rpms/libtar/EL-5 libtar-1.2.11-tar_header.patch, NONE, 1.1 libtar.spec, 1.12, 1.13

Huzaifa Sidhpurwala huzaifas at fedoraproject.org
Mon Nov 23 07:41:01 UTC 2009 

Author: huzaifas

Update of /cvs/pkgs/rpms/libtar/EL-5
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv11442

Modified Files:
	libtar.spec 
Added Files:
	libtar-1.2.11-tar_header.patch 
Log Message:
RBZ #538770

libtar-1.2.11-tar_header.patch:
 encode.c |    5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

--- NEW FILE libtar-1.2.11-tar_header.patch ---
diff -Naur libtar-1.2.11/lib/encode.c libtar-1.2.11.tar_header/lib/encode.c
--- libtar-1.2.11/lib/encode.c	2003-01-07 07:10:59.000000000 +0530
+++ libtar-1.2.11.tar_header/lib/encode.c	2009-11-20 11:13:25.166756167 +0530
@@ -30,7 +30,10 @@
 	int i, sum = 0;
 
 	if (t->options & TAR_GNU)
-		strncpy(t->th_buf.magic, "ustar  ", 8);
+	{
+		memcpy(t->th_buf.magic, "ustar ", 6);
+		memcpy(t->th_buf.version, " \0", 2);
+	}
 	else
 	{
 		strncpy(t->th_buf.version, TVERSION, TVERSLEN);


Index: libtar.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libtar/EL-5/libtar.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -p -r1.12 -r1.13
--- libtar.spec	28 Sep 2009 09:21:19 -0000	1.12
+++ libtar.spec	23 Nov 2009 07:40:59 -0000	1.13
@@ -1,13 +1,14 @@
 Summary:        Tar file manipulation API
 Name:           libtar
 Version:        1.2.11
-Release:        11%{?dist}
+Release:        12%{?dist}
 License:        MIT
 Group:          System Environment/Libraries
 URL:            http://www.feep.net/libtar/
 Source0:        ftp://ftp.feep.net/pub/software/libtar/libtar-%{version}.tar.gz
 Patch0:         http://ftp.debian.org/debian/pool/main/libt/libtar/libtar_1.2.11-4.diff.gz
 Patch1:         libtar-1.2.11-missing-protos.patch
+Patch2:		libtar-1.2.11-tar_header.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-buildroot
 BuildRequires:  zlib-devel libtool
 
@@ -31,6 +32,7 @@ developing applications that use %{name}
 %setup -q
 %patch0 -p1 -z .deb
 %patch1 -p1
+%patch2 -p1 -z .tar_header
 # set correct version for .so build
 %define ltversion %(echo %{version} | tr '.' ':')
 sed -i 's/-rpath $(libdir)/-rpath $(libdir) -version-number %{ltversion}/' \
@@ -77,6 +79,9 @@ rm -rf $RPM_BUILD_ROOT
 
 
 %changelog
+* Mon Nov 23 2009 Huzaifa Sidhpurwala <huzaifas at redhat.com> 1.2.11-12
+- Fix buffer overflow bug RBZ #538770
+
 * Thu Apr  3 2008 Hans de Goede <j.w.r.degoede at hhs.nl> 1.2.11-11
 - Fix missing prototype compiler warnings

More information about the fedora-extras-commits mailing list