1 files changed, 38 insertions, 0 deletions
diff --git a/meta/recipes-extended/tar/tar/CVE-2019-9923.patch b/meta/recipes-extended/tar/tar/CVE-2019-9923.patch
new file mode 100644
index 0000000000..a2704c3355
--- /dev/null
+++ b/meta/recipes-extended/tar/tar/CVE-2019-9923.patch
@@ -0,0 +1,38 @@
+From cb07844454d8cc9fb21f53ace75975f91185a120 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Mon, 14 Jan 2019 15:22:09 +0200
+Subject: [PATCH] Fix possible NULL dereference (savannah bug #55369)
+* src/sparse.c (pax_decode_header): Check return from find_next_block.
+Upstream-Status: Backport
+CVE:  CVE-2019-9923
+Affects: tar < 1.32
+Signed-off-by: Armin kuster <akuster@mvista.com>
+---
+ src/sparse.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+Index: tar-1.31/src/sparse.c
+===================================================================
+--- tar-1.31.orig/src/sparse.c
+++ tar-1.31/src/sparse.c
+@@ -1267,6 +1267,8 @@ pax_decode_header (struct tar_sparse_fil
+         {                                                         \
+           set_next_block_after (b);                               \
+            b = find_next_block ();                                 \
+           if (!b)                                                 \
+             FATAL_ERROR ((0, 0, _("Unexpected EOF in archive"))); \
+            src = b->buffer;                                        \
+           endp = b->buffer + BLOCKSIZE;                           \
+         }                                                         \
+@@ -1279,6 +1281,8 @@ pax_decode_header (struct tar_sparse_fil
+       start = current_block_ordinal ();
+       set_next_block_after (current_header);
+       blk = find_next_block ();
+      if (!blk)
+        FATAL_ERROR ((0, 0, _("Unexpected EOF in archive")));
+       p = blk->buffer;
+       COPY_BUF (blk,nbuf,p);
+       if (!decode_num (&u, nbuf, TYPE_MAXIMUM (size_t)))

diff --git a/meta/recipes-extended/tar/tar/CVE-2019-9923.patch b/meta/recipes-extended/tar/tar/CVE-2019-9923.patch new file mode 100644 index 0000000000..a2704c3355 --- /dev/null +++ b/meta/recipes-extended/tar/tar/CVE-2019-9923.patch
@@ -0,0 +1,38 @@
	1	From cb07844454d8cc9fb21f53ace75975f91185a120 Mon Sep 17 00:00:00 2001
	2	From: Sergey Poznyakoff <gray@gnu.org>
	3	Date: Mon, 14 Jan 2019 15:22:09 +0200
	4	Subject: [PATCH] Fix possible NULL dereference (savannah bug #55369)
	5
	6	* src/sparse.c (pax_decode_header): Check return from find_next_block.
	7
	8	Upstream-Status: Backport
	9	CVE: CVE-2019-9923
	10	Affects: tar < 1.32
	11	Signed-off-by: Armin kuster <akuster@mvista.com>
	12
	13	---
	14	src/sparse.c \| 4 ++++
	15	1 file changed, 4 insertions(+)
	16
	17	Index: tar-1.31/src/sparse.c
	18	===================================================================
	19	--- tar-1.31.orig/src/sparse.c
	20	+++ tar-1.31/src/sparse.c
	21	@@ -1267,6 +1267,8 @@ pax_decode_header (struct tar_sparse_fil
	22	{ \
	23	set_next_block_after (b); \
	24	b = find_next_block (); \
	25	+ if (!b) \
	26	+ FATAL_ERROR ((0, 0, _("Unexpected EOF in archive"))); \
	27	src = b->buffer; \
	28	endp = b->buffer + BLOCKSIZE; \
	29	} \
	30	@@ -1279,6 +1281,8 @@ pax_decode_header (struct tar_sparse_fil
	31	start = current_block_ordinal ();
	32	set_next_block_after (current_header);
	33	blk = find_next_block ();
	34	+ if (!blk)
	35	+ FATAL_ERROR ((0, 0, _("Unexpected EOF in archive")));
	36	p = blk->buffer;
	37	COPY_BUF (blk,nbuf,p);
	38	if (!decode_num (&u, nbuf, TYPE_MAXIMUM (size_t)))