[OE-core] [PATCH] cpio: remove unused CVE patch
changqing.li at windriver.com
changqing.li at windriver.com
Fri Dec 27 08:08:05 UTC 2019
From: Changqing Li <changqing.li at windriver.com>
According to the home page, https://www.gnu.org/software/cpio/,
CVE-2015-1197 have been fix in version 2.13, so removed
this patch get from SUSE
Signed-off-by: Changqing Li <changqing.li at windriver.com>
---
.../cpio/cpio-2.13/0001-Fix-CVE-2015-1197.patch | 178 ---------------------
meta/recipes-extended/cpio/cpio_2.13.bb | 1 -
2 files changed, 179 deletions(-)
delete mode 100644 meta/recipes-extended/cpio/cpio-2.13/0001-Fix-CVE-2015-1197.patch
diff --git a/meta/recipes-extended/cpio/cpio-2.13/0001-Fix-CVE-2015-1197.patch b/meta/recipes-extended/cpio/cpio-2.13/0001-Fix-CVE-2015-1197.patch
deleted file mode 100644
index 5c99919..0000000
--- a/meta/recipes-extended/cpio/cpio-2.13/0001-Fix-CVE-2015-1197.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-From dcee489f821c1260a0136fcdfdb6ff4dd11086ac Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex.kanavin at gmail.com>
-Date: Wed, 9 Dec 2015 17:58:03 +0200
-Subject: [PATCH] Fix CVE-2015-1197
-
-Apply patch by Vitezslav Cizek of SuSE to fix CVE-2015-1197.
-Upstream is dormant or no longer existing. To restore the old
-behaviour use --extract-over-symlinks (Closes: #774669)
-This issue has been discovered by Alexander Cherepanov.
-Author: Vitezslav Cizek <vcizek at suse.cz>
-Bug-Debian: https://bugs.debian.org/774669
-
-Upstream-Status: Pending
-CVE: CVE-2015-1197
-Signed-off-by: Robert Yang <liezhi.yang at windriver.com>
-Signed-off-by: Alexander Kanavin <alex.kanavin at gmail.com>
-
----
- doc/cpio.1 | 1 +
- src/copyin.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- src/extern.h | 1 +
- src/global.c | 3 +++
- src/main.c | 7 +++++++
- 5 files changed, 74 insertions(+)
-
-diff --git a/doc/cpio.1 b/doc/cpio.1
-index 2a68241..dc4676c 100644
---- a/doc/cpio.1
-+++ b/doc/cpio.1
-@@ -49,6 +49,7 @@ cpio \- copy files to and from archives
- [\fB\-\-no\-preserve\-owner\fR] [\fB\-\-message=\fIMESSAGE\fR]
- [\fB\-\-force\-local\fR] [\fB\-\-no\-absolute\-filenames\fR] [\fB\-\-sparse\fR]
- [\fB\-\-only\-verify\-crc\fR] [\fB\-\-to\-stdout\fR] [\fB\-\-quiet\fR]
-+[\fB\-\-extract\-over\-symlinks\fR]
- [\fB\-\-rsh\-command=\fICOMMAND\fR]
- [\fIpattern\fR...] [\fB<\fR \fIarchive\fR]
-
-diff --git a/src/copyin.c b/src/copyin.c
-index cde911e..053afe7 100644
---- a/src/copyin.c
-+++ b/src/copyin.c
-@@ -695,6 +695,51 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
- free (link_name);
- }
-
-+
-+static int
-+path_contains_symlink(char *path)
-+{
-+ struct stat st;
-+ char *slash;
-+ char *nextslash;
-+
-+ /* we got NULL pointer or empty string */
-+ if (!path || !*path) {
-+ return false;
-+ }
-+
-+ slash = path;
-+
-+ while ((nextslash = strchr(slash + 1, '/')) != NULL) {
-+ slash = nextslash;
-+ *slash = '\0';
-+
-+ if (lstat(path, &st) != 0) {
-+ if (errno == ELOOP) {
-+ /* ELOOP - too many symlinks */
-+ *slash = '/';
-+ return true;
-+ } else if (errno == ENOMEM) {
-+ /* No memory for lstat - terminate */
-+ xalloc_die();
-+ } else {
-+ /* cannot lstat path - give up */
-+ *slash = '/';
-+ return false;
-+ }
-+ }
-+
-+ if (S_ISLNK(st.st_mode)) {
