softmagic.c b/src/softmagic.c diff --git a/src/softmagic.c b/src/softmagic.c
@ -28,43 +28,43 @@ index cfc17812..9999ef6f 100644
+++ b/src/softmagic.c +++ b/src/softmagic.c
@@ -32,7 +32,7 @@ @@ -32,7 +32,7 @@
#include "file.h" #include "file.h"
#ifndef lint #ifndef lint
-FILE_RCSID("@(#)$File: softmagic.c,v 1.262 2018/06/22 20:39:50 christos Exp $") -FILE_RCSID("@(#)$File: softmagic.c,v 1.262 2018/06/22 20:39:50 christos Exp $")
+FILE_RCSID("@(#)$File: softmagic.c,v 1.279 2019/02/27 16:52:23 christos Exp $") +FILE_RCSID("@(#)$File: softmagic.c,v 1.279 2019/02/27 16:52:23 christos Exp $")
#endif /* lint */ #endif /* lint */
#include "magic.h" #include "magic.h"
@@ -2063,6 +2063,29 @@ magiccheck(struct magic_set *ms, struct magic *m) @@ -2063,6 +2063,29 @@ magiccheck(struct magic_set *ms, struct magic *m)
slen = MIN(m->vallen, sizeof(m->value.s)); slen = MIN(m->vallen, sizeof(m->value.s));
l = 0; l = 0;
v = 0; v = 0;
+#ifdef HAVE_MEMMEM +#ifdef HAVE_MEMMEM
+ if (slen > 0 && m->str_flags == 0) { + if (slen > 0 && m->str_flags == 0) {
+ const char *found; + const char *found;
+ if (m->str_range != 0 + if (m->str_range != 0
+ && ms->search.s_len >= m->str_range + slen) { + && ms->search.s_len >= m->str_range + slen) {
+ found = memmem(ms->search.s, + found = memmem(ms->search.s,
+ m->str_range + slen, m->value.s, slen); + m->str_range + slen, m->value.s, slen);
+ } else { + } else {
+ found = memmem(ms->search.s, + found = memmem(ms->search.s,
+ ms->search.s_len, m->value.s, slen); + ms->search.s_len, m->value.s, slen);
+ if (!found) + if (!found)
+ return 0; + return 0;
+ } + }
+ if (!found) { + if (!found) {
+ v = 1; + v = 1;
+ } else { + } else {
+ idx = found - ms->search.s; + idx = found - ms->search.s;
+ ms->search.offset += idx; + ms->search.offset += idx;
+ ms->search.rm_len = ms->search.s_len - idx; + ms->search.rm_len = ms->search.s_len - idx;
+ } + }
+ break; + break;
+ } + }
+#endif +#endif
for (idx = 0; m->str_range == 0 || idx < m->str_range; idx++) { for (idx = 0; m->str_range == 0 || idx < m->str_range; idx++) {
if (slen + idx > ms->search.s_len) if (slen + idx > ms->search.s_len)
-- --
2.19.1 2.19.1

