diff options
Diffstat (limited to 'meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch')
-rw-r--r-- | meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch deleted file mode 100644 index 779ca854eb..0000000000 --- a/meta/recipes-extended/libarchive/libarchive/CVE-2017-14503.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 2c8c83b9731ff822fad6cc8c670ea5519c366a14 Mon Sep 17 00:00:00 2001 -From: Joerg Sonnenberger <joerg@bec.de> -Date: Thu, 19 Jul 2018 21:14:53 +0200 -Subject: [PATCH] Reject LHA archive entries with negative size. - -CVE: CVE-2017-14503 -Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/2c8c83b9731ff822fad6cc8c670ea5519c366a14] - -Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> ---- - libarchive/archive_read_support_format_lha.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/libarchive/archive_read_support_format_lha.c b/libarchive/archive_read_support_format_lha.c -index b8ef4ae1..95c99bb1 100644 ---- a/libarchive/archive_read_support_format_lha.c -+++ b/libarchive/archive_read_support_format_lha.c -@@ -701,6 +701,12 @@ archive_read_format_lha_read_header(struct archive_read *a, - * Prepare variables used to read a file content. - */ - lha->entry_bytes_remaining = lha->compsize; -+ if (lha->entry_bytes_remaining < 0) { -+ archive_set_error(&a->archive, -+ ARCHIVE_ERRNO_FILE_FORMAT, -+ "Invalid LHa entry size"); -+ return (ARCHIVE_FATAL); -+ } - lha->entry_offset = 0; - lha->entry_crc_calculated = 0; - --- -2.13.3 - |