|
|
@@ -0,0 +1,40 @@
|
|
|
+From c9bc934e7e91d302e0feca6e713ccc38d6d01532 Mon Sep 17 00:00:00 2001
|
|
|
+From: =?UTF-8?q?Peter=20K=C3=A4stle?= <peter@piie.net>
|
|
|
+Date: Mon, 10 Mar 2025 16:43:04 +0100
|
|
|
+Subject: [PATCH] fix CVE-2025-1632 and CVE-2025-25724 (#2532)
|
|
|
+
|
|
|
+Hi,
|
|
|
+
|
|
|
+please find my approach to fix the CVE-2025-1632 and CVE-2025-25724
|
|
|
+vulnerabilities in this pr.
|
|
|
+As both error cases did trigger a NULL pointer deref (and triggered
|
|
|
+hopefully everywhere a coredump), we can safely replace the actual
|
|
|
+information by a predefined invalid string without breaking any
|
|
|
+functionality.
|
|
|
+
|
|
|
+CVE: CVE-2025-25724
|
|
|
+Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/c9bc934e7e91d302e0feca6e713ccc38d6d01532]
|
|
|
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
|
|
|
+---------
|
|
|
+
|
|
|
+Signed-off-by: Peter Kaestle <peter@piie.net>
|
|
|
+---
|
|
|
+ tar/util.c | 5 ++++-
|
|
|
+ 1 file changed, 4 insertions(+), 1 deletion(-)
|
|
|
+
|
|
|
+diff --git a/tar/util.c b/tar/util.c
|
|
|
+index 3b099cb5..f3cbdf0b 100644
|
|
|
+--- a/tar/util.c
|
|
|
++++ b/tar/util.c
|
|
|
+@@ -758,7 +758,10 @@ list_item_verbose(struct bsdtar *bsdtar, FILE *out, struct archive_entry *entry)
|
|
|
+ #else
|
|
|
+ ltime = localtime(&tim);
|
|
|
+ #endif
|
|
|
+- strftime(tmp, sizeof(tmp), fmt, ltime);
|
|
|
++ if (ltime)
|
|
|
++ strftime(tmp, sizeof(tmp), fmt, ltime);
|
|
|
++ else
|
|
|
++ sprintf(tmp, "-- -- ----");
|
|
|
+ fprintf(out, " %s ", tmp);
|
|
|
+ safe_fprintf(out, "%s", archive_entry_pathname(entry));
|
|
|
+
|
Peter Marko