fix KTar for archives created by git archive (kde#258737)
* Fri Mar 09 2011 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.6.5-11 - fix KTar for archives created by git archive (kde#258737)
This commit is contained in:
parent
34b28d8f23
commit
657412153a
66
kdelibs-4.6.5-ktar-kde#258737.patch
Normal file
66
kdelibs-4.6.5-ktar-kde#258737.patch
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
diff -ur kdelibs-4.6.5/kdecore/io/ktar.cpp kdelibs-4.6.5-ktar-kde#258737/kdecore/io/ktar.cpp
|
||||||
|
--- kdelibs-4.6.5/kdecore/io/ktar.cpp 2011-04-01 15:56:18.000000000 +0200
|
||||||
|
+++ kdelibs-4.6.5-ktar-kde#258737/kdecore/io/ktar.cpp 2012-03-09 03:21:22.000000000 +0100
|
||||||
|
@@ -179,7 +179,9 @@
|
||||||
|
qint64 KTar::KTarPrivate::readRawHeader( char *buffer ) {
|
||||||
|
// Read header
|
||||||
|
qint64 n = q->device()->read( buffer, 0x200 );
|
||||||
|
- if ( n == 0x200 && buffer[0] != 0 ) {
|
||||||
|
+ // we need to test if there is a prefix value because the file name can be null
|
||||||
|
+ // and the prefix can have a value and in this case we don't reset n.
|
||||||
|
+ if ( n == 0x200 && (buffer[0] != 0 || buffer[0x159] != 0) ) {
|
||||||
|
// Make sure this is actually a tar header
|
||||||
|
if (strncmp(buffer + 257, "ustar", 5)) {
|
||||||
|
// The magic isn't there (broken/old tars), but maybe a correct checksum?
|
||||||
|
@@ -234,7 +236,7 @@
|
||||||
|
}/*wend*/
|
||||||
|
// jump over the rest
|
||||||
|
const int skip = 0x200 - (n % 0x200);
|
||||||
|
- if (skip < 0x200) {
|
||||||
|
+ if (skip <= 0x200) {
|
||||||
|
if (dev->read(buffer,skip) != skip)
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
@@ -362,6 +364,7 @@
|
||||||
|
if (n == 0x200)
|
||||||
|
{
|
||||||
|
bool isdir = false;
|
||||||
|
+ bool isGlobalHeader = false;
|
||||||
|
|
||||||
|
if ( name.endsWith( QLatin1Char( '/' ) ) )
|
||||||
|
{
|
||||||
|
@@ -369,6 +372,11 @@
|
||||||
|
name.truncate( name.length() - 1 );
|
||||||
|
}
|
||||||
|
|
||||||
|
+ QByteArray prefix = QByteArray(buffer + 0x159, 155);
|
||||||
|
+ if (prefix[0] != '\0') {
|
||||||
|
+ name = (QString::fromLatin1(prefix.constData()) + QLatin1Char('/') + name);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
int pos = name.lastIndexOf( QLatin1Char('/') );
|
||||||
|
QString nm = ( pos == -1 ) ? name : name.mid( pos + 1 );
|
||||||
|
|
||||||
|
@@ -393,7 +401,11 @@
|
||||||
|
char typeflag = buffer[ 0x9c ];
|
||||||
|
// '0' for files, '1' hard link, '2' symlink, '5' for directory
|
||||||
|
// (and 'L' for longlink fileNames, 'K' for longlink symlink targets)
|
||||||
|
- // and 'D' for GNU tar extension DUMPDIR
|
||||||
|
+ // 'D' for GNU tar extension DUMPDIR, 'x' for Extended header referring
|
||||||
|
+ // to the next file in the archive and 'g' for Global extended header
|
||||||
|
+ if ( typeflag == 'g' )
|
||||||
|
+ isGlobalHeader = true;
|
||||||
|
+
|
||||||
|
if ( typeflag == '5' )
|
||||||
|
isdir = true;
|
||||||
|
|
||||||
|
@@ -450,6 +462,9 @@
|
||||||
|
kWarning(7041) << "skipping" << skip << "failed";
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (isGlobalHeader)
|
||||||
|
+ continue;
|
||||||
|
+
|
||||||
|
if ( pos == -1 )
|
||||||
|
{
|
||||||
|
if (nm == QLatin1String(".")) { // special case
|
20
kdelibs.spec
20
kdelibs.spec
@ -20,7 +20,7 @@
|
|||||||
|
|
||||||
Summary: KDE Libraries
