Skip to content

Commit f425ed6

Browse files
jslobodzianjslobodzian
committed
Patch cmake for CVE-2024-48615 [High] (#13286)
(cherry picked from commit d684433)
1 parent 9af6b0b commit f425ed6

4 files changed

Lines changed: 88 additions & 5 deletions

File tree

SPECS/cmake/CVE-2024-48615.patch

Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
From 73e4f2971e74282d723e8963a30d0a4b35509e39 Mon Sep 17 00:00:00 2001
2+
From: kavyasree <kkaitepalli@microsoft.com>
3+
Date: Mon, 7 Apr 2025 11:46:42 +0530
4+
Subject: [PATCH] Error handling in __archive_read_ahead
5+
Reference: https://github.com/libarchive/libarchive/commit/565b5aea491671ae33df1ca63697c10d54c00165
6+
---
7+
.../archive_read_support_format_tar.c | 17 +++++++----------
8+
1 file changed, 7 insertions(+), 10 deletions(-)
9+
10+
diff --git a/Utilities/cmlibarchive/libarchive/archive_read_support_format_tar.c b/Utilities/cmlibarchive/libarchive/archive_read_support_format_tar.c
11+
index c63d46fc..3e0af9f8 100644
12+
--- a/Utilities/cmlibarchive/libarchive/archive_read_support_format_tar.c
13+
+++ b/Utilities/cmlibarchive/libarchive/archive_read_support_format_tar.c
14+
@@ -621,8 +621,6 @@ archive_read_format_tar_read_data(struct archive_read *a,
15+
}
16+
17+
*buff = __archive_read_ahead(a, 1, &bytes_read);
18+
- if (bytes_read < 0)
19+
- return (ARCHIVE_FATAL);
20+
if (*buff == NULL) {
21+
archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
22+
"Truncated tar archive");
23+
@@ -707,13 +705,11 @@ tar_read_header(struct archive_read *a, struct tar *tar,
24+
25+
/* Read 512-byte header record */
26+
h = __archive_read_ahead(a, 512, &bytes);
27+
- if (bytes < 0)
28+
- return ((int)bytes);
29+
if (bytes == 0) { /* EOF at a block boundary. */
30+
/* Some writers do omit the block of nulls. <sigh> */
31+
return (ARCHIVE_EOF);
32+
}
33+
- if (bytes < 512) { /* Short block at EOF; this is bad. */
34+
+ if (h == NULL) { /* Short block at EOF; this is bad. */
35+
archive_set_error(&a->archive,
36+
ARCHIVE_ERRNO_FILE_FORMAT,
37+
"Truncated tar archive");
38+
@@ -1449,6 +1445,9 @@ read_mac_metadata_blob(struct archive_read *a, struct tar *tar,
39+
*/
40+
data = __archive_read_ahead(a, (size_t)size, NULL);
41+
if (data == NULL) {
42+
+ archive_set_error(&a->archive, EINVAL,
43+
+ "Truncated archive"
44+
+ " detected while reading macOS metadata");
45+
*unconsumed = 0;
46+
return (ARCHIVE_FATAL);
47+
}
48+
@@ -2317,9 +2316,7 @@ gnu_sparse_old_read(struct archive_read *a, struct tar *tar,
49+
do {
50+
tar_flush_unconsumed(a, unconsumed);
51+
data = __archive_read_ahead(a, 512, &bytes_read);
52+
- if (bytes_read < 0)
53+
- return (ARCHIVE_FATAL);
54+
- if (bytes_read < 512) {
55+
+ if (data == NULL) {
56+
archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
57+
"Truncated tar archive "
58+
"detected while reading sparse file data");
59+
@@ -2727,7 +2724,7 @@ readline(struct archive_read *a, struct tar *tar, const char **start,
60+
tar_flush_unconsumed(a, unconsumed);
61+
62+
t = __archive_read_ahead(a, 1, &bytes_read);
63+
- if (bytes_read <= 0)
64+
+ if (bytes_read <= 0 || t == NULL)
65+
return (ARCHIVE_FATAL);
66+
s = t; /* Start of line? */
67+
p = memchr(t, '\n', bytes_read);
68+
@@ -2768,7 +2765,7 @@ readline(struct archive_read *a, struct tar *tar, const char **start,
69+
}
70+
/* Read some more. */
71+
t = __archive_read_ahead(a, 1, &bytes_read);
72+
- if (bytes_read <= 0)
73+
+ if (bytes_read <= 0 || t == NULL)
74+
return (ARCHIVE_FATAL);
75+
s = t; /* Start of line? */
76+
p = memchr(t, '\n', bytes_read);
77+
--
78+
2.34.1
79+

