forked from Openwrt/openwrt
cac723e8b8
Add two patches from Debian fixing CVEs in the bsdiff application. CVE-2014-9862: Heap vulnerability in bspatch CVE-2020-14315: Memory Corruption Vulnerability in bspatch Copied the patches from this location: https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/20-CVE-2014-9862.patch https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/33-CVE-2020-14315.patch Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
85 lines
2.1 KiB
Diff
85 lines
2.1 KiB
Diff
--- a/bsdiff.c
|
|
+++ b/bsdiff.c
|
|
@@ -101,7 +101,7 @@ static void split(off_t *I,off_t *V,off_
|
|
if(start+len>kk) split(I,V,kk,start+len-kk,h);
|
|
}
|
|
|
|
-static void qsufsort(off_t *I,off_t *V,u_char *old,off_t oldsize)
|
|
+static void qsufsort(off_t *I,off_t *V,unsigned char *old,off_t oldsize)
|
|
{
|
|
off_t buckets[256];
|
|
off_t i,h,len;
|
|
@@ -139,7 +139,7 @@ static void qsufsort(off_t *I,off_t *V,u
|
|
for(i=0;i<oldsize+1;i++) I[V[i]]=i;
|
|
}
|
|
|
|
-static off_t matchlen(u_char *old,off_t oldsize,u_char *new,off_t newsize)
|
|
+static off_t matchlen(unsigned char *old,off_t oldsize,unsigned char *new,off_t newsize)
|
|
{
|
|
off_t i;
|
|
|
|
@@ -149,8 +149,8 @@ static off_t matchlen(u_char *old,off_t
|
|
return i;
|
|
}
|
|
|
|
-static off_t search(off_t *I,u_char *old,off_t oldsize,
|
|
- u_char *new,off_t newsize,off_t st,off_t en,off_t *pos)
|
|
+static off_t search(off_t *I,unsigned char *old,off_t oldsize,
|
|
+ unsigned char *new,off_t newsize,off_t st,off_t en,off_t *pos)
|
|
{
|
|
off_t x,y;
|
|
|
|
@@ -175,7 +175,7 @@ static off_t search(off_t *I,u_char *old
|
|
};
|
|
}
|
|
|
|
-static void offtout(off_t x,u_char *buf)
|
|
+static void offtout(off_t x,unsigned char *buf)
|
|
{
|
|
off_t y;
|
|
|
|
@@ -196,7 +196,7 @@ static void offtout(off_t x,u_char *buf)
|
|
int main(int argc,char *argv[])
|
|
{
|
|
int fd;
|
|
- u_char *old,*new;
|
|
+ unsigned char *old,*new;
|
|
off_t oldsize,newsize;
|
|
off_t *I,*V;
|
|
off_t scan,pos,len;
|
|
@@ -206,9 +206,9 @@ int main(int argc,char *argv[])
|
|
off_t overlap,Ss,lens;
|
|
off_t i;
|
|
off_t dblen,eblen;
|
|
- u_char *db,*eb;
|
|
- u_char buf[8];
|
|
- u_char header[32];
|
|
+ unsigned char *db,*eb;
|
|
+ unsigned char buf[8];
|
|
+ unsigned char header[32];
|
|
FILE * pf;
|
|
BZFILE * pfbz2;
|
|
int bz2err;
|
|
--- a/bspatch.c
|
|
+++ b/bspatch.c
|
|
@@ -36,7 +36,7 @@ __FBSDID("$FreeBSD: src/usr.bin/bsdiff/b
|
|
#include <unistd.h>
|
|
#include <fcntl.h>
|
|
|
|
-static off_t offtin(u_char *buf)
|
|
+static off_t offtin(unsigned char *buf)
|
|
{
|
|
off_t y;
|
|
|
|
@@ -62,8 +62,8 @@ int main(int argc,char * argv[])
|
|
int fd;
|
|
ssize_t oldsize,newsize;
|
|
ssize_t bzctrllen,bzdatalen;
|
|
- u_char header[32],buf[8];
|
|
- u_char *old, *new;
|
|
+ unsigned char header[32],buf[8];
|
|
+ unsigned char *old, *new;
|
|
off_t oldpos,newpos;
|
|
off_t ctrl[3];
|
|
off_t lenread;
|