-+ *slash = '/';
-+ return true;
-+ }
-+
-+ *slash = '/';
-+ }
-+
-+ return false;
-+}
-+
- static void
- copyin_file (struct cpio_file_stat *file_hdr, int in_file_des)
- {
-@@ -1468,6 +1513,23 @@ process_copy_in ()
- {
- /* Copy the input file into the directory structure. */
-
-+ /* Can we write files over symlinks? */
-+ if (!extract_over_symlinks)
-+ {
-+ if (path_contains_symlink(file_hdr.c_name))
-+ {
-+ /* skip the file */
-+ /*
-+ fprintf(stderr, "Can't write over symlinks. Skipping %s\n", file_hdr.c_name);
-+ tape_toss_input (in_file_des, file_hdr.c_filesize);
-+ tape_skip_padding (in_file_des, file_hdr.c_filesize);
-+ continue;
-+ */
-+ /* terminate */
-+ error (1, 0, _("Can't write over symlinks: %s\n"), file_hdr.c_name);
-+ }
-+ }
-+
- /* Do we need to rename the file? */
- if (rename_flag || rename_batch_file)
- {
-diff --git a/src/extern.h b/src/extern.h
-index e27d662..d864bde 100644
---- a/src/extern.h
-+++ b/src/extern.h
-@@ -96,6 +96,7 @@ extern char input_is_special;
- extern char output_is_special;
- extern char input_is_seekable;
- extern char output_is_seekable;
-+extern bool extract_over_symlinks;
- extern int (*xstat) ();
- extern void (*copy_function) ();
- extern char *change_directory_option;
-diff --git a/src/global.c b/src/global.c
-index 57e505a..336fce4 100644
---- a/src/global.c
-+++ b/src/global.c
-@@ -187,6 +187,9 @@ bool to_stdout_option = false;
- /* The name this program was run with. */
- char *program_name;
-
-+/* Extract files over symbolic links */
-+bool extract_over_symlinks;
-+
- /* A pointer to either lstat or stat, depending on whether
- dereferencing of symlinks is done for input files. */
- int (*xstat) ();
-diff --git a/src/main.c b/src/main.c
-index a13861f..87cb309 100644
---- a/src/main.c
-+++ b/src/main.c
-@@ -59,6 +59,7 @@ enum cpio_options {
- DEBUG_OPTION,
- BLOCK_SIZE_OPTION,
- TO_STDOUT_OPTION,
-+ EXTRACT_OVER_SYMLINKS,
- RENUMBER_INODES_OPTION,
- IGNORE_DEVNO_OPTION,
- DEVICE_INDEPENDENT_OPTION
-@@ -243,6 +244,8 @@ static struct argp_option options[] = {
- N_("Create leading directories where needed"), GRID+1 },
- {"no-preserve-owner", NO_PRESERVE_OWNER_OPTION, 0, 0,
- N_("Do not change the ownership of the files"), GRID+1 },
-+ {"extract-over-symlinks", EXTRACT_OVER_SYMLINKS, 0, 0,
-+ N_("Force writing over symbolic links"), GRID+1 },
- {"unconditional", 'u', NULL, 0,
- N_("Replace all files unconditionally"), GRID+1 },
- {"sparse", SPARSE_OPTION, NULL, 0,
-@@ -432,6 +435,10 @@ crc newc odc bin ustar tar (all-caps also recognized)"), arg));
- no_chown_flag = true;
- break;
-
-+ case EXTRACT_OVER_SYMLINKS: /* --extract-over-symlinks */
-+ extract_over_symlinks = true;
-+ break;
-+
- case 'o': /* Copy-out mode. */
- if (copy_function != 0)
- USAGE_ERROR ((0, 0, _("Mode already defined")));
---
-2.6.2
-
diff --git a/meta/recipes-extended/cpio/cpio_2.13.bb b/meta/recipes-extended/cpio/cpio_2.13.bb
index 69615a9..ecea8c6 100644
--- a/meta/recipes-extended/cpio/cpio_2.13.bb
+++ b/meta/recipes-extended/cpio/cpio_2.13.bb
@@ -8,7 +8,6 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
- file://0001-Fix-CVE-2015-1197.patch \
"
SRC_URI[md5sum] = "389c5452d667c23b5eceb206f5000810"
--
2.7.4
More information about the Openembedded-core
mailing list