From c31df6e995c36e2b14b74f727b8392e6c1c10afc Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Sat, 4 Apr 2015 17:52:02 +0000
Subject: busybox: update to version 1.23.2

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 45272
---
 .../busybox/patches/006-upstream_lzop_fix.patch    | 59 ----------------------
 1 file changed, 59 deletions(-)
 delete mode 100644 package/utils/busybox/patches/006-upstream_lzop_fix.patch

(limited to 'package/utils/busybox/patches/006-upstream_lzop_fix.patch')

diff --git a/package/utils/busybox/patches/006-upstream_lzop_fix.patch b/package/utils/busybox/patches/006-upstream_lzop_fix.patch
deleted file mode 100644
index 6e453eb981..0000000000
--- a/package/utils/busybox/patches/006-upstream_lzop_fix.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From a9dc7c2f59dc5e92870d2d46316ea5c1f14740e3 Mon Sep 17 00:00:00 2001
-From: Denys Vlasenko <vda.linux@googlemail.com>
-Date: Mon, 30 Jun 2014 10:14:34 +0200
-Subject: [PATCH] lzop: add overflow check
-
-See CVE-2014-4607
-http://www.openwall.com/lists/oss-security/2014/06/26/20
-
-function                                             old     new   delta
-lzo1x_decompress_safe                               1010    1031     +21
-
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
----
- archival/libarchive/liblzo.h  | 2 ++
- archival/libarchive/lzo1x_d.c | 3 +++
- 2 files changed, 5 insertions(+)
-
---- a/archival/libarchive/liblzo.h
-+++ b/archival/libarchive/liblzo.h
-@@ -76,11 +76,13 @@
- #    define TEST_IP             (ip < ip_end)
- #    define NEED_IP(x) \
-             if ((unsigned)(ip_end - ip) < (unsigned)(x))  goto input_overrun
-+#    define TEST_IV(x)          if ((x) > (unsigned)0 - (511)) goto input_overrun
- 
- #    undef TEST_OP              /* don't need both of the tests here */
- #    define TEST_OP             1
- #    define NEED_OP(x) \
-             if ((unsigned)(op_end - op) < (unsigned)(x))  goto output_overrun
-+#    define TEST_OV(x)          if ((x) > (unsigned)0 - (511)) goto output_overrun
- 
- #define HAVE_ANY_OP 1
- 
---- a/archival/libarchive/lzo1x_d.c
-+++ b/archival/libarchive/lzo1x_d.c
-@@ -92,6 +92,7 @@ int lzo1x_decompress_safe(const uint8_t*
- 				ip++;
- 				NEED_IP(1);
- 			}
-+			TEST_IV(t);
- 			t += 15 + *ip++;
- 		}
- 		/* copy literals */
-@@ -224,6 +225,7 @@ int lzo1x_decompress_safe(const uint8_t*
- 						ip++;
- 						NEED_IP(1);
- 					}
-+					TEST_IV(t);
- 					t += 31 + *ip++;
- 				}
- #if defined(COPY_DICT)
-@@ -265,6 +267,7 @@ int lzo1x_decompress_safe(const uint8_t*
- 						ip++;
- 						NEED_IP(1);
- 					}
-+					TEST_IV(t);
- 					t += 7 + *ip++;
- 				}
- #if defined(COPY_DICT)
-- 
cgit v1.2.3