[PR PATCH] file: add patch for CVE-2019-18218

Github messages for voidlinux
 help / color / mirror / Atom feed

* [PR PATCH] file: add patch for CVE-2019-18218
@ 2019-10-29  1:41 voidlinux-github
  2019-10-29  1:56 ` voidlinux-github
                   ` (4 more replies)
  0 siblings, 5 replies; 6+ messages in thread
From: voidlinux-github @ 2019-10-29  1:41 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 453 bytes --]

There is a new pull request by ndowens against master on the void-packages repository

https://github.com/ndowens/void-packages file
https://github.com/void-linux/void-packages/pull/15881

file: add patch for CVE-2019-18218
CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-18218
Patch: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84

A patch file from https://github.com/void-linux/void-packages/pull/15881.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-file-15881.patch --]
[-- Type: text/x-diff, Size: 3016 bytes --]

From 24698888e2f71df5e73684e74f21cff14d6718d8 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens04@gmail.com>
Date: Tue, 29 Oct 2019 01:41:24 +0000
Subject: [PATCH] file: add patch for CVE-2019-18218

CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-18218
Patch: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
---
 ...-of-elements-in-a-vector-found-by-os.patch | 59 +++++++++++++++++++
 srcpkgs/file/template                         |  2 +-
 2 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch

diff --git a/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch b/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch
new file mode 100644
index 00000000000..0507f75f81f
--- /dev/null
+++ b/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch
@@ -0,0 +1,59 @@
+From ba28c7f45bc1fd8cf882ad21ce619655c2736d7b Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Mon, 26 Aug 2019 14:31:39 +0000
+Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz)
+
+---
+ src/cdf.c | 9 ++++-----
+ src/cdf.h | 1 +
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/cdf.c b/src/cdf.c
+index 556a3ff8..e4835fef 100644
+--- src/cdf.c
++++ src/cdf.c
+@@ -35,7 +35,7 @@
+ #include "file.h"
+ 
+ #ifndef lint
+-FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $")
++FILE_RCSID("@(#)$File: cdf.c,v 1.116 2019/08/26 14:31:39 christos Exp $")
+ #endif
+ 
+ #include <assert.h>
+@@ -1013,8 +1013,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 				goto out;
+ 			}
+ 			nelements = CDF_GETUINT32(q, 1);
+-			if (nelements == 0) {
+-				DPRINTF(("CDF_VECTOR with nelements == 0\n"));
++			if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
++				DPRINTF(("CDF_VECTOR with nelements == %"
++				    SIZE_T_FORMAT "u\n", nelements));
+ 				goto out;
+ 			}
+ 			slen = 2;
+@@ -1056,8 +1057,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 					goto out;
+ 				inp += nelem;
+ 			}
+-			DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
+-			    nelements));
+ 			for (j = 0; j < nelements && i < sh.sh_properties;
+ 			    j++, i++)
+ 			{
+diff --git a/src/cdf.h b/src/cdf.h
+index 2f7e554b..05056668 100644
+--- src/cdf.h
++++ src/cdf.h
+@@ -48,6 +48,7 @@
+ typedef int32_t cdf_secid_t;
+ 
+ #define CDF_LOOP_LIMIT					10000
++#define CDF_ELEMENT_LIMIT				100000
+ 
+ #define CDF_SECID_NULL					0
+ #define CDF_SECID_FREE					-1
+-- 
+2.23.0
+
diff --git a/srcpkgs/file/template b/srcpkgs/file/template
index f12b0233e16..03aaa501cfb 100644
--- a/srcpkgs/file/template
+++ b/srcpkgs/file/template
@@ -1,7 +1,7 @@
 # Template file for 'file'
 pkgname=file
 version=5.37
-revision=1
+revision=2
 bootstrap=yes
 build_style=gnu-configure
 configure_args="--enable-static"

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: file: add patch for CVE-2019-18218
  2019-10-29  1:41 [PR PATCH] file: add patch for CVE-2019-18218 voidlinux-github
@ 2019-10-29  1:56 ` voidlinux-github
  2019-10-29  1:59 ` voidlinux-github
                   ` (3 subsequent siblings)
  4 siblings, 0 replies; 6+ messages in thread
From: voidlinux-github @ 2019-10-29  1:56 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 268 bytes --]

New comment by ndowens on void-packages repository

https://github.com/void-linux/void-packages/pull/15881#issuecomment-547221112

Comment:
Looks like the fail is not because of patch causing issues, but network issue from builder, I tested i686 and it built fine too

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: file: add patch for CVE-2019-18218
  2019-10-29  1:41 [PR PATCH] file: add patch for CVE-2019-18218 voidlinux-github
  2019-10-29  1:56 ` voidlinux-github
@ 2019-10-29  1:59 ` voidlinux-github
  2019-10-29  3:57 ` [PR PATCH] [Updated] " voidlinux-github
                   ` (2 subsequent siblings)
  4 siblings, 0 replies; 6+ messages in thread
From: voidlinux-github @ 2019-10-29  1:59 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 290 bytes --]

