diff options
author | Meena Shanmugam <meenashanmugam@google.com> | 2022-12-06 00:32:30 +0000 |
---|---|---|
committer | Michał Górny <mgorny@gentoo.org> | 2022-12-06 07:02:16 +0100 |
commit | b618d6ec93c66f91c071c99c65775aaef2471bdf (patch) | |
tree | 4bf5174300da48b96519766b931beec38f6cd084 /app-arch/libarchive | |
parent | dev-python/starlette: Bump to 0.23.0 (diff) | |
download | gentoo-b618d6ec93c66f91c071c99c65775aaef2471bdf.tar.gz gentoo-b618d6ec93c66f91c071c99c65775aaef2471bdf.tar.bz2 gentoo-b618d6ec93c66f91c071c99c65775aaef2471bdf.zip |
app-arch/libarchive: Add patch to fix CVE-2022-36227.
New version is not released in libarchive with the CVE-2022-36227 fix.
Closes: https://bugs.gentoo.org/882521
Signed-off-by: Meena Shanmugam <meenashanmugam@google.com>
Closes: https://github.com/gentoo/gentoo/pull/28560
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'app-arch/libarchive')
-rw-r--r-- | app-arch/libarchive/files/libarchive-3.6.1-CVE-2022-36227.patch | 35 | ||||
-rw-r--r-- | app-arch/libarchive/libarchive-3.6.1-r1.ebuild (renamed from app-arch/libarchive/libarchive-3.6.1.ebuild) | 2 |
2 files changed, 37 insertions, 0 deletions
diff --git a/app-arch/libarchive/files/libarchive-3.6.1-CVE-2022-36227.patch b/app-arch/libarchive/files/libarchive-3.6.1-CVE-2022-36227.patch new file mode 100644 index 000000000000..da71a196b875 --- /dev/null +++ b/app-arch/libarchive/files/libarchive-3.6.1-CVE-2022-36227.patch @@ -0,0 +1,35 @@ +From bff38efe8c110469c5080d387bec62a6ca15b1a5 Mon Sep 17 00:00:00 2001 +From: obiwac <obiwac@gmail.com> +Date: Fri, 22 Jul 2022 22:41:10 +0200 +Subject: [PATCH] libarchive: Handle a `calloc` returning NULL (fixes #1754) + +--- + libarchive/archive_write.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/libarchive/archive_write.c b/libarchive/archive_write.c +index 66592e826..27626b541 100644 +--- a/libarchive/archive_write.c ++++ b/libarchive/archive_write.c +@@ -201,6 +201,10 @@ __archive_write_allocate_filter(struct archive *_a) + struct archive_write_filter *f; + + f = calloc(1, sizeof(*f)); ++ ++ if (f == NULL) ++ return (NULL); ++ + f->archive = _a; + f->state = ARCHIVE_WRITE_FILTER_STATE_NEW; + if (a->filter_first == NULL) +@@ -548,6 +552,10 @@ archive_write_open2(struct archive *_a, void *client_data, + a->client_data = client_data; + + client_filter = __archive_write_allocate_filter(_a); ++ ++ if (client_filter == NULL) ++ return (ARCHIVE_FATAL); ++ + client_filter->open = archive_write_client_open; + client_filter->write = archive_write_client_write; + client_filter->close = archive_write_client_close; diff --git a/app-arch/libarchive/libarchive-3.6.1.ebuild b/app-arch/libarchive/libarchive-3.6.1-r1.ebuild index 2c65539abe4b..886252808767 100644 --- a/app-arch/libarchive/libarchive-3.6.1.ebuild +++ b/app-arch/libarchive/libarchive-3.6.1-r1.ebuild @@ -47,6 +47,8 @@ BDEPEND=" PATCHES=( "${FILESDIR}"/${P}-glibc-2.36.patch + # https://github.com/libarchive/libarchive/pull/1759 + "${FILESDIR}"/${P}-CVE-2022-36227.patch ) multilib_src_configure() { |