packages/libgit2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix CVE-2024-24577

Browse Source
This commit is contained in:
starlet-dx 2024-02-08 11:10:19 +08:00
parent e315708a0b
commit 546bec7511
2 changed files with 53 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
CVE-2024-24577.patch Normal file
View File

@ -0,0 +1,47 @@
From eb4c1716cd92bf56f2770653a915d5fc01eab8f3 Mon Sep 17 00:00:00 2001
From: Edward Thomson <ethomson@edwardthomson.com>
Date: Sat, 16 Dec 2023 11:19:07 +0000
Subject: [PATCH] index: correct index has_dir_name check
`has_dir_name` is used to check for directory/file collisions,
and attempts to determine whether the index contains a file with
a directory name that is a proper subset of the new index entry
that we're trying to add.
To determine directory name, the function would walk the path string
backwards to identify a `/`, stopping at the end of the string. However,
the function assumed that the strings did not start with a `/`. If the
paths contain only a single `/` at the beginning of the string, then the
function would continue the loop, erroneously, when they should have
stopped at the first character.
Correct the order of the tests to terminate properly.
Credit to Michael Rodler (@f0rki) and Amazon AWS Security.
---
src/index.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/src/index.c b/src/index.c
index 2b47e4d..80fa544 100644
--- a/src/index.c
+++ b/src/index.c
@@ -1114,10 +1114,13 @@ static int has_dir_name(git_index *index,
size_t len, pos;
for (;;) {
- if (*--slash == '/')
- break;
+ slash--;
+
if (slash <= entry->path)
return retval;
+
+ if (*slash == '/')
+ break;
}
len = slash - name;
--
2.33.0

7
libgit2.spec
View File

@ -1,6 +1,6 @@
Name: libgit2 Name: libgit2
Version: 0.27.8 Version: 0.27.8
Release: 7 Release: 8
Summary: portable, pure C implementation of the Git core methods Summary: portable, pure C implementation of the Git core methods
License: GPLv2 with exceptions License: GPLv2 with exceptions
URL: https://libgit2.org URL: https://libgit2.org
@ -11,6 +11,8 @@ Patch0002: CVE-2020-12278.patch
Patch0003: CVE-2020-12279.patch Patch0003: CVE-2020-12279.patch
Patch0004: Remove-error-prone-redundant-test.patch Patch0004: Remove-error-prone-redundant-test.patch
Patch0005: CVE-2023-22742.patch Patch0005: CVE-2023-22742.patch
# https://github.com/libgit2/libgit2/commit/eb4c1716cd92bf56f2770653a915d5fc01eab8f3
Patch0006: CVE-2024-24577.patch
BuildRequires: gcc cmake >= 2.8.11 ninja-build http-parser-devel libcurl-devel BuildRequires: gcc cmake >= 2.8.11 ninja-build http-parser-devel libcurl-devel
BuildRequires: libssh2-devel openssl-devel python3 zlib-devel BuildRequires: libssh2-devel openssl-devel python3 zlib-devel
@ -59,6 +61,9 @@ sed -i '/ADD_TEST(online/s/^/#/' tests/CMakeLists.txt
%{_includedir}/git2* %{_includedir}/git2*
%changelog %changelog
* Thu Feb 08 2024 yaoxin <yao_xin001@hoperun.com> - 0.27.8-8
- Fix CVE-2024-24577
* Thu Dec 14 2023 wangkai <13474090681@163.com> - 0.27.8-7 * Thu Dec 14 2023 wangkai <13474090681@163.com> - 0.27.8-7
- Fix CVE-2023-22742 - Fix CVE-2023-22742