Browse code
Applied CVE-2016-7167.patch (bug 1729038)
Change-Id: I4549e9e8d04ac0745fa68378c91590cd06368a2f
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/1418
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
xiaolin-vmware authored on 2016/09/20 09:16:47Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,53 @@ |
| 0 |
+diff --git a/lib/escape.c b/lib/escape.c |
|
| 1 |
+index 40338a9..808ac6c 100644 |
|
| 2 |
+--- a/lib/escape.c |
|
| 3 |
+@@ -78,15 +78,21 @@ char *curl_unescape(const char *string, int length) |
|
| 4 |
+ |
|
| 5 |
+ char *curl_easy_escape(CURL *handle, const char *string, int inlength) |
|
| 6 |
+ {
|
|
| 7 |
+- size_t alloc = (inlength?(size_t)inlength:strlen(string))+1; |
|
| 8 |
++ size_t alloc; |
|
| 9 |
+ char *ns; |
|
| 10 |
+ char *testing_ptr = NULL; |
|
| 11 |
+ unsigned char in; /* we need to treat the characters unsigned */ |
|
| 12 |
+- size_t newlen = alloc; |
|
| 13 |
++ size_t newlen; |
|
| 14 |
+ size_t strindex=0; |
|
| 15 |
+ size_t length; |
|
| 16 |
+ CURLcode result; |
|
| 17 |
+ |
|
| 18 |
++ if(inlength < 0) |
|
| 19 |
++ return NULL; |
|
| 20 |
++ |
|
| 21 |
++ alloc = (inlength?(size_t)inlength:strlen(string))+1; |
|
| 22 |
++ newlen = alloc; |
|
| 23 |
++ |
|
| 24 |
+ ns = malloc(alloc); |
|
| 25 |
+ if(!ns) |
|
| 26 |
+ return NULL; |
|
| 27 |
+@@ -211,14 +217,16 @@ char *curl_easy_unescape(CURL *handle, const char *string, int length, |
|
| 28 |
+ int *olen) |
|
| 29 |
+ {
|
|
| 30 |
+ char *str = NULL; |
|
| 31 |
+- size_t inputlen = length; |
|
| 32 |
+- size_t outputlen; |
|
| 33 |
+- CURLcode res = Curl_urldecode(handle, string, inputlen, &str, &outputlen, |
|
| 34 |
+- FALSE); |
|
| 35 |
+- if(res) |
|
| 36 |
+- return NULL; |
|
| 37 |
+- if(olen) |
|
| 38 |
+- *olen = curlx_uztosi(outputlen); |
|
| 39 |
++ if(length >= 0) {
|
|
| 40 |
++ size_t inputlen = length; |
|
| 41 |
++ size_t outputlen; |
|
| 42 |
++ CURLcode res = Curl_urldecode(handle, string, inputlen, &str, &outputlen, |
|
| 43 |
++ FALSE); |
|
| 44 |
++ if(res) |
|
| 45 |
++ return NULL; |
|
| 46 |
++ if(olen) |
|
| 47 |
++ *olen = curlx_uztosi(outputlen); |
|
| 48 |
++ } |
|
| 49 |
+ return str; |
|
| 50 |
+ } |
|
| 51 |
+ |
| ... | ... |
@@ -1,13 +1,14 @@ |
| 1 | 1 |
Summary: An URL retrieval utility and library |
| 2 | 2 |
Name: curl |
| 3 | 3 |
Version: 7.47.1 |
| 4 |
-Release: 2%{?dist}
|
|
| 4 |
+Release: 3%{?dist}
|
|
| 5 | 5 |
License: MIT |
| 6 | 6 |
URL: http://curl.haxx.se |
| 7 | 7 |
Group: System Environment/NetworkingLibraries |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Source0: http://curl.haxx.se/download/%{name}-%{version}.tar.lzma
|
| 11 |
+Patch0: CVE-2016-7167.patch |
|
| 11 | 12 |
%define sha1 curl=07d8f7a4c7c9ad3293ee3d87f5c2683dd6cc1ca4 |
| 12 | 13 |
Requires: ca-certificates |
| 13 | 14 |
BuildRequires: ca-certificates |
| ... | ... |
@@ -23,6 +24,7 @@ functions like streaming media. |
| 23 | 23 |
%prep |
| 24 | 24 |
%setup -q |
| 25 | 25 |
sed -i '/--static-libs)/{N;s#echo .*#echo #;}' curl-config.in
|
| 26 |
+%patch0 -p1 |
|
| 26 | 27 |
%build |
| 27 | 28 |
./configure \ |
| 28 | 29 |
CFLAGS="%{optflags}" \
|
| ... | ... |
@@ -60,6 +62,8 @@ rm -rf %{buildroot}/*
|
| 60 | 60 |
%{_docdir}/%{name}-%{version}
|
| 61 | 61 |
%{_datadir}/zsh/site-functions/_curl
|
| 62 | 62 |
%changelog |
| 63 |
+* Mon Sep 19 2016 Xiaolin Li <xiaolinl@vmware.com> 7.47.1-3 |
|
| 64 |
+- Applied CVE-2016-7167.patch. |
|
| 63 | 65 |
* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 7.47.1-2 |
| 64 | 66 |
- GA - Bump release of all rpms |
| 65 | 67 |
* Tue Feb 23 2016 Xiaolin Li <xiaolinl@vmware.com> 7.47.1-1 |