libarchive: patch regression of patch for CVE-2025-5918

Picked commit per [1]. [1] https://security-tracker.debian.org/tracker/CVE-2025-5918 (From OE-Core rev: d2b8d2f7d579779a9effcff677960dbc576b1cc8) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Peter Marko <peter.marko@siemens.com> 2025-08-25 18:09:52 +0200
committer: Steve Sakoman <steve@sakoman.com> 2025-09-01 08:30:56 -0700
commit: 53689004456a271a8c2bb28210014ec00555f559 (patch)
tree: c7bf845182b3ce3077267f5c2cd1fed1e516bacc
parent: bf7f8a0202e318e6208d90b9c15c408141bbb011 (diff)
download: poky-53689004456a271a8c2bb28210014ec00555f559.tar.gz
2 files changed, 52 insertions, 0 deletions
diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch
new file mode 100644
index 0000000000..bc6903d41c
--- /dev/null
+++ b/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch
@@ -0,0 +1,51 @@
+From 51b4c35bb38b7df4af24de7f103863dd79129b01 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date: Tue, 27 May 2025 17:09:12 +0200
+Subject: [PATCH] Fix FILE_skip regression
+The fseek* family of functions return 0 on success, not the new offset.
+This is only true for lseek.
+Fixes https://github.com/libarchive/libarchive/issues/2641
+Fixes dcbf1e0ededa95849f098d154a25876ed5754bcf
+Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+CVE: CVE-2025-5918
+Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/51b4c35bb38b7df4af24de7f103863dd79129b01]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ libarchive/archive_read_open_file.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+diff --git a/libarchive/archive_read_open_file.c b/libarchive/archive_read_open_file.c
+index 6ed18a0c..742923ab 100644
+--- a/libarchive/archive_read_open_file.c
+++ b/libarchive/archive_read_open_file.c
+@@ -132,7 +132,7 @@ FILE_skip(struct archive *a, void *client_data, int64_t request)
+ #else
+        long skip = (long)request;
+ #endif
+-       int64_t old_offset, new_offset;
+       int64_t old_offset, new_offset = -1;
+        int skip_bits = sizeof(skip) * 8 - 1;
+ 
+        (void)a; /* UNUSED */
+@@ -170,11 +170,14 @@ FILE_skip(struct archive *a, void *client_data, int64_t request)
+ #ifdef __ANDROID__
+                        new_offset = lseek(fileno(mine->f), skip, SEEK_CUR);
+ #elif HAVE__FSEEKI64
+-                       new_offset = _fseeki64(mine->f, skip, SEEK_CUR);
+                       if (_fseeki64(mine->f, skip, SEEK_CUR) == 0)
+                               new_offset = _ftelli64(mine->f);
+ #elif HAVE_FSEEKO
+-                       new_offset = fseeko(mine->f, skip, SEEK_CUR);
+                       if (fseeko(mine->f, skip, SEEK_CUR) == 0)
+                               new_offset = ftello(mine->f);
+ #else
+-                       new_offset = fseek(mine->f, skip, SEEK_CUR);
+                       if (fseek(mine->f, skip, SEEK_CUR) == 0)
+                               new_offset = ftell(mine->f);
+ #endif
+                        if (new_offset >= 0)
+                                return (new_offset - old_offset);
diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
index f08673ea3b..f4b1be2337 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
@@ -37,6 +37,7 @@ SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \
           file://CVE-2025-5917.patch \
           file://CVE-2025-5918-0001.patch \
           file://CVE-2025-5918-0002.patch \
+           file://CVE-2025-5918-0003.patch \
           "
 UPSTREAM_CHECK_URI = "http://libarchive.org/"
author	Peter Marko <peter.marko@siemens.com>	2025-08-25 18:09:52 +0200
committer	Steve Sakoman <steve@sakoman.com>	2025-09-01 08:30:56 -0700
commit	53689004456a271a8c2bb28210014ec00555f559 (patch)
tree	c7bf845182b3ce3077267f5c2cd1fed1e516bacc
parent	bf7f8a0202e318e6208d90b9c15c408141bbb011 (diff)
download	poky-53689004456a271a8c2bb28210014ec00555f559.tar.gz

diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch new file mode 100644 index 0000000000..bc6903d41c --- /dev/null +++ b/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch
@@ -0,0 +1,51 @@
		1	From 51b4c35bb38b7df4af24de7f103863dd79129b01 Mon Sep 17 00:00:00 2001
		2	From: Tobias Stoeckmann <tobias@stoeckmann.org>
		3	Date: Tue, 27 May 2025 17:09:12 +0200
		4	Subject: [PATCH] Fix FILE_skip regression
		5
		6	The fseek* family of functions return 0 on success, not the new offset.
		7	This is only true for lseek.
		8
		9	Fixes https://github.com/libarchive/libarchive/issues/2641
		10	Fixes dcbf1e0ededa95849f098d154a25876ed5754bcf
		11
		12	Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
		13
		14	CVE: CVE-2025-5918
		15	Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/51b4c35bb38b7df4af24de7f103863dd79129b01]
		16	Signed-off-by: Peter Marko <peter.marko@siemens.com>
		17	---
		18	libarchive/archive_read_open_file.c \| 11 +++++++----
		19	1 file changed, 7 insertions(+), 4 deletions(-)
		20
		21	diff --git a/libarchive/archive_read_open_file.c b/libarchive/archive_read_open_file.c
		22	index 6ed18a0c..742923ab 100644
		23	--- a/libarchive/archive_read_open_file.c
		24	+++ b/libarchive/archive_read_open_file.c
		25	@@ -132,7 +132,7 @@ FILE_skip(struct archive a, void client_data, int64_t request)
		26	#else
		27	long skip = (long)request;
		28	#endif
		29	- int64_t old_offset, new_offset;
		30	+ int64_t old_offset, new_offset = -1;
		31	int skip_bits = sizeof(skip) * 8 - 1;
		32
		33	(void)a; /* UNUSED */
		34	@@ -170,11 +170,14 @@ FILE_skip(struct archive a, void client_data, int64_t request)
		35	#ifdef __ANDROID__
		36	new_offset = lseek(fileno(mine->f), skip, SEEK_CUR);
		37	#elif HAVE__FSEEKI64
		38	- new_offset = _fseeki64(mine->f, skip, SEEK_CUR);
		39	+ if (_fseeki64(mine->f, skip, SEEK_CUR) == 0)
		40	+ new_offset = _ftelli64(mine->f);
		41	#elif HAVE_FSEEKO
		42	- new_offset = fseeko(mine->f, skip, SEEK_CUR);
		43	+ if (fseeko(mine->f, skip, SEEK_CUR) == 0)
		44	+ new_offset = ftello(mine->f);
		45	#else
		46	- new_offset = fseek(mine->f, skip, SEEK_CUR);
		47	+ if (fseek(mine->f, skip, SEEK_CUR) == 0)
		48	+ new_offset = ftell(mine->f);
		49	#endif
		50	if (new_offset >= 0)
		51	return (new_offset - old_offset);


diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb index f08673ea3b..f4b1be2337 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
@@ -37,6 +37,7 @@ SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \
37	file://CVE-2025-5917.patch \	37	file://CVE-2025-5917.patch \
38	file://CVE-2025-5918-0001.patch \	38	file://CVE-2025-5918-0001.patch \
39	file://CVE-2025-5918-0002.patch \	39	file://CVE-2025-5918-0002.patch \
		40	file://CVE-2025-5918-0003.patch \
40	"	41	"
41	UPSTREAM_CHECK_URI = "http://libarchive.org/"	42	UPSTREAM_CHECK_URI = "http://libarchive.org/"
42		43