diff --git a/CVE-2024-24577.patch b/CVE-2024-24577.patch new file mode 100644 index 0000000000000000000000000000000000000000..2314ff17fabf244d61da8f41e988612cc62ca376 --- /dev/null +++ b/CVE-2024-24577.patch @@ -0,0 +1,51 @@ +From eb4c1716cd92bf56f2770653a915d5fc01eab8f3 Mon Sep 17 00:00:00 2001 +From: Edward Thomson +Date: Sat, 16 Dec 2023 11:19:07 +0000 +Subject: [PATCH] index: correct index has_dir_name check + +Origin: https://github.com/libgit2/libgit2/commit/eb4c1716cd92bf56f2770653a915d5fc01eab8f3 + +`has_dir_name` is used to check for directory/file collisions, +and attempts to determine whether the index contains a file with +a directory name that is a proper subset of the new index entry +that we're trying to add. + +To determine directory name, the function would walk the path string +backwards to identify a `/`, stopping at the end of the string. However, +the function assumed that the strings did not start with a `/`. If the +paths contain only a single `/` at the beginning of the string, then the +function would continue the loop, erroneously, when they should have +stopped at the first character. + +Correct the order of the tests to terminate properly. + +Credit to Michael Rodler (@f0rki) and Amazon AWS Security. + +--- + vendor/libgit2-sys/libgit2/src/index.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/vendor/libgit2-sys/libgit2/src/index.c b/vendor/libgit2-sys/libgit2/src/index.c +index 7ebe075..7862273 100644 +--- a/vendor/libgit2-sys/libgit2/src/index.c ++++ b/vendor/libgit2-sys/libgit2/src/index.c +@@ -1155,10 +1155,14 @@ static int has_dir_name(git_index *index, + size_t len, pos; + + for (;;) { +- if (*--slash == '/') +- break; ++ slash--; ++ + if (slash <= entry->path) + return 0; ++ ++ ++ if (*slash == '/') ++ break; + } + len = slash - name; + +-- +2.23.0 + diff --git a/rust.spec b/rust.spec index f71e5b733b72caebf2394eb7700c6eab843047cb..4cca01c51b2d84d811b98fcb737f789c3bef6928 100644 --- a/rust.spec +++ b/rust.spec @@ -11,7 +11,7 @@ %bcond_without lldb Name: rust Version: 1.60.0 -Release: 2 +Release: 3 Summary: The Rust Programming Language License: (ASL 2.0 or MIT) and (BSD and MIT) URL: https://www.rust-lang.org @@ -28,7 +28,8 @@ Patch0002: clippy-driver-usage-should-user-friendly.patch Patch0003: cargo-help-clippy-should-have-description-to-user.patch Patch0004: fix-a-println-wrong-format.patch Patch0006: 0001-Add-base-loongarch64-support-for-rust-1.60.0.patch -Patch0007: 0002-vendor-Add-loongarch64-support-for-rust-1.60.0.patch +Patch0007: 0002-vendor-Add-loongarch64-support-for-rust-1.60.0.patch +Patch0008: CVE-2024-24577.patch %{lua: function rust_triple(arch) local abi = "gnu" if arch == "armv7hl" then @@ -262,6 +263,7 @@ sed -i.try-python -e '/^try python3 /i try "%{python}" "$@"' ./configure %patch0006 -p1 %patch0007 -p1 %endif +%patch0008 -p1 rm -rf vendor/curl-sys/curl/ rm -rf vendor/jemalloc-sys/jemalloc/ rm -rf vendor/libssh2-sys/libssh2/ @@ -488,6 +490,9 @@ export %{rust_env} %{_mandir}/man1/cargo*.1* %changelog +* Sat Feb 17 2024 wangkai <13474090681@163.com> - 1.60.0-3 +- Fix CVE-2024-24577 + * Tue Apr 11 2023 yangxiaojuan - 1.60.0-2 - Add loongarch64 support