diff options
Diffstat (limited to 'gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch')
| -rw-r--r-- | gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch | 88 |
1 files changed, 0 insertions, 88 deletions
diff --git a/gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch b/gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch deleted file mode 100644 index 75313cbefa..0000000000 --- a/gnu/packages/patches/cpio-CVE-2014-9112-pt5.patch +++ /dev/null @@ -1,88 +0,0 @@ -Partially fix CVE-2014-9112, part 5/5. Backported to 2.11. - -From f6a8a2cbd2d5ca40ea94900b55b845dd5ca87328 Mon Sep 17 00:00:00 2001 -From: Sergey Poznyakoff <gray@gnu.org.ua> -Date: Thu, 11 Dec 2014 13:21:40 +0000 -Subject: Fix symlink-bad-length test for 64-bit architectures. - -* src/util.c: Return non-zero exit code if EOF is hit prematurely. -* tests/symlink-bad-length.at: Revert to original archive: there's -no use testing for recovery, because that depends on the host -architecture. Don't test for exit code as well (same reason). -Account for eventual warning messages. ---- -diff --git a/src/util.c b/src/util.c -index 6c483f8..39c9813 100644 ---- a/src/util.c -+++ b/src/util.c -@@ -206,10 +206,7 @@ tape_fill_input_buffer (int in_des, int - if (input_size < 0) - error (1, errno, _("read error")); - if (input_size == 0) -- { -- error (0, 0, _("premature end of file")); -- exit (1); -- } -+ error (PAXEXIT_FAILURE, 0, _("premature end of file")); - input_bytes += input_size; - } - -diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at -index 4dbeaa3..e1a7093 100644 ---- a/tests/symlink-bad-length.at -+++ b/tests/symlink-bad-length.at -@@ -24,9 +24,9 @@ AT_SETUP([symlink-bad-length]) - AT_KEYWORDS([symlink-long copyout]) - - AT_DATA([ARCHIVE.base64], --[x3ECCJ1jtIHoA2QAAQAAAIlUwl0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxAgidHv+h6ANk --AAEAAACJVHFtBQD/////TElOSwAARklMRcdxAgieHqSB6ANkAAEAAACJVDJuBgAAABIARklMRTIA --c29tZSBtb3JlIGNvbnRlbnQKx3EAAAAAAAAAAAAAAQAAAAAAAAALAAAAAABUUkFJTEVSISEhAAAA -+[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv -+JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF -+UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -@@ -35,25 +35,30 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA - AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= - ]) - -+# The exact error message and exit status depend on the host architecture, -+# therefore strderr is filtered out and error code is not checked. -+ -+# So far the only case when cpio would exit with code 0 is when it skips -+# several bytes and encounters a valid record header. Perhaps it should -+# exit with code 2 (non-critical error), if at least one byte was skipped, -+# but that could hurt backward compatibility. -+ - AT_CHECK([ - base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST --TZ=UTC cpio -ntv < ARCHIVE 2>stderr --rc=$? -+TZ=UTC cpio -ntv < ARCHIVE 2>stderr - cat stderr | grep -v \ - -e 'stored filename length is out of range' \ - -e 'premature end of file' \ - -e 'archive header has reverse byte-order' \ - -e 'memory exhausted' \ -+ -e 'skipped [[0-9][0-9]*] bytes of junk' \ -+ -e '[[0-9][0-9]*] block' \ - >&2 - echo >&2 STDERR --test "$rc" -ne 0 - ], --[1], --[-rw-rw-r-- 1 1000 100 13 Dec 11 09:02 FILE ---rw-r--r-- 1 1000 100 18 Dec 11 10:13 FILE2 --],[cpio: warning: skipped 4 bytes of junk --1 block --STDERR -+[0], -+[-rw-rw-r-- 1 10029 10031 13 Nov 25 11:52 FILE -+],[STDERR - ]) - - AT_CLEANUP --- -cgit v0.9.0.2 |