From nobody Sun Jun 05 15:23:07 2022
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id BCEB61BD0E24;
	Sun,  5 Jun 2022 15:23:07 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4LGL3b4QmXz4d2F;
	Sun,  5 Jun 2022 15:23:07 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1654442587;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lEhFUdjMMYtQ4DgaOxH8iLkZrUxC7WOKHKPxaHBLbho=;
	b=VyFbeo8gzJ4PYsuMrHZ2oryqKU+bdBZ9sANte6dtOVlmRbKKELsj+ouR4urIowsV+kTqmO
	t5jS4OLt8dqRWNgvyuobPlCCVKXkuIOF55gMRlpAIs2iVDc5UW9a2uIakjsi1BXTGkFKEe
	sGrDLJad30FxyfVDoVi1W/p3gCQPANGC12M3uLtjHfNUMZjAj70dZi1QveN6gNzywfmuYa
	1Eq/d+tWWVqbd30BqF3iQwZXBGBKOgzlbu0ug8izQ1YVX0nTmQxMClZpF+HwSsm6ctV1tl
	dgx+hSeMXvqKoFjLVKREqUbJ+DNVXpI0EqQuz0ZrAixk7/PTLP6DoGHcS2gOsw==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 71D0C146CD;
	Sun,  5 Jun 2022 15:23:07 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 255FN7wi009441;
	Sun, 5 Jun 2022 15:23:07 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 255FN7sA009440;
	Sun, 5 Jun 2022 15:23:07 GMT
	(envelope-from git)
Date: Sun, 5 Jun 2022 15:23:07 GMT
Message-Id: <202206051523.255FN7sA009440@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Matthias Andree <mandree@FreeBSD.org>
Subject: git: 83ce641b79e3 - main - sysutils/e2fsprogs: fix CVE-2022-1304
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mandree
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 83ce641b79e305333e8444b53821f12a21b753e6
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1654442587;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=lEhFUdjMMYtQ4DgaOxH8iLkZrUxC7WOKHKPxaHBLbho=;
	b=BL2xTcFvcyWY2Vwh+rCx29nvDIFbS6o6B6muCt/tRYDuStRWXbDNVNzbGzjwK9oPbKgufd
	K/iqlZT7JAoEvWWsuuM2Y7n6xDQttTtCVymn7UbltT5JUMzFyfAZKE4gCMXEHWpFKflznz
	SSgCsJSgp7aw3lhvAjW8DJ4KZN0GvVYRVktApo3hhuq7+9Y5RAL6/V2TPJ1sYB1lRaPTxX
	tAkCS8wC0IG5IeCWy3745QZzTf4pTnHgZogoEXR6xPFsRP6/J1JSDMkDYr4K2UYXIa/kVQ
	5dW1OfiOpavtk6K5e/V3ik8tznivQ/2pqKKWl/+4rJ8+J5MxK5Hr8+9UY4Q4RQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1654442587; a=rsa-sha256; cv=none;
	b=WZrHLbrozoTER2B9URxRNpnNZPtBHQgkpyULYsVRVBdqDk7i4wmvfxLpmWQXK80sS3ZkW+
	iZbmQzhIX4AtIDAxEWo1VPLWK002FSpQJsWds4WJIBoQ9x/ycAHEHqRxk2adqOqkMlFtVY
	vU4jw5rkHR0jzGf7h04ec+x35o9wpYogY5ALCdILRBqah3DtQ7Bu8T5EreNulz1ewsdVHT
	Yh8Qs5qGDvGojF+cWwRJRScPRxAq0avV1qtncwJUmrEyZJklycLPaoh2tP2JflnviAlSn+
	VjxMx72njmFMnVIXnPfLL85zOrsp/goMrb3CbPFSOlAfxApDdZ3hntuY3c33DQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by mandree:

URL: https://cgit.FreeBSD.org/ports/commit/?id=83ce641b79e305333e8444b53821f12a21b753e6

commit 83ce641b79e305333e8444b53821f12a21b753e6
Author:     Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2022-06-05 15:21:42 +0000
Commit:     Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2022-06-05 15:22:52 +0000

    sysutils/e2fsprogs: fix CVE-2022-1304
    
    Take patch from linux-ext4@ mailing list to fix
    
    Security:       CVE-2022-1304
    Security:       a58f3fde-e4e0-11ec-8340-2d623369b8b5
    MFH:            2022Q2
---
 sysutils/e2fsprogs/Makefile                  |  2 +-
 sysutils/e2fsprogs/files/patch-CVE-2022-1304 | 57 ++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/sysutils/e2fsprogs/Makefile b/sysutils/e2fsprogs/Makefile
index 010d421b860b..8139fdc24b54 100644
--- a/sysutils/e2fsprogs/Makefile
+++ b/sysutils/e2fsprogs/Makefile
@@ -14,7 +14,7 @@
 
 PORTNAME=	e2fsprogs
 PORTVERSION=	1.46.5
-PORTREVISION?=	0
+PORTREVISION?=	1
 CATEGORIES?=	sysutils
 MASTER_SITES=	KERNEL_ORG/linux/kernel/people/tytso/${PORTNAME}/v${PORTVERSION}
 
diff --git a/sysutils/e2fsprogs/files/patch-CVE-2022-1304 b/sysutils/e2fsprogs/files/patch-CVE-2022-1304
new file mode 100644
index 000000000000..dec6e97b76be
--- /dev/null
+++ b/sysutils/e2fsprogs/files/patch-CVE-2022-1304
@@ -0,0 +1,57 @@
+From:   Lukas Czerner <lczerner@redhat.com>
+To:     linux-ext4@vger.kernel.org
+Cc:     tytso@mit.edu, Nils Bars <nils_bars@t-online.de>
+Subject: [PATCH] e2fsprogs: add sanity check to extent manipulation
+Date:   Thu, 21 Apr 2022 19:31:48 +0200
+Message-Id: <20220421173148.20193-1-lczerner@redhat.com>
+List-ID: <linux-ext4.vger.kernel.org>
+X-Mailing-List: linux-ext4@vger.kernel.org
+
+It is possible to have a corrupted extent tree in such a way that a leaf
+node contains zero extents in it. Currently if that happens and we try
+to traverse the tree we can end up accessing wrong data, or possibly
+even uninitialized memory. Make sure we don't do that.
+
+Additionally make sure that we have a sane number of bytes passed to
+memmove() in ext2fs_extent_delete().
+
+Note that e2fsck is currently unable to spot and fix such corruption in
+pass1.
+
+Signed-off-by: Lukas Czerner <lczerner@redhat.com>
+Reported-by: Nils Bars <nils_bars