rpms/libtar/devel libtar-1.2.11-tar_header.patch, NONE, 1.1 libtar.spec, 1.17, 1.18

Huzaifa Sidhpurwala huzaifas at fedoraproject.org
Fri Nov 20 09:52:56 UTC 2009


Author: huzaifas

Update of /cvs/pkgs/rpms/libtar/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28420

Modified Files:
	libtar.spec 
Added Files:
	libtar-1.2.11-tar_header.patch 
Log Message:
fix BZ #538770

libtar-1.2.11-tar_header.patch:
 encode.c |    5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

--- NEW FILE libtar-1.2.11-tar_header.patch ---
diff -Naur libtar-1.2.11/lib/encode.c libtar-1.2.11.tar_header/lib/encode.c
--- libtar-1.2.11/lib/encode.c	2003-01-07 07:10:59.000000000 +0530
+++ libtar-1.2.11.tar_header/lib/encode.c	2009-11-20 11:13:25.166756167 +0530
@@ -30,7 +30,10 @@
 	int i, sum = 0;
 
 	if (t->options & TAR_GNU)
-		strncpy(t->th_buf.magic, "ustar  ", 8);
+	{
+		memcpy(t->th_buf.magic, "ustar ", 6);
+		memcpy(t->th_buf.version, " \0", 2);
+	}
 	else
 	{
 		strncpy(t->th_buf.version, TVERSION, TVERSLEN);


Index: libtar.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libtar/devel/libtar.spec,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -p -r1.17 -r1.18
--- libtar.spec	22 Sep 2009 15:07:53 -0000	1.17
+++ libtar.spec	20 Nov 2009 09:52:56 -0000	1.18
@@ -1,7 +1,7 @@
 Summary:        Tar file manipulation API
 Name:           libtar
 Version:        1.2.11
-Release:        14%{?dist}
+Release:        15%{?dist}
 License:        MIT
 Group:          System Environment/Libraries
 URL:            http://www.feep.net/libtar/
@@ -9,6 +9,7 @@ Source0:        ftp://ftp.feep.net/pub/s
 Patch0:         http://ftp.debian.org/debian/pool/main/libt/libtar/libtar_1.2.11-4.diff.gz
 Patch1:         libtar-1.2.11-missing-protos.patch
 Patch2:         libtar-macro.patch
+Patch3:		libtar-1.2.11-tar_header.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-buildroot
 BuildRequires:  zlib-devel libtool
 
@@ -33,6 +34,7 @@ developing applications that use %{name}
 %patch0 -p1 -z .deb
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1 -b .tar_header
 # set correct version for .so build
 %define ltversion %(echo %{version} | tr '.' ':')
 sed -i 's/-rpath $(libdir)/-rpath $(libdir) -version-number %{ltversion}/' \
@@ -85,6 +87,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Fri Nov 20 2009 Huzaifa Sidhpurwala <huzaifas at redhat.com> - 1.2.11-15
+- Fix buffer overflow in BZ #538770
+
 * Tue Sep 22 2009 Stepan Kasal <skasal at redhat.com> - 1.2.11-14
 - fix up so that it builds again (#511566)
 




More information about the fedora-extras-commits mailing list