From 9e41969a620e26bea743e63c9c1f77d865f2142d Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 08 2022 06:55:39 +0000 Subject: import gdisk-1.0.3-11.el8 --- diff --git a/SOURCES/gdisk-CVE-2020-0256.patch b/SOURCES/gdisk-CVE-2020-0256.patch new file mode 100644 index 0000000..2c706ee --- /dev/null +++ b/SOURCES/gdisk-CVE-2020-0256.patch @@ -0,0 +1,43 @@ +From e44306f00bd12f4dca2db20eaba103ff2f260d87 Mon Sep 17 00:00:00 2001 +From: Rod Smith +Date: Mon, 14 Sep 2020 10:08:18 -0400 +Subject: [PATCH 1/2] Fix segfault on some weird data structures + +--- + gpt.cc | 13 ++++++++++++- + 1 file changed, 12 insertions(+), 1 deletion(-) + +diff --git a/gpt.cc b/gpt.cc +index 03a2156..d0242d3 100644 +--- a/gpt.cc ++++ b/gpt.cc +@@ -983,6 +983,14 @@ int GPTData::LoadHeader(struct GPTHeader *header, DiskIO & disk, uint64_t sector + } // if + *crcOk = CheckHeaderCRC(&tempHeader); + ++ if (tempHeader.sizeOfPartitionEntries != sizeof(GPTPart)) { ++ cerr << "Warning: Partition table header claims that the size of partition table\n"; ++ cerr << "entries is " << tempHeader.sizeOfPartitionEntries << " bytes, but this program "; ++ cerr << " supports only " << sizeof(GPTPart) << "-byte entries.\n"; ++ cerr << "Adjusting accordingly, but partition table may be garbage.\n"; ++ tempHeader.sizeOfPartitionEntries = sizeof(GPTPart); ++ } ++ + if (allOK && (numParts != tempHeader.numParts) && *crcOk) { + allOK = SetGPTSize(tempHeader.numParts, 0); + } +@@ -1000,7 +1008,10 @@ int GPTData::LoadPartitionTable(const struct GPTHeader & header, DiskIO & disk, + uint32_t sizeOfParts, newCRC; + int retval; + +- if (disk.OpenForRead()) { ++ if (header.sizeOfPartitionEntries != sizeof(GPTPart)) { ++ cerr << "Error! GPT header contains invalid partition entry size!\n"; ++ retval = 0; ++ } else if (disk.OpenForRead()) { + if (sector == 0) { + retval = disk.Seek(header.partitionEntriesLBA); + } else { +-- +2.35.1 + diff --git a/SOURCES/gdisk-CVE-2021-0308.patch b/SOURCES/gdisk-CVE-2021-0308.patch new file mode 100644 index 0000000..d41a3e3 --- /dev/null +++ b/SOURCES/gdisk-CVE-2021-0308.patch @@ -0,0 +1,27 @@ +From 28ac93e737ae4e2055ff23f2ea6021b1127b40a2 Mon Sep 17 00:00:00 2001 +From: Rod Smith +Date: Wed, 13 Jan 2021 10:29:24 -0500 +Subject: [PATCH 2/2] Fix bug that could cause crash if a badly-formatted MBR + disk was read. + +--- + basicmbr.cc | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/basicmbr.cc b/basicmbr.cc +index 8fbffd1..2da56db 100644 +--- a/basicmbr.cc ++++ b/basicmbr.cc +@@ -258,7 +258,8 @@ int BasicMBRData::ReadLogicalParts(uint64_t extendedStart, int partNum) { + if (EbrLocations[i] == offset) { // already read this one; infinite logical partition loop! + cerr << "Logical partition infinite loop detected! This is being corrected.\n"; + allOK = -1; +- partNum -= 1; ++ if (partNum > 0) //don't go negative ++ partNum -= 1; + } // if + } // for + EbrLocations[partNum] = offset; +-- +2.35.1 + diff --git a/SPECS/gdisk.spec b/SPECS/gdisk.spec index 6dea99a..2eca406 100644 --- a/SPECS/gdisk.spec +++ b/SPECS/gdisk.spec @@ -1,12 +1,14 @@ Summary: An fdisk-like partitioning tool for GPT disks Name: gdisk Version: 1.0.3 -Release: 9%{?dist} +Release: 11%{?dist} License: GPLv2 URL: http://www.rodsbooks.com/gdisk/ Group: System Environment/Base Source0: http://downloads.sourceforge.net/gptfdisk/gptfdisk-%{version}.tar.gz Patch0: gdisk-1.0.3-byteswap.patch +Patch1: gdisk-CVE-2020-0256.patch +Patch2: gdisk-CVE-2021-0308.patch BuildRequires: popt-devel BuildRequires: libuuid-devel BuildRequires: ncurses-devel @@ -20,6 +22,8 @@ tables, and the ability to convert MBR disks to GPT format. %prep %setup -q -n gptfdisk-%{version} %patch0 -p1 +%patch1 -p1 +%patch2 -p1 chmod 0644 gdisk_test.sh %build @@ -44,9 +48,17 @@ done %{_mandir}/man8/fixparts.8* %changelog -* Tue Mar 15 2022 Nikola Forró - 1.0.3-9 +* Tue Mar 15 2022 Nikola Forró - 1.0.3-11 - Fix double byteswap on big-endian systems also while reading partition names - related: #1899990 + resolves: #2065205 + +* Wed Mar 02 2022 Nikola Forró - 1.0.3-10 +- Fix CVE-2021-0308 + resolves: #2052364 + +* Wed Mar 02 2022 Nikola Forró - 1.0.3-9 +- Fix CVE-2020-0256 + resolves: #2052365 * Mon Oct 25 2021 Nikola Forró - 1.0.3-8 - Add upstream tests as a gating test