|
Summary: KDE Libraries
|
||||||
Version: 4.6.5
|
Version: 4.6.5
|
||||||
Release: 10%{?dist}
|
Release: 11%{?dist}
|
||||||
|
|
||||||
Name: kdelibs
|
Name: kdelibs
|
||||||
Epoch: 6
|
Epoch: 6
|
||||||
@ -123,9 +123,17 @@ Patch104: kdelibs-4.6.5-kconfig_sync-2.patch
|
|||||||
Patch105: kdelibs-4.6.5-kconfig_sync-3.patch
|
Patch105: kdelibs-4.6.5-kconfig_sync-3.patch
|
||||||
|
|
||||||
## 4.7 upstream
|
## 4.7 upstream
|
||||||
# https://projects.kde.org/projects/kde/kdelibs/repository/revisions/865e5fa4108bb3f470b9424ec34dc573d97e2473
|
# http://commits.kde.org/kdelibs/865e5fa4108bb3f470b9424ec34dc573d97e2473
|
||||||
Patch150: kdelibs-fix_fd_leak_in_klockfile.patch
|
Patch150: kdelibs-fix_fd_leak_in_klockfile.patch
|
||||||
|
|
||||||
|
## 4.8 upstream
|
||||||
|
# fix KTar for archives created by git archive (kde#258737). Cumulative from:
|
||||||
|
# http://commits.kde.org/kdelibs/380587aa431789bec06ae5653234cbb952315fc4
|
||||||
|
# http://commits.kde.org/kdelibs/262cf5920c9c0d9619d384bcf0298615c2060b44
|
||||||
|
# http://commits.kde.org/kdelibs/762136bc525d84215bfbcbedc995431e8b66b181
|
||||||
|
# http://commits.kde.org/kdelibs/6e0d694b302b57883ed79a3b47c9d60bea20dc8e
|
||||||
|
Patch160: kdelibs-4.6.5-ktar-kde#258737.patch
|
||||||
|
|
||||||
|
|
||||||
## security fix
|
## security fix
|
||||||
# Not Upstreamed? why not ? -- Rex
|
# Not Upstreamed? why not ? -- Rex
|
||||||
@ -136,7 +144,7 @@ Patch202: kdelibs-4.6.5-CVE-2011-3365-kssl.patch
|
|||||||
# CVE-2010-0046, The Cascading Style Sheets (CSS) implementation in khtml/WebKit
|
# CVE-2010-0046, The Cascading Style Sheets (CSS) implementation in khtml/WebKit
|
||||||
# allows remote attackers to execute arbitrary code or cause a denial of service
|
# allows remote attackers to execute arbitrary code or cause a denial of service
|
||||||
# (memory corruption and application crash) via crafted format arguments.
|
# (memory corruption and application crash) via crafted format arguments.
|
||||||
Patch203: kdelibs-4.6.5-CVE-2010-0046.patch
|
Patch203: kdelibs-4.6.5-CVE-2010-0046.patch
|
||||||
|
|
||||||
## Fedora specific patches
|
## Fedora specific patches
|
||||||
# make forcefully hal-free build
|
# make forcefully hal-free build
|
||||||
@ -323,6 +331,9 @@ sed -i -e "s|@@VERSION_RELEASE@@|%{version}-%{release}|" kio/kio/kprotocolmanage
|
|||||||
# 4.7 backported patches
|
# 4.7 backported patches
|
||||||
%patch150 -p1 -b .fix_leak_in_klockfile
|
%patch150 -p1 -b .fix_leak_in_klockfile
|
||||||
|
|
||||||
|
# 4.8 backported patches
|
||||||
|
%patch160 -p1 -b .ktar-kde#258737
|
||||||
|
|
||||||
# security fix
|
# security fix
|
||||||
%patch200 -p1 -b .CVE-2009-2702
|
%patch200 -p1 -b .CVE-2009-2702
|
||||||
%patch201 -p1 -b .CVE-2011-3365-kio
|
%patch201 -p1 -b .CVE-2011-3365-kio
|
||||||
@ -578,6 +589,9 @@ rm -rf %{buildroot}
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Mar 09 2011 Kevin Kofler <Kevin@tigcc.ticalc.org> 4.6.5-11
|
||||||
|
- fix KTar for archives created by git archive (kde#258737)
|
||||||
|
|
||||||
* Fri Nov 18 2011 Rex Dieter <rdieter@fedoraproject.org> 4.6.5-10
|
* Fri Nov 18 2011 Rex Dieter <rdieter@fedoraproject.org> 4.6.5-10
|
||||||
- CVE-2010-0046, security issue in khtml
|
- CVE-2010-0046, security issue in khtml
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user