70
6005-Simplify-and-always-return-if-not-found-found-by-OSS.patch
View File

@ -13,46 +13,46 @@ index 9999ef6f..2befe35f 100644
+++ b/src/softmagic.c +++ b/src/softmagic.c
@@ -32,7 +32,7 @@ @@ -32,7 +32,7 @@
#include "file.h" #include "file.h"
#ifndef lint #ifndef lint
-FILE_RCSID("@(#)$File: softmagic.c,v 1.279 2019/02/27 16:52:23 christos Exp $") -FILE_RCSID("@(#)$File: softmagic.c,v 1.279 2019/02/27 16:52:23 christos Exp $")
+FILE_RCSID("@(#)$File: softmagic.c,v 1.280 2019/02/28 12:52:56 christos Exp $") +FILE_RCSID("@(#)$File: softmagic.c,v 1.280 2019/02/28 12:52:56 christos Exp $")
#endif /* lint */ #endif /* lint */
#include "magic.h" #include "magic.h"
@@ -2066,23 +2066,15 @@ magiccheck(struct magic_set *ms, struct magic *m) @@ -2066,23 +2066,15 @@ magiccheck(struct magic_set *ms, struct magic *m)
#ifdef HAVE_MEMMEM #ifdef HAVE_MEMMEM
if (slen > 0 && m->str_flags == 0) { if (slen > 0 && m->str_flags == 0) {
const char *found; const char *found;
- if (m->str_range != 0 - if (m->str_range != 0
- && ms->search.s_len >= m->str_range + slen) { - && ms->search.s_len >= m->str_range + slen) {
- found = memmem(ms->search.s, - found = memmem(ms->search.s,
- m->str_range + slen, m->value.s, slen); - m->str_range + slen, m->value.s, slen);
- } else { - } else {
- found = memmem(ms->search.s, - found = memmem(ms->search.s,
- ms->search.s_len, m->value.s, slen); - ms->search.s_len, m->value.s, slen);
- if (!found) - if (!found)
- return 0; - return 0;
- } - }
- if (!found) { - if (!found) {
- v = 1; - v = 1;
- } else { - } else {
- idx = found - ms->search.s; - idx = found - ms->search.s;
- ms->search.offset += idx; - ms->search.offset += idx;
- ms->search.rm_len = ms->search.s_len - idx; - ms->search.rm_len = ms->search.s_len - idx;
- } - }
+ idx = m->str_range + slen; + idx = m->str_range + slen;
+ if (m->str_range == 0 || ms->search.s_len < idx) + if (m->str_range == 0 || ms->search.s_len < idx)
+ idx = ms->search.s_len; + idx = ms->search.s_len;
+ found = memmem(ms->search.s, idx, m->value.s, slen); + found = memmem(ms->search.s, idx, m->value.s, slen);
+ if (!found) + if (!found)
+ return 0; + return 0;
+ idx = found - ms->search.s; + idx = found - ms->search.s;
+ ms->search.offset += idx; + ms->search.offset += idx;
+ ms->search.rm_len = ms->search.s_len - idx; + ms->search.rm_len = ms->search.s_len - idx;
break; break;
} }
#endif #endif
-- --
2.19.1 2.19.1

11
file.spec
View File

@ -1,6 +1,6 @@
Name: file Name: file
Version: 5.34 Version: 5.34
Release: 8 Release: 9
Summary: A tool to identify the type of a particular file type Summary: A tool to identify the type of a particular file type
License: BSD License: BSD
URL: http://www.darwinsys.com/file/ URL: http://www.darwinsys.com/file/
@ -17,9 +17,9 @@ Patch6002: 6002-Fix-indirect-offset-overflow-calculation-B.-Watson.patch
Patch3: 0003-file-5.34-readelf.patch Patch3: 0003-file-5.34-readelf.patch
#Patch6003: 6003-CVE-2019-18218.patch Patch6003: 6003-CVE-2019-18218.patch
#Patch6004: 6004-Use-memmem-to-speed-up-searches-if-available-Michael.patch Patch6004: 6004-Use-memmem-to-speed-up-searches-if-available-Michael.patch
#Patch6005: 6005-Simplify-and-always-return-if-not-found-found-by-OSS.patch Patch6005: 6005-Simplify-and-always-return-if-not-found-found-by-OSS.patch
Requires: %{name}-libs = %{version}-%{release} Requires: %{name}-libs = %{version}-%{release}
BuildRequires: autoconf automake libtool git zlib-devel BuildRequires: autoconf automake libtool git zlib-devel
@ -161,6 +161,9 @@ cd %{py3dir}
%{python3_sitelib}/__pycache__/* %{python3_sitelib}/__pycache__/*
%changelog %changelog
* Thu Dec 26 2019 openEuler Buildteam <buildteam@openeuler.org> - 5.34-9
- reupload patches
* Wed Dec 25 2019 openEuler Buildteam <buildteam@openeuler.org> - 5.34-8 * Wed Dec 25 2019 openEuler Buildteam <buildteam@openeuler.org> - 5.34-8
- revert patches - revert patches