Apply patch for CVE-2020-7105. Fixes bug #1796474

5 years ago · fc66aa7d9b
parent 275e2c51f6
commit fc66aa7d9b
2 changed files with 62 additions and 1 deletions
--- a/78cec256efa5ca4705af85edbdf137060c9a4b0a.patch
+++ b/78cec256efa5ca4705af85edbdf137060c9a4b0a.patch
@ -0,0 +1,55 @@
+From 78cec256efa5ca4705af85edbdf137060c9a4b0a Mon Sep 17 00:00:00 2001
+From: Chris Lamb <chris@chris-lamb.co.uk>
+Date: Sun, 19 Jan 2020 11:49:13 +0000
+Subject: [PATCH] Abort if malloc() was unsuccessful. (Closes: #747)
+
+---
+ async.c | 2 ++
+ dict.c  | 7 ++++++-
+ 2 files changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/async.c b/async.c
+index 4f422d566..f9193dd05 100644
+--- a/async.c
+++ b/async.c
+@@ -58,6 +58,8 @@ static unsigned int callbackHash(const void *key) {
+ static void *callbackValDup(void *privdata, const void *src) {
+     ((void) privdata);
+     redisCallback *dup = malloc(sizeof(*dup));
+    if (dup == NULL)
+        abort();
+     memcpy(dup,src,sizeof(*dup));
+     return dup;
+ }
+diff --git a/dict.c b/dict.c
+index 5b349f078..70ef57f6b 100644
+--- a/dict.c
+++ b/dict.c
+@@ -72,6 +72,8 @@ static void _dictReset(dict *ht) {
+ /* Create a new hash table */
+ static dict *dictCreate(dictType *type, void *privDataPtr) {
+     dict *ht = malloc(sizeof(*ht));
+    if (ht == NULL)
+        abort();
+     _dictInit(ht,type,privDataPtr);
+     return ht;
+ }
+@@ -143,6 +145,8 @@ static int dictAdd(dict *ht, void *key, void *val) {
+ 
+     /* Allocates the memory and stores key */
+     entry = malloc(sizeof(*entry));
+    if (entry == NULL)
+        abort();
+     entry->next = ht->table[index];
+     ht->table[index] = entry;
+ 
+@@ -257,7 +261,8 @@ static dictEntry *dictFind(dict *ht, const void *key) {
+ 
+ static dictIterator *dictGetIterator(dict *ht) {
+     dictIterator *iter = malloc(sizeof(*iter));
+-
+    if (iter == NULL)
+        abort();
+     iter->ht = ht;
+     iter->index = -1;
+     iter->entry = NULL;
--- a/hiredis.spec
+++ b/hiredis.spec
@ -1,12 +1,15 @@
 Name:           hiredis
 Version:        0.13.3
-Release:        12%{?dist}
+Release:        13%{?dist}
 Summary:        Minimalistic C client library for Redis
 License:        BSD
 URL:            https://github.com/redis/hiredis
 Source0:        https://github.com/redis/hiredis/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 # https://github.com/redis/hiredis/pull/554
 Patch0:         0001-build-do-not-assume-that-INSTALL-is-cp.patch
+# Already upstream
+# Fix for CVE-2020-7105.
+Patch1:         https://github.com/lamby/hiredis/commit/78cec256efa5ca4705af85edbdf137060c9a4b0a.patch
 BuildRequires:  gcc
 BuildRequires:  redis

@ -54,6 +57,9 @@ make check || true
 %{_libdir}/pkgconfig/hiredis.pc

 %changelog
+* Sat Feb 15 2020 Kevin Fenzi <kevin@scrye.com> - 0.13.3-13
+- Apply patch for CVE-2020-7105. Fixes bug #1796474
+
 * Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.3-12
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild