Fix CVE-2017-16844: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16844 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876511 Patch copied from Debian procmail package 3.22-26: http://http.debian.net/debian/pool/main/p/procmail/procmail_3.22-26.debian.tar.xz From: Santiago Vila Subject: Fix heap-based buffer overflow in loadbuf() Bug-Debian: http://bugs.debian.org/876511 X-Debian-version: 3.22-26 --- a/src/formisc.c +++ b/src/formisc.c @@ -103,7 +103,7 @@ } /* append to buf */ void loadbuf(text,len)const char*const text;const size_t len; -{ if(buffilled+len>buflen) /* buf can't hold the text */ +{ while(buffilled+len>buflen) /* buf can't hold the text */ buf=realloc(buf,buflen+=Bsize); tmemmove(buf+buffilled,text,len);buffilled+=len; } ected='selected'>koszko Wojtek's customized Guix
aboutsummaryrefslogtreecommitdiff
path: root/gnu/build/linux-initrd.scm
AgeCommit message (Collapse)Author
2020-12-15store-copy: 'populate-store' can optionally deduplicate files.Ludovic Courtès
Until now deduplication was performed as an additional pass after copying files, which involve re-traversing all the files that had just been copied. * guix/store/deduplication.scm (copy-file/deduplicate): New procedure. * tests/store-deduplication.scm ("copy-file/deduplicate"): New test. * guix/build/store-copy.scm (populate-store): Add #:deduplicate? parameter and honor it. * tests/gexp.scm ("gexp->derivation, store copy"): Pass #:deduplicate? #f to 'populate-store'. * gnu/build/image.scm (initialize-root-partition): Pass #:deduplicate? to 'populate-store'. Pass #:deduplicate? #f to 'register-closure'. * gnu/build/vm.scm (root-partition-initializer): Likewise. * gnu/build/install.scm (populate-single-profile-directory): Pass #:deduplicate? #f to 'populate-store'. * gnu/build/linux-initrd.scm (build-initrd): Likewise. * guix/scripts/pack.scm (self-contained-tarball)[import-module?]: New procedure. [build]: Pass it as an argument to 'source-module-closure'. * guix/scripts/pack.scm (squashfs-image)[build]: Wrap in 'with-extensions'. * gnu/system/linux-initrd.scm (expression->initrd)[import-module?]: New procedure. [builder]: Pass it to 'source-module-closure'. * gnu/system/install.scm (cow-store-service-type)[import-module?]: New procedure. Pass it to 'source-module-closure'.
2020-11-21linux-initrd: Remove unnecessary timestamp reset phase.Ludovic Courtès
* gnu/build/linux-initrd.scm (write-cpio-archive): Mention timestamps in docstring. (build-initrd): Remove unnecessary timestamp reset phase.
2019-09-25build: initrd: Fix "write-cpio-archive" return value.Maxim Cournoyer
* gnu/build/linux-initrd.scm (write-cpio-archive): Really return OUTPUT on success, even when compression is disabled.
2018-11-21linux-initrd: 'expression->initrd' returns the complete file name.Ludovic Courtès
Previously 'expression->initrd' would return the directory that contains the 'initrd' file; now it returns the complete file name for that file. * gnu/system/linux-initrd.scm (expression->initrd)[builder]: Change output file name to "initrd.cpio.gz". Tail-call 'file-append' to return the complete file name. * gnu/system.scm (operating-system-initrd-file): Remove 'file-append' call. * gnu/build/linux-initrd.scm (write-cpio-archive): Check whether OUTPUT already has the ".gz" suffix; rename if before invoking GZIP if it does, and otherwise after. * gnu/system/vm.scm (expression->derivation-in-linux-vm)[builder]: Do not append "/initrd" to #$initrd.
2018-11-07linux-initrd: Make sure 'build-initrd' can delete files.Ludovic Courtès
Fixes <https://bugs.gnu.org/33297>. Reported by Mark H Weaver <mhw@netris.org>. This fixes a regression introduced in 72dc64f8f720268930eed448abfc15d2a0eca3cf, which made files read-only. * gnu/build/linux-initrd.scm (build-initrd): Call 'make-file-writable' on all the files under contents/.