[ptxdist] [PATCH] e2fsprogs: Version bump. 1.46.5 -> 1.46.6

mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed

* [ptxdist] [PATCH] e2fsprogs: Version bump. 1.46.5 -> 1.46.6
@ 2023-02-04 17:54 Christian Melki
  2023-02-10 14:17 ` [ptxdist] [APPLIED] " Michael Olbrich
  0 siblings, 1 reply; 2+ messages in thread
From: Christian Melki @ 2023-02-04 17:54 UTC (permalink / raw)
  To: ptxdist

Minor fixes, speedups etc.
https://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.46.6

* Remove patches. CVE-2022-1304 is fixed in release.
* Add missing largefile option.
* Explicitly disable new option.

Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
 ...-sanity-check-to-extent-manipulation.patch | 51 -------------------
 patches/e2fsprogs-1.46.5/series               |  4 --
 rules/e2fsprogs.make                          |  6 ++-
 3 files changed, 4 insertions(+), 57 deletions(-)
 delete mode 100644 patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch
 delete mode 100644 patches/e2fsprogs-1.46.5/series

diff --git a/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch b/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch
deleted file mode 100644
index 979dbb236..000000000
--- a/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-From: Lukas Czerner <lczerner@redhat.com>
-Date: Thu, 21 Apr 2022 19:31:48 +0200
-Subject: [PATCH] libext2fs: add sanity check to extent manipulation
-
-It is possible to have a corrupted extent tree in such a way that a leaf
-node contains zero extents in it. Currently if that happens and we try
-to traverse the tree we can end up accessing wrong data, or possibly
-even uninitialized memory. Make sure we don't do that.
-
-Additionally make sure that we have a sane number of bytes passed to
-memmove() in ext2fs_extent_delete().
-
-Note that e2fsck is currently unable to spot and fix such corruption in
-pass1.
-
-Signed-off-by: Lukas Czerner <lczerner@redhat.com>
-Reported-by: Nils Bars <nils_bars@t-online.de>
-Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2068113
-Addresses: CVE-2022-1304
-Addresses-Debian-Bug: #1010263
-Signed-off-by: Theodore Ts'o <tytso@mit.edu>
----
- lib/ext2fs/extent.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/lib/ext2fs/extent.c b/lib/ext2fs/extent.c
-index b324c7b0f8c8..1a206a16c13f 100644
---- a/lib/ext2fs/extent.c
-+++ b/lib/ext2fs/extent.c
-@@ -495,6 +495,10 @@ retry:
- 			ext2fs_le16_to_cpu(eh->eh_entries);
- 		newpath->max_entries = ext2fs_le16_to_cpu(eh->eh_max);
- 
-+		/* Make sure there is at least one extent present */
-+		if (newpath->left <= 0)
-+			return EXT2_ET_EXTENT_NO_DOWN;
-+
- 		if (path->left > 0) {
- 			ix++;
- 			newpath->end_blk = ext2fs_le32_to_cpu(ix->ei_block);
-@@ -1630,6 +1634,10 @@ errcode_t ext2fs_extent_delete(ext2_extent_handle_t handle, int flags)
- 
- 	cp = path->curr;
- 
-+	/* Sanity check before memmove() */
-+	if (path->left < 0)
-+		return EXT2_ET_EXTENT_LEAF_BAD;
-+
- 	if (path->left) {
- 		memmove(cp, cp + sizeof(struct ext3_extent_idx),
- 			path->left * sizeof(struct ext3_extent_idx));
diff --git a/patches/e2fsprogs-1.46.5/series b/patches/e2fsprogs-1.46.5/series
deleted file mode 100644
index d4319d8ac..000000000
--- a/patches/e2fsprogs-1.46.5/series
+++ /dev/null
@@ -1,4 +0,0 @@
-# generated by git-ptx-patches
-#tag:base --start-number 1
-0001-libext2fs-add-sanity-check-to-extent-manipulation.patch
-# 77d6a61d2930f9f66b3b54043619c609  - git-ptx-patches magic
diff --git a/rules/e2fsprogs.make b/rules/e2fsprogs.make
index 19e5e7ba4..12e632423 100644
--- a/rules/e2fsprogs.make
+++ b/rules/e2fsprogs.make
@@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_E2FSPROGS) += e2fsprogs
 #
 # Paths and names
 #
-E2FSPROGS_VERSION	:= 1.46.5
-E2FSPROGS_MD5		:= 3da91854c960ad8a819b48b2a404eb43
+E2FSPROGS_VERSION	:= 1.46.6
+E2FSPROGS_MD5		:= ffcc9cbcc9fac7efe3e52d41e36099f3
 E2FSPROGS		:= e2fsprogs-$(E2FSPROGS_VERSION)
 E2FSPROGS_SUFFIX	:= tar.gz
 E2FSPROGS_URL		:= $(call ptx/mirror, SF, e2fsprogs/e2fsprogs/v$(E2FSPROGS_VERSION)/$(E2FSPROGS).$(E2FSPROGS_SUFFIX))
@@ -37,6 +37,7 @@ E2FSPROGS_LICENSE_FILES	:= \
 E2FSPROGS_CONF_TOOL	:= autoconf
 E2FSPROGS_CONF_OPT	:= \
 	$(CROSS_AUTOCONF_USR) \
+	$(GLOBAL_LARGE_FILE_OPTION) \
 	--disable-symlink-install \
 	--disable-relative-symlinks \
 	--disable-symlink-build \
@@ -73,6 +74,7 @@ E2FSPROGS_CONF_OPT	:= \
 	--disable-ubsan \
 	--disable-addrsan \
 	--disable-threadsan \
+	--disable-fuzzing \
 	--with-pthread
 
