X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=src%2Fpatches%2Flzo-2.06-CVE-2014-4607.patch;fp=src%2Fpatches%2Flzo-2.06-CVE-2014-4607.patch;h=0000000000000000000000000000000000000000;hp=d22c406e087ca4e5bd01a41cdfd1a06772d9d0ae;hb=c1d98bbbb3e03643cae8500c6829cfeeab7c86a4;hpb=6f8a114146e76441c69c58af31b8f1ccd77718c1 diff --git a/src/patches/lzo-2.06-CVE-2014-4607.patch b/src/patches/lzo-2.06-CVE-2014-4607.patch deleted file mode 100644 index d22c406e08..0000000000 --- a/src/patches/lzo-2.06-CVE-2014-4607.patch +++ /dev/null @@ -1,245 +0,0 @@ -diff --git a/minilzo/minilzo.c b/minilzo/minilzo.c -index 34ce0f0..ecfdf66 100644 ---- a/minilzo/minilzo.c -+++ b/minilzo/minilzo.c -@@ -3547,6 +3547,8 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len, - #undef TEST_LBO - #undef NEED_IP - #undef NEED_OP -+#undef TEST_IV -+#undef TEST_OV - #undef HAVE_TEST_IP - #undef HAVE_TEST_OP - #undef HAVE_NEED_IP -@@ -3561,6 +3563,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len, - # if (LZO_TEST_OVERRUN_INPUT >= 2) - # define NEED_IP(x) \ - if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun -+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun - # endif - #endif - -@@ -3572,6 +3575,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len, - # undef TEST_OP - # define NEED_OP(x) \ - if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun -+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun - # endif - #endif - -@@ -3602,11 +3606,13 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len, - # define HAVE_NEED_IP 1 - #else - # define NEED_IP(x) ((void) 0) -+# define TEST_IV(x) ((void) 0) - #endif - #if defined(NEED_OP) - # define HAVE_NEED_OP 1 - #else - # define NEED_OP(x) ((void) 0) -+# define TEST_OV(x) ((void) 0) - #endif - - #if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP) -@@ -3687,6 +3693,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, - { - t += 255; - ip++; -+ TEST_IV(t); - NEED_IP(1); - } - t += 15 + *ip++; -@@ -3835,6 +3842,7 @@ match: - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += 31 + *ip++; -@@ -3879,6 +3887,7 @@ match: - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += 7 + *ip++; -@@ -4073,6 +4082,8 @@ lookbehind_overrun: - #undef TEST_LBO - #undef NEED_IP - #undef NEED_OP -+#undef TEST_IV -+#undef TEST_OV - #undef HAVE_TEST_IP - #undef HAVE_TEST_OP - #undef HAVE_NEED_IP -@@ -4087,6 +4098,7 @@ lookbehind_overrun: - # if (LZO_TEST_OVERRUN_INPUT >= 2) - # define NEED_IP(x) \ - if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun -+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun - # endif - #endif - -@@ -4098,6 +4110,7 @@ lookbehind_overrun: - # undef TEST_OP - # define NEED_OP(x) \ - if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun -+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun - # endif - #endif - -@@ -4128,11 +4141,13 @@ lookbehind_overrun: - # define HAVE_NEED_IP 1 - #else - # define NEED_IP(x) ((void) 0) -+# define TEST_IV(x) ((void) 0) - #endif - #if defined(NEED_OP) - # define HAVE_NEED_OP 1 - #else - # define NEED_OP(x) ((void) 0) -+# define TEST_OV(x) ((void) 0) - #endif - - #if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP) -@@ -4213,6 +4228,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, - { - t += 255; - ip++; -+ TEST_IV(t); - NEED_IP(1); - } - t += 15 + *ip++; -@@ -4361,6 +4377,7 @@ match: - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += 31 + *ip++; -@@ -4405,6 +4422,7 @@ match: - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += 7 + *ip++; -diff --git a/src/lzo1_d.ch b/src/lzo1_d.ch -index 40a5bfd..c442d9c 100644 ---- a/src/lzo1_d.ch -+++ b/src/lzo1_d.ch -@@ -76,6 +76,8 @@ - #undef TEST_LBO - #undef NEED_IP - #undef NEED_OP -+#undef TEST_IV -+#undef TEST_OV - #undef HAVE_TEST_IP - #undef HAVE_TEST_OP - #undef HAVE_NEED_IP -@@ -91,6 +93,7 @@ - # if (LZO_TEST_OVERRUN_INPUT >= 2) - # define NEED_IP(x) \ - if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun -+# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun - # endif - #endif - -@@ -102,6 +105,7 @@ - # undef TEST_OP /* don't need both of the tests here */ - # define NEED_OP(x) \ - if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun -+# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun - # endif - #endif - -@@ -135,11 +139,13 @@ - # define HAVE_NEED_IP 1 - #else - # define NEED_IP(x) ((void) 0) -+# define TEST_IV(x) ((void) 0) - #endif - #if defined(NEED_OP) - # define HAVE_NEED_OP 1 - #else - # define NEED_OP(x) ((void) 0) -+# define TEST_OV(x) ((void) 0) - #endif - - -diff --git a/src/lzo1b_d.ch b/src/lzo1b_d.ch -index fe5f361..36b4b6b 100644 ---- a/src/lzo1b_d.ch -+++ b/src/lzo1b_d.ch -@@ -187,6 +187,7 @@ match: - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += (M4_MIN_LEN - M3_MIN_LEN) + *ip++; -diff --git a/src/lzo1f_d.ch b/src/lzo1f_d.ch -index 9e942f5..0c2199e 100644 ---- a/src/lzo1f_d.ch -+++ b/src/lzo1f_d.ch -@@ -84,6 +84,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, - { - t += 255; - ip++; -+ TEST_IV(t); - NEED_IP(1); - } - t += 31 + *ip++; -@@ -138,6 +139,7 @@ match: - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += 31 + *ip++; -diff --git a/src/lzo1x_d.ch b/src/lzo1x_d.ch -index 49cf326..c804cc7 100644 ---- a/src/lzo1x_d.ch -+++ b/src/lzo1x_d.ch -@@ -120,6 +120,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, - { - t += 255; - ip++; -+ TEST_IV(t); - NEED_IP(1); - } - t += 15 + *ip++; -@@ -273,6 +274,7 @@ match: - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += 31 + *ip++; -@@ -317,6 +319,7 @@ match: - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += 7 + *ip++; -diff --git a/src/lzo2a_d.ch b/src/lzo2a_d.ch -index 48e51ca..954f07e 100644 ---- a/src/lzo2a_d.ch -+++ b/src/lzo2a_d.ch -@@ -131,6 +131,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, - { - t += 255; - ip++; -+ TEST_OV(t); - NEED_IP(1); - } - t += *ip++;