This patch fixes an out-of-bound error in rar e8 filter. Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237] Signed-off-by: Ashish Sharma <[email protected]> --- .../libarchive/CVE-2024-26256.patch | 27 +++++++++++++++++++ .../libarchive/libarchive_3.7.4.bb | 4 ++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch
diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch new file mode 100644 index 00000000000..f9be4fe255d --- /dev/null +++ b/meta/recipes-extended/libarchive/libarchive/CVE-2024-26256.patch @@ -0,0 +1,27 @@ +From eb7939b24a681a04648a59cdebd386b1e9dc9237 Mon Sep 17 00:00:00 2001 +From: Wei-Cheng Pan <[email protected]> +Date: Mon, 22 Apr 2024 01:55:41 +0900 +Subject: [PATCH] fix: OOB in rar e8 filter (#2135) + +This patch fixes an out-of-bound error in rar e8 filter. + +Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/eb7939b24a681a04648a59cdebd386b1e9dc9237] +CVE: CVE-2024-26256 +Signed-off-by: Ashish Sharma <[email protected]> + + libarchive/archive_read_support_format_rar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c +index 99a11d1700..266d0ee995 100644 +--- a/libarchive/archive_read_support_format_rar.c ++++ b/libarchive/archive_read_support_format_rar.c +@@ -3615,7 +3615,7 @@ execute_filter_e8(struct rar_filter *filter, struct rar_virtual_machine *vm, siz + uint32_t filesize = 0x1000000; + uint32_t i; + +- if (length > PROGRAM_WORK_SIZE || length < 4) ++ if (length > PROGRAM_WORK_SIZE || length <= 4) + return 0; + + for (i = 0; i <= length - 5; i++) diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.4.bb b/meta/recipes-extended/libarchive/libarchive_3.7.4.bb index da857641168..22e398f5989 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.7.4.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.7.4.bb @@ -30,7 +30,9 @@ PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd," EXTRA_OECONF += "--enable-largefile --without-iconv" SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz"; -SRC_URI += "file://configurehack.patch" +SRC_URI += "file://configurehack.patch \ + file://CVE-2024-26256.patch \ +" UPSTREAM_CHECK_URI = "http://libarchive.org/"; SRC_URI[sha256sum] = "7875d49596286055b52439ed42f044bd8ad426aa4cc5aabd96bfe7abb971d5e8" -- 2.44.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#202479): https://lists.openembedded.org/g/openembedded-core/message/202479 Mute This Topic: https://lists.openembedded.org/mt/107529739/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