 E2FSPROGS_MAKE_OPT	:= $(if $(filter 1,$(strip $(PTXDIST_VERBOSE))),V=1)
-- 
2.34.1




^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [ptxdist] [APPLIED] e2fsprogs: Version bump. 1.46.5 -> 1.46.6
  2023-02-04 17:54 [ptxdist] [PATCH] e2fsprogs: Version bump. 1.46.5 -> 1.46.6 Christian Melki
@ 2023-02-10 14:17 ` Michael Olbrich
  0 siblings, 0 replies; 2+ messages in thread
From: Michael Olbrich @ 2023-02-10 14:17 UTC (permalink / raw)
  To: ptxdist; +Cc: Christian Melki

Thanks, applied as 186fadd15283eb2375712b4ea3096400cd862dd5.

Michael

[sent from post-receive hook]

On Fri, 10 Feb 2023 15:17:12 +0100, Christian Melki <christian.melki@t2data.com> wrote:
> Minor fixes, speedups etc.
> https://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.46.6
> 
> * Remove patches. CVE-2022-1304 is fixed in release.
> * Add missing largefile option.
> * Explicitly disable new option.
> 
> Signed-off-by: Christian Melki <christian.melki@t2data.com>
> Message-Id: <20230204175438.3388865-1-christian.melki@t2data.com>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch b/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch
> deleted file mode 100644
> index 979dbb23608c..000000000000
> --- a/patches/e2fsprogs-1.46.5/0001-libext2fs-add-sanity-check-to-extent-manipulation.patch
> +++ /dev/null
> @@ -1,51 +0,0 @@
> -From: Lukas Czerner <lczerner@redhat.com>
> -Date: Thu, 21 Apr 2022 19:31:48 +0200
> -Subject: [PATCH] libext2fs: add sanity check to extent manipulation
> -
> -It is possible to have a corrupted extent tree in such a way that a leaf
> -node contains zero extents in it. Currently if that happens and we try
> -to traverse the tree we can end up accessing wrong data, or possibly
> -even uninitialized memory. Make sure we don't do that.
> -
> -Additionally make sure that we have a sane number of bytes passed to
> -memmove() in ext2fs_extent_delete().
> -
> -Note that e2fsck is currently unable to spot and fix such corruption in
> -pass1.
> -
> -Signed-off-by: Lukas Czerner <lczerner@redhat.com>
> -Reported-by: Nils Bars <nils_bars@t-online.de>
> -Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2068113
> -Addresses: CVE-2022-1304
> -Addresses-Debian-Bug: #1010263
> -Signed-off-by: Theodore Ts'o <tytso@mit.edu>
> ----
> - lib/ext2fs/extent.c | 8 ++++++++
> - 1 file changed, 8 insertions(+)
> -
> -diff --git a/lib/ext2fs/extent.c b/lib/ext2fs/extent.c
> -index b324c7b0f8c8..1a206a16c13f 100644
> ---- a/lib/ext2fs/extent.c
> -+++ b/lib/ext2fs/extent.c
> -@@ -495,6 +495,10 @@ retry:
> - 			ext2fs_le16_to_cpu(eh->eh_entries);
