From ebd51986f51b430f84c569c6c0f2fe051158d444 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Fri, 21 Apr 2023 18:02:52 +0100
Subject: gentoo auto-resync : 21:04:2023 - 18:02:52

---
 app-arch/upx/files/upx-4.0.1-CVE-2023-23456.patch | 61 -----------------------
 1 file changed, 61 deletions(-)
 delete mode 100644 app-arch/upx/files/upx-4.0.1-CVE-2023-23456.patch

(limited to 'app-arch/upx/files/upx-4.0.1-CVE-2023-23456.patch')

diff --git a/app-arch/upx/files/upx-4.0.1-CVE-2023-23456.patch b/app-arch/upx/files/upx-4.0.1-CVE-2023-23456.patch
deleted file mode 100644
index 779800a08e40..000000000000
--- a/app-arch/upx/files/upx-4.0.1-CVE-2023-23456.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From 1d291ff0db8a056600ebdebb9c3c62d700eaa842 Mon Sep 17 00:00:00 2001
-From: John Reiser <jreiser@BitWagon.com>
-Date: Thu, 24 Nov 2022 10:28:03 -0800
-Subject: [PATCH] p_tmt: more sanity of input, cleanup MemBuffer usage
-
-https://github.com/upx/upx/issues/632
-	modified:   src/p_tmt.cpp
----
- src/p_tmt.cpp | 23 +++++++++++------------
- 1 file changed, 11 insertions(+), 12 deletions(-)
-
-diff --git a/src/p_tmt.cpp b/src/p_tmt.cpp
-index 7dc72888..592809a9 100644
---- a/src/p_tmt.cpp
-+++ b/src/p_tmt.cpp
-@@ -173,15 +173,13 @@ int PackTmt::readFileHeader()
-     fi->seek(adam_offset,SEEK_SET);
-     fi->readx(&ih,sizeof(ih));
-     // FIXME: should add more checks for the values in 'ih'
--    unsigned const imagesize = get_le32(&ih.imagesize);
--    unsigned const entry     = get_le32(&ih.entry);
--    unsigned const relocsize = get_le32(&ih.relocsize);
--    if (!imagesize
--    ||  file_size <= imagesize
--    ||  file_size <= entry
--    ||  file_size <= relocsize) {
--        printWarn(getName(), "bad header; imagesize=%#x  entry=%#x  relocsize=%#x",
--            imagesize, entry, relocsize);
-+    unsigned const imagesize = ih.imagesize;
-+    unsigned const entry = ih.entry;
-+    unsigned const relocsize = ih.relocsize;
-+    if (imagesize < sizeof(ih) || entry < sizeof(ih) || file_size <= imagesize ||
-+        file_size <= entry || file_size <= relocsize) {
-+        printWarn(getName(), "bad header; imagesize=%#x  entry=%#x  relocsize=%#x", imagesize,
-+                  entry, relocsize);
-         return 0;
-     }
- 
-@@ -215,15 +213,16 @@ void PackTmt::pack(OutputFile *fo)
-     ibuf.alloc(usize+rsize+128);
-     obuf.allocForCompression(usize+rsize+128);
- 
--    MemBuffer wrkmem;
--    wrkmem.alloc(rsize+EXTRA_INFO); // relocations
-+    MemBuffer mb_wrkmem;
-+    mb_wrkmem.alloc(rsize + EXTRA_INFO + 4); // relocations + original entry point + relocsize
-+    SPAN_S_VAR(upx_byte, wrkmem, mb_wrkmem);
- 
-     fi->seek(adam_offset+sizeof(ih),SEEK_SET);
-     fi->readx(ibuf,usize);
-     fi->readx(wrkmem+4,rsize);
-     const unsigned overlay = file_size - fi->tell();
- 
--    if (find_le32(ibuf,128,get_le32("UPX ")) >= 0)
-+    if (find_le32(ibuf, UPX_MIN(128u, usize), get_le32("UPX ")) >= 0)
-         throwAlreadyPacked();
-     if (rsize == 0)
-         throwCantPack("file is already compressed with another packer");
--- 
-2.38.2
-
-- 
cgit v1.2.3