Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/dev-util/xdelta/files/01_bigger_print_buffers.patch
diff options
context:
space:
mode:
Diffstat (limited to 'dev-util/xdelta/files/01_bigger_print_buffers.patch')
-rw-r--r--dev-util/xdelta/files/01_bigger_print_buffers.patch83
1 files changed, 83 insertions, 0 deletions
diff --git a/dev-util/xdelta/files/01_bigger_print_buffers.patch b/dev-util/xdelta/files/01_bigger_print_buffers.patch
new file mode 100644
index 000000000000..85e098c768f8
--- /dev/null
+++ b/dev-util/xdelta/files/01_bigger_print_buffers.patch
@@ -0,0 +1,83 @@
+From: Paul Jackson <pj@usa.net>, Paul Jackson <thepythoniccow@gmail.com>
+
+xdelta3 (version 3.0.0) has numerous sprintf and strcpy calls that
+write into 32 byte char buffers that are on the stack or are static
+allocations. With sufficiently large files, these strings can overflow
+the 32 char buffers, and some recent gnu libc versions will detect this
+and immediately abort with the error "*** buffer overflow detected ***"
+
+This patch, the first of three, is the only essential patch for this fix.
+It increases the 32 byte stack buffers to 48 bytes each.
+
+The subsequent two patches will replace sprintf calls with snprintf,
+to safely avoid overflowing these stack buffers in all cases, and will
+fix a hang caused by not properly closing and flushing pipes.
+
+---
+ xdelta3-blkcache.h | 10 +++++-----
+ xdelta3-main.h | 14 +++++++-------
+ 2 files changed, 12 insertions(+), 12 deletions(-)
+
+--- xdelta3.0.0.orig/xdelta3-blkcache.h 2012-03-26 22:55:03.447784216 -0500
++++ xdelta3.0.0/xdelta3-blkcache.h 2012-03-26 23:22:54.871899533 -0500
+@@ -233,11 +233,11 @@ main_set_source (xd3_stream *stream, xd3
+
+ if (option_verbose)
+ {
+- static char srcszbuf[32];
+- static char srccntbuf[32];
+- static char winszbuf[32];
+- static char blkszbuf[32];
+- static char nbufs[32];
++ static char srcszbuf[48];
++ static char srccntbuf[48];
++ static char winszbuf[48];
++ static char blkszbuf[48];
++ static char nbufs[48];
+
+ if (sfile->size_known)
+ {
+--- xdelta3.0.0.orig/xdelta3-main.h 2012-03-26 22:55:03.455784458 -0500
++++ xdelta3.0.0/xdelta3-main.h 2012-03-26 23:22:54.859899160 -0500
+@@ -633,7 +633,7 @@ static char*
+ main_format_rate (xoff_t bytes, long millis, char *buf)
+ {
+ xoff_t r = (xoff_t)(1.0 * bytes / (1.0 * millis / 1000.0));
+- static char lbuf[32];
++ static char lbuf[48];
+
+ main_format_bcnt (r, lbuf);
+ sprintf (buf, "%s/s", lbuf);
+@@ -2954,7 +2954,7 @@ static usize_t
+ main_get_winsize (main_file *ifile) {
+ xoff_t file_size = 0;
+ usize_t size = option_winsize;
+- static char iszbuf[32];
++ static char iszbuf[48];
+
+ if (main_file_stat (ifile, &file_size) == 0)
+ {
+@@ -3328,10 +3328,10 @@ main_input (xd3_cmd cmd,
+
+ if (option_verbose)
+ {
+- char rrateavg[32], wrateavg[32], tm[32];
+- char rdb[32], wdb[32];
+- char trdb[32], twdb[32];
+- char srcpos[32];
++ char rrateavg[48], wrateavg[48], tm[48];
++ char rdb[48], wdb[48];
++ char trdb[48], twdb[48];
++ char srcpos[48];
+ long millis = get_millisecs_since ();
+ usize_t this_read = (usize_t)(stream.total_in -
+ last_total_in);
+@@ -3460,7 +3460,7 @@ done:
+
+ if (option_verbose)
+ {
+- char tm[32];
++ char tm[48];
+ long end_time = get_millisecs_now ();
+ xoff_t nwrite = ofile != NULL ? ofile->nwrite : 0;
+