Pull in a couple of upstream fixes:

* Fix memory leak in _hivex_get_children. * Increase HIVEX_MAX_VALUE_LEN. (cherry picked from commit 61ccd82e71)
2014-11-14 15:42:42 +00:00 · 2014-11-14 15:42:42 +00:00 · aabef6d445
parent 6780080346
commit aabef6d445
3 changed files with 76 additions and 1 deletions
--- a/0001-lib-write-fix-memory-leak.patch
+++ b/0001-lib-write-fix-memory-leak.patch
@ -0,0 +1,33 @@
+From 62b885e5b6239ac925554063dadeff8eeee7f2fc Mon Sep 17 00:00:00 2001
+From: Pino Toscano <ptoscano@redhat.com>
+Date: Tue, 11 Nov 2014 11:36:30 +0100
+Subject: [PATCH 1/2] lib: write: fix memory leak
+
+Free the "blocks" array got from _hivex_get_children.
+
+Thanks: Mahmoud Al-Qudsi
+---
+ lib/write.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/lib/write.c b/lib/write.c
+index abd12c5..33b64e4 100644
+--- a/lib/write.c
+++ b/lib/write.c
+@@ -902,10 +902,13 @@ hivex_node_delete_child (hive_h *h, hive_node_h node)
+         }
+     }
+   }
+  free (blocks);
+   SET_ERRNO (ENOTSUP, "could not find parent to child link");
+   return -1;
+ 
+  found:;
+  free (blocks);
+
+   struct ntreg_nk_record *nk =
+     (struct ntreg_nk_record *) ((char *) h->addr + parent);
+   size_t nr_subkeys_in_nk = le32toh (nk->nr_subkeys);
+-- 
+2.1.0
+
--- a/0002-lib-Increase-HIVEX_MAX_VALUE_LEN-to-8000000.patch
+++ b/0002-lib-Increase-HIVEX_MAX_VALUE_LEN-to-8000000.patch
@ -0,0 +1,31 @@
+From 99b613b1c1d326702b2bb527f20d555d7c7e4ee7 Mon Sep 17 00:00:00 2001
+From: "Richard W.M. Jones" <rjones@redhat.com>
+Date: Fri, 14 Nov 2014 15:37:37 +0000
+Subject: [PATCH 2/2] lib: Increase HIVEX_MAX_VALUE_LEN to 8000000.
+
+I encountered a hive that contained a key of 3_886_561 bytes length in
+a key called 'HKLM\SYSTEM\ControlSet001\services\mfeavfk' (apparently
+belonging to "McAfee Anti-virus software").
+
+The previous limit was set arbitrarily at 2_000_000 bytes.  Increase
+it to cope with this larger key.
+---
+ lib/hivex-internal.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/hivex-internal.h b/lib/hivex-internal.h
+index e59084d..1613013 100644
+--- a/lib/hivex-internal.h
+++ b/lib/hivex-internal.h
+@@ -325,7 +325,7 @@ extern int _hivex_get_values (hive_h *h, hive_node_h node, hive_value_h **values
+ /* These limits are in place to stop really stupid stuff and/or exploits. */
+ #define HIVEX_MAX_SUBKEYS       15000
+ #define HIVEX_MAX_VALUES        10000
+-#define HIVEX_MAX_VALUE_LEN   2000000
+#define HIVEX_MAX_VALUE_LEN   8000000
+ #define HIVEX_MAX_ALLOCATION  1000000
+ 
+ #endif /* HIVEX_INTERNAL_H_ */
+-- 
+2.1.0
+
--- a/hivex.spec
+++ b/hivex.spec
@ -7,7 +7,7 @@

 Name:           hivex
 Version:        1.3.11
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Read and write Windows Registry binary hive files

 License:        LGPLv2
@ -19,6 +19,10 @@ Source0:        http://libguestfs.org/download/hivex/%{name}-%{version}.tar.gz
 Patch0:         %{name}-1.3.8-dirs.patch
 BuildRequires:  autoconf, automake, libtool, gettext-devel

+# Pull in a couple of upstream fixes.
+Patch1:         0001-lib-write-fix-memory-leak.patch
+Patch2:         0002-lib-Increase-HIVEX_MAX_VALUE_LEN-to-8000000.patch
+
 BuildRequires:  perl
 BuildRequires:  perl-Test-Simple
 BuildRequires:  perl-Test-Pod
@ -158,6 +162,8 @@ ruby-%{name} contains Ruby bindings for %{name}.

 %patch0 -p1 -b .dirs
 autoreconf -i
+%patch1 -p1
+%patch2 -p1

 %build
 %configure
@ -264,6 +270,11 @@ rm $RPM_BUILD_ROOT%{python_sitearch}/libhivexmod.la


 %changelog
+* Fri Nov 14 2014 Richard W.M. Jones <rjones@redhat.com> - 1.3.11-2
+- Pull in a couple of upstream fixes:
+  * Fix memory leak in _hivex_get_children.
+  * Increase HIVEX_MAX_VALUE_LEN.
+
 * Thu Oct 30 2014 Richard W.M. Jones <rjones@redhat.com> - 1.3.11-1
 - New upstream version 1.3.11.
 - Python objects are now placed in a hivex/ subdirectory.