[packages/qemu] - CVE-2018-20815 fix

[adwol]

commit d60e942007553c4d766342168f8b64c7b14e6af7
Author: Adam Osuchowski <adwol at pld-linux.org>
Date:   Thu Mar 28 13:55:34 2019 +0100

    - CVE-2018-20815 fix

 qemu-CVE-2018-20815.patch | 13 +++++++++++++
 qemu.spec                 |  2 ++
 2 files changed, 15 insertions(+)
---
diff --git a/qemu.spec b/qemu.spec
index d1b2766..98eb35a 100644
--- a/qemu.spec
+++ b/qemu.spec
@@ -60,6 +60,7 @@ Patch2:		%{name}-user-execve.patch
 Patch3:		%{name}-xattr.patch
 Patch4:		libjpeg-boolean.patch
 Patch5:		x32.patch
+Patch6:		%{name}-CVE-2018-20815.patch
 URL:		http://www.qemu-project.org/
 %{?with_gl:BuildRequires:	OpenGL-GLX-devel}
 %{?with_gl:BuildRequires:	OpenGL-devel}
@@ -828,6 +829,7 @@ Moduł QEMU dla urządeń blokowych typu 'ssh'.
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 
 # workaround for conflict with alsa/error.h
 ln -s ../error.h qapi/error.h
diff --git a/qemu-CVE-2018-20815.patch b/qemu-CVE-2018-20815.patch
new file mode 100644
index 0000000..430ac3c
--- /dev/null
+++ b/qemu-CVE-2018-20815.patch
@@ -0,0 +1,13 @@
+diff --git a/device_tree.c b/device_tree.c
+index 6d9c972..296278e 100644
+--- a/device_tree.c
++++ b/device_tree.c
+@@ -91,7 +91,7 @@ void *load_device_tree(const char *filename_path, int *sizep)
+     /* First allocate space in qemu for device tree */
+     fdt = g_malloc0(dt_size);
+ 
+-    dt_file_load_size = load_image(filename_path, fdt);
++    dt_file_load_size = load_image_size(filename_path, fdt, dt_size);
+     if (dt_file_load_size < 0) {
+         error_report("Unable to open device tree file '%s'",
+                      filename_path);
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/qemu.git/commitdiff/d60e942007553c4d766342168f8b64c7b14e6af7