mirror of
https://abf.rosa.ru/djam/coreutils.git
synced 2025-02-23 17:22:49 +00:00
Added security fix in sort.c for CVE-2015-xxxx: buffer overflow.
This commit is contained in:
kuzma kazygashev
parent
01cf42c9a8
commit
84189f7e77
2 changed files with 61 additions and 1 deletions
60
coreutils-8.9-buffer-overflow-in-sort.patch
Normal file
60
coreutils-8.9-buffer-overflow-in-sort.patch
Normal file
|
|
@ -0,0 +1,60 @@
|
|||
diff -pruN a/src/sort.c b/src/sort.c
|
||||
--- a/src/sort.c 2015-05-15 14:59:56.054854874 +0700
|
||||
+++ b/src/sort.c 2015-05-15 15:21:43.994905457 +0700
|
||||
@@ -3148,8 +3148,10 @@ keycompare_mb (const struct line *a, con
|
||||
{
|
||||
if (ignore || translate)
|
||||
{
|
||||
- char *copy_a = (char *) alloca (lena + 1 + lenb + 1);
|
||||
- char *copy_b = copy_a + lena + 1;
|
||||
+ if (SIZE_MAX - lenb - 2 < lena)
|
||||
+ xalloc_die ();
|
||||
+ char *copy_a = (char *) xnmalloc (lena + lenb + 2, MB_CUR_MAX);
|
||||
+ char *copy_b = copy_a + lena * MB_CUR_MAX + 1;
|
||||
size_t new_len_a, new_len_b;
|
||||
size_t i, j;
|
||||
|
||||
diff -pruN a/tests/i18n/sort.sh b/tests/i18n/sort.sh
|
||||
--- a/tests/i18n/sort.sh 1970-01-01 07:00:00.000000000 +0700
|
||||
+++ b/tests/i18n/sort.sh 2015-05-15 15:08:08.000000000 +0700
|
||||
@@ -0,0 +1,29 @@
|
||||
+#!/bin/sh
|
||||
+# Verify sort's multi-byte support.
|
||||
+
|
||||
+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
|
||||
+print_ver_ sort
|
||||
+
|
||||
+export LC_ALL=en_US.UTF-8
|
||||
+locale -k LC_CTYPE | grep -q "charmap.*UTF-8" \
|
||||
+ || skip_ "No UTF-8 locale available"
|
||||
+
|
||||
+# Enable heap consistency checkng on older systems
|
||||
+export MALLOC_CHECK_=2
|
||||
+
|
||||
+
|
||||
+# check buffer overflow issue due to
|
||||
+# expanding multi-byte representation due to case conversion
|
||||
+# https://bugzilla.suse.com/show_bug.cgi?id=928749
|
||||
+cat <<EOF > exp
|
||||
+.
|
||||
+ɑ
|
||||
+EOF
|
||||
+cat <<EOF | sort -f > out || fail=1
|
||||
+.
|
||||
+ɑ
|
||||
+EOF
|
||||
+compare exp out || { fail=1; cat out; }
|
||||
+
|
||||
+
|
||||
+Exit $fail
|
||||
diff -pruN a/tests/Makefile.am b/tests/Makefile.am
|
||||
--- a/tests/Makefile.am 2015-05-15 14:59:56.055854875 +0700
|
||||
+++ b/tests/Makefile.am 2015-05-15 15:20:17.668902118 +0700
|
||||
@@ -421,6 +421,7 @@ TESTS = \
|
||||
du/slink \
|
||||
du/trailing-slash \
|
||||
du/two-args \
|
||||
+ i18n/sort.sh \
|
||||
id/gnu-zero-uids \
|
||||
id/no-context \
|
||||
install/basic-1 \
|
||||
|
|
@ -3,7 +3,7 @@
|
|||
Summary: The GNU core utilities: a set of tools commonly used in shell scripts
|
||||
Name: coreutils
|
||||
Version: 8.19
|
||||
Release: 17
|
||||
Release: 18
|
||||
License: GPLv3+
|
||||
Group: System/Base
|
||||
Url: http://www.gnu.org/software/coreutils/
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue