* [PR PATCH] matio: CVE-2019-20020 patch
@ 2019-12-29 0:35 voidlinux-github
2019-12-29 0:36 ` [PR PATCH] [Updated] " voidlinux-github
2019-12-29 8:04 ` [PR PATCH] [Merged]: " voidlinux-github
0 siblings, 2 replies; 3+ messages in thread
From: voidlinux-github @ 2019-12-29 0:35 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 359 bytes --]
There is a new pull request by ndowens against master on the void-packages repository
https://github.com/ndowens/void-packages matio
https://github.com/void-linux/void-packages/pull/17851
matio: CVE-2019-20020 patch
Signed-off-by: Nathan Owens <ndowens04@gmail.com>
A patch file from https://github.com/void-linux/void-packages/pull/17851.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-matio-17851.patch --]
[-- Type: text/x-diff, Size: 2565 bytes --]
From ccd08ce46f552a8a7620d9539d8de71402901228 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens04@gmail.com>
Date: Sat, 28 Dec 2019 18:27:42 -0600
Subject: [PATCH] matio: CVE-2019-20020 patch
Signed-off-by: Nathan Owens <ndowens04@gmail.com>
---
srcpkgs/matio/patches/CVE-2019-20020.patch | 45 ++++++++++++++++++++++
1 file changed, 45 insertions(+)
create mode 100644 srcpkgs/matio/patches/CVE-2019-20020.patch
diff --git a/srcpkgs/matio/patches/CVE-2019-20020.patch b/srcpkgs/matio/patches/CVE-2019-20020.patch
new file mode 100644
index 00000000000..f86cee5ec1a
--- /dev/null
+++ b/srcpkgs/matio/patches/CVE-2019-20020.patch
@@ -0,0 +1,45 @@
+From 8138e767bf6df7cccf1664f3a854e596628fdb2d Mon Sep 17 00:00:00 2001
+From: Nathan Owens <ndowens04@gmail.com>
+Date: Sat, 28 Dec 2019 18:25:58 -0600
+Subject: [PATCH] matio: CVE-2019-20020 patch
+
+Signed-off-by: Nathan Owens <ndowens04@gmail.com>
+---
+ src/mat5.c | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/src/mat5.c b/src/mat5.c
+index abdb351..776f233 100644
+--- src/mat5.c
++++ src/mat5.c
+@@ -980,10 +980,26 @@ ReadNextCell( mat_t *mat, matvar_t *matvar )
+ /* Rank and Dimension */
+ if ( uncomp_buf[0] == MAT_T_INT32 ) {
+ int j;
++ size_t size;
+ cells[i]->rank = uncomp_buf[1];
+ nbytes -= cells[i]->rank;
+ cells[i]->rank /= 4;
+- cells[i]->dims = (size_t*)malloc(cells[i]->rank*sizeof(*cells[i]->dims));
++ if ( 0 == do_clean && cells[i]->rank > 13 ) {
++ int rank = cells[i]->rank;
++ cells[i]->rank = 0;
++ Mat_Critical("%d is not a valid rank", rank);
++ continue;
++ }
++ err = SafeMul(&size, cells[i]->rank, sizeof(*cells[i]->dims));
++ if ( err ) {
++ if ( do_clean )
++ free(dims);
++ Mat_VarFree(cells[i]);
++ cells[i] = NULL;
++ Mat_Critical("Integer multiplication overflow");
++ continue;
++ }
++ cells[i]->dims = (size_t*)malloc(size);
+ if ( mat->byteswap ) {
+ for ( j = 0; j < cells[i]->rank; j++ )
+ cells[i]->dims[j] = Mat_uint32Swap(dims + j);
+--
+2.24.1
+
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PR PATCH] [Updated] matio: CVE-2019-20020 patch
2019-12-29 0:35 [PR PATCH] matio: CVE-2019-20020 patch voidlinux-github
@ 2019-12-29 0:36 ` voidlinux-github
2019-12-29 8:04 ` [PR PATCH] [Merged]: " voidlinux-github
1 sibling, 0 replies; 3+ messages in thread
From: voidlinux-github @ 2019-12-29 0:36 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 364 bytes --]
There is an updated pull request by ndowens against master on the void-packages repository
https://github.com/ndowens/void-packages matio
https://github.com/void-linux/void-packages/pull/17851
matio: CVE-2019-20020 patch
Signed-off-by: Nathan Owens <ndowens04@gmail.com>
