file: add patch for CVE-2019-18218

CVE: https://nvd.nist.gov/vuln/detail/CVE-2019-18218 Patch: 46a8443f76
2019-10-29 01:41:24 +00:00 · 2019-10-29 01:41:24 +00:00 · 4853db22a0
parent 0e087f7d93
commit 4853db22a0
2 changed files with 60 additions and 1 deletions
--- a/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch
+++ b/srcpkgs/file/patches/0001-Limit-the-number-of-elements-in-a-vector-found-by-os.patch
@ -0,0 +1,59 @@
+From ba28c7f45bc1fd8cf882ad21ce619655c2736d7b Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Mon, 26 Aug 2019 14:31:39 +0000
+Subject: [PATCH] Limit the number of elements in a vector (found by oss-fuzz)
+
+---
+ src/cdf.c | 9 ++++-----
+ src/cdf.h | 1 +
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/cdf.c b/src/cdf.c
+index 556a3ff8..e4835fef 100644
+--- src/cdf.c
+++ src/cdf.c
+@@ -35,7 +35,7 @@
+ #include "file.h"
+ 
+ #ifndef lint
+-FILE_RCSID("@(#)$File: cdf.c,v 1.114 2019/02/20 02:35:27 christos Exp $")
+FILE_RCSID("@(#)$File: cdf.c,v 1.116 2019/08/26 14:31:39 christos Exp $")
+ #endif
+ 
+ #include <assert.h>
+@@ -1013,8 +1013,9 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 				goto out;
+ 			}
+ 			nelements = CDF_GETUINT32(q, 1);
+-			if (nelements == 0) {
+-				DPRINTF(("CDF_VECTOR with nelements == 0\n"));
+			if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
+				DPRINTF(("CDF_VECTOR with nelements == %"
+				    SIZE_T_FORMAT "u\n", nelements));
+ 				goto out;
+ 			}
+ 			slen = 2;
+@@ -1056,8 +1057,6 @@ cdf_read_property_info(const cdf_stream_t *sst, const cdf_header_t *h,
+ 					goto out;
+ 				inp += nelem;
+ 			}
+-			DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
+-			    nelements));
+ 			for (j = 0; j < nelements && i < sh.sh_properties;
+ 			    j++, i++)
+ 			{
+diff --git a/src/cdf.h b/src/cdf.h
+index 2f7e554b..05056668 100644
+--- src/cdf.h
+++ src/cdf.h
+@@ -48,6 +48,7 @@
+ typedef int32_t cdf_secid_t;
+ 
+ #define CDF_LOOP_LIMIT					10000
+#define CDF_ELEMENT_LIMIT				100000
+ 
+ #define CDF_SECID_NULL					0
+ #define CDF_SECID_FREE					-1
+-- 
+2.23.0
+
--- a/srcpkgs/file/template
+++ b/srcpkgs/file/template
@ -1,7 +1,7 @@
 # Template file for 'file'
 pkgname=file
 version=5.37
-revision=1
+revision=2
 bootstrap=yes
 build_style=gnu-configure
 configure_args="--enable-static"