diff --git a/SOURCES/0001-Fix-Perl-directory-install-path.patch b/SOURCES/0001-Fix-Perl-directory-install-path.patch index 0ca73e8..4a37735 100644 --- a/SOURCES/0001-Fix-Perl-directory-install-path.patch +++ b/SOURCES/0001-Fix-Perl-directory-install-path.patch @@ -1,7 +1,7 @@ From 1c6bd6e0085204425d7c687f2566cb9b13231e6e Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Fri, 17 Feb 2017 15:58:04 +0000 -Subject: [PATCH 01/12] Fix Perl directory install path. +Subject: [PATCH 01/14] Fix Perl directory install path. --- perl/Makefile.am | 2 +- diff --git a/SOURCES/0002-value-Set-errno-0-on-non-error-path-in-hivex_value_d.patch b/SOURCES/0002-value-Set-errno-0-on-non-error-path-in-hivex_value_d.patch index 32dd1b4..3b2cda3 100644 --- a/SOURCES/0002-value-Set-errno-0-on-non-error-path-in-hivex_value_d.patch +++ b/SOURCES/0002-value-Set-errno-0-on-non-error-path-in-hivex_value_d.patch @@ -1,7 +1,7 @@ From 6a4dac0da1f318a1114363b274fcee76e73fcccf Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 22 Sep 2014 15:08:44 +0100 -Subject: [PATCH 02/12] value: Set errno = 0 on non-error path in +Subject: [PATCH 02/14] value: Set errno = 0 on non-error path in hivex_value_data_cell_offset (RHBZ#1145056). hivex_value_data_cell_offset may return 0 to indicate that the data is diff --git a/SOURCES/0003-hivexml-Tidy-up-error-handling-and-printing.patch b/SOURCES/0003-hivexml-Tidy-up-error-handling-and-printing.patch index 0942640..f322e57 100644 --- a/SOURCES/0003-hivexml-Tidy-up-error-handling-and-printing.patch +++ b/SOURCES/0003-hivexml-Tidy-up-error-handling-and-printing.patch @@ -1,7 +1,7 @@ From 2cffe999c938a0bc67c3c6162ea4fc896af2dd22 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Mon, 22 Sep 2014 15:10:36 +0100 -Subject: [PATCH 03/12] hivexml: Tidy up error handling and printing. +Subject: [PATCH 03/14] hivexml: Tidy up error handling and printing. (cherry picked from commit 914d9b9a91babf0227989bc7ea00cf5e41ed7da4) --- diff --git a/SOURCES/0004-lib-Don-t-leak-errno-from-_hivex_recode-function.patch b/SOURCES/0004-lib-Don-t-leak-errno-from-_hivex_recode-function.patch index 21a442e..2335345 100644 --- a/SOURCES/0004-lib-Don-t-leak-errno-from-_hivex_recode-function.patch +++ b/SOURCES/0004-lib-Don-t-leak-errno-from-_hivex_recode-function.patch @@ -1,7 +1,7 @@ From 1d90ea86a0ac6c5863597880b33a18755aff819c Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Thu, 20 Nov 2014 21:37:19 +0000 -Subject: [PATCH 04/12] lib: Don't leak errno from _hivex_recode function. +Subject: [PATCH 04/14] lib: Don't leak errno from _hivex_recode function. If iconv returns E2BIG, that's an internal indication for us, and not an error. Don't leak the errno up to the user, as happened here: diff --git a/SOURCES/0005-handle-Refuse-to-open-files-8192-bytes-in-size.patch b/SOURCES/0005-handle-Refuse-to-open-files-8192-bytes-in-size.patch index b9e4483..d9e0c91 100644 --- a/SOURCES/0005-handle-Refuse-to-open-files-8192-bytes-in-size.patch +++ b/SOURCES/0005-handle-Refuse-to-open-files-8192-bytes-in-size.patch @@ -1,7 +1,7 @@ From ebcb61e3d88d99b929b4d8ccaad837a871c102d8 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Thu, 30 Oct 2014 13:50:39 +0000 -Subject: [PATCH 05/12] handle: Refuse to open files < 8192 bytes in size. +Subject: [PATCH 05/14] handle: Refuse to open files < 8192 bytes in size. These cannot be valid hives, since they don't contain a full header page and at least a single page of data (in other words they couldn't diff --git a/SOURCES/0006-handle-Check-that-pages-do-not-extend-beyond-the-end.patch b/SOURCES/0006-handle-Check-that-pages-do-not-extend-beyond-the-end.patch index 8e4f674..5ebc579 100644 --- a/SOURCES/0006-handle-Check-that-pages-do-not-extend-beyond-the-end.patch +++ b/SOURCES/0006-handle-Check-that-pages-do-not-extend-beyond-the-end.patch @@ -1,7 +1,7 @@ From 5c718aab579d693ea3169ab4d29b5c3bc9105aa1 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Thu, 30 Oct 2014 14:02:25 +0000 -Subject: [PATCH 06/12] handle: Check that pages do not extend beyond the end +Subject: [PATCH 06/14] handle: Check that pages do not extend beyond the end of the file. Thanks: Mahmoud Al-Qudsi diff --git a/SOURCES/0007-generator-Fix-a-spelling-mistake-in-the-documentatio.patch b/SOURCES/0007-generator-Fix-a-spelling-mistake-in-the-documentatio.patch index 161e615..49ace22 100644 --- a/SOURCES/0007-generator-Fix-a-spelling-mistake-in-the-documentatio.patch +++ b/SOURCES/0007-generator-Fix-a-spelling-mistake-in-the-documentatio.patch @@ -1,7 +1,7 @@ From 026a1a2e01795defcfe5b638347671e09fcec2b6 Mon Sep 17 00:00:00 2001 From: "Richard W.M. Jones" Date: Tue, 20 May 2014 10:48:40 +0100 -Subject: [PATCH 07/12] generator: Fix a spelling mistake in the documentation +Subject: [PATCH 07/14] generator: Fix a spelling mistake in the documentation (RHBZ#1099286). (cherry picked from commit cea8dbf029029a725768caa14ddc876f56bfd878) diff --git a/SOURCES/0008-add-HIVEX_OPEN_UNSAFE-flag.patch b/SOURCES/0008-add-HIVEX_OPEN_UNSAFE-flag.patch index 93c4e95..370604b 100644 --- a/SOURCES/0008-add-HIVEX_OPEN_UNSAFE-flag.patch +++ b/SOURCES/0008-add-HIVEX_OPEN_UNSAFE-flag.patch @@ -1,7 +1,7 @@ From 691f5532ab4138093cdd8c661aba7519b0b1e2ad Mon Sep 17 00:00:00 2001 From: Dawid Zamirski Date: Thu, 16 Feb 2017 18:17:22 -0500 -Subject: [PATCH 08/12] add HIVEX_OPEN_UNSAFE flag. +Subject: [PATCH 08/14] add HIVEX_OPEN_UNSAFE flag. This flag will be used to control behavior of libhivex API functions so that they tolerate corruption in hives by either using heuristic diff --git a/SOURCES/0009-lib-change-how-hbin-sections-are-read.patch b/SOURCES/0009-lib-change-how-hbin-sections-are-read.patch index e20e700..c83e06c 100644 --- a/SOURCES/0009-lib-change-how-hbin-sections-are-read.patch +++ b/SOURCES/0009-lib-change-how-hbin-sections-are-read.patch @@ -1,7 +1,7 @@ From f80b9b31f99ccdc06887c23dab46a37fc4f4ce74 Mon Sep 17 00:00:00 2001 From: Dawid Zamirski Date: Thu, 16 Feb 2017 18:17:23 -0500 -Subject: [PATCH 09/12] lib: change how hbin sections are read. +Subject: [PATCH 09/14] lib: change how hbin sections are read. Only when HIVEX_OPEN_UNSAFE flag is set: diff --git a/SOURCES/0010-lib-allow-to-walk-registry-with-corrupted-blocks.patch b/SOURCES/0010-lib-allow-to-walk-registry-with-corrupted-blocks.patch index c135032..fa51e09 100644 --- a/SOURCES/0010-lib-allow-to-walk-registry-with-corrupted-blocks.patch +++ b/SOURCES/0010-lib-allow-to-walk-registry-with-corrupted-blocks.patch @@ -1,7 +1,7 @@ From 8e187357f466c31a9e75ac4924b32bbf4823e73f Mon Sep 17 00:00:00 2001 From: Dawid Zamirski Date: Thu, 16 Feb 2017 18:17:24 -0500 -Subject: [PATCH 10/12] lib: allow to walk registry with corrupted blocks +Subject: [PATCH 10/14] lib: allow to walk registry with corrupted blocks Only when HIVEX_OPEN_UNSAFE flag is set. diff --git a/SOURCES/0011-hivexsh-add-u-flag-for-HIVEX_OPEN_UNSAFE.patch b/SOURCES/0011-hivexsh-add-u-flag-for-HIVEX_OPEN_UNSAFE.patch index 37fde1d..0e4c16c 100644 --- a/SOURCES/0011-hivexsh-add-u-flag-for-HIVEX_OPEN_UNSAFE.patch +++ b/SOURCES/0011-hivexsh-add-u-flag-for-HIVEX_OPEN_UNSAFE.patch @@ -1,7 +1,7 @@ From d4f5c255832391ba6132959d1ded57ce9286e7d6 Mon Sep 17 00:00:00 2001 From: Dawid Zamirski Date: Thu, 16 Feb 2017 18:17:25 -0500 -Subject: [PATCH 11/12] hivexsh: add -u flag for HIVEX_OPEN_UNSAFE. +Subject: [PATCH 11/14] hivexsh: add -u flag for HIVEX_OPEN_UNSAFE. and pass it to hivex_open. Additionally make hivex_value_value failures non-critical in this mode when iterating through node children/values. diff --git a/SOURCES/0012-hivexregedit-allow-to-pass-HIVEX_OPEN_UNSAFE.patch b/SOURCES/0012-hivexregedit-allow-to-pass-HIVEX_OPEN_UNSAFE.patch index 53a5aff..7760e48 100644 --- a/SOURCES/0012-hivexregedit-allow-to-pass-HIVEX_OPEN_UNSAFE.patch +++ b/SOURCES/0012-hivexregedit-allow-to-pass-HIVEX_OPEN_UNSAFE.patch @@ -1,7 +1,7 @@ From 362d5cd9b6527e4f9d3a3729afbe7cd90486c39d Mon Sep 17 00:00:00 2001 From: Dawid Zamirski Date: Thu, 16 Feb 2017 18:17:26 -0500 -Subject: [PATCH 12/12] hivexregedit: allow to pass HIVEX_OPEN_UNSAFE +Subject: [PATCH 12/14] hivexregedit: allow to pass HIVEX_OPEN_UNSAFE via new --unsafe flag. Also make --export catpure, log and skip over errors when reading subkeys/values so that export in unsafe mode does diff --git a/SOURCES/0013-lib-Increase-HIVEX_MAX_SUBKEYS-to-25000.patch b/SOURCES/0013-lib-Increase-HIVEX_MAX_SUBKEYS-to-25000.patch new file mode 100644 index 0000000..1e440d8 --- /dev/null +++ b/SOURCES/0013-lib-Increase-HIVEX_MAX_SUBKEYS-to-25000.patch @@ -0,0 +1,30 @@ +From 87410a2cdcfe6e3bf8822cd803c251a0de2156cd Mon Sep 17 00:00:00 2001 +From: "Richard W.M. Jones" +Date: Thu, 20 Nov 2014 20:47:50 +0000 +Subject: [PATCH 13/14] lib: Increase HIVEX_MAX_SUBKEYS to 25000. + +Thanks Nicolas Ecarnot who found a HKLM\SOFTWARE hive from a Windows +XP machine which had an nk containing 18254 subkeys ( > current limit +of 15000). + +(cherry picked from commit bec3f0bb632c4b84a1dfb73eb6333c2ba9834ffb) +--- + lib/hivex-internal.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/hivex-internal.h b/lib/hivex-internal.h +index bbca215..396d8d8 100644 +--- a/lib/hivex-internal.h ++++ b/lib/hivex-internal.h +@@ -320,7 +320,7 @@ extern int _hivex_get_values (hive_h *h, hive_node_h node, hive_value_h **values + } while (0) + + /* These limits are in place to stop really stupid stuff and/or exploits. */ +-#define HIVEX_MAX_SUBKEYS 15000 ++#define HIVEX_MAX_SUBKEYS 25000 + #define HIVEX_MAX_VALUES 10000 + #define HIVEX_MAX_VALUE_LEN 2000000 + #define HIVEX_MAX_ALLOCATION 1000000 +-- +1.8.3.1 + diff --git a/SOURCES/0014-Increase-HIVEX_MAX_SUBKEYS-and-HIVEX_MAX_VALUES.patch b/SOURCES/0014-Increase-HIVEX_MAX_SUBKEYS-and-HIVEX_MAX_VALUES.patch new file mode 100644 index 0000000..d51eafa --- /dev/null +++ b/SOURCES/0014-Increase-HIVEX_MAX_SUBKEYS-and-HIVEX_MAX_VALUES.patch @@ -0,0 +1,31 @@ +From d5ae3045970a815d2bdac768d6924b31f3b8b4ca Mon Sep 17 00:00:00 2001 +From: Matt Coleman +Date: Sat, 3 Dec 2016 15:25:43 -0500 +Subject: [PATCH 14/14] Increase HIVEX_MAX_SUBKEYS and HIVEX_MAX_VALUES + +This increases the defined limits based on counts observed in the +Microsoft\Windows NT\CurrentVersion subkey of the software hive. + +(cherry picked from commit 4b024fa031251fbeacb6ecf2821d8d027d59de0d) +--- + lib/hivex-internal.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/hivex-internal.h b/lib/hivex-internal.h +index 396d8d8..498d64f 100644 +--- a/lib/hivex-internal.h ++++ b/lib/hivex-internal.h +@@ -320,8 +320,8 @@ extern int _hivex_get_values (hive_h *h, hive_node_h node, hive_value_h **values + } while (0) + + /* These limits are in place to stop really stupid stuff and/or exploits. */ +-#define HIVEX_MAX_SUBKEYS 25000 +-#define HIVEX_MAX_VALUES 10000 ++#define HIVEX_MAX_SUBKEYS 70000 ++#define HIVEX_MAX_VALUES 55000 + #define HIVEX_MAX_VALUE_LEN 2000000 + #define HIVEX_MAX_ALLOCATION 1000000 + +-- +1.8.3.1 + diff --git a/SPECS/hivex.spec b/SPECS/hivex.spec index e1eacf2..501b05b 100644 --- a/SPECS/hivex.spec +++ b/SPECS/hivex.spec @@ -7,7 +7,7 @@ Name: hivex Version: 1.3.10 -Release: 6.9%{?dist} +Release: 6.10%{?dist} Summary: Read and write Windows Registry binary hive files License: LGPLv2 @@ -16,8 +16,8 @@ URL: http://libguestfs.org/ Source0: http://libguestfs.org/download/hivex/%{name}-%{version}.tar.gz # The RHEL 7 patches are stored in the upstream git repository, -# in the branch called 'rhel-7.4', ie: -# https://github.com/libguestfs/hivex/tree/rhel-7.4 +# in the branch called 'rhel-7.9', ie: +# https://github.com/libguestfs/hivex/tree/rhel-7.9 # Fix Perl directory install path. Patch0001: 0001-Fix-Perl-directory-install-path.patch @@ -41,6 +41,10 @@ Patch0010: 0010-lib-allow-to-walk-registry-with-corrupted-blocks.patch Patch0011: 0011-hivexsh-add-u-flag-for-HIVEX_OPEN_UNSAFE.patch Patch0012: 0012-hivexregedit-allow-to-pass-HIVEX_OPEN_UNSAFE.patch +# Increase limits on number of subkeys etc (RHBZ#1822889). +Patch0013: 0013-lib-Increase-HIVEX_MAX_SUBKEYS-to-25000.patch +Patch0014: 0014-Increase-HIVEX_MAX_SUBKEYS-and-HIVEX_MAX_VALUES.patch + # Patch generated code (because we can't assume we have OCaml on all # arches). To construct this you need to do 'make prep', run the # generator by hand, and diff before and after. @@ -296,6 +300,10 @@ rm $RPM_BUILD_ROOT%{python_sitearch}/libhivexmod.la %changelog +* Tue May 19 2020 Richard W.M. Jones - 1.3.10-6.10 +- Increase limits on number of subkeys etc. + resolves: rhbz#1822889 + * Tue Oct 10 2017 Richard W.M. Jones - 1.3.10-6.9 - Enable OCaml subpackage on s390x. resolves: rhbz#1447983