Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package evolution-data-server for
openSUSE:Factory checked in at 2021-03-24 16:09:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/evolution-data-server (Old)
and /work/SRC/openSUSE:Factory/.evolution-data-server.new.2401 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "evolution-data-server"
Wed Mar 24 16:09:36 2021 rev:220 rq:879956 version:3.38.4
Changes:
--------
---
/work/SRC/openSUSE:Factory/evolution-data-server/evolution-data-server.changes
2021-02-18 20:49:15.139258954 +0100
+++
/work/SRC/openSUSE:Factory/.evolution-data-server.new.2401/evolution-data-server.changes
2021-03-24 16:09:41.211733400 +0100
@@ -1,0 +2,6 @@
+Wed Mar 3 21:08:31 UTC 2021 - Michael Gorse <mgo...@suse.com>
+
+- Add evolution-data-server-boo1182882.patch: fix buffer overrun
+ when parsing base64 data (boo#1182882).
+
+-------------------------------------------------------------------
New:
----
evolution-data-server-boo1182882.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ evolution-data-server.spec ++++++
--- /var/tmp/diff_new_pack.iNwGHo/_old 2021-03-24 16:09:41.851734072 +0100
+++ /var/tmp/diff_new_pack.iNwGHo/_new 2021-03-24 16:09:41.855734076 +0100
@@ -40,6 +40,8 @@
URL: https://wiki.gnome.org/Apps/Evolution
Source0:
https://download.gnome.org/sources/evolution-data-server/3.38/%{name}-%{version}.tar.xz
Source99: baselibs.conf
+# PATCH-FIX-UPSTREAM evolution-data-server-boo1182882.patch boo#1182882
mgo...@suse.com -- fix buffer overrun when decoding base64 data.
+Patch0: evolution-data-server-boo1182882.patch
BuildRequires: cmake
BuildRequires: db-devel
++++++ evolution-data-server-boo1182882.patch ++++++
>From b0731961dca6ca2ee4a11b708545d58ff4948093 Mon Sep 17 00:00:00 2001
From: Milan Crha <mc...@redhat.com>
Date: Tue, 2 Mar 2021 12:26:09 +0100
Subject: [PATCH] Allocate large-enough buffer for g_base64_decode_step()
---
src/camel/camel-mime-filter-basic.c | 8 ++------
src/camel/camel-mime-utils.c | 2 +-
2 files changed, 3 insertions(+), 7 deletions(-)
diff --git a/src/camel/camel-mime-filter-basic.c
b/src/camel/camel-mime-filter-basic.c
index b13276264..8187fabd4 100644
--- a/src/camel/camel-mime-filter-basic.c
+++ b/src/camel/camel-mime-filter-basic.c
@@ -83,8 +83,7 @@ mime_filter_basic_filter (CamelMimeFilter *mime_filter,
g_return_if_fail (newlen <= (len + 2) * 2 + 62);
break;
case CAMEL_MIME_FILTER_BASIC_BASE64_DEC:
- /* output can't possibly exceed the input size */
- camel_mime_filter_set_size (mime_filter, len + 3, FALSE);
+ camel_mime_filter_set_size (mime_filter, (len * 3 / 4) + 3,
FALSE);
newlen = g_base64_decode_step (
in, len,
(guchar *) mime_filter->outbuf,
@@ -225,10 +224,7 @@ mime_filter_basic_complete (CamelMimeFilter *mime_filter,
g_return_if_fail (newlen <= (len + 2) * 2 + 62);
break;
case CAMEL_MIME_FILTER_BASIC_BASE64_DEC:
- /* Output can't possibly exceed the input size, but add 1,
- to make sure the mime_filter->outbuf will not be NULL,
- in case the input stream is empty. */
- camel_mime_filter_set_size (mime_filter, len + 1, FALSE);
+ camel_mime_filter_set_size (mime_filter, (len * 3 / 4) + 3,
FALSE);
newlen = g_base64_decode_step (
in, len,
(guchar *) mime_filter->outbuf,
diff --git a/src/camel/camel-mime-utils.c b/src/camel/camel-mime-utils.c
index 3394707e2..31024f5d4 100644
--- a/src/camel/camel-mime-utils.c
+++ b/src/camel/camel-mime-utils.c
@@ -1186,7 +1186,7 @@ rfc2047_decode_word (const gchar *in,
case 'B':
case 'b':
inptr += 2;
- decoded = g_alloca (inend - inptr);
+ decoded = g_alloca (((inend - inptr) * 3 / 4) + 3);
declen = g_base64_decode_step ((gchar *) inptr, inend - inptr,
decoded, &state, &save);
break;
case 'Q':
--
2.30.1