SPECS/cmake/cmake.spec

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
Summary: Cmake
33
Name: cmake
44
Version: 3.21.4
5-
Release: 16%{?dist}
5+
Release: 17%{?dist}
66
License: BSD AND LGPLv2+
77
Vendor: Microsoft Corporation
88
Distribution: Mariner
@@ -34,6 +34,7 @@ Patch19: CVE-2024-28182.patch
3434
Patch20: CVE-2024-7264.patch
3535
Patch21: CVE-2024-11053.patch
3636
Patch22: CVE-2024-9681.patch
37+
Patch23: CVE-2024-48615.patch
3738
BuildRequires: bzip2
3839
BuildRequires: bzip2-devel
3940
BuildRequires: curl
@@ -99,6 +100,9 @@ bin/ctest --force-new-ctest-process --rerun-failed --output-on-failure
99100
%{_prefix}/doc/%{name}-*/*
100101

101102
%changelog
103+
* Mon Apr 07 2025 Kavya Sree Kaitepalli <kkaitepalli@microsoft.com> - 3.21.4-17
104+
- Fix CVE-2024-48615 by backporting
105+
102106
* Thu Jan 23 2025 Jyoti Kanase <v-jykanase@microsoft.com> - 3.21.4-16
103107
- Fix CVE-2024-9681
104108

toolkit/resources/manifests/package/toolchain_aarch64.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,8 +30,8 @@ check-debuginfo-0.15.2-1.cm2.aarch64.rpm
3030
chkconfig-1.20-4.cm2.aarch64.rpm
3131
chkconfig-debuginfo-1.20-4.cm2.aarch64.rpm
3232
chkconfig-lang-1.20-4.cm2.aarch64.rpm
33-
cmake-3.21.4-16.cm2.aarch64.rpm
34-
cmake-debuginfo-3.21.4-16.cm2.aarch64.rpm
33+
cmake-3.21.4-17.cm2.aarch64.rpm
34+
cmake-debuginfo-3.21.4-17.cm2.aarch64.rpm
3535
coreutils-8.32-7.cm2.aarch64.rpm
3636
coreutils-debuginfo-8.32-7.cm2.aarch64.rpm
3737
coreutils-lang-8.32-7.cm2.aarch64.rpm

toolkit/resources/manifests/package/toolchain_x86_64.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -31,8 +31,8 @@ check-debuginfo-0.15.2-1.cm2.x86_64.rpm
3131
chkconfig-1.20-4.cm2.x86_64.rpm
3232
chkconfig-debuginfo-1.20-4.cm2.x86_64.rpm
3333
chkconfig-lang-1.20-4.cm2.x86_64.rpm
34-
cmake-3.21.4-16.cm2.x86_64.rpm
35-
cmake-debuginfo-3.21.4-16.cm2.x86_64.rpm
34+
cmake-3.21.4-17.cm2.x86_64.rpm
35+
cmake-debuginfo-3.21.4-17.cm2.x86_64.rpm
3636
coreutils-8.32-7.cm2.x86_64.rpm
3737
coreutils-debuginfo-8.32-7.cm2.x86_64.rpm
3838
coreutils-lang-8.32-7.cm2.x86_64.rpm

0 commit comments

Comments
 (0)