Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: pu
I'd like to update the iucode-tool package in Debian stable with
cherry-picked fixes from upstrean iucode-tool v1.1.1.
These changes fix issues found by Coverity scan, including a buffer overrun
which causes an out-of-bounds dword write to an array, and some issues on
error paths.
debdiff diffstat:
debian/changelog
| 17 ++
debian/patches/0001-iucode_tool-cosmetic-fix-for-CID-72168.patch
| 29 +
debian/patches/0002-iucode_tool-cosmetic-fix-for-CID-72166.patch
| 25
debian/patches/0003-iucode_tool-avoid-closing-already-closed-file-handle.patch
| 29 +
debian/patches/0004-iucode_tool-simplify-fd-tracking-in-scan_system_proc.patch
| 57 ++
debian/patches/0005-iucode_tool-cosmetic-fix-for-CID-72164.patch
| 25
debian/patches/0006-iucode_tool-fix-memory-leak-in-load_intel_microcode_.patch
| 39 ++
debian/patches/0007-iucode_tool-rework-error-path-of-load_intel_microcod.patch
| 38 ++
debian/patches/0008-iucode_tool-fix-out-of-bounds-array-access-in-load_i.patch
| 31 +
debian/patches/series
|8 +
10 files changed, 298 insertions(+)
I've attached the full debdiff output.
--
One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie. -- The Silicon Valley Tarot
Henrique Holschuh
diff -Nru iucode-tool-0.8.3/debian/changelog iucode-tool-0.8.3/debian/changelog
--- iucode-tool-0.8.3/debian/changelog 2012-08-27 21:29:36.0 -0300
+++ iucode-tool-0.8.3/debian/changelog 2014-11-30 16:32:41.0 -0200
@@ -1,3 +1,20 @@
+iucode-tool (0.8.3-2) stable; urgency=medium
+
+ * cherry-pick fixes from upstream v1.1.1
+* Add eight new patches cherry-picked from upstream iucode-tool
+ version 1.1.1, fixing several issues found by Coverity scan,
+ including one for an out-of-bounds array write to the heap:
+ + 0001-iucode_tool-cosmetic-fix-for-CID-72168.patch
+ + 0002-iucode_tool-cosmetic-fix-for-CID-72166.patch
+ + 0003-iucode_tool-avoid-closing-already-closed-file-handle.patch
+ + 0004-iucode_tool-simplify-fd-tracking-in-scan_system_proc.patch
+ + 0005-iucode_tool-cosmetic-fix-for-CID-72164.patch
+ + 0006-iucode_tool-fix-memory-leak-in-load_intel_microcode_.patch
+ + 0007-iucode_tool-rework-error-path-of-load_intel_microcod.patch
+ + 0008-iucode_tool-fix-out-of-bounds-array-access-in-load_i.patch
+
+ -- Henrique de Moraes Holschuh h...@debian.org Sun, 30 Nov 2014 16:28:33 -0200
+
iucode-tool (0.8.3-1) unstable; urgency=low
* New upstream release
diff -Nru iucode-tool-0.8.3/debian/patches/0001-iucode_tool-cosmetic-fix-for-CID-72168.patch iucode-tool-0.8.3/debian/patches/0001-iucode_tool-cosmetic-fix-for-CID-72168.patch
--- iucode-tool-0.8.3/debian/patches/0001-iucode_tool-cosmetic-fix-for-CID-72168.patch 1969-12-31 21:00:00.0 -0300
+++ iucode-tool-0.8.3/debian/patches/0001-iucode_tool-cosmetic-fix-for-CID-72168.patch 2014-11-30 16:21:33.0 -0200
@@ -0,0 +1,29 @@
+From: Henrique de Moraes Holschuh h...@hmh.eng.br
+Date: Tue, 28 Oct 2014 11:07:14 -0200
+Subject: iucode_tool: cosmetic fix for CID 72168
+
+Remove test for !arg. The argument to -t is not optional and argp will
+abort before we reach that branch, so the test is not going to trigger.
+
+Alternatively, we could keep the defensive programming, but we'd have to
+add a bug guard arg in argp_error with a (arg)? arg:none;
+
+Fixes: Coverity CID 72168
+(cherry picked from commit a3919ad8a238ba2453770dd6681ac757854461f7)
+---
+ iucode_tool.c |2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/iucode_tool.c b/iucode_tool.c
+index d40e3a2..4bfa167 100644
+--- a/iucode_tool.c
b/iucode_tool.c
+@@ -1917,7 +1917,7 @@ static error_t cmdline_do_parse_arg(int key, char *arg,
+ break;
+
+ case 't':
+- if (!arg || strlen(arg) 1)
++ if (strlen(arg) 1)
+ argp_error(state, unknown file type: %s\n, arg);
+ switch (*arg) {
+ case 'd': /* .dat */
diff -Nru iucode-tool-0.8.3/debian/patches/0002-iucode_tool-cosmetic-fix-for-CID-72166.patch iucode-tool-0.8.3/debian/patches/0002-iucode_tool-cosmetic-fix-for-CID-72166.patch
--- iucode-tool-0.8.3/debian/patches/0002-iucode_tool-cosmetic-fix-for-CID-72166.patch 1969-12-31 21:00:00.0 -0300
+++ iucode-tool-0.8.3/debian/patches/0002-iucode_tool-cosmetic-fix-for-CID-72166.patch 2014-11-30 16:21:33.0 -0200
@@ -0,0 +1,25 @@
+From: Henrique de Moraes Holschuh h...@hmh.eng.br
+Date: Tue, 28 Oct 2014 11:11:57 -0200
+Subject: iucode_tool: cosmetic fix for CID 72166
+
+argp_state_help() will not return, as we do NOT use ARGP_NO_EXIT,
+still, add a break after it to keep Coverity