gnu/packages/patches/libarchive-CVE-2013-0211.patch

   1 Description: Fix CVE-2013-0211: read buffer overflow on 64-bit systems
   2 Origin: upstream
   3 Bug-Debian: http://bugs.debian.org/703957
   4 Forwarded: not-needed
   5
   6 --- libarchive-3.0.4.orig/libarchive/archive_write.c
   7 +++ libarchive-3.0.4/libarchive/archive_write.c
   8 @@ -665,8 +665,13 @@ static ssize_t
   9  _archive_write_data(struct archive *_a, const void *buff, size_t s)
  10  {
  11         struct archive_write *a = (struct archive_write *)_a;
  12 +       const size_t max_write = INT_MAX;
  13 +
  14         archive_check_magic(&a->archive, ARCHIVE_WRITE_MAGIC,
  15             ARCHIVE_STATE_DATA, "archive_write_data");
  16 +       /* In particular, this catches attempts to pass negative values. */
  17 +       if (s > max_write)
  18 +               s = max_write;
  19         archive_clear_error(&a->archive);
  20         return ((a->format_write_data)(a, buff, s));
  21  }