[gentoo-commits] gentoo-x86 commit in app-arch/tar/files: tar-1.23-strncpy.patch - gentoo-commits

From:	"Tony Vroon (chainsaw)" <chainsaw@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in app-arch/tar/files: tar-1.23-strncpy.patch
Date:	Sun, 25 Apr 2010 17:03:10
Message-Id:	`20100425164424.081042C070@corvid.gentoo.org`

1

chainsaw    10/04/25 16:44:23

2

3

  Added:                tar-1.23-strncpy.patch

4

  Log:

5

  Glibc built with GCC 4.5 will notice a buffer overflow in the handling of OLD_GNU magic bytes and kill us. Apply a Fedora patch scavenged by Emil Karlson to avoid this happening; closes bug #317139.

6

  (Portage version: 2.2_rc67/cvs/Linux x86_64)

7

8

Revision  Changes    Path

9

1.1                  app-arch/tar/files/tar-1.23-strncpy.patch

10

11

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-arch/tar/files/tar-1.23-strncpy.patch?rev=1.1&view=markup

12

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-arch/tar/files/tar-1.23-strncpy.patch?rev=1.1&content-type=text/plain

13

14

Index: tar-1.23-strncpy.patch

15

===================================================================

16

diff -uNr tar-1.23.ORIG//src/create.c tar-1.23/src/create.c

17

--- tar-1.23.ORIG//src/create.c	2010-04-25 17:36:03.553606076 +0100

18

+++ tar-1.23/src/create.c	2010-04-25 17:36:16.294605862 +0100

19

@@ -575,7 +575,10 @@

20

   GNAME_TO_CHARS (tmpname, header->header.gname);

21

   free (tmpname);

22

23

-  strcpy (header->header.magic, OLDGNU_MAGIC);

24

+  /* OLDGNU_MAGIC is string with 7 chars + NULL */

25

+  strncpy (header->header.magic, OLDGNU_MAGIC, sizeof(header->header.magic));

26

+  strncpy (header->header.version, OLDGNU_MAGIC+sizeof(header->header.magic),

27

+           sizeof(header->header.version));

28

   header->header.typeflag = type;

29

   finish_header (st, header, -1);

30

31

@@ -910,9 +913,13 @@

32

       break;

33

34

     case OLDGNU_FORMAT:

35

-    case GNU_FORMAT:   /*FIXME?*/

36

-      /* Overwrite header->header.magic and header.version in one blow.  */

37

-      strcpy (header->header.magic, OLDGNU_MAGIC);

38

+    case GNU_FORMAT:

39

+      /* OLDGNU_MAGIC is string with 7 chars + NULL */

40

+      strncpy (header->header.magic, OLDGNU_MAGIC,

41

+               sizeof(header->header.magic));

42

+      strncpy (header->header.version,

43

+               OLDGNU_MAGIC+sizeof(header->header.magic),

44

+               sizeof(header->header.version));

45

       break;

46

47

     case POSIX_FORMAT:

1	chainsaw 10/04/25 16:44:23
2
3	Added: tar-1.23-strncpy.patch
4	Log:
5	Glibc built with GCC 4.5 will notice a buffer overflow in the handling of OLD_GNU magic bytes and kill us. Apply a Fedora patch scavenged by Emil Karlson to avoid this happening; closes bug #317139.
6	(Portage version: 2.2_rc67/cvs/Linux x86_64)
7
8	Revision Changes Path
9	1.1 app-arch/tar/files/tar-1.23-strncpy.patch
10
11	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-arch/tar/files/tar-1.23-strncpy.patch?rev=1.1&view=markup
12	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/app-arch/tar/files/tar-1.23-strncpy.patch?rev=1.1&content-type=text/plain
13
14	Index: tar-1.23-strncpy.patch
15	===================================================================
16	diff -uNr tar-1.23.ORIG//src/create.c tar-1.23/src/create.c
17	--- tar-1.23.ORIG//src/create.c 2010-04-25 17:36:03.553606076 +0100
18	+++ tar-1.23/src/create.c 2010-04-25 17:36:16.294605862 +0100
19	@@ -575,7 +575,10 @@
20	GNAME_TO_CHARS (tmpname, header->header.gname);
21	free (tmpname);
22
23	- strcpy (header->header.magic, OLDGNU_MAGIC);
24	+ /* OLDGNU_MAGIC is string with 7 chars + NULL */
25	+ strncpy (header->header.magic, OLDGNU_MAGIC, sizeof(header->header.magic));
26	+ strncpy (header->header.version, OLDGNU_MAGIC+sizeof(header->header.magic),
27	+ sizeof(header->header.version));
28	header->header.typeflag = type;
29	finish_header (st, header, -1);
30
31	@@ -910,9 +913,13 @@
32	break;
33
34	case OLDGNU_FORMAT:
35	- case GNU_FORMAT: /FIXME?/
36	- /* Overwrite header->header.magic and header.version in one blow. */
37	- strcpy (header->header.magic, OLDGNU_MAGIC);
38	+ case GNU_FORMAT:
39	+ /* OLDGNU_MAGIC is string with 7 chars + NULL */
40	+ strncpy (header->header.magic, OLDGNU_MAGIC,
41	+ sizeof(header->header.magic));
42	+ strncpy (header->header.version,
43	+ OLDGNU_MAGIC+sizeof(header->header.magic),
44	+ sizeof(header->header.version));
45	break;
46
47	case POSIX_FORMAT:

Gentoo Archives: gentoo-commits