--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/libarchive/patches/CVE-2016-1541.patch Wed May 25 14:44:20 2016 -0700
@@ -0,0 +1,49 @@
+Fix for CVE-2016-1541.
+
+More information at:
+
+ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1541
+
+Patch based on committed changes at:
+
+ https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7
+
+and adjusted to work with the version of libarchive we currently have.
+
+--- libarchive-3.1.2/libarchive/archive_read_support_format_zip.c.orig 2016-05-25 07:28:45.920088332 -0700
++++ libarchive-3.1.2/libarchive/archive_read_support_format_zip.c 2016-05-25 07:32:19.394552995 -0700
+@@ -560,6 +560,11 @@
+
+ switch(rsrc->compression) {
+ case 0: /* No compression. */
++ if (rsrc->uncompressed_size != rsrc->compressed_size) {
++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
++ "Malformed OS X metadata entry: inconsistent size");
++ return (ARCHIVE_FATAL);
++ }
+ #ifdef HAVE_ZLIB_H
+ case 8: /* Deflate compression. */
+ #endif
+@@ -581,6 +586,13 @@
+ return (ARCHIVE_WARN);
+ }
+
++ if (rsrc->compressed_size > (4 * 1024 * 1024)) {
++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
++ "Mac metadata is too large: %jd > 4M bytes",
++ (intmax_t)rsrc->compressed_size);
++ return (ARCHIVE_WARN);
++ }
++
+ metadata = malloc((size_t)rsrc->uncompressed_size);
+ if (metadata == NULL) {
+ archive_set_error(&a->archive, ENOMEM,
+@@ -619,6 +631,8 @@
+ bytes_avail = remaining_bytes;
+ switch(rsrc->compression) {
+ case 0: /* No compression. */
++ if ((size_t)bytes_avail > metadata_bytes)
++ bytes_avail = metadata_bytes;
+ memcpy(mp, p, bytes_avail);
+ bytes_used = (size_t)bytes_avail;
+ metadata_bytes -= bytes_used;
--- a/components/libarchive/test/results-all.master Wed May 25 14:31:44 2016 -0700
+++ b/components/libarchive/test/results-all.master Wed May 25 14:44:20 2016 -0700
@@ -752,8 +752,8 @@
Exercising: bsdtar 3.1.2 - libarchive 3.1.2
0: test_0 ok
- 1: test_basic FAIL
- 2: test_copy FAIL
+ 1: test_basic ok
+ 2: test_copy ok
3: test_empty_mtree ok
4: test_extract_tar_bz2 ok
5: test_extract_tar_grz ok
@@ -768,10 +768,10 @@
14: test_help ok
15: test_option_a ok
16: test_option_b64encode ok
- 17: test_option_b FAIL
+ 17: test_option_b ok
18: test_option_C_upper ok
19: test_option_exclude ok
- 20: test_option_gid_gname FAIL
+ 20: test_option_gid_gname ok
21: test_option_grzip ok
22: test_option_H_upper ok
23: test_option_j ok
@@ -787,7 +787,7 @@
33: test_option_older_than ok
34: test_option_O_upper ok
35: test_option_q ok
- 36: test_option_r FAIL
+ 36: test_option_r ok
37: test_option_s ok
38: test_option_T_upper ok
39: test_option_uid_uname FAIL
@@ -806,17 +806,12 @@
Totals:
Tests run: 52
- Tests failed: 6
- Assertions failed: 916
+ Tests failed: 1
+ Assertions failed: 1
Skips reported: 8
Failing tests:
- 1: test_basic (14 failures)
- 2: test_copy (886 failures)
- 17: test_option_b (2 failures)
- 20: test_option_gid_gname (8 failures)
- 36: test_option_r (2 failures)
- 39: test_option_uid_uname (4 failures)
+ 39: test_option_uid_uname (1 failures)
Details for failing tests: build/test
@@ -830,7 +825,7 @@
Exercising: bsdcpio 3.1.2 -- libarchive 3.1.2
0: test_0 ok
- 1: test_basic FAIL
+ 1: test_basic ok
2: test_cmdline ok
3: test_extract_cpio_bz2 ok
4: test_extract_cpio_grz ok
@@ -847,7 +842,7 @@
15: test_option_a ok
16: test_option_b64encode ok
17: test_option_B_upper ok
- 18: test_option_c FAIL
+ 18: test_option_c ok
19: test_option_C_upper ok
20: test_option_d ok
21: test_option_f ok
@@ -874,18 +869,12 @@
Totals:
Tests run: 42
- Tests failed: 2
- Assertions failed: 16
+ Tests failed: 0
+ Assertions failed: 0
Skips reported: 6
-
-Failing tests:
- 1: test_basic (13 failures)
- 18: test_option_c (3 failures)
-
-Details for failing tests: build/test
-
-FAIL: bsdcpio_test
+42 tests passed, no failures
+PASS: bsdcpio_test
====================================================
-3 of 3 tests failed
+2 of 3 tests failed
Please report to [email protected]
====================================================