[OE-core] [PATCH 20/24] libarchive: upgrade 3.4.0 -> 3.4.1

Wed Jan 29 09:07:34 UTC 2020

Signed-off-by: Alexander Kanavin <alex.kanavin at gmail.com>
---
 .../libarchive/CVE-2019-19221.patch           | 101 ------------------
 ...ibarchive_3.4.0.bb => libarchive_3.4.1.bb} |   8 +-
 2 files changed, 3 insertions(+), 106 deletions(-)
 delete mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2019-19221.patch
 rename meta/recipes-extended/libarchive/{libarchive_3.4.0.bb => libarchive_3.4.1.bb} (91%)

diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2019-19221.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2019-19221.patch
deleted file mode 100644
index b57e87874fe..00000000000
--- a/meta/recipes-extended/libarchive/libarchive/CVE-2019-19221.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From 22b1db9d46654afc6f0c28f90af8cdc84a199f41 Mon Sep 17 00:00:00 2001
-From: Martin Matuska <martin at matuska.org>
-Date: Thu, 21 Nov 2019 03:08:40 +0100
-Subject: [PATCH] Bugfix and optimize archive_wstring_append_from_mbs()
-
-The cal to mbrtowc() or mbtowc() should read up to mbs_length
-bytes and not wcs_length. This avoids out-of-bounds reads.
-
-mbrtowc() and mbtowc() return (size_t)-1 wit errno EILSEQ when
-they encounter an invalid multibyte character and (size_t)-2 when
-they they encounter an incomplete multibyte character. As we return
-failure and all our callers error out it makes no sense to continue
-parsing mbs.
-
-As we allocate `len` wchars at the beginning and each wchar has
-at least one byte, there will never be need to grow the buffer,
-so the code can be left out. On the other hand, we are always
-allocatng more memory than we need.
-
-As long as wcs_length == mbs_length == len we can omit wcs_length.
-We keep the old code commented if we decide to save memory and
-use autoexpanding wcs_length in the future.
-
-Fixes #1276
-
-Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/22b1db9d46654afc6f0c28f90af8cdc84a199f41]
-CVE: CVE-2019-19221
-Signed-off-by: Anuj Mittal <anuj.mittal at intel.com>
----
- libarchive/archive_string.c | 28 +++++++++++++++++-----------
- 1 file changed, 17 insertions(+), 11 deletions(-)
-
-diff --git a/libarchive/archive_string.c b/libarchive/archive_string.c
-index 979a418b6..bd39c96f1 100644
---- a/libarchive/archive_string.c
-+++ b/libarchive/archive_string.c
-@@ -591,7 +591,7 @@ archive_wstring_append_from_mbs(struct archive_wstring *dest,
- 	 * No single byte will be more than one wide character,
- 	 * so this length estimate will always be big enough.
- 	 */
--	size_t wcs_length = len;
-+	// size_t wcs_length = len;
- 	size_t mbs_length = len;
- 	const char *mbs = p;
- 	wchar_t *wcs;
-@@ -600,7 +600,11 @@ archive_wstring_append_from_mbs(struct archive_wstring *dest,
- 
- 	memset(&shift_state, 0, sizeof(shift_state));
- #endif
--	if (NULL == archive_wstring_ensure(dest, dest->length + wcs_length + 1))
-+	/*
-+	 * As we decided to have wcs_length == mbs_length == len
-+	 * we can use len here instead of wcs_length
-+	 */
-+	if (NULL == archive_wstring_ensure(dest, dest->length + len + 1))
- 		return (-1);
- 	wcs = dest->s + dest->length;
- 	/*
-@@ -609,6 +613,12 @@ archive_wstring_append_from_mbs(struct archive_wstring *dest,
- 	 * multi bytes.
- 	 */
- 	while (*mbs && mbs_length > 0) {
-+		/*
-+		 * The buffer we allocated is always big enough.
-+		 * Keep this code path in a comment if we decide to choose
-+		 * smaller wcs_length in the future
-+		 */
-+/*
- 		if (wcs_length == 0) {
- 			dest->length = wcs - dest->s;
- 			dest->s[dest->length] = L'\0';
-@@ -618,24 +628,20 @@ archive_wstring_append_from_mbs(struct archive_wstring *dest,
- 				return (-1);
- 			wcs = dest->s + dest->length;
- 		}
-+*/
- #if HAVE_MBRTOWC
--		r = mbrtowc(wcs, mbs, wcs_length, &shift_state);
-+		r = mbrtowc(wcs, mbs, mbs_length, &shift_state);
- #else
--		r = mbtowc(wcs, mbs, wcs_length);
-+		r = mbtowc(wcs, mbs, mbs_length);
- #endif
- 		if (r == (size_t)-1 || r == (size_t)-2) {
- 			ret_val = -1;
--			if (errno == EILSEQ) {
--				++mbs;
--				--mbs_length;
--				continue;
--			} else
--				break;
-+			break;
- 		}
- 		if (r == 0 || r > mbs_length)
- 			break;
- 		wcs++;
--		wcs_length--;
-+		// wcs_length--;
- 		mbs += r;
- 		mbs_length -= r;
- 	}
diff --git a/meta/recipes-extended/libarchive/libarchive_3.4.0.bb b/meta/recipes-extended/libarchive/libarchive_3.4.1.bb
similarity index 91%
rename from meta/recipes-extended/libarchive/libarchive_3.4.0.bb
rename to meta/recipes-extended/libarchive/libarchive_3.4.1.bb
index 755a9c7fa40..2d33dd80ab8 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.4.0.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.4.1.bb
@@ -31,12 +31,10 @@ PACKAGECONFIG[lz4] = "--with-lz4,--without-lz4,lz4,"
 
 EXTRA_OECONF += "--enable-largefile"
 
-SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \
-           file://CVE-2019-19221.patch \
-"
+SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz"
 
-SRC_URI[md5sum] = "6046396255bd7cf6d0f6603a9bda39ac"
-SRC_URI[sha256sum] = "8643d50ed40c759f5412a3af4e353cffbce4fdf3b5cf321cb72cacf06b2d825e"
+SRC_URI[md5sum] = "59bff5ee6216cbb76c8354f6dd6f5a5a"
+SRC_URI[sha256sum] = "fcf87f3ad8db2e4f74f32526dee62dd1fb9894782b0a503a89c9d7a70a235191"
 
 inherit autotools update-alternatives pkgconfig
 
-- 
2.25.0

