openwrt/package/utils/bsdiff/patches/001-musl.patch
Hauke Mehrtens cac723e8b8 bsdiff: Add patches for CVEs
Add two patches from Debian fixing CVEs in the bsdiff application.
CVE-2014-9862: Heap vulnerability in bspatch
CVE-2020-14315: Memory Corruption Vulnerability in bspatch

Copied the patches from this location:
https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/20-CVE-2014-9862.patch
https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/33-CVE-2020-14315.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-10-09 23:42:37 +02:00

85 lines
2.1 KiB
Diff

--- a/bsdiff.c
+++ b/bsdiff.c
@@ -101,7 +101,7 @@ static void split(off_t *I,off_t *V,off_
if(start+len>kk) split(I,V,kk,start+len-kk,h);
}
-static void qsufsort(off_t *I,off_t *V,u_char *old,off_t oldsize)
+static void qsufsort(off_t *I,off_t *V,unsigned char *old,off_t oldsize)
{
off_t buckets[256];
off_t i,h,len;
@@ -139,7 +139,7 @@ static void qsufsort(off_t *I,off_t *V,u
for(i=0;i<oldsize+1;i++) I[V[i]]=i;
}
-static off_t matchlen(u_char *old,off_t oldsize,u_char *new,off_t newsize)
+static off_t matchlen(unsigned char *old,off_t oldsize,unsigned char *new,off_t newsize)
{
off_t i;
@@ -149,8 +149,8 @@ static off_t matchlen(u_char *old,off_t
return i;
}
-static off_t search(off_t *I,u_char *old,off_t oldsize,
- u_char *new,off_t newsize,off_t st,off_t en,off_t *pos)
+static off_t search(off_t *I,unsigned char *old,off_t oldsize,
+ unsigned char *new,off_t newsize,off_t st,off_t en,off_t *pos)
{
off_t x,y;
@@ -175,7 +175,7 @@ static off_t search(off_t *I,u_char *old
};
}
-static void offtout(off_t x,u_char *buf)
+static void offtout(off_t x,unsigned char *buf)
{
off_t y;
@@ -196,7 +196,7 @@ static void offtout(off_t x,u_char *buf)
int main(int argc,char *argv[])
{
int fd;
- u_char *old,*new;
+ unsigned char *old,*new;
off_t oldsize,newsize;
off_t *I,*V;
off_t scan,pos,len;
@@ -206,9 +206,9 @@ int main(int argc,char *argv[])
off_t overlap,Ss,lens;
off_t i;
off_t dblen,eblen;
- u_char *db,*eb;
- u_char buf[8];
- u_char header[32];
+ unsigned char *db,*eb;
+ unsigned char buf[8];
+ unsigned char header[32];
FILE * pf;
BZFILE * pfbz2;
int bz2err;
--- a/bspatch.c
+++ b/bspatch.c
@@ -36,7 +36,7 @@ __FBSDID("$FreeBSD: src/usr.bin/bsdiff/b
#include <unistd.h>
#include <fcntl.h>
-static off_t offtin(u_char *buf)
+static off_t offtin(unsigned char *buf)
{
off_t y;
@@ -62,8 +62,8 @@ int main(int argc,char * argv[])
int fd;
ssize_t oldsize,newsize;
ssize_t bzctrllen,bzdatalen;
- u_char header[32],buf[8];
- u_char *old, *new;
+ unsigned char header[32],buf[8];
+ unsigned char *old, *new;
off_t oldpos,newpos;
off_t ctrl[3];
off_t lenread;