diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2016-02-14 14:46:49 -0500 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2016-02-14 14:47:27 -0500 |
| commit | 5a7c109933aac0f9de580513346ebe94f3acd4f2 (patch) | |
| tree | 510751ffcee6b0a45a8cab6e105d7910c0954cea /app-arch | |
| parent | app-arch/cpio: drop autotools usage (diff) | |
| download | gentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.tar.gz gentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.tar.bz2 gentoo-5a7c109933aac0f9de580513346ebe94f3acd4f2.zip | |
app-arch/cpio: fix small buffer overflow #572428
Diffstat (limited to 'app-arch')
| -rw-r--r-- | app-arch/cpio/cpio-2.12-r1.ebuild | 28 | ||||
| -rw-r--r-- | app-arch/cpio/files/cpio-2.12-name-overflow.patch | 15 |
2 files changed, 43 insertions, 0 deletions
diff --git a/app-arch/cpio/cpio-2.12-r1.ebuild b/app-arch/cpio/cpio-2.12-r1.ebuild new file mode 100644 index 000000000000..b9465204b304 --- /dev/null +++ b/app-arch/cpio/cpio-2.12-r1.ebuild @@ -0,0 +1,28 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI="5" + +inherit eutils + +DESCRIPTION="A file archival tool which can also read and write tar files" +HOMEPAGE="https://www.gnu.org/software/cpio/cpio.html" +SRC_URI="mirror://gnu/cpio/${P}.tar.bz2" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~hppa-hpux ~ia64-hpux ~x86-interix ~amd64-linux ~arm-linux ~ia64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="nls" + +src_prepare() { + epatch "${FILESDIR}"/${PN}-2.12-non-gnu-compilers.patch #275295 + epatch "${FILESDIR}"/${PN}-2.12-name-overflow.patch #572428 +} + +src_configure() { + econf \ + $(use_enable nls) \ + --bindir="${EPREFIX}"/bin \ + --with-rmt="${EPREFIX}"/usr/sbin/rmt +} diff --git a/app-arch/cpio/files/cpio-2.12-name-overflow.patch b/app-arch/cpio/files/cpio-2.12-name-overflow.patch new file mode 100644 index 000000000000..f85246884c39 --- /dev/null +++ b/app-arch/cpio/files/cpio-2.12-name-overflow.patch @@ -0,0 +1,15 @@ +https://bugs.gentoo.org/572428 +https://lists.gnu.org/archive/html/bug-cpio/2016-01/msg00002.html +http://seclists.org/oss-sec/2016/q1/136 + +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -1385,6 +1385,8 @@ + break; + } + ++ if (file_hdr.c_namesize <= 1) ++ file_hdr.c_name = xrealloc (file_hdr.c_name, 2); + cpio_safer_name_suffix (file_hdr.c_name, false, !no_abs_paths_flag, + false); + |