Author: jim
Date: 2006-04-14 19:55:59 -0600 (Fri, 14 Apr 2006)
New Revision: 1387
Added:
trunk/patches/linux-2.6.16.5-sun_disklabel_fix-1.patch
trunk/patches/tar-1.15.1-security_fixes-1.patch
trunk/patches/util-linux-2.12r-gcc41_sun_disklabel_fixes-1.patch
Modified:
/
Log:
[EMAIL PROTECTED] (orig r1383): jim | 2006-04-14 17:56:38 -0700
Added: sun disklabel patches. Tar Security Patch.
Property changes on:
___________________________________________________________________
Name: svk:merge
- b6734a72-470d-0410-b049-f317dca95413:/:1382
+ b6734a72-470d-0410-b049-f317dca95413:/:1383
Added: trunk/patches/linux-2.6.16.5-sun_disklabel_fix-1.patch
===================================================================
--- trunk/patches/linux-2.6.16.5-sun_disklabel_fix-1.patch
(rev 0)
+++ trunk/patches/linux-2.6.16.5-sun_disklabel_fix-1.patch 2006-04-15
01:55:59 UTC (rev 1387)
@@ -0,0 +1,19 @@
+Submitted By: Joe Ciccone <joeciccone at crazyeyesoft dot com>
+Date: 2006-04-14
+Initial Package Version: 2.6.16
+Upstream Status: Sent
+Origin: Joe Ciccone
+Description: This patch fixes fdisk so that it can properly calculate the
+ checksum of a sun disklabel
+
+--- linux-2.6.16.orig/fs/partitions/sun.c 2006-04-14 18:12:32.000000000
-0400
++++ linux-2.6.16/fs/partitions/sun.c 2006-04-14 18:13:14.000000000 -0400
+@@ -61,7 +61,7 @@
+ }
+ /* Look at the checksum */
+ ush = ((__be16 *) (label+1)) - 1;
+- for (csum = 0; ush >= ((__be16 *) label);)
++ while (ush < (__be16 *) label)
+ csum ^= *ush--;
+ if (csum) {
+ printk("Dev %s Sun disklabel: Csum bad, label corrupted\n",
Added: trunk/patches/tar-1.15.1-security_fixes-1.patch
===================================================================
--- trunk/patches/tar-1.15.1-security_fixes-1.patch
(rev 0)
+++ trunk/patches/tar-1.15.1-security_fixes-1.patch 2006-04-15 01:55:59 UTC
(rev 1387)
@@ -0,0 +1,128 @@
+Submitted By: Ken Moffat <ken at linuxfromscratch dot org>
+Date: 2006-04-14
+Initial Package Version: 1.15.1
+Origin: gentoo, backported from CVS, rediffed to apply with -p1
+Description: addresses vulnerability CVE-2006-0300
+
+diff -Naurp tar-1.15.1-vanilla/src/xheader.c tar-1.15.1/src/xheader.c
+--- tar-1.15.1-vanilla/src/xheader.c 2004-09-06 12:31:14.000000000 +0100
++++ tar-1.15.1/src/xheader.c 2006-04-14 16:26:26.000000000 +0100
+@@ -783,6 +783,32 @@ code_num (uintmax_t value, char const *k
+ xheader_print (xhdr, keyword, sbuf);
+ }
+
++static bool
++decode_num (uintmax_t *num, char const *arg, uintmax_t maxval,
++ char const *keyword)
++{
++ uintmax_t u;
++ char *arg_lim;
++
++ if (! (ISDIGIT (*arg)
++ && (errno = 0, u = strtoumax (arg, &arg_lim, 10), !*arg_lim)))
++ {
++ ERROR ((0, 0, _("Malformed extended header: invalid %s=%s"),
++ keyword, arg));
++ return false;
++ }
++
++ if (! (u <= maxval && errno != ERANGE))
++ {
++ ERROR ((0, 0, _("Extended header %s=%s is out of range"),
++ keyword, arg));
++ return false;
++ }
++
++ *num = u;
++ return true;
++}
++
+ static void
+ dummy_coder (struct tar_stat_info const *st __attribute__ ((unused)),
+ char const *keyword __attribute__ ((unused)),
+@@ -821,7 +847,7 @@ static void
+ gid_decoder (struct tar_stat_info *st, char const *arg)
+ {
+ uintmax_t u;
+- if (xstrtoumax (arg, NULL, 10, &u, "") == LONGINT_OK)
++ if (decode_num (&u, arg, TYPE_MAXIMUM (gid_t), "gid"))
+ st->stat.st_gid = u;
+ }
+
+@@ -903,7 +929,7 @@ static void
+ size_decoder (struct tar_stat_info *st, char const *arg)
+ {
+ uintmax_t u;
+- if (xstrtoumax (arg, NULL, 10, &u, "") == LONGINT_OK)
++ if (decode_num (&u, arg, TYPE_MAXIMUM (off_t), "size"))
+ st->archive_file_size = st->stat.st_size = u;
+ }
+
+@@ -918,7 +944,7 @@ static void
+ uid_decoder (struct tar_stat_info *st, char const *arg)
+ {
+ uintmax_t u;
+- if (xstrtoumax (arg, NULL, 10, &u, "") == LONGINT_OK)
++ if (decode_num (&u, arg, TYPE_MAXIMUM (uid_t), "uid"))
+ st->stat.st_uid = u;
+ }
+
+@@ -946,7 +972,7 @@ static void
+ sparse_size_decoder (struct tar_stat_info *st, char const *arg)
+ {
+ uintmax_t u;
+- if (xstrtoumax (arg, NULL, 10, &u, "") == LONGINT_OK)
++ if (decode_num (&u, arg, TYPE_MAXIMUM (off_t), "GNU.sparse.size"))
+ st->stat.st_size = u;
+ }
+
+@@ -962,10 +988,10 @@ static void
+ sparse_numblocks_decoder (struct tar_stat_info *st, char const *arg)
+ {
+ uintmax_t u;
+- if (xstrtoumax (arg, NULL, 10, &u, "") == LONGINT_OK)
++ if (decode_num (&u, arg, SIZE_MAX, "GNU.sparse.numblocks"))
+ {
+ st->sparse_map_size = u;
+- st->sparse_map = calloc(st->sparse_map_size, sizeof(st->sparse_map[0]));
++ st->sparse_map = xcalloc (u, sizeof st->sparse_map[0]);
+ st->sparse_map_avail = 0;
+ }
+ }
+@@ -982,8 +1008,14 @@ static void
+ sparse_offset_decoder (struct tar_stat_info *st, char const *arg)
+ {
+ uintmax_t u;
+- if (xstrtoumax (arg, NULL, 10, &u, "") == LONGINT_OK)
++ if (decode_num (&u, arg, TYPE_MAXIMUM (off_t), "GNU.sparse.offset"))
++ {
++ if (st->sparse_map_avail < st->sparse_map_size)
+ st->sparse_map[st->sparse_map_avail].offset = u;
++ else
++ ERROR ((0, 0, _("Malformed extended header: excess %s=%s"),
++ "GNU.sparse.offset", arg));
++ }
+ }
+
+ static void
+@@ -998,15 +1030,13 @@ static void
+ sparse_numbytes_decoder (struct tar_stat_info *st, char const *arg)
+ {
+ uintmax_t u;
+- if (xstrtoumax (arg, NULL, 10, &u, "") == LONGINT_OK)
++ if (decode_num (&u, arg, SIZE_MAX, "GNU.sparse.numbytes"))
+ {
+ if (st->sparse_map_avail == st->sparse_map_size)
+- {
+- st->sparse_map_size *= 2;
+- st->sparse_map = xrealloc (st->sparse_map,
+- st->sparse_map_size
+- * sizeof st->sparse_map[0]);
+- }
++ st->sparse_map = x2nrealloc (st->sparse_map,
++ &st->sparse_map_size,
++ sizeof st->sparse_map[0]);
++
+ st->sparse_map[st->sparse_map_avail++].numbytes = u;
+ }
+ }
Added: trunk/patches/util-linux-2.12r-gcc41_sun_disklabel_fixes-1.patch
===================================================================
--- trunk/patches/util-linux-2.12r-gcc41_sun_disklabel_fixes-1.patch
(rev 0)
+++ trunk/patches/util-linux-2.12r-gcc41_sun_disklabel_fixes-1.patch
2006-04-15 01:55:59 UTC (rev 1387)
@@ -0,0 +1,28 @@
+Submitted By: Joe Ciccone <joeciccone at crazyeyesoft dot com>
+Date: 2006-04-14
+Initial Package Version: 2.12r
+Upstream Status: Sent
+Origin: Joe Ciccone
+Description: This patch fixes fdisk so that it can properly calculate the
+ checksum of a sun disklabel.
+
+--- util-linux-2.12r.orig/fdisk/fdisksunlabel.c 2004-12-22
10:36:24.000000000 -0500
++++ util-linux-2.12r/fdisk/fdisksunlabel.c 2006-04-14 17:50:53.000000000
-0400
+@@ -118,7 +118,7 @@
+ int
+ check_sun_label(void) {
+ unsigned short *ush;
+- int csum;
++ int csum = 0;
+
+ if (sunlabel->magic != SUN_LABEL_MAGIC &&
+ sunlabel->magic != SUN_LABEL_MAGIC_SWAPPED) {
+@@ -128,7 +128,7 @@
+ }
+ other_endian = (sunlabel->magic == SUN_LABEL_MAGIC_SWAPPED);
+ ush = ((unsigned short *) (sunlabel + 1)) - 1;
+- for (csum = 0; ush >= (unsigned short *)sunlabel;) csum ^= *ush--;
++ while (ush < (unsigned short *)sunlabel) csum ^= *ush--;
+ if (csum) {
+ fprintf(stderr,_("Detected sun disklabel with wrong checksum.\n"
+ "Probably you'll have to set all the values,\n"
--
http://linuxfromscratch.org/mailman/listinfo/cross-lfs
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
