Skip to content

Commit 1de4158

Browse files
rcrozeanrcrozean
committed
update CVE-2022-2879 patch to remove the binary portion and note it in the header
1 parent 9242630 commit 1de4158

File tree

1 file changed

+9
-9
lines changed

1 file changed

+9
-9
lines changed

projects/golang/go/1.15/patches/0022-go-1.15.15-eks-archive-tar-limit-size-of-head.patch

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,7 @@
1-
From e429b5038a364cbe0c9737cf6d21fba2c37a5b1c Mon Sep 17 00:00:00 2001
1+
From 18bab2267ddb865bbff5f778bf60a115b145bd74 Mon Sep 17 00:00:00 2001
22
From: Damien Neil <[email protected]>
33
Date: Fri, 2 Sep 2022 20:45:18 -0700
4-
Subject: [PATCH] [go-1.15.15-eks] archive/tar: limit size of
5-
headers
4+
Subject: [PATCH] [release-branch.go1.18] archive/tar: limit size of headers
65

76
# AWS EKS
87
Backported To: go-1.15.15-eks
@@ -12,6 +11,11 @@ Backported From: release-branch.go1.15
1211
Source Commit: https://github.com/golang/go/commit/0a723816cd205576945fa57fbdde7e6532d59d08
1312
EKS Patch Source Commit:
1413

14+
For building an internal version of go1.15, we removed the binary
15+
information from this patch caused by ./src/archive/tar/pax-bad-hdr-large.tar.bz2
16+
it was added to the repo:
17+
https://github.com/aws/eks-distro-build-tooling/projects/golang/go/1.15/rpmbuild/SOURCE/pax-bad-hdr-large.tar.bz2
18+
1519
# Originial Information
1620

1721
Set a 1MiB limit on special file blocks (PAX headers, GNU long names,
@@ -66,7 +70,7 @@ index cfe24a5e1d..6642364de1 100644
6670

6771
// blockPadding computes the number of bytes needed to pad offset up to the
6872
diff --git a/src/archive/tar/reader.go b/src/archive/tar/reader.go
69-
index 4f9135b791..d964c3b6b3 100644
73+
index 4f9135b791..a776e0be28 100644
7074
--- a/src/archive/tar/reader.go
7175
+++ b/src/archive/tar/reader.go
7276
@@ -104,7 +104,7 @@ func (tr *Reader) next() (*Header, error) {
@@ -142,10 +146,6 @@ index f153b668de..c68a859ad8 100644
142146
hdrs []*Header
143147
chksums []string
144148
rdbuf = make([]byte, 8)
145-
diff --git a/src/archive/tar/testdata/pax-bad-hdr-large.tar.bz2 b/src/archive/tar/testdata/pax-bad-hdr-large.tar.bz2
146-
new file mode 100644
147-
index 0000000000..06bf710d3a
148-
Binary files /dev/null and b/src/archive/tar/testdata/pax-bad-hdr-large.tar.bz2 differ
149149
diff --git a/src/archive/tar/writer.go b/src/archive/tar/writer.go
150150
index e80498d03e..893eac00ae 100644
151151
--- a/src/archive/tar/writer.go
@@ -161,7 +161,7 @@ index e80498d03e..893eac00ae 100644
161161
return err // Global headers return here
162162
}
163163
diff --git a/src/archive/tar/writer_test.go b/src/archive/tar/writer_test.go
164-
index 30556d27d0..4bd69fd548 100644
164+
index 30556d27d0..cbf6a85525 100644
165165
--- a/src/archive/tar/writer_test.go
166166
+++ b/src/archive/tar/writer_test.go
167167
@@ -1007,6 +1007,33 @@ func TestIssue12594(t *testing.T) {

0 commit comments

Comments
 (0)