Control: tags 992192 + patch Control: tags 992192 + pending Hi Anibal,
I've prepared an NMU for cpio (versioned as 2.13+dfsg-6.1) and uploaded it to DELAYED/2. Please feel free to tell me if I should delay it longer. Actually if you do a maintainer upload and even before that would be welcome. Regards, Salvatore
diff -Nru cpio-2.13+dfsg/debian/changelog cpio-2.13+dfsg/debian/changelog --- cpio-2.13+dfsg/debian/changelog 2021-08-13 05:06:27.000000000 +0200 +++ cpio-2.13+dfsg/debian/changelog 2021-08-21 22:58:50.000000000 +0200 @@ -1,3 +1,10 @@ +cpio (2.13+dfsg-6.1) unstable; urgency=medium + + * Non-maintainer upload. + * Fix dynamic string reallocations (Closes: #992192) + + -- Salvatore Bonaccorso <car...@debian.org> Sat, 21 Aug 2021 22:58:50 +0200 + cpio (2.13+dfsg-6) unstable; urgency=high * Fix regression of original fix for CVE-2021-38185 diff -Nru cpio-2.13+dfsg/debian/patches/992192-Fix-dynamic-string-reallocations.patch cpio-2.13+dfsg/debian/patches/992192-Fix-dynamic-string-reallocations.patch --- cpio-2.13+dfsg/debian/patches/992192-Fix-dynamic-string-reallocations.patch 1970-01-01 01:00:00.000000000 +0100 +++ cpio-2.13+dfsg/debian/patches/992192-Fix-dynamic-string-reallocations.patch 2021-08-21 22:58:50.000000000 +0200 @@ -0,0 +1,80 @@ +From: Sergey Poznyakoff <g...@gnu.org> +Date: Wed, 18 Aug 2021 09:41:39 +0300 +Subject: Fix dynamic string reallocations +Origin: https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=236684f6deb3178043fe72a8e2faca538fa2aae1 +Bug: https://lists.gnu.org/archive/html/bug-cpio/2021-08/msg00005.html +Bug-Debian: https://bugs.debian.org/992192 + +* src/dstring.c (ds_resize): Take additional argument: number of +bytes to leave available after ds_idx. All uses changed. +--- + src/dstring.c | 18 ++++++++---------- + 1 file changed, 8 insertions(+), 10 deletions(-) + +diff --git a/src/dstring.c b/src/dstring.c +index b7e0bb5b5ec1..fd4e03067c25 100644 +--- a/src/dstring.c ++++ b/src/dstring.c +@@ -49,9 +49,9 @@ ds_free (dynamic_string *string) + /* Expand dynamic string STRING, if necessary. */ + + void +-ds_resize (dynamic_string *string) ++ds_resize (dynamic_string *string, size_t len) + { +- if (string->ds_idx == string->ds_size) ++ while (len + string->ds_idx >= string->ds_size) + { + string->ds_string = x2nrealloc (string->ds_string, &string->ds_size, + 1); +@@ -63,8 +63,7 @@ ds_resize (dynamic_string *string) + void + ds_reset (dynamic_string *s, size_t len) + { +- while (len > s->ds_size) +- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); ++ ds_resize (s, len); + s->ds_idx = len; + } + +@@ -86,10 +85,10 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos) + /* Read the input string. */ + while ((next_ch = getc (f)) != eos && next_ch != EOF) + { +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx++] = next_ch; + } +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = '\0'; + + if (s->ds_idx == 0 && next_ch == EOF) +@@ -101,12 +100,12 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos) + void + ds_append (dynamic_string *s, int c) + { +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = c; + if (c) + { + s->ds_idx++; +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = 0; + } + } +@@ -115,8 +114,7 @@ void + ds_concat (dynamic_string *s, char const *str) + { + size_t len = strlen (str); +- while (len + 1 > s->ds_size) +- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); ++ ds_resize (s, len); + memcpy (s->ds_string + s->ds_idx, str, len); + s->ds_idx += len; + s->ds_string[s->ds_idx] = 0; +-- +2.33.0 + diff -Nru cpio-2.13+dfsg/debian/patches/series cpio-2.13+dfsg/debian/patches/series --- cpio-2.13+dfsg/debian/patches/series 2021-08-13 04:58:34.000000000 +0200 +++ cpio-2.13+dfsg/debian/patches/series 2021-08-21 22:58:50.000000000 +0200 @@ -14,3 +14,4 @@ 963304-remove-superfluous-declaration-of-program_name 992045-CVE-2021-38185-rewrite-dynamic-string-support 992098-regression-of-orig-fix-for-CVE-2021-38185 +992192-Fix-dynamic-string-reallocations.patch
