mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2026-05-05 20:36:40 +02:00
Code Issues Packages Projects Releases Wiki Activity

main/ncurses: fix CVE-2022-29458

Browse Source 
ncurses does not keep old tarballs.. the github mirror ones are
file-identical (only file access time differs, actual file contents are
bit identical)
This commit is contained in:
psykose 2022-07-16 00:27:58 +00:00
parent 022e00538f
commit 2b7c92e6f1
No known key found for this signature in database
2 changed files with 43 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
main/ncurses/APKBUILD
View File

@ -2,7 +2,8 @@
pkgname=ncurses
pkgver=6.2_p20210612
_ver=${pkgver/_p/-}
pkgrel=0
_mirror_commit=a50b059f71e787a32e396c0e5b40cee4230c997e
pkgrel=1
pkgdesc="Console display library"
url="https://invisible-island.net/ncurses/"
arch="all"
@ -11,10 +12,14 @@ license="MIT"
makedepends_build="ncurses"
subpackages="$pkgname-static $pkgname-dev $pkgname-doc $pkgname-libs
$pkgname-terminfo-base:base:noarch $pkgname-terminfo:terminfo:noarch"
source="https://invisible-mirror.net/archives/ncurses/current/ncurses-$_ver.tgz"
builddir="$srcdir"/ncurses-$_ver
source="$pkgname-$pkgver.tar.gz::https://github.com/mirror/ncurses/archive/$_mirror_commit.tar.gz
CVE-2022-29458.patch
"
builddir="$srcdir"/ncurses-$_mirror_commit
# secfixes:
# 6.2_p20210612-r1:
# - CVE-2022-29458
# 6.2_p20200530-r0:
# - CVE-2021-39537
# 6.1_p20180414-r0:
@ -113,5 +118,6 @@ static() {
}
sha512sums="
f86a1c145dab554d8fa0c9ecc53ee9382e7c77b3b0d7011a9f5310d4ad700cecdfe80f2f2196ed365700f0eb21e333a8e62ae39c28cfd16570a045036dc7eff7 ncurses-6.2-20210612.tgz
c0c0d61cf521918678de271fdbfe9d7cd6d25ef85e6c9b13bfe0954426fa936744789a94ea8ccb4b71208a25e2622a3de7c24e929b4aaa0aacfc7a2735022487 ncurses-6.2_p20210612.tar.gz
b7904866af8afc7a163151a803ca506981d87f58ce9a720a28c27aa6fa1ac1cf43dad8916a8265779ff2253d2dbacb2793733cadf44dbe10f6cf894944042708 CVE-2022-29458.patch
"

33
main/ncurses/CVE-2022-29458.patch Normal file
View File

@ -0,0 +1,33 @@
--- a/ncurses/tinfo/read_entry.c
+++ b/ncurses/tinfo/read_entry.c
@@ -145,6 +145,7 @@ convert_strings(char *buf, char **Strings, int count, int size, char *table)
{
int i;
char *p;
+ bool corrupt = FALSE;
for (i = 0; i < count; i++) {
if (IS_NEG1(buf + 2 * i)) {
@@ -154,8 +155,20 @@ convert_strings(char *buf, char **Strings, int count, int size, char *table)
} else if (MyNumber(buf + 2 * i) > size) {
Strings[i] = ABSENT_STRING;
} else {
- Strings[i] = (MyNumber(buf + 2 * i) + table);
- TR(TRACE_DATABASE, ("Strings[%d] = %s", i, _nc_visbuf(Strings[i])));
+ int nn = MyNumber(buf + 2 * i);
+ if (nn >= 0 && nn < size) {
+ Strings[i] = (nn + table);
+ TR(TRACE_DATABASE, ("Strings[%d] = %s", i,
+ _nc_visbuf(Strings[i])));
+ } else {
+ if (!corrupt) {
+ corrupt = TRUE;
+ TR(TRACE_DATABASE,
+ ("ignore out-of-range index %d to Strings[]", nn));
+ _nc_warning("corrupt data found in convert_strings");
+ }
+ Strings[i] = ABSENT_STRING;
+ }
}
/* make sure all strings are NUL terminated */