summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2016-02-14 14:46:49 -0500
committerMike Frysinger <vapier@gentoo.org>2016-02-14 14:47:27 -0500
commit5a7c109933aac0f9de580513346ebe94f3acd4f2 (patch)
tree510751ffcee6b0a45a8cab6e105d7910c0954cea /app-arch/cpio/files
parentapp-arch/cpio: drop autotools usage (diff)
downloadgentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.tar.gz
gentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.tar.bz2
gentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.zip
app-arch/cpio: fix small buffer overflow #572428
Diffstat (limited to 'app-arch/cpio/files')
-rw-r--r--app-arch/cpio/files/cpio-2.12-name-overflow.patch15
1 files changed, 15 insertions, 0 deletions
diff --git a/app-arch/cpio/files/cpio-2.12-name-overflow.patch b/app-arch/cpio/files/cpio-2.12-name-overflow.patch
new file mode 100644
index 000000000000..f85246884c39
--- /dev/null
+++ b/app-arch/cpio/files/cpio-2.12-name-overflow.patch
@@ -0,0 +1,15 @@
+https://bugs.gentoo.org/572428
+https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00002.html
+http://seclists.org/oss-sec/2016/q1/136
+
+--- a/src/copyin.c
++++ b/src/copyin.c
+@@ -1385,6 +1385,8 @@
+ break;
+ }
+
++ if (file_hdr.c_namesize <= 1)
++ file_hdr.c_name = xrealloc (file_hdr.c_name, 2);
+ cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag,
+ false);
+