> - 		newpath->max_entries = ext2fs_le16_to_cpu(eh->eh_max);
> - 
> -+		/* Make sure there is at least one extent present */
> -+		if (newpath->left <= 0)
> -+			return EXT2_ET_EXTENT_NO_DOWN;
> -+
> - 		if (path->left > 0) {
> - 			ix++;
> - 			newpath->end_blk = ext2fs_le32_to_cpu(ix->ei_block);
> -@@ -1630,6 +1634,10 @@ errcode_t ext2fs_extent_delete(ext2_extent_handle_t handle, int flags)
> - 
> - 	cp = path->curr;
> - 
> -+	/* Sanity check before memmove() */
> -+	if (path->left < 0)
> -+		return EXT2_ET_EXTENT_LEAF_BAD;
> -+
> - 	if (path->left) {
> - 		memmove(cp, cp + sizeof(struct ext3_extent_idx),
> - 			path->left * sizeof(struct ext3_extent_idx));
> diff --git a/patches/e2fsprogs-1.46.5/series b/patches/e2fsprogs-1.46.5/series
> deleted file mode 100644
> index d4319d8ac6eb..000000000000
> --- a/patches/e2fsprogs-1.46.5/series
> +++ /dev/null
> @@ -1,4 +0,0 @@
> -# generated by git-ptx-patches
> -#tag:base --start-number 1
> -0001-libext2fs-add-sanity-check-to-extent-manipulation.patch
> -# 77d6a61d2930f9f66b3b54043619c609  - git-ptx-patches magic
> diff --git a/rules/e2fsprogs.make b/rules/e2fsprogs.make
> index 19e5e7ba4a84..12e632423c8a 100644
> --- a/rules/e2fsprogs.make
> +++ b/rules/e2fsprogs.make
> @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_E2FSPROGS) += e2fsprogs
>  #
>  # Paths and names
>  #
> -E2FSPROGS_VERSION	:= 1.46.5
> -E2FSPROGS_MD5		:= 3da91854c960ad8a819b48b2a404eb43
> +E2FSPROGS_VERSION	:= 1.46.6
> +E2FSPROGS_MD5		:= ffcc9cbcc9fac7efe3e52d41e36099f3
>  E2FSPROGS		:= e2fsprogs-$(E2FSPROGS_VERSION)
>  E2FSPROGS_SUFFIX	:= tar.gz
>  E2FSPROGS_URL		:= $(call ptx/mirror, SF, e2fsprogs/e2fsprogs/v$(E2FSPROGS_VERSION)/$(E2FSPROGS).$(E2FSPROGS_SUFFIX))
> @@ -37,6 +37,7 @@ E2FSPROGS_LICENSE_FILES	:= \
>  E2FSPROGS_CONF_TOOL	:= autoconf
>  E2FSPROGS_CONF_OPT	:= \
>  	$(CROSS_AUTOCONF_USR) \
> +	$(GLOBAL_LARGE_FILE_OPTION) \
>  	--disable-symlink-install \
>  	--disable-relative-symlinks \
>  	--disable-symlink-build \
> @@ -73,6 +74,7 @@ E2FSPROGS_CONF_OPT	:= \
>  	--disable-ubsan \
>  	--disable-addrsan \
>  	--disable-threadsan \
> +	--disable-fuzzing \
>  	--with-pthread
>  
>  E2FSPROGS_MAKE_OPT	:= $(if $(filter 1,$(strip $(PTXDIST_VERBOSE))),V=1)



^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2023-02-10 14:18 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-02-04 17:54 [ptxdist] [PATCH] e2fsprogs: Version bump. 1.46.5 -> 1.46.6 Christian Melki
2023-02-10 14:17 ` [ptxdist] [APPLIED] " Michael Olbrich

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox