aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch
blob: e59c6661ea558b658a8f4c4db221cfcbfc93ef0e (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

dpkg: Security Advisory - CVE-2014-3127

commit a12eb58959d0a10584a428f4a3103a49204c410f upstream

dpkg 1.15.9 on Debian squeeze introduces support for the "C-style
encoded filenames" feature without recognizing that the squeeze patch
program lacks this feature, which triggers an interaction error that
allows remote attackers to conduct directory traversal attacks and
modify files outside of the intended directories via a crafted source
package.

NOTE: this can be considered a release engineering problem in the
effort to fix CVE-2014-0471.

Upstream-Status: Backport

Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
=====================================================
diff -uarN dpkg-1.17.1-org/scripts/Dpkg/Source/Patch.pm dpkg-1.17.1/scripts/Dpkg/Source/Patch.pm
--- dpkg-1.17.1-org/scripts/Dpkg/Source/Patch.pm	2014-06-05 16:32:41.765446564 +0800
+++ dpkg-1.17.1/scripts/Dpkg/Source/Patch.pm	2014-06-05 16:37:21.461446359 +0800
@@ -324,31 +324,6 @@
     return $line;
 }
 
-my %ESCAPE = ((
-    'a' => "\a",
-    'b' => "\b",
-    'f' => "\f",
-    'n' => "\n",
-    'r' => "\r",
-    't' => "\t",
-    'v' => "\cK",
-    '\\' => '\\',
-    '"' => '"',
-), (
-    map { sprintf('%03o', $_) => chr($_) } (0..255)
-));
-
-sub _unescape {
-    my ($diff, $str) = @_;
-
-    if (exists $ESCAPE{$str}) {
-        return $ESCAPE{$str};
-    } else {
-        error(_g('diff %s patches file with unknown escape sequence \\%s'),
-              $diff, $str);
-    }
-}
-
 # Fetch the header filename ignoring the optional timestamp
 sub _fetch_filename {
     my ($diff, $header) = @_;
@@ -358,12 +333,7 @@
 
     # Is it a C-style string?
     if ($header =~ m/^"/) {
-        $header =~ m/^"((?:[^\\"]|\\.)*)"/;
-        error(_g('diff %s patches file with unbalanced quote'), $diff)
-            unless defined $1;
-
-        $header = $1;
-        $header =~ s/\\([0-3][0-7]{2}|.)/_unescape($diff, $1)/eg;
+	error(_g('diff %s patches file with C-style encoded filename'), $diff);
     } else {
         # Tab is the official separator, it's always used when
         # filename contain spaces. Try it first, otherwise strip on space
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 21:45:00 +0000
n>): logger.warning("Logfile for failed setscene task is %s" % event.logfile) continue if isinstance(event, bb.build.TaskFailed): rt = "{0}-{1}:{2}".format(event.pn, event.pv.replace("AUTOINC", "0"), event.task) logfile = event.logfile if not logfile or not os.path.exists(logfile): TeamCityUI.emit_service_message("buildProblem", description="{0}\nUnknown failure (no log file available)".format(rt)) if not event.task.endswith("_setscene"): server.runCommand(["stateForceShutdown"]) continue details = deque(maxlen=loglines) error_lines = [] if includelogs and not event.errprinted: with open(logfile, "r") as f: while True: line = f.readline() if not line: break line = line.rstrip() details.append(' | %s' % line) # TODO: a less stupid check for errors if (event.task == "do_compile") and ("error:" in line): error_lines.append(line) if error_lines: TeamCityUI.emit_service_message("compilationStarted", compiler=rt) for line in error_lines: TeamCityUI.emit_service_message("message", text=line, status="ERROR") TeamCityUI.emit_service_message("compilationFinished", compiler=rt) else: TeamCityUI.emit_service_message("buildProblem", description=rt) err = "Logfile of failure stored in: %s" % logfile if details: ui.block_start("{0} task log".format(rt)) # TeamCity seems to choke on service messages longer than about 63800 characters, so if error # details is longer than, say, 60000, batch it up into several messages. first_message = True while details: detail_len = 0 batch = deque() while details and detail_len < 60000: # TODO: This code doesn't bother to handle lines that themselves are extremely long. line = details.popleft() batch.append(line) detail_len += len(line) if first_message: batch.appendleft("Log data follows:") first_message = False TeamCityUI.emit_service_message("message", text=err, status="ERROR", errorDetails="\n".join(batch)) else: TeamCityUI.emit_service_message("message", text="[continued]", status="ERROR", errorDetails="\n".join(batch)) ui.block_end() else: TeamCityUI.emit_service_message("message", text=err, status="ERROR", errorDetails="") if not event.task.endswith("_setscene"): server.runCommand(["stateForceShutdown"]) if isinstance(event, bb.event.ProcessStarted): if event.processname in ["Initialising tasks", "Checking sstate mirror object availability"]: active_process_total = event.total ui.block_start(event.processname) if isinstance(event, bb.event.ProcessFinished): if event.processname in ["Initialising tasks", "Checking sstate mirror object availability"]: ui.progress(event.processname, 100) ui.block_end() if isinstance(event, bb.event.ProcessProgress): if event.processname in ["Initialising tasks", "Checking sstate mirror object availability"] and active_process_total != 0: ui.progress(event.processname, event.progress * 100 / active_process_total) if isinstance(event, bb.event.CacheLoadStarted): ui.block_start("Loading cache") if isinstance(event, bb.event.CacheLoadProgress): if event.total != 0: ui.progress("Loading cache", math.floor(event.current * 100 / event.total)) if isinstance(event, bb.event.CacheLoadCompleted): ui.progress("Loading cache", 100) ui.block_end() if isinstance(event, bb.event.ParseStarted): ui.block_start("Parsing recipes and checking upstream revisions") if isinstance(event, bb.event.ParseProgress): if event.total != 0: ui.progress("Parsing recipes", math.floor(event.current * 100 / event.total)) if isinstance(event, bb.event.ParseCompleted): ui.progress("Parsing recipes", 100) ui.block_end() if isinstance(event, bb.command.CommandCompleted): return if isinstance(event, bb.command.CommandFailed): logger.error(str(event)) return 1 if isinstance(event, bb.event.MultipleProviders): logger.warning(str(event)) continue if isinstance(event, bb.event.NoProvider): logger.error(str(event)) continue if isinstance(event, bb.command.CommandExit): return if isinstance(event, bb.cooker.CookerExit): return if isinstance(event, bb.runqueue.sceneQueueTaskStarted): if not is_tasks_running: is_tasks_running = True ui.block_start("Running tasks") if event.stats.total != 0: ui.progress("Running setscene tasks", ( event.stats.completed + event.stats.active + event.stats.failed + 1) * 100 / event.stats.total) if isinstance(event, bb.runqueue.runQueueTaskStarted): if not is_tasks_running: is_tasks_running = True ui.block_start("Running tasks") if event.stats.total != 0: pseudo_total = event.stats.total - event.stats.skipped pseudo_complete = event.stats.completed + event.stats.active - event.stats.skipped + event.stats.failed + 1 # TODO: sometimes this gives over 100% ui.progress("Running runqueue tasks", (pseudo_complete) * 100 / pseudo_total, " ({0}/{1})".format(pseudo_complete, pseudo_total)) if isinstance(event, bb.runqueue.sceneQueueTaskFailed): logger.warning(str(event)) continue if isinstance(event, bb.runqueue.runQueueTaskFailed): logger.error(str(event)) return 1 if isinstance(event, bb.event.LogExecTTY): pass except EnvironmentError as ioerror: # ignore interrupted io if ioerror.args[0] == 4: pass except Exception as ex: logger.error(str(ex)) # except KeyboardInterrupt: # if shutdown == 2: # mw.appendText("Third Keyboard Interrupt, exit.\n") # exitflag = True # if shutdown == 1: # mw.appendText("Second Keyboard Interrupt, stopping...\n") # _, error = server.runCommand(["stateForceShutdown"]) # if error: # print("Unable to cleanly stop: %s" % error) # if shutdown == 0: # mw.appendText("Keyboard Interrupt, closing down...\n") # _, error = server.runCommand(["stateShutdown"]) # if error: # print("Unable to cleanly shutdown: %s" % error) # shutdown = shutdown + 1 # pass
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-17 21:45:00 +0000