Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package upx for openSUSE:Factory checked in at 2023-01-15 17:58:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/upx (Old) and /work/SRC/openSUSE:Factory/.upx.new.32243 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "upx" Sun Jan 15 17:58:07 2023 rev:19 rq:1058444 version:4.0.1 Changes: -------- --- /work/SRC/openSUSE:Factory/upx/upx.changes 2022-11-17 17:25:05.089249640 +0100 +++ /work/SRC/openSUSE:Factory/.upx.new.32243/upx.changes 2023-01-15 17:58:12.578218406 +0100 @@ -1,0 +2,6 @@ +Sun Jan 15 10:35:30 UTC 2023 - Jan Engelhardt <jeng...@inai.de> + +- Add 0001-invert_pt_dynamic-fix-thinko-PackLinuxElf64help1-ins.patch + [boo#1207122] [CVE-2023-23457] + +------------------------------------------------------------------- New: ---- 0001-invert_pt_dynamic-fix-thinko-PackLinuxElf64help1-ins.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ upx.spec ++++++ --- /var/tmp/diff_new_pack.Eq0cn0/_old 2023-01-15 17:58:13.094221469 +0100 +++ /var/tmp/diff_new_pack.Eq0cn0/_new 2023-01-15 17:58:13.098221493 +0100 @@ -1,7 +1,7 @@ # # spec file for package upx # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,6 +26,7 @@ Source: https://github.com/upx/upx/releases/download/v%version/upx-%version-src.tar.xz Patch0: upx-aarch64.patch Patch1: upx-endiantests.patch +Patch2: 0001-invert_pt_dynamic-fix-thinko-PackLinuxElf64help1-ins.patch BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires: libucl1-devel ++++++ 0001-invert_pt_dynamic-fix-thinko-PackLinuxElf64help1-ins.patch ++++++ >From 779b648c5f6aa9b33f4728f79dd4d0efec0bf860 Mon Sep 17 00:00:00 2001 From: John Reiser <jrei...@bitwagon.com> Date: Wed, 23 Nov 2022 19:49:28 -0800 Subject: [PATCH] invert_pt_dynamic: fix thinko; PackLinuxElf64help1 insist on ELF https://github.com/upx/upx/issues/631 modified: src/p_lx_elf.cpp --- src/p_lx_elf.cpp | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp index fa55470f..b698ee0a 100644 --- a/src/p_lx_elf.cpp +++ b/src/p_lx_elf.cpp @@ -256,7 +256,8 @@ PackLinuxElf32::PackLinuxElf32help1(InputFile *f) e_phnum = get_te16(&ehdri.e_phnum); e_shnum = get_te16(&ehdri.e_shnum); unsigned const e_phentsize = get_te16(&ehdri.e_phentsize); - if (ehdri.e_ident[Elf32_Ehdr::EI_CLASS]!=Elf32_Ehdr::ELFCLASS32 + if (memcmp((char const *)&ehdri, "\x7f\x45\x4c\x46", 4) // "\177ELF" + || ehdri.e_ident[Elf32_Ehdr::EI_CLASS]!=Elf32_Ehdr::ELFCLASS32 || sizeof(Elf32_Phdr) != e_phentsize || (Elf32_Ehdr::ELFDATA2MSB == ehdri.e_ident[Elf32_Ehdr::EI_DATA] && &N_BELE_RTP::be_policy != bele) @@ -761,7 +762,8 @@ PackLinuxElf64::PackLinuxElf64help1(InputFile *f) e_phnum = get_te16(&ehdri.e_phnum); e_shnum = get_te16(&ehdri.e_shnum); unsigned const e_phentsize = get_te16(&ehdri.e_phentsize); - if (ehdri.e_ident[Elf64_Ehdr::EI_CLASS]!=Elf64_Ehdr::ELFCLASS64 + if (memcmp((char const *)&ehdri, "\x7f\x45\x4c\x46", 4) // "\177ELF" + || ehdri.e_ident[Elf64_Ehdr::EI_CLASS]!=Elf64_Ehdr::ELFCLASS64 || sizeof(Elf64_Phdr) != e_phentsize || (Elf64_Ehdr::ELFDATA2MSB == ehdri.e_ident[Elf64_Ehdr::EI_DATA] && &N_BELE_RTP::be_policy != bele) @@ -5780,7 +5782,7 @@ PackLinuxElf64::invert_pt_dynamic(Elf64_Dyn const *dynp, upx_uint64_t headway) } if (file_size <= dt_offsets[n_off]) { char msg[60]; snprintf(msg, sizeof(msg), "bad DT_{%#x} = %#x (beyond EOF)", - dt_names[k], dt_offsets[n_off]); + k, dt_offsets[n_off]); throwCantPack(msg); } n_off += !!dt_offsets[n_off]; -- 2.39.0
