Compare commits
5 Commits
Author | SHA1 | Date |
---|---|---|
Richard W.M. Jones | 1f56eca3bc | |
Richard W.M. Jones | 409e7f0ebf | |
Richard W.M. Jones | aabef6d445 | |
Richard W.M. Jones | 6780080346 | |
Peter Robinson | f04212bf87 |
|
@ -0,0 +1,33 @@
|
|||
From 4b3c3cd2b3d8d34601979feeb1390fddd442ab04 Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Thu, 20 Nov 2014 21:37:19 +0000
|
||||
Subject: [PATCH] lib: Don't leak errno from _hivex_recode function.
|
||||
|
||||
If iconv returns E2BIG, that's an internal indication for us, and not
|
||||
an error. Don't leak the errno up to the user, as happened here:
|
||||
|
||||
https://www.redhat.com/archives/libguestfs/2014-November/msg00140.html
|
||||
|
||||
Thanks Nicolas Ecarnot.
|
||||
---
|
||||
lib/utf16.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/lib/utf16.c b/lib/utf16.c
|
||||
index fe2c3bd..238f40a 100644
|
||||
--- a/lib/utf16.c
|
||||
+++ b/lib/utf16.c
|
||||
@@ -58,6 +58,10 @@ _hivex_recode (const char *input_encoding, const char *input, size_t input_len,
|
||||
if (r == (size_t) -1) {
|
||||
if (errno == E2BIG) {
|
||||
int err = errno;
|
||||
+ /* Reset errno here because we don't want to accidentally
|
||||
+ * return E2BIG to a library caller.
|
||||
+ */
|
||||
+ errno = 0;
|
||||
size_t prev = outalloc;
|
||||
/* Try again with a larger output buffer. */
|
||||
free (out);
|
||||
--
|
||||
2.1.0
|
||||
|
|
@ -0,0 +1,28 @@
|
|||
From bec3f0bb632c4b84a1dfb73eb6333c2ba9834ffb Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Thu, 20 Nov 2014 20:47:50 +0000
|
||||
Subject: [PATCH] lib: Increase HIVEX_MAX_SUBKEYS to 25000.
|
||||
|
||||
Thanks Nicolas Ecarnot who found a HKLM\SOFTWARE hive from a Windows
|
||||
XP machine which had an nk containing 18254 subkeys ( > current limit
|
||||
of 15000).
|
||||
---
|
||||
lib/hivex-internal.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/hivex-internal.h b/lib/hivex-internal.h
|
||||
index 1613013..1643469 100644
|
||||
--- a/lib/hivex-internal.h
|
||||
+++ b/lib/hivex-internal.h
|
||||
@@ -323,7 +323,7 @@ extern int _hivex_get_values (hive_h *h, hive_node_h node, hive_value_h **values
|
||||
} while (0)
|
||||
|
||||
/* These limits are in place to stop really stupid stuff and/or exploits. */
|
||||
-#define HIVEX_MAX_SUBKEYS 15000
|
||||
+#define HIVEX_MAX_SUBKEYS 25000
|
||||
#define HIVEX_MAX_VALUES 10000
|
||||
#define HIVEX_MAX_VALUE_LEN 8000000
|
||||
#define HIVEX_MAX_ALLOCATION 1000000
|
||||
--
|
||||
2.1.0
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
From 62b885e5b6239ac925554063dadeff8eeee7f2fc Mon Sep 17 00:00:00 2001
|
||||
From: Pino Toscano <ptoscano@redhat.com>
|
||||
Date: Tue, 11 Nov 2014 11:36:30 +0100
|
||||
Subject: [PATCH 1/2] lib: write: fix memory leak
|
||||
|
||||
Free the "blocks" array got from _hivex_get_children.
|
||||
|
||||
Thanks: Mahmoud Al-Qudsi
|
||||
---
|
||||
lib/write.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/lib/write.c b/lib/write.c
|
||||
index abd12c5..33b64e4 100644
|
||||
--- a/lib/write.c
|
||||
+++ b/lib/write.c
|
||||
@@ -902,10 +902,13 @@ hivex_node_delete_child (hive_h *h, hive_node_h node)
|
||||
}
|
||||
}
|
||||
}
|
||||
+ free (blocks);
|
||||
SET_ERRNO (ENOTSUP, "could not find parent to child link");
|
||||
return -1;
|
||||
|
||||
found:;
|
||||
+ free (blocks);
|
||||
+
|
||||
struct ntreg_nk_record *nk =
|
||||
(struct ntreg_nk_record *) ((char *) h->addr + parent);
|
||||
size_t nr_subkeys_in_nk = le32toh (nk->nr_subkeys);
|
||||
--
|
||||
2.1.0
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
From 99b613b1c1d326702b2bb527f20d555d7c7e4ee7 Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Fri, 14 Nov 2014 15:37:37 +0000
|
||||
Subject: [PATCH 2/2] lib: Increase HIVEX_MAX_VALUE_LEN to 8000000.
|
||||
|
||||
I encountered a hive that contained a key of 3_886_561 bytes length in
|
||||
a key called 'HKLM\SYSTEM\ControlSet001\services\mfeavfk' (apparently
|
||||
belonging to "McAfee Anti-virus software").
|
||||
|
||||
The previous limit was set arbitrarily at 2_000_000 bytes. Increase
|
||||
it to cope with this larger key.
|
||||
---
|
||||
lib/hivex-internal.h | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/lib/hivex-internal.h b/lib/hivex-internal.h
|
||||
index e59084d..1613013 100644
|
||||
--- a/lib/hivex-internal.h
|
||||
+++ b/lib/hivex-internal.h
|
||||
@@ -325,7 +325,7 @@ extern int _hivex_get_values (hive_h *h, hive_node_h node, hive_value_h **values
|
||||
/* These limits are in place to stop really stupid stuff and/or exploits. */
|
||||
#define HIVEX_MAX_SUBKEYS 15000
|
||||
#define HIVEX_MAX_VALUES 10000
|
||||
-#define HIVEX_MAX_VALUE_LEN 2000000
|
||||
+#define HIVEX_MAX_VALUE_LEN 8000000
|
||||
#define HIVEX_MAX_ALLOCATION 1000000
|
||||
|
||||
#endif /* HIVEX_INTERNAL_H_ */
|
||||
--
|
||||
2.1.0
|
||||
|
36
hivex.spec
36
hivex.spec
|
@ -6,8 +6,8 @@
|
|||
%endif
|
||||
|
||||
Name: hivex
|
||||
Version: 1.3.10
|
||||
Release: 5%{?dist}
|
||||
Version: 1.3.11
|
||||
Release: 4%{?dist}
|
||||
Summary: Read and write Windows Registry binary hive files
|
||||
|
||||
License: LGPLv2
|
||||
|
@ -19,6 +19,12 @@ Source0: http://libguestfs.org/download/hivex/%{name}-%{version}.tar.gz
|
|||
Patch0: %{name}-1.3.8-dirs.patch
|
||||
BuildRequires: autoconf, automake, libtool, gettext-devel
|
||||
|
||||
# Pull in some upstream fixes.
|
||||
Patch1: 0001-lib-write-fix-memory-leak.patch
|
||||
Patch2: 0002-lib-Increase-HIVEX_MAX_VALUE_LEN-to-8000000.patch
|
||||
Patch3: 0001-lib-Increase-HIVEX_MAX_SUBKEYS-to-25000.patch
|
||||
Patch4: 0001-lib-Don-t-leak-errno-from-_hivex_recode-function.patch
|
||||
|
||||
BuildRequires: perl
|
||||
BuildRequires: perl-Test-Simple
|
||||
BuildRequires: perl-Test-Pod
|
||||
|
@ -158,6 +164,10 @@ ruby-%{name} contains Ruby bindings for %{name}.
|
|||
|
||||
%patch0 -p1 -b .dirs
|
||||
autoreconf -i
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
|
||||
%build
|
||||
%configure
|
||||
|
@ -251,9 +261,9 @@ rm $RPM_BUILD_ROOT%{python_sitearch}/libhivexmod.la
|
|||
|
||||
|
||||
%files -n python-%{name}
|
||||
%{python_sitearch}/*.py
|
||||
%{python_sitearch}/*.pyc
|
||||
%{python_sitearch}/*.pyo
|
||||
%{python_sitearch}/hivex/*.py
|
||||
%{python_sitearch}/hivex/*.pyc
|
||||
%{python_sitearch}/hivex/*.pyo
|
||||
%{python_sitearch}/*.so
|
||||
|
||||
|
||||
|
@ -264,6 +274,22 @@ rm $RPM_BUILD_ROOT%{python_sitearch}/libhivexmod.la
|
|||
|
||||
|
||||
%changelog
|
||||
* Thu Nov 20 2014 Richard W.M. Jones <rjones@redhat.com> - 1.3.11-4
|
||||
- Increase HIVEX_MAX_SUBKEYS.
|
||||
- Don't leak errno E2BIG to callers.
|
||||
|
||||
* Fri Nov 14 2014 Richard W.M. Jones <rjones@redhat.com> - 1.3.11-2
|
||||
- Pull in a couple of upstream fixes:
|
||||
* Fix memory leak in _hivex_get_children.
|
||||
* Increase HIVEX_MAX_VALUE_LEN.
|
||||
|
||||
* Thu Oct 30 2014 Richard W.M. Jones <rjones@redhat.com> - 1.3.11-1
|
||||
- New upstream version 1.3.11.
|
||||
- Python objects are now placed in a hivex/ subdirectory.
|
||||
|
||||
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.10-6
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||
|
||||
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.10-5
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||
|
||||
|
|
Loading…
Reference in New Issue