aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2020-01-16 08:37:26 +0100
committerLeo <thinkabit.ukim@gmail.com>2020-01-16 08:39:36 +0100
commit948fd324de9029f91e5a736dd623b8f1390256e5 (patch)
treef7a67e0aa90f8f69d0110c50ae5f1e2ca7387727
parent6a020fa149b82307ca356d1a3fe861420eb56d49 (diff)
downloadaports-948fd324de9029f91e5a736dd623b8f1390256e5.tar.gz
aports-948fd324de9029f91e5a736dd623b8f1390256e5.tar.bz2
aports-948fd324de9029f91e5a736dd623b8f1390256e5.tar.xz
main/e2fsprogs: fix CVE-2019-5188
ref #11133
-rw-r--r--main/e2fsprogs/APKBUILD16
-rw-r--r--main/e2fsprogs/CVE-2019-5188.patch51
2 files changed, 59 insertions, 8 deletions
diff --git a/main/e2fsprogs/APKBUILD b/main/e2fsprogs/APKBUILD
index 8e1fc8af6b..aacb951b4f 100644
--- a/main/e2fsprogs/APKBUILD
+++ b/main/e2fsprogs/APKBUILD
@@ -2,28 +2,28 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=e2fsprogs
pkgver=1.44.5
-pkgrel=1
+pkgrel=2
pkgdesc="Standard Ext2/3/4 filesystem utilities"
url="http://e2fsprogs.sourceforge.net"
arch="all"
license="GPL-2.0-or-later LGPL-2.0 BSD-3-Clause MIT"
-depends=""
depends_dev="util-linux-dev"
options="!check"
makedepends="$depends_dev linux-headers"
subpackages="$pkgname-dev $pkgname-doc libcom_err $pkgname-libs $pkgname-extra"
-source="https://www.kernel.org/pub/linux/kernel/people/tytso/$pkgname/v$pkgver/$pkgname-$pkgver.tar.xz
+source="https://www.kernel.org/pub/linux/kernel/people/tytso/e2fsprogs/v$pkgver/e2fsprogs-$pkgver.tar.xz
gnuc-prereq.patch
CVE-2019-5094.patch
+ CVE-2019-5188.patch
"
-builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 1.44.5-r2:
+# - CVE-2019-5188
# 1.44.5-r1:
# - CVE-2019-5094
-build () {
- cd "$builddir"
+build() {
./configure \
--build=$CBUILD \
--host=$CHOST \
@@ -39,7 +39,6 @@ build () {
}
package() {
- cd "$builddir"
make -j1 MKDIR_P="install -d" DESTDIR="$pkgdir" install install-libs
mv "$pkgdir"/sbin/* "$pkgdir"/usr/sbin/
local i; for i in e2fsck mke2fs mkfs.* fsck.*; do
@@ -72,4 +71,5 @@ extra() {
}
sha512sums="c0faec90b2be81460d374c150be917cd6beb1d10dc7cd0c6c4747de19de9af1763e90d48aec5b3c0fbff1b59bf79a35f93536cd52e68d1e45d4db610e158bb2e e2fsprogs-1.44.5.tar.xz
155340b6fec21419fa9ca27ff1bd8e12f679013dd82f4dc0cd1feae2dbf143a942d6d4427a1e966e68fa37ecb282880ff5d07a3760ee8d6ac7f7c5e34a276735 gnuc-prereq.patch
-72e7d8199ea071802fbe74fbb2153253e5460412b115e03750ecac46d298aeb73bd8e7610a2d5b8be83b7125080c7e9e23d9b71baee1c7a4f68026344106a922 CVE-2019-5094.patch"
+72e7d8199ea071802fbe74fbb2153253e5460412b115e03750ecac46d298aeb73bd8e7610a2d5b8be83b7125080c7e9e23d9b71baee1c7a4f68026344106a922 CVE-2019-5094.patch
+3147433f58b283faa46ca950921d814de832dc8e33cf5042c7e86078738f256ccf7be40b918ba11a467d04761ffcac85e12a8de4d86e745bca84f0198ba2f176 CVE-2019-5188.patch"
diff --git a/main/e2fsprogs/CVE-2019-5188.patch b/main/e2fsprogs/CVE-2019-5188.patch
new file mode 100644
index 0000000000..d60b118ac3
--- /dev/null
+++ b/main/e2fsprogs/CVE-2019-5188.patch
@@ -0,0 +1,51 @@
+diff --git a/e2fsck/pass1b.c b/e2fsck/pass1b.c
+index 5693b9c..bca701c 100644
+--- a/e2fsck/pass1b.c
++++ b/e2fsck/pass1b.c
+@@ -705,6 +705,10 @@ static void delete_file(e2fsck_t ctx, ext2_ino_t ino,
+ fix_problem(ctx, PR_1B_BLOCK_ITERATE, &pctx);
+ if (ctx->inode_bad_map)
+ ext2fs_unmark_inode_bitmap2(ctx->inode_bad_map, ino);
++ if (ctx->inode_reg_map)
++ ext2fs_unmark_inode_bitmap2(ctx->inode_reg_map, ino);
++ ext2fs_unmark_inode_bitmap2(ctx->inode_dir_map, ino);
++ ext2fs_unmark_inode_bitmap2(ctx->inode_used_map, ino);
+ ext2fs_inode_alloc_stats2(fs, ino, -1, LINUX_S_ISDIR(dp->inode.i_mode));
+ quota_data_sub(ctx->qctx, &dp->inode, ino,
+ pb.dup_blocks * fs->blocksize);
+diff --git a/e2fsck/rehash.c b/e2fsck/rehash.c
+index a5fc1be..2c908be 100644
+--- a/e2fsck/rehash.c
++++ b/e2fsck/rehash.c
+@@ -160,6 +160,10 @@ static int fill_dir_block(ext2_filsys fs,
+ dir_offset += rec_len;
+ if (dirent->inode == 0)
+ continue;
++ if ((name_len) == 0) {
++ fd->err = EXT2_ET_DIR_CORRUPTED;
++ return BLOCK_ABORT;
++ }
+ if (!fd->compress && (name_len == 1) &&
+ (dirent->name[0] == '.'))
+ continue;
+@@ -401,6 +405,11 @@ static int duplicate_search_and_fix(e2fsck_t ctx, ext2_filsys fs,
+ continue;
+ }
+ new_len = ext2fs_dirent_name_len(ent->dir);
++ if (new_len == 0) {
++ /* should never happen */
++ ext2fs_unmark_valid(fs);
++ continue;
++ }
+ memcpy(new_name, ent->dir->name, new_len);
+ mutate_name(new_name, &new_len);
+ for (j=0; j < fd->num_array; j++) {
+@@ -1019,6 +1028,8 @@ void e2fsck_rehash_directories(e2fsck_t ctx)
+ if (!ext2fs_u32_list_iterate(iter, &ino))
+ break;
+ }
++ if (!ext2fs_test_inode_bitmap2(ctx->inode_dir_map, ino))
++ continue;
+
+ pctx.dir = ino;
+ if (first) {