New comment by ndowens on void-packages repository

https://github.com/void-linux/void-packages/pull/15881#issuecomment-547221112

Comment:
Looks like the fail is not because of patch causing issues, but network issue from builder, I tested i686/i686_musl/x86_64-musl and it built fine too

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PR PATCH] [Updated] file: add patch for CVE-2019-18218
  2019-10-29  1:41 [PR PATCH] file: add patch for CVE-2019-18218 voidlinux-github
  2019-10-29  1:56 ` voidlinux-github
  2019-10-29  1:59 ` voidlinux-github
@ 2019-10-29  3:57 ` voidlinux-github
  2019-10-29  3:57 ` voidlinux-github
  2019-10-29 14:50 ` [PR PATCH] [Merged]: " voidlinux-github
  4 siblings, 0 replies; 6+ messages in thread
From: voidlinux-github @ 2019-10-29  3:57 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 458 bytes --]

There is an updated pull request by ndowens against master on the void-packages repository

https://github.com/ndowens/void-packages file
https://github.com/void-linux/void-packages/pull/15881

file: add patch for CVE-2019-18218
CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-18218
Patch: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84

A patch file from https://github.com/void-linux/void-packages/pull/15881.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-file-15881.patch --]
[-- Type: text/x-diff, Size: 3016 bytes --]

From 09bf44c003f7ef2336830ff6a79c23207cccb1c2 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens04@gmail.com>
Date: Tue, 29 Oct 2019 01:41:24 +0000
Subject: [PATCH] file: add patch for CVE-2019-18218

CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-18218
Patch: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
---
 ...-of-elements-in-a-vector-found-by-os.patch | 59 +++++++++++++++++++
 srcpkgs/file/template                         |  2 +-
 2 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch

diff --git a/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch b/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch
new file mode 100644
index 00000000000..0507f75f81f
--- /dev/null
+++ b/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch
@@ -0,0 +1,59 @@
+From ba28c7f45bc1fd8cf882ad21ce619655c2736d7b Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Mon, 26 Aug 2019 14:31:39 +0000
+Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz)
+
+---
+ src/cdf.c | 9 ++++-----
+ src/cdf.h | 1 +
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/cdf.c b/src/cdf.c
+index 556a3ff8..e4835fef 100644
+--- src/cdf.c
++++ src/cdf.c
+@@ -35,7 +35,7 @@
+ #include "file.h"
+ 
+ #ifndef lint
+-FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $")
++FILE_RCSID("@(#)$File: cdf.c,v 1.116 2019/08/26 14:31:39 christos Exp $")
+ #endif
+ 
+ #include <assert.h>
+@@ -1013,8 +1013,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 				goto out;
+ 			}
+ 			nelements = CDF_GETUINT32(q, 1);
+-			if (nelements == 0) {
+-				DPRINTF(("CDF_VECTOR with nelements == 0\n"));
++			if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
++				DPRINTF(("CDF_VECTOR with nelements == %"
++				    SIZE_T_FORMAT "u\n", nelements));
+ 				goto out;
+ 			}
+ 			slen = 2;
+@@ -1056,8 +1057,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 					goto out;
+ 				inp += nelem;
+ 			}
+-			DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
+-			    nelements));
+ 			for (j = 0; j < nelements && i < sh.sh_properties;
+ 			    j++, i++)
+ 			{
+diff --git a/src/cdf.h b/src/cdf.h
+index 2f7e554b..05056668 100644
+--- src/cdf.h
++++ src/cdf.h
+@@ -48,6 +48,7 @@
+ typedef int32_t cdf_secid_t;
+ 
+ #define CDF_LOOP_LIMIT					10000
++#define CDF_ELEMENT_LIMIT				100000
+ 
+ #define CDF_SECID_NULL					0
+ #define CDF_SECID_FREE					-1
+-- 
+2.23.0
+
diff --git a/srcpkgs/file/template b/srcpkgs/file/template
index f12b0233e16..03aaa501cfb 100644
--- a/srcpkgs/file/template
+++ b/srcpkgs/file/template
@@ -1,7 +1,7 @@
 # Template file for 'file'
 pkgname=file
 version=5.37
-revision=1
+revision=2
 bootstrap=yes
 build_style=gnu-configure
 configure_args="--enable-static"

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PR PATCH] [Updated] file: add patch for CVE-2019-18218
  2019-10-29  1:41 [PR PATCH] file: add patch for CVE-2019-18218 voidlinux-github
                   ` (2 preceding siblings ...)
  2019-10-29  3:57 ` [PR PATCH] [Updated] " voidlinux-github
@ 2019-10-29  3:57 ` voidlinux-github
  2019-10-29 14:50 ` [PR PATCH] [Merged]: " voidlinux-github
  4 siblings, 0 replies; 6+ messages in thread
From: voidlinux-github @ 2019-10-29  3:57 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 458 bytes --]

There is an updated pull request by ndowens against master on the void-packages repository

https://github.com/ndowens/void-packages file
https://github.com/void-linux/void-packages/pull/15881

file: add patch for CVE-2019-18218
CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-18218
Patch: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84

A patch file from https://github.com/void-linux/void-packages/pull/15881.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-file-15881.patch --]
[-- Type: text/x-diff, Size: 3016 bytes --]

From 09bf44c003f7ef2336830ff6a79c23207cccb1c2 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens04@gmail.com>
Date: Tue, 29 Oct 2019 01:41:24 +0000
Subject: [PATCH] file: add patch for CVE-2019-18218

CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-18218
Patch: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
---
 ...-of-elements-in-a-vector-found-by-os.patch | 59 +++++++++++++++++++
 srcpkgs/file/template                         |  2 +-
 2 files changed, 60 insertions(+), 1 deletion(-)
 create mode 100644 srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch

diff --git a/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch b/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch
new file mode 100644
index 00000000000..0507f75f81f
--- /dev/null
+++ b/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch
@@ -0,0 +1,59 @@
+From ba28c7f45bc1fd8cf882ad21ce619655c2736d7b Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Mon, 26 Aug 2019 14:31:39 +0000
+Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz)
+
+---
+ src/cdf.c | 9 ++++-----
+ src/cdf.h | 1 +
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/cdf.c b/src/cdf.c
+index 556a3ff8..e4835fef 100644
+--- src/cdf.c
++++ src/cdf.c
+@@ -35,7 +35,7 @@
+ #include "file.h"
+ 
+ #ifndef lint
+-FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $")
++FILE_RCSID("@(#)$File: cdf.c,v 1.116 2019/08/26 14:31:39 christos Exp $")
+ #endif
+ 
+ #include <assert.h>
+@@ -1013,8 +1013,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 				goto out;
+ 			}
+ 			nelements = CDF_GETUINT32(q, 1);
+-			if (nelements == 0) {
+-				DPRINTF(("CDF_VECTOR with nelements == 0\n"));
++			if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
++				DPRINTF(("CDF_VECTOR with nelements == %"
++				    SIZE_T_FORMAT "u\n", nelements));
+ 				goto out;
+ 			}
+ 			slen = 2;
+@@ -1056,8 +1057,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 					goto out;
+ 				inp += nelem;
+ 			}
+-			DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
+-			    nelements));
+ 			for (j = 0; j < nelements && i < sh.sh_properties;
+ 			    j++, i++)
+ 			{
+diff --git a/src/cdf.h b/src/cdf.h
+index 2f7e554b..05056668 100644
+--- src/cdf.h
++++ src/cdf.h
+@@ -48,6 +48,7 @@
+ typedef int32_t cdf_secid_t;
+ 
+ #define CDF_LOOP_LIMIT					10000
++#define CDF_ELEMENT_LIMIT				100000
+ 
+ #define CDF_SECID_NULL					0
+ #define CDF_SECID_FREE					-1
+-- 
+2.23.0
+
diff --git a/srcpkgs/file/template b/srcpkgs/file/template
index f12b0233e16..03aaa501cfb 100644
--- a/srcpkgs/file/template
+++ b/srcpkgs/file/template
@@ -1,7 +1,7 @@
 # Template file for 'file'
 pkgname=file
 version=5.37
-revision=1
+revision=2
 bootstrap=yes
 build_style=gnu-configure
 configure_args="--enable-static"

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PR PATCH] [Merged]: file: add patch for CVE-2019-18218
  2019-10-29  1:41 [PR PATCH] file: add patch for CVE-2019-18218 voidlinux-github
                   ` (3 preceding siblings ...)
  2019-10-29  3:57 ` voidlinux-github
@ 2019-10-29 14:50 ` voidlinux-github
  4 siblings, 0 replies; 6+ messages in thread
From: voidlinux-github @ 2019-10-29 14:50 UTC (permalink / raw)
  To: ml

[-- Attachment #1: Type: text/plain, Size: 305 bytes --]

There's a merged pull request on the void-packages repository

file: add patch for CVE-2019-18218
https://github.com/void-linux/void-packages/pull/15881

Description:
CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-18218
Patch: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2019-10-29 14:50 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-29  1:41 [PR PATCH] file: add patch for CVE-2019-18218 voidlinux-github
2019-10-29  1:56 ` voidlinux-github
2019-10-29  1:59 ` voidlinux-github
2019-10-29  3:57 ` [PR PATCH] [Updated] " voidlinux-github
2019-10-29  3:57 ` voidlinux-github
2019-10-29 14:50 ` [PR PATCH] [Merged]: " voidlinux-github

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).