4 changed files with 147 additions and 3 deletions
Split View
Diff Options
-
+45 -0filesystem/squashfs-tools/CVE-2015-4645.patch
-
+62 -0filesystem/squashfs-tools/fix-compat.patch
-
+3 -3filesystem/squashfs-tools/squashfs-tools.desc
-
+37 -0filesystem/squashfs-tools/vla-overlow.patch
@ -0,0 +1,45 @@ |
|||
# --- SDE-COPYRIGHT-NOTE-BEGIN --- |
|||
# This copyright note is auto-generated by ./scripts/Create-CopyPatch. |
|||
# |
|||
# Filename: package/.../squashfs-tools/CVE-2015-4645.patch |
|||
# Copyright (C) 2016 The OpenSDE Project |
|||
# |
|||
# More information can be found in the files COPYING and README. |
|||
# |
|||
# This patch file is dual-licensed. It is available under the license the |
|||
# patched project is licensed under, as long as it is an OpenSource license |
|||
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms |
|||
# of the GNU General Public License as published by the Free Software |
|||
# Foundation; either version 2 of the License, or (at your option) any later |
|||
# version. |
|||
# --- SDE-COPYRIGHT-NOTE-END --- |
|||
|
|||
diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c
|
|||
index ecdaac796f09..2c0cf63daf67 100644
|
|||
--- a/squashfs-tools/unsquash-4.c
|
|||
+++ b/squashfs-tools/unsquash-4.c
|
|||
@@ -31,9 +31,9 @@ static unsigned int *id_table;
|
|||
int read_fragment_table_4(long long *directory_table_end) |
|||
{ |
|||
int res, i; |
|||
- int bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments);
|
|||
- int indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments);
|
|||
- long long fragment_table_index[indexes];
|
|||
+ size_t bytes = SQUASHFS_FRAGMENT_BYTES(sBlk.s.fragments);
|
|||
+ size_t indexes = SQUASHFS_FRAGMENT_INDEXES(sBlk.s.fragments);
|
|||
+ long long *fragment_table_index;
|
|||
|
|||
TRACE("read_fragment_table: %d fragments, reading %d fragment indexes " |
|||
"from 0x%llx\n", sBlk.s.fragments, indexes, |
|||
@@ -44,6 +44,11 @@ int read_fragment_table_4(long long *directory_table_end)
|
|||
return TRUE; |
|||
} |
|||
|
|||
+ fragment_table_index = malloc(indexes*sizeof(long long));
|
|||
+ if(fragment_table_index == NULL)
|
|||
+ EXIT_UNSQUASH("read_fragment_table: failed to allocate "
|
|||
+ "fragment table index\n");
|
|||
+
|
|||
fragment_table = malloc(bytes); |
|||
if(fragment_table == NULL) |
|||
EXIT_UNSQUASH("read_fragment_table: failed to allocate " |
|||
@ -0,0 +1,62 @@ |
|||
# --- SDE-COPYRIGHT-NOTE-BEGIN --- |
|||
# This copyright note is auto-generated by ./scripts/Create-CopyPatch. |
|||
# |
|||
# Filename: package/.../squashfs-tools/fix-compat.patch |
|||
# Copyright (C) 2016 The OpenSDE Project |
|||
# |
|||
# More information can be found in the files COPYING and README. |
|||
# |
|||
# This patch file is dual-licensed. It is available under the license the |
|||
# patched project is licensed under, as long as it is an OpenSource license |
|||
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms |
|||
# of the GNU General Public License as published by the Free Software |
|||
# Foundation; either version 2 of the License, or (at your option) any later |
|||
# version. |
|||
# --- SDE-COPYRIGHT-NOTE-END --- |
|||
|
|||
--- squashfs4.3.orig/squashfs-tools/action.c
|
|||
+++ squashfs4.3/squashfs-tools/action.c
|
|||
@@ -1905,6 +1905,9 @@
|
|||
return 1; |
|||
} |
|||
|
|||
+#ifndef FNM_EXTMATCH
|
|||
+#define FNM_EXTMATCH 0
|
|||
+#endif
|
|||
|
|||
TEST_FN(name, ACTION_ALL_LNK, \ |
|||
return fnmatch(atom->argv[0], action_data->name, |
|||
--- squashfs4.3.orig/squashfs-tools/mksquashfs.c
|
|||
+++ squashfs4.3/squashfs-tools/mksquashfs.c
|
|||
@@ -4391,6 +4391,9 @@
|
|||
return paths; |
|||
} |
|||
|
|||
+#ifndef FNM_EXTMATCH
|
|||
+#define FNM_EXTMATCH 0
|
|||
+#endif
|
|||
|
|||
int excluded_match(char *name, struct pathname *path, struct pathnames **new) |
|||
{ |
|||
--- squashfs4.3.orig/squashfs-tools/pseudo.c
|
|||
+++ squashfs4.3/squashfs-tools/pseudo.c
|
|||
@@ -32,6 +32,7 @@
|
|||
#include <stdlib.h> |
|||
#include <sys/types.h> |
|||
#include <sys/wait.h> |
|||
+#include <sys/stat.h>
|
|||
#include <ctype.h> |
|||
|
|||
#include "pseudo.h" |
|||
--- squashfs4.3.orig/squashfs-tools/unsquashfs.c
|
|||
+++ squashfs4.3/squashfs-tools/unsquashfs.c
|
|||
@@ -1410,6 +1410,9 @@
|
|||
free(paths); |
|||
} |
|||
|
|||
+#ifndef FNM_EXTMATCH
|
|||
+#define FNM_EXTMATCH 0
|
|||
+#endif
|
|||
|
|||
int matches(struct pathnames *paths, char *name, struct pathnames **new) |
|||
{ |
|||
@ -0,0 +1,37 @@ |
|||
# --- SDE-COPYRIGHT-NOTE-BEGIN --- |
|||
# This copyright note is auto-generated by ./scripts/Create-CopyPatch. |
|||
# |
|||
# Filename: package/.../squashfs-tools/vla-overlow.patch |
|||
# Copyright (C) 2016 The OpenSDE Project |
|||
# |
|||
# More information can be found in the files COPYING and README. |
|||
# |
|||
# This patch file is dual-licensed. It is available under the license the |
|||
# patched project is licensed under, as long as it is an OpenSource license |
|||
# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms |
|||
# of the GNU General Public License as published by the Free Software |
|||
# Foundation; either version 2 of the License, or (at your option) any later |
|||
# version. |
|||
# --- SDE-COPYRIGHT-NOTE-END --- |
|||
|
|||
--- ./squashfs-tools/unsquashfs.c.orig
|
|||
+++ ./squashfs-tools/unsquashfs.c
|
|||
@@ -2099,7 +2099,9 @@
|
|||
*/ |
|||
void *inflator(void *arg) |
|||
{ |
|||
- char tmp[block_size];
|
|||
+ char *tmp = malloc(block_size);
|
|||
+ if(tmp == NULL)
|
|||
+ EXIT_UNSQUASH("Out of memory allocating block buffer\n");
|
|||
|
|||
while(1) { |
|||
struct cache_entry *entry = queue_get(to_inflate); |
|||
@@ -2122,6 +2124,7 @@
|
|||
*/ |
|||
cache_block_ready(entry, res == -1); |
|||
} |
|||
+ free(tmp);
|
|||
} |
|||
|
|||
|
|||