Skip to content
Snippets Groups Projects
Commit 7b7625a8 authored by Leo's avatar Leo
Browse files

main/libmspack: fix CVE-2019-1010305 

see #10814
parent a03d4c39
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
main/libmspack/APKBUILD
+ 8
3
View file @ 7b7625a8
...@@ -2,18 +2,22 @@ ...@@ -2,18 +2,22 @@
pkgname=libmspack pkgname=libmspack
pkgver=0.8_alpha pkgver=0.8_alpha
_ver=${pkgver/_/} _ver=${pkgver/_/}
pkgrel=0 pkgrel=1
pkgdesc="Library for Microsoft CAB compression formats" pkgdesc="Library for Microsoft CAB compression formats"
url="https://www.cabextract.org.uk/libmspack/" url="https://www.cabextract.org.uk/libmspack/"
arch="all" arch="all"
license="LGPL-2.1-only" license="LGPL-2.1-only"
makedepends="$depends_dev" makedepends="$depends_dev"
subpackages="$pkgname-dev $pkgname-utils" subpackages="$pkgname-dev $pkgname-utils"
source="https://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz" source="https://www.cabextract.org.uk/libmspack/libmspack-$_ver.tar.gz
CVE-2019-1010305.patch
"
builddir="$srcdir"/libmspack-$_ver builddir="$srcdir"/libmspack-$_ver
# secfixes: # secfixes:
# 0.8_alpha-r1:
# - CVE-2019-1010305
# 0.8_alpha-r0: # 0.8_alpha-r0:
# - CVE-2018-18584 # - CVE-2018-18584
# - CVE-2018-18585 # - CVE-2018-18585
...@@ -58,4 +62,5 @@ utils() { ...@@ -58,4 +62,5 @@ utils() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr mv "$pkgdir"/usr/bin "$subpkgdir"/usr
} }
sha512sums="d178afc4d2eded204594c81af1c91be17d3be4f1a09829e08c103023aa7badc6b2595e9ec13cc7f77e3262d2cd874ed40ce6da01695c5c839682562740d2bf0a libmspack-0.8alpha.tar.gz" sha512sums="d178afc4d2eded204594c81af1c91be17d3be4f1a09829e08c103023aa7badc6b2595e9ec13cc7f77e3262d2cd874ed40ce6da01695c5c839682562740d2bf0a libmspack-0.8alpha.tar.gz
4c5f5ab9d597538303ce2adf27014db715603afdde50904cd3cb363077f2ff883086cf9ccf1072fa516f73df4652bec3bddd81854aeac5f11c0698d1cfb59cdf CVE-2019-1010305.patch"
main/libmspack/CVE-2019-1010305.patch 0 → 100644
+ 39
0
View file @ 7b7625a8
diff --git a/mspack/chmd.c b/mspack/chmd.c
index 1d198bf..26c1b18 100644
--- a/mspack/chmd.c
+++ b/mspack/chmd.c
@@ -482,21 +482,19 @@ static int chmd_read_headers(struct mspack_system *sys, struct mspack_file *fh,
fi->filename[name_len] = '\0';
if (name[0] == ':' && name[1] == ':') {
- /* system file */
- if (mspack_memcmp(&name[2], &content_name[2], 31L) == 0) {
- if (mspack_memcmp(&name[33], &content_name[33], 8L) == 0) {
- chm->sec1.content = fi;
- }
- else if (mspack_memcmp(&name[33], &control_name[33], 11L) == 0) {
- chm->sec1.control = fi;
- }
- else if (mspack_memcmp(&name[33], &spaninfo_name[33], 8L) == 0) {
- chm->sec1.spaninfo = fi;
- }
- else if (mspack_memcmp(&name[33], &rtable_name[33], 72L) == 0) {
- chm->sec1.rtable = fi;
- }
- }
+ /* system file */
+ if (name_len == 40 && memcmp(name, content_name, 40) == 0) {
+ chm->sec1.content = fi;
+ }
+ else if (name_len == 44 && memcmp(name, control_name, 44) == 0) {
+ chm->sec1.control = fi;
+ }
+ else if (name_len == 41 && memcmp(name, spaninfo_name, 41) == 0) {
+ chm->sec1.spaninfo = fi;
+ }
+ else if (name_len == 105 && memcmp(name, rtable_name, 105) == 0) {
+ chm->sec1.rtable = fi;
+ }
fi->next = chm->sysfiles;
chm->sysfiles = fi;
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment