Message ID | 20240724191126.29999-1-asharma@mvista.com |
---|---|
State | Rejected |
Delegated to: | Steve Sakoman |
Headers | show |
Series | [scarthgap] libarchive: backport fix for CVE-2024-26256 | expand |
I'm getting the following error at build time: ERROR: libarchive-native-3.7.4-r0 do_patch: Applying patch 'CVE-2024-26256.patch' on target directory '/home/steve/builds/poky-contrib-scarthgap/build/tmp/work/x86_64-linux/libarchive-native/3.7.4/libarchive-3.7.4' CmdError('quilt --quiltrc /home/steve/builds/poky-contrib-scarthgap/build/tmp/work/x86_64-linux/libarchive-native/3.7.4/recipe-sysroot-native/etc/quiltrc push', 0, 'stdout: Applying patch CVE-2024-26256.patch patching file libarchive/archive_read_support_format_rar.c Hunk #1 FAILED at 3615. 1 out of 1 hunk FAILED -- rejects in file libarchive/archive_read_support_format_rar.c Patch CVE-2024-26256.patch can be reverse-applied Steve On Wed, Jul 24, 2024 at 12:13 PM Ashish Sharma via lists.openembedded.org <asharma=mvista.com@lists.openembedded.org> wrote: > > This patch fixes an out-of-bound error in rar e8 filter. > > Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237] > Signed-off-by: Ashish Sharma <asharma@mvista.com> > --- > .../libarchive/CVE-2024-26256.patch | 27 +++++++++++++++++++ > .../libarchive/libarchive_3.7.4.bb | 4 ++- > 2 files changed, 30 insertions(+), 1 deletion(-) > create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch > > diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch > new file mode 100644 > index 00000000000..f9be4fe255d > --- /dev/null > +++ b/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch > @@ -0,0 +1,27 @@ > +From eb7939b24a681a04648a59cdebd386b1e9dc9237 Mon Sep 17 00:00:00 2001 > +From: Wei-Cheng Pan <legnaleurc@gmail.com> > +Date: Mon, 22 Apr 2024 01:55:41 +0900 > +Subject: [PATCH] fix: OOB in rar e8 filter (#2135) > + > +This patch fixes an out-of-bound error in rar e8 filter. > + > +Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237] > +CVE: CVE-2024-26256 > +Signed-off-by: Ashish Sharma <asharma@mvista.com> > + > + libarchive/archive_read_support_format_rar.c | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c > +index 99a11d1700..266d0ee995 100644 > +--- a/libarchive/archive_read_support_format_rar.c > ++++ b/libarchive/archive_read_support_format_rar.c > +@@ -3615,7 +3615,7 @@ execute_filter_e8(struct rar_filter *filter, struct rar_virtual_machine *vm, siz > + uint32_t filesize = 0x1000000; > + uint32_t i; > + > +- if (length > PROGRAM_WORK_SIZE || length < 4) > ++ if (length > PROGRAM_WORK_SIZE || length <= 4) > + return 0; > + > + for (i = 0; i <= length - 5; i++) > diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.4.bb b/meta/recipes-extended/libarchive/libarchive_3.7.4.bb > index da857641168..22e398f5989 100644 > --- a/meta/recipes-extended/libarchive/libarchive_3.7.4.bb > +++ b/meta/recipes-extended/libarchive/libarchive_3.7.4.bb > @@ -30,7 +30,9 @@ PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd," > EXTRA_OECONF += "--enable-largefile --without-iconv" > > SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz" > -SRC_URI += "file://configurehack.patch" > +SRC_URI += "file://configurehack.patch \ > + file://CVE-2024-26256.patch \ > +" > UPSTREAM_CHECK_URI = "http://libarchive.org/" > > SRC_URI[sha256sum] = "7875d49596286055b52439ed42f044bd8ad426aa4cc5aabd96bfe7abb971d5e8" > -- > 2.44.0 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#202479): https://lists.openembedded.org/g/openembedded-core/message/202479 > Mute This Topic: https://lists.openembedded.org/mt/107529739/3620601 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com] > -=-=-=-=-=-=-=-=-=-=-=- >
diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch new file mode 100644 index 00000000000..f9be4fe255d --- /dev/null +++ b/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch @@ -0,0 +1,27 @@ +From eb7939b24a681a04648a59cdebd386b1e9dc9237 Mon Sep 17 00:00:00 2001 +From: Wei-Cheng Pan <legnaleurc@gmail.com> +Date: Mon, 22 Apr 2024 01:55:41 +0900 +Subject: [PATCH] fix: OOB in rar e8 filter (#2135) + +This patch fixes an out-of-bound error in rar e8 filter. + +Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237] +CVE: CVE-2024-26256 +Signed-off-by: Ashish Sharma <asharma@mvista.com> + + libarchive/archive_read_support_format_rar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c +index 99a11d1700..266d0ee995 100644 +--- a/libarchive/archive_read_support_format_rar.c ++++ b/libarchive/archive_read_support_format_rar.c +@@ -3615,7 +3615,7 @@ execute_filter_e8(struct rar_filter *filter, struct rar_virtual_machine *vm, siz + uint32_t filesize = 0x1000000; + uint32_t i; + +- if (length > PROGRAM_WORK_SIZE || length < 4) ++ if (length > PROGRAM_WORK_SIZE || length <= 4) + return 0; + + for (i = 0; i <= length - 5; i++) diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.4.bb b/meta/recipes-extended/libarchive/libarchive_3.7.4.bb index da857641168..22e398f5989 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.7.4.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.7.4.bb @@ -30,7 +30,9 @@ PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd," EXTRA_OECONF += "--enable-largefile --without-iconv" SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz" -SRC_URI += "file://configurehack.patch" +SRC_URI += "file://configurehack.patch \ + file://CVE-2024-26256.patch \ +" UPSTREAM_CHECK_URI = "http://libarchive.org/" SRC_URI[sha256sum] = "7875d49596286055b52439ed42f044bd8ad426aa4cc5aabd96bfe7abb971d5e8"
This patch fixes an out-of-bound error in rar e8 filter. Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237] Signed-off-by: Ashish Sharma <asharma@mvista.com> --- .../libarchive/CVE-2024-26256.patch | 27 +++++++++++++++++++ .../libarchive/libarchive_3.7.4.bb | 4 ++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch