fix KTar for archives created by git archive (kde#258737)
* Fri Mar 09 2011 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.6.5-11 - fix KTar for archives created by git archive (kde#258737)
This commit is contained in:
parent
34b28d8f23
commit
657412153a
66
kdelibs-4.6.5-ktar-kde#258737.patch
Normal file
66
kdelibs-4.6.5-ktar-kde#258737.patch
Normal file
@ -0,0 +1,66 @@
|
||||
diff -ur kdelibs-4.6.5/kdecore/io/ktar.cpp kdelibs-4.6.5-ktar-kde#258737/kdecore/io/ktar.cpp
|
||||
--- kdelibs-4.6.5/kdecore/io/ktar.cpp 2011-04-01 15:56:18.000000000 +0200
|
||||
+++ kdelibs-4.6.5-ktar-kde#258737/kdecore/io/ktar.cpp 2012-03-09 03:21:22.000000000 +0100
|
||||
@@ -179,7 +179,9 @@
|
||||
qint64 KTar::KTarPrivate::readRawHeader( char *buffer ) {
|
||||
// Read header
|
||||
qint64 n = q->device()->read( buffer, 0x200 );
|
||||
- if ( n == 0x200 && buffer[0] != 0 ) {
|
||||
+ // we need to test if there is a prefix value because the file name can be null
|
||||
+ // and the prefix can have a value and in this case we don't reset n.
|
||||
+ if ( n == 0x200 && (buffer[0] != 0 || buffer[0x159] != 0) ) {
|
||||
// Make sure this is actually a tar header
|
||||
if (strncmp(buffer + 257, "ustar", 5)) {
|
||||
// The magic isn't there (broken/old tars), but maybe a correct checksum?
|
||||
@@ -234,7 +236,7 @@
|
||||
}/*wend*/
|
||||
// jump over the rest
|
||||
const int skip = 0x200 - (n % 0x200);
|
||||
- if (skip < 0x200) {
|
||||
+ if (skip <= 0x200) {
|
||||
if (dev->read(buffer,skip) != skip)
|
||||
return false;
|
||||
}
|
||||
@@ -362,6 +364,7 @@
|
||||
if (n == 0x200)
|
||||
{
|
||||
bool isdir = false;
|
||||
+ bool isGlobalHeader = false;
|
||||
|
||||
if ( name.endsWith( QLatin1Char( '/' ) ) )
|
||||
{
|
||||
@@ -369,6 +372,11 @@
|
||||
name.truncate( name.length() - 1 );
|
||||
}
|
||||
|
||||
+ QByteArray prefix = QByteArray(buffer + 0x159, 155);
|
||||
+ if (prefix[0] != '\0') {
|
||||
+ name = (QString::fromLatin1(prefix.constData()) + QLatin1Char('/') + name);
|
||||
+ }
|
||||
+
|
||||
int pos = name.lastIndexOf( QLatin1Char('/') );
|
||||
QString nm = ( pos == -1 ) ? name : name.mid( pos + 1 );
|
||||
|
||||
@@ -393,7 +401,11 @@
|
||||
char typeflag = buffer[ 0x9c ];
|
||||
// '0' for files, '1' hard link, '2' symlink, '5' for directory
|
||||
// (and 'L' for longlink fileNames, 'K' for longlink symlink targets)
|
||||
- // and 'D' for GNU tar extension DUMPDIR
|
||||
+ // 'D' for GNU tar extension DUMPDIR, 'x' for Extended header referring
|
||||
+ // to the next file in the archive and 'g' for Global extended header
|
||||
+ if ( typeflag == 'g' )
|
||||
+ isGlobalHeader = true;
|
||||
+
|
||||
if ( typeflag == '5' )
|
||||
isdir = true;
|
||||
|
||||
@@ -450,6 +462,9 @@
|
||||
kWarning(7041) << "skipping" << skip << "failed";
|
||||
}
|
||||
|
||||
+ if (isGlobalHeader)
|
||||
+ continue;
|
||||
+
|
||||
if ( pos == -1 )
|
||||
{
|
||||
if (nm == QLatin1String(".")) { // special case
|
20
kdelibs.spec
20
kdelibs.spec
@ -20,7 +20,7 @@
|
||||
|
||||
Summary: KDE Libraries
|
||||
Version: 4.6.5
|
||||
Release: 10%{?dist}
|
||||
Release: 11%{?dist}
|
||||
|
||||
Name: kdelibs
|
||||
Epoch: 6
|
||||
@ -123,9 +123,17 @@ Patch104: kdelibs-4.6.5-kconfig_sync-2.patch
|
||||
Patch105: kdelibs-4.6.5-kconfig_sync-3.patch
|
||||
|
||||
## 4.7 upstream
|
||||
# https://projects.kde.org/projects/kde/kdelibs/repository/revisions/865e5fa4108bb3f470b9424ec34dc573d97e2473
|
||||
# http://commits.kde.org/kdelibs/865e5fa4108bb3f470b9424ec34dc573d97e2473
|
||||
Patch150: kdelibs-fix_fd_leak_in_klockfile.patch
|
||||
|
||||
## 4.8 upstream
|
||||
# fix KTar for archives created by git archive (kde#258737). Cumulative from:
|
||||
# http://commits.kde.org/kdelibs/380587aa431789bec06ae5653234cbb952315fc4
|
||||
# http://commits.kde.org/kdelibs/262cf5920c9c0d9619d384bcf0298615c2060b44
|
||||
# http://commits.kde.org/kdelibs/762136bc525d84215bfbcbedc995431e8b66b181
|
||||
# http://commits.kde.org/kdelibs/6e0d694b302b57883ed79a3b47c9d60bea20dc8e
|
||||
Patch160: kdelibs-4.6.5-ktar-kde#258737.patch
|
||||
|
||||
|
||||
## security fix
|
||||
# Not Upstreamed? why not ? -- Rex
|
||||
@ -136,7 +144,7 @@ Patch202: kdelibs-4.6.5-CVE-2011-3365-kssl.patch
|
||||
# CVE-2010-0046, The Cascading Style Sheets (CSS) implementation in khtml/WebKit
|
||||
# allows remote attackers to execute arbitrary code or cause a denial of service
|
||||
# (memory corruption and application crash) via crafted format arguments.
|
||||
Patch203: kdelibs-4.6.5-CVE-2010-0046.patch
|
||||
Patch203: kdelibs-4.6.5-CVE-2010-0046.patch
|
||||
|
||||
## Fedora specific patches
|
||||
# make forcefully hal-free build
|
||||
@ -323,6 +331,9 @@ sed -i -e "s|@@VERSION_RELEASE@@|%{version}-%{release}|" kio/kio/kprotocolmanage
|
||||
# 4.7 backported patches
|
||||
%patch150 -p1 -b .fix_leak_in_klockfile
|
||||
|
||||
# 4.8 backported patches
|
||||
%patch160 -p1 -b .ktar-kde#258737
|
||||
|
||||
# security fix
|
||||
%patch200 -p1 -b .CVE-2009-2702
|
||||
%patch201 -p1 -b .CVE-2011-3365-kio
|
||||
@ -578,6 +589,9 @@ rm -rf %{buildroot}
|
||||
|
||||
|
||||
%changelog
|
||||
* Fri Mar 09 2011 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.6.5-11
|
||||
- fix KTar for archives created by git archive (kde#258737)
|
||||
|
||||
* Fri Nov 18 2011 Rex Dieter <rdieter@fedoraproject.org> 4.6.5-10
|
||||
- CVE-2010-0046, security issue in khtml
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user