From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: Received: from ptx.hi.pengutronix.de ([2001:67c:670:100:1d::c0] ident=Debian-exim) by metis.ext.pengutronix.de with esmtp (Exim 4.72) (envelope-from ) id 1XTozU-0005KQ-Ke for ptxdist@pengutronix.de; Tue, 16 Sep 2014 11:24:04 +0200 Received: from mol by ptx.hi.pengutronix.de with local (Exim 4.80) (envelope-from ) id 1XTozU-0004cO-JB for ptxdist@pengutronix.de; Tue, 16 Sep 2014 11:24:04 +0200 Date: Tue, 16 Sep 2014 11:24:04 +0200 From: Michael Olbrich Message-ID: <20140916092404.GB18865@pengutronix.de> References: <1409894861-27020-1-git-send-email-post@lespocky.de> <1410508972-2576-1-git-send-email-post@lespocky.de> <1410508972-2576-2-git-send-email-post@lespocky.de> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <1410508972-2576-2-git-send-email-post@lespocky.de> Subject: Re: [ptxdist] [PATCH v2 2/2] file: add patch with upstream commit 0641e56 to fix CVE-2014-3587 Reply-To: ptxdist@pengutronix.de List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: ptxdist-bounces@pengutronix.de Errors-To: ptxdist-bounces@pengutronix.de To: ptxdist@pengutronix.de On Fri, Sep 12, 2014 at 10:02:52AM +0200, Alexander Dahl wrote: > > Signed-off-by: Alexander Dahl Thanks, both applied. Michael > --- > ...p-around-Remi-Collet-at-redhat-cherry-pic.patch | 26 ++++++++++++++++++++ > patches/file-5.19/series | 5 ++++ > 2 files changed, 31 insertions(+) > create mode 100644 patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch > create mode 100644 patches/file-5.19/series > > diff --git a/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch b/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch > new file mode 100644 > index 0000000..bcb141f > --- /dev/null > +++ b/patches/file-5.19/0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch > @@ -0,0 +1,26 @@ > +From: Christos Zoulas > +Date: Thu, 7 Aug 2014 09:38:35 +0000 > +Subject: [PATCH] Prevent wrap around (Remi Collet at redhat) (cherry picked > + from commit 0641e56be1af003aa02c7c6b0184466540637233) > + > +Conflicts: > + src/cdf.c > +--- > + src/cdf.c | 4 ++++ > + 1 file changed, 4 insertions(+) > + > +diff --git a/src/cdf.c b/src/cdf.c > +index 106fc7a..bc94cb9 100644 > +--- a/src/cdf.c > ++++ b/src/cdf.c > +@@ -824,6 +824,10 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h, > + q = (const uint8_t *)(const void *) > + ((const char *)(const void *)p + ofs > + - 2 * sizeof(uint32_t)); > ++ if (q < p) { > ++ DPRINTF(("Wrapped around %p < %p\n", q, p)); > ++ goto out; > ++ } > + if (q > e) { > + DPRINTF(("Ran of the end %p > %p\n", q, e)); > + goto out; > diff --git a/patches/file-5.19/series b/patches/file-5.19/series > new file mode 100644 > index 0000000..eacd4da > --- /dev/null > +++ b/patches/file-5.19/series > @@ -0,0 +1,5 @@ > +# generated by git-ptx-patches > +#tag:base --start-number 1 > +#tag:upstream --start-number 1 > +0001-Prevent-wrap-around-Remi-Collet-at-redhat-cherry-pic.patch > +# 5d28e91bad86a7562482bbcb752de1f1 - git-ptx-patches magic > -- > 1.7.10.4 > > > -- > ptxdist mailing list > ptxdist@pengutronix.de > -- Pengutronix e.K. | | Industrial Linux Solutions | http://www.pengutronix.de/ | Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 | -- ptxdist mailing list ptxdist@pengutronix.de