Hello community, here is the log from the commit of package libmirage for openSUSE:Factory checked in at 2019-08-27 10:24:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libmirage (Old) and /work/SRC/openSUSE:Factory/.libmirage.new.7948 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libmirage" Tue Aug 27 10:24:56 2019 rev:19 rq:726099 version:3.2.2 Changes: -------- --- /work/SRC/openSUSE:Factory/libmirage/libmirage.changes 2019-07-11 13:18:57.066756850 +0200 +++ /work/SRC/openSUSE:Factory/.libmirage.new.7948/libmirage.changes 2019-08-27 10:24:57.667925280 +0200 @@ -1,0 +2,8 @@ +Mon Aug 26 08:28:33 UTC 2019 - Jan Engelhardt <[email protected]> + +- Drop SLE11 recipes from specfile, the build is disabled anyway. +- Add 0001-libMirage-CSO-filter-validate-part-size.patch, + 0002-libMirage-CSO-filter-replaced-a-g_assert-with-error-.patch + [boo#1148087, CVE-2019-15540] + +------------------------------------------------------------------- New: ---- 0001-libMirage-CSO-filter-validate-part-size.patch 0002-libMirage-CSO-filter-replaced-a-g_assert-with-error-.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libmirage.spec ++++++ --- /var/tmp/diff_new_pack.6ORx4E/_old 2019-08-27 10:24:58.107925251 +0200 +++ /var/tmp/diff_new_pack.6ORx4E/_new 2019-08-27 10:24:58.107925251 +0200 @@ -27,22 +27,12 @@ URL: http://cdemu.sf.net/about/libmirage/ #Git-Clone: git://git.code.sf.net/p/cdemu/code -Source: http://downloads.sf.net/cdemu/%name-%version.tar.bz2 +Source: https://downloads.sf.net/cdemu/%name-%version.tar.bz2 +Patch1: 0001-libMirage-CSO-filter-validate-part-size.patch +Patch2: 0002-libMirage-CSO-filter-replaced-a-g_assert-with-error-.patch BuildRequires: cmake >= 2.8.5 BuildRequires: intltool >= 0.21 BuildRequires: pkg-config >= 0.16 -%if 0%{?sles_version} && 0%{?suse_version} == 1110 -# SLES 11 is still supported -# Dependencies list in an old style -BuildRequires: glib2-devel >= 2.28 -BuildRequires: gtk-doc >= 1.4 -BuildRequires: libbz2-devel >= 1.0.0 -BuildRequires: libsamplerate-devel >= 0.1.0 -BuildRequires: libsndfile-devel >= 1.0.0 -BuildRequires: shared-mime-info -BuildRequires: xz-devel >= 5.0.0 -BuildRequires: zlib-devel >= 1.2.4 -%else BuildRequires: pkgconfig(bzip2) >= 1.0.0 BuildRequires: pkgconfig(gio-2.0) >= 2.38 BuildRequires: pkgconfig(glib-2.0) >= 2.38 @@ -55,9 +45,7 @@ BuildRequires: pkgconfig(shared-mime-info) BuildRequires: pkgconfig(sndfile) >= 1.0.0 BuildRequires: pkgconfig(zlib) >= 1.2.4 -%endif Recommends: %name-lang -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description A CD-ROM image access library part of the cdemu suite. @@ -123,9 +111,7 @@ Group: Development/Libraries/C and C++ Requires(post): shared-mime-info Requires(postun): shared-mime-info -%if 0%{?suse_version} >= 1130 BuildArch: noarch -%endif %description data libmirage provides uniform access to the data stored in different @@ -135,7 +121,7 @@ This package contains the MIME type definitions and documentation. %package -n typelib-1_0-libmirage-%pname -Summary: The libmirage CD-ROM image access library – introspection bindings +Summary: Introspection bindings for the libmirage CD-ROM image access library Group: System/Libraries %description -n typelib-1_0-libmirage-%pname @@ -146,7 +132,7 @@ This package provides the GObject Introspection bindings for libmirage. %prep -%setup -q +%autosetup -p2 %build %cmake -DCMAKE_MODULE_LINKER_FLAGS="" @@ -160,46 +146,30 @@ %postun -n %lname -p /sbin/ldconfig %post data -%if 0%{?sles_version} && 0%{?suse_version} == 1110 -/usr/bin/update-mime-database %{_datadir}/mime >/dev/null || : -%else %mime_database_post -%endif %postun data -%if 0%{?sles_version} && 0%{?suse_version} == 1110 -/usr/bin/update-mime-database %{_datadir}/mime >/dev/null || : -%else %mime_database_postun -%endif %files -n %lname -%defattr(-,root,root) %_libdir/libmirage.so.11* %files %pname -%defattr(-,root,root) %_libdir/libmirage-3*/ %files data -%defattr(-,root,root) %_datadir/gtk-doc/ %_datadir/mime/packages/* %files devel -%defattr(-,root,root) %_includedir/libmirage-3*/ %_libdir/libmirage.so %_libdir/pkgconfig/libmirage.pc -%if 0%{?suse_version} > 1110 %_datadir/gir-1.0 %files lang -f %name.lang -%defattr(-,root,root) %files -n typelib-1_0-libmirage-%pname -%defattr(-,root,root) %_libdir/girepository-1.0 -%endif %changelog ++++++ 0001-libMirage-CSO-filter-validate-part-size.patch ++++++ >From 0e9292c9aa34bf545f43f7efe5f0b94faba94962 Mon Sep 17 00:00:00 2001 From: Rok Mandeljc <[email protected]> Date: Sun, 25 Aug 2019 14:53:58 +0200 Subject: [PATCH 1/2] libMirage: CSO filter: validate part size Part size must be always either smaller than the declared block size (compressed block) or equal to it (raw block). If not, return error - because we allocate our I/O buffer based on the block size. Fixes SF bug #119, which is triggered by part size ending up being larger than the block size. Thanks to Andrea Fioraldi for report and thorough analysis of the issue. --- libmirage/filters/filter-cso/filter-stream.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/libmirage/filters/filter-cso/filter-stream.c b/libmirage/filters/filter-cso/filter-stream.c index 5f2f5e25..d43aa54a 100644 --- a/libmirage/filters/filter-cso/filter-stream.c +++ b/libmirage/filters/filter-cso/filter-stream.c @@ -120,6 +120,14 @@ static gboolean mirage_filter_stream_cso_read_index (MirageFilterStreamCso *self CSO_Part *prev_part = &self->priv->parts[i-1]; prev_part->comp_size = cur_part->offset - prev_part->offset; + + /* Part size must be either smaller than header->block_size + (compressed block ) or equal to it (raw block) */ + if (prev_part->comp_size > header->block_size) { + MIRAGE_DEBUG(self, MIRAGE_DEBUG_WARNING, "%s: invalid part/index entry: part data length (%" G_GINT64_MODIFIER "d) exceeds declared block size (%d)!\n", __debug__, prev_part->comp_size, header->block_size); + g_set_error(error, MIRAGE_ERROR, MIRAGE_ERROR_STREAM_ERROR, Q_("Invalid CSO file!")); + return FALSE; + } } } -- 2.22.1 ++++++ 0002-libMirage-CSO-filter-replaced-a-g_assert-with-error-.patch ++++++ >From f6adcd08beffd9dac2c4a86852ba0bda06870f4f Mon Sep 17 00:00:00 2001 From: Rok Mandeljc <[email protected]> Date: Sun, 25 Aug 2019 15:11:23 +0200 Subject: [PATCH 2/2] libMirage: CSO filter: replaced a g_assert() with error return --- libmirage/filters/filter-cso/filter-stream.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/libmirage/filters/filter-cso/filter-stream.c b/libmirage/filters/filter-cso/filter-stream.c index d43aa54a..065dc40c 100644 --- a/libmirage/filters/filter-cso/filter-stream.c +++ b/libmirage/filters/filter-cso/filter-stream.c @@ -70,12 +70,17 @@ static gboolean mirage_filter_stream_cso_read_index (MirageFilterStreamCso *self MIRAGE_DEBUG(self, MIRAGE_DEBUG_PARSER, "%s: reading part index\n", __debug__); + if (header->total_bytes % header->block_size) { + MIRAGE_DEBUG(self, MIRAGE_DEBUG_WARNING, "%s: original stream size (%" G_GUINT64_FORMAT ") is not a multiple of block size (%d)!\n", __debug__, header->total_bytes, header->block_size); + g_set_error(error, MIRAGE_ERROR, MIRAGE_ERROR_STREAM_ERROR, Q_("Invalid CSO file!")); + return FALSE; + } + self->priv->num_parts = header->total_bytes / header->block_size; self->priv->num_indices = self->priv->num_parts + 1; /* Contains EOF offset */ - g_assert(header->total_bytes % header->block_size == 0); MIRAGE_DEBUG(self, MIRAGE_DEBUG_PARSER, "%s: number of parts: %d\n", __debug__, self->priv->num_parts); - MIRAGE_DEBUG(self, MIRAGE_DEBUG_PARSER, "%s: original stream size: %" G_GINT64_MODIFIER "d\n", __debug__, header->total_bytes); + MIRAGE_DEBUG(self, MIRAGE_DEBUG_PARSER, "%s: original stream size: 0x%" G_GINT64_MODIFIER "X (%" G_GUINT64_FORMAT ")\n", __debug__, header->total_bytes, header->total_bytes); /* At least one part must be present */ if (!self->priv->num_parts) { -- 2.22.1
