[packages/lshw] - fixed buffer overflow in FAT superblock parsing

[adwol]

commit 26b7ea168f36d7fc6a7d50f70401096a4f28050d
Author: Adam Osuchowski <adwol at pld-linux.org>
Date:   Mon Jan 12 01:55:10 2015 +0100

    - fixed buffer overflow in FAT superblock parsing

 lshw-buffer_overflow.patch | 19 +++++++++++++++++++
 lshw.spec                  |  2 ++
 2 files changed, 21 insertions(+)
---
diff --git a/lshw.spec b/lshw.spec
index 86c6ef5..99bd78b 100644
--- a/lshw.spec
+++ b/lshw.spec
@@ -17,6 +17,7 @@ Source0:	http://ezix.org/software/files/%{name}-%{version}.tar.gz
 Patch0:		%{name}-gcc.patch
 Patch1:		sanity.patch
 Patch2:		hwdata.patch
+Patch3:		%{name}-buffer_overflow.patch
 URL:		http://ezix.org/project/wiki/HardwareLiSter
 %{?with_gui:BuildRequires:	gtk+2-devel >= 1:2.0}
 BuildRequires:	libstdc++-devel
@@ -70,6 +71,7 @@ lshw w wersji GTK+.
 %patch0 -p0
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
 
 %build
 %{__make} -C src \
diff --git a/lshw-buffer_overflow.patch b/lshw-buffer_overflow.patch
new file mode 100644
index 0000000..c5ad9c1
--- /dev/null
+++ b/lshw-buffer_overflow.patch
@@ -0,0 +1,19 @@
+diff -ruN lshw-B.02.17.orig/src/core/fat.cc lshw-B.02.17/src/core/fat.cc
+--- lshw-B.02.17.orig/src/core/fat.cc	2012-02-22 14:39:44.000000000 +0100
++++ lshw-B.02.17/src/core/fat.cc	2015-01-12 01:51:40.710213032 +0100
+@@ -65,6 +65,7 @@
+ 			uint8_t magic[8];
+ 			uint8_t dummy2[192];
+ 			uint8_t pmagic[2];
++			uint8_t dummy3[256];
+ 		} __attribute__((__packed__)) fat;
+ 		struct fat32_super_block {
+ 			uint32_t fat32_length;
+@@ -80,6 +81,7 @@
+ 			uint8_t magic[8];
+ 			uint8_t dummy2[164];
+ 			uint8_t pmagic[2];
++			uint8_t dummy3[256];
+ 		} __attribute__((__packed__)) fat32;
+ 	} __attribute__((__packed__)) type;
+ } __attribute__((__packed__));
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/lshw.git/commitdiff/26b7ea168f36d7fc6a7d50f70401096a4f28050d