cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update to bzip 1.0.7

Browse Source 
ok kn, probably ok sthen
This commit is contained in:
tj 2019-06-28 23:48:51 +00:00
parent 97c5945418
commit c059236938
4 changed files with 6 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
archivers/bzip2/Makefile
View File

@ -1,9 +1,8 @@
# $OpenBSD: Makefile,v 1.75 2019/06/24 14:46:36 sthen Exp $
# $OpenBSD: Makefile,v 1.76 2019/06/28 23:48:51 tj Exp $
COMMENT= block-sorting file compressor, unencumbered
DISTNAME= bzip2-1.0.6
REVISION= 10
DISTNAME= bzip2-1.0.7
CATEGORIES= archivers
@ -12,13 +11,12 @@ HOMEPAGE= https://gitlab.com/federicomenaquintero/bzip2
SHARED_LIBS= bz2 10.4
# BSD
PERMIT_PACKAGE_CDROM= Yes
PERMIT_PACKAGE= Yes
# uses pledge()
WANTLIB += c
# originally at bzip.org, domain expired
MASTER_SITES= https://spacehopper.org/mirrors/
MASTER_SITES= https://sourceware.org/pub/bzip2/
BZ2_CFLAGS= -Wall -Winline -fomit-frame-pointer -fno-strength-reduce
MAKE_FLAGS= CC="${CC}" CFLAGS="${CFLAGS} ${BZ2_CFLAGS}" \

4
archivers/bzip2/distinfo
View File

@ -1,2 +1,2 @@
SHA256 (bzip2-1.0.6.tar.gz) = ooSPNPzV1s9H3vAEYfy1KKBITY7e+CCNbS4pCdxh2c0=
SIZE (bzip2-1.0.6.tar.gz) = 782025
SHA256 (bzip2-1.0.7.tar.gz) = 52iofFsaeVEUmb60FQC8xMryA3Jv/0am9fmtJ/4Iqys=
SIZE (bzip2-1.0.7.tar.gz) = 809680

15
archivers/bzip2/patches/patch-bzip2recover_c
View File

@ -1,15 +0,0 @@
$OpenBSD: patch-bzip2recover_c,v 1.1 2016/06/28 09:56:23 jasper Exp $
CVE-2016-3189 bzip2: heap use after free in bzip2recover
Patch from: https://bugzilla.redhat.com/show_bug.cgi?id=1319648
--- bzip2recover.c.orig Tue Jun 28 11:54:25 2016
+++ bzip2recover.c Tue Jun 28 11:54:43 2016
@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv )
bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
bsPutUInt32 ( bsWr, blockCRC );
bsClose ( bsWr );
+ outFile = NULL;
}
if (wrBlock >= rbCtr) break;
wrBlock++;

27
archivers/bzip2/patches/patch-decompress_c
View File

@ -1,27 +0,0 @@
$OpenBSD: patch-decompress_c,v 1.1 2019/06/24 14:46:36 sthen Exp $
From 74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc Mon Sep 17 00:00:00 2001
From: Albert Astals Cid <aacid@kde.org>
Date: Tue, 28 May 2019 19:35:18 +0200
Subject: [PATCH] Make sure nSelectors is not out of range
nSelectors is used in a loop from 0 to nSelectors to access selectorMtf
which is
UChar selectorMtf[BZ_MAX_SELECTORS];
so if nSelectors is bigger than BZ_MAX_SELECTORS it'll do an invalid memory
access
Fixes out of bounds access discovered while fuzzying karchive
Index: decompress.c
--- decompress.c.orig
+++ decompress.c
@@ -287,7 +287,7 @@ Int32 BZ2_decompress ( DState* s )
GET_BITS(BZ_X_SELECTOR_1, nGroups, 3);
if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR);
GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
- if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
+ if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
for (i = 0; i < nSelectors; i++) {
j = 0;
while (True) {