A patch file from https://github.com/void-linux/void-packages/pull/17851.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-matio-17851.patch --]
[-- Type: text/x-diff, Size: 2979 bytes --]
From 525330b8530cad7680008100e5a3cea6a009f675 Mon Sep 17 00:00:00 2001
From: Nathan Owens <ndowens04@gmail.com>
Date: Sat, 28 Dec 2019 18:27:42 -0600
Subject: [PATCH] matio: CVE-2019-20020 patch
Signed-off-by: Nathan Owens <ndowens04@gmail.com>
---
srcpkgs/matio/patches/CVE-2019-20020.patch | 45 ++++++++++++++++++++++
srcpkgs/matio/template | 2 +-
2 files changed, 46 insertions(+), 1 deletion(-)
create mode 100644 srcpkgs/matio/patches/CVE-2019-20020.patch
diff --git a/srcpkgs/matio/patches/CVE-2019-20020.patch b/srcpkgs/matio/patches/CVE-2019-20020.patch
new file mode 100644
index 00000000000..f86cee5ec1a
--- /dev/null
+++ b/srcpkgs/matio/patches/CVE-2019-20020.patch
@@ -0,0 +1,45 @@
+From 8138e767bf6df7cccf1664f3a854e596628fdb2d Mon Sep 17 00:00:00 2001
+From: Nathan Owens <ndowens04@gmail.com>
+Date: Sat, 28 Dec 2019 18:25:58 -0600
+Subject: [PATCH] matio: CVE-2019-20020 patch
+
+Signed-off-by: Nathan Owens <ndowens04@gmail.com>
+---
+ src/mat5.c | 18 +++++++++++++++++-
+ 1 file changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/src/mat5.c b/src/mat5.c
+index abdb351..776f233 100644
+--- src/mat5.c
++++ src/mat5.c
+@@ -980,10 +980,26 @@ ReadNextCell( mat_t *mat, matvar_t *matvar )
+ /* Rank and Dimension */
+ if ( uncomp_buf[0] == MAT_T_INT32 ) {
+ int j;
++ size_t size;
+ cells[i]->rank = uncomp_buf[1];
+ nbytes -= cells[i]->rank;
+ cells[i]->rank /= 4;
+- cells[i]->dims = (size_t*)malloc(cells[i]->rank*sizeof(*cells[i]->dims));
++ if ( 0 == do_clean && cells[i]->rank > 13 ) {
++ int rank = cells[i]->rank;
++ cells[i]->rank = 0;
++ Mat_Critical("%d is not a valid rank", rank);
++ continue;
++ }
++ err = SafeMul(&size, cells[i]->rank, sizeof(*cells[i]->dims));
++ if ( err ) {
++ if ( do_clean )
++ free(dims);
++ Mat_VarFree(cells[i]);
++ cells[i] = NULL;
++ Mat_Critical("Integer multiplication overflow");
++ continue;
++ }
++ cells[i]->dims = (size_t*)malloc(size);
+ if ( mat->byteswap ) {
+ for ( j = 0; j < cells[i]->rank; j++ )
+ cells[i]->dims[j] = Mat_uint32Swap(dims + j);
+--
+2.24.1
+
diff --git a/srcpkgs/matio/template b/srcpkgs/matio/template
index 9bd663e26b2..63d059701b6 100644
--- a/srcpkgs/matio/template
+++ b/srcpkgs/matio/template
@@ -1,7 +1,7 @@
# Template file for 'matio'
pkgname=matio
version=1.5.17
-revision=1
+revision=2
build_style=gnu-configure
configure_args="--disable-static"
hostmakedepends="libtool"
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PR PATCH] [Merged]: matio: CVE-2019-20020 patch
2019-12-29 0:35 [PR PATCH] matio: CVE-2019-20020 patch voidlinux-github
2019-12-29 0:36 ` [PR PATCH] [Updated] " voidlinux-github
@ 2019-12-29 8:04 ` voidlinux-github
1 sibling, 0 replies; 3+ messages in thread
From: voidlinux-github @ 2019-12-29 8:04 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 210 bytes --]
There's a merged pull request on the void-packages repository
matio: CVE-2019-20020 patch
https://github.com/void-linux/void-packages/pull/17851
Description:
Signed-off-by: Nathan Owens <ndowens04@gmail.com>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-12-29 8:04 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-29 0:35 [PR PATCH] matio: CVE-2019-20020 patch voidlinux-github
2019-12-29 0:36 ` [PR PATCH] [Updated] " voidlinux-github
2019-12-29 8:04 ` [PR PATCH] [Merged]: " voidlinux-github
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).