Fix CVE-2024-24577
This commit is contained in:
starlet-dx
parent
e315708a0b
commit
546bec7511
47
CVE-2024-24577.patch
Normal file
47
CVE-2024-24577.patch
Normal file
@ -0,0 +1,47 @@
|
||||
From eb4c1716cd92bf56f2770653a915d5fc01eab8f3 Mon Sep 17 00:00:00 2001
|
||||
From: Edward Thomson <ethomson@edwardthomson.com>
|
||||
Date: Sat, 16 Dec 2023 11:19:07 +0000
|
||||
Subject: [PATCH] index: correct index has_dir_name check
|
||||
|
||||
`has_dir_name` is used to check for directory/file collisions,
|
||||
and attempts to determine whether the index contains a file with
|
||||
a directory name that is a proper subset of the new index entry
|
||||
that we're trying to add.
|
||||
|
||||
To determine directory name, the function would walk the path string
|
||||
backwards to identify a `/`, stopping at the end of the string. However,
|
||||
the function assumed that the strings did not start with a `/`. If the
|
||||
paths contain only a single `/` at the beginning of the string, then the
|
||||
function would continue the loop, erroneously, when they should have
|
||||
stopped at the first character.
|
||||
|
||||
Correct the order of the tests to terminate properly.
|
||||
|
||||
Credit to Michael Rodler (@f0rki) and Amazon AWS Security.
|
||||
---
|
||||
src/index.c | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/index.c b/src/index.c
|
||||
index 2b47e4d..80fa544 100644
|
||||
--- a/src/index.c
|
||||
+++ b/src/index.c
|
||||
@@ -1114,10 +1114,13 @@ static int has_dir_name(git_index *index,
|
||||
size_t len, pos;
|
||||
|
||||
for (;;) {
|
||||
- if (*--slash == '/')
|
||||
- break;
|
||||
+ slash--;
|
||||
+
|
||||
if (slash <= entry->path)
|
||||
return retval;
|
||||
+
|
||||
+ if (*slash == '/')
|
||||
+ break;
|
||||
}
|
||||
len = slash - name;
|
||||
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
Name: libgit2
|
||||
Version: 0.27.8
|
||||
Release: 7
|
||||
Release: 8
|
||||
Summary: portable, pure C implementation of the Git core methods
|
||||
License: GPLv2 with exceptions
|
||||
URL: https://libgit2.org
|
||||
@ -11,6 +11,8 @@ Patch0002: CVE-2020-12278.patch
|
||||
Patch0003: CVE-2020-12279.patch
|
||||
Patch0004: Remove-error-prone-redundant-test.patch
|
||||
Patch0005: CVE-2023-22742.patch
|
||||
# https://github.com/libgit2/libgit2/commit/eb4c1716cd92bf56f2770653a915d5fc01eab8f3
|
||||
Patch0006: CVE-2024-24577.patch
|
||||
|
||||
BuildRequires: gcc cmake >= 2.8.11 ninja-build http-parser-devel libcurl-devel
|
||||
BuildRequires: libssh2-devel openssl-devel python3 zlib-devel
|
||||
@ -59,6 +61,9 @@ sed -i '/ADD_TEST(online/s/^/#/' tests/CMakeLists.txt
|
||||
%{_includedir}/git2*
|
||||
|
||||
%changelog
|
||||
* Thu Feb 08 2024 yaoxin <yao_xin001@hoperun.com> - 0.27.8-8
|
||||
- Fix CVE-2024-24577
|
||||
|
||||
* Thu Dec 14 2023 wangkai <13474090681@163.com> - 0.27.8-7
|
||||
- Fix CVE-2023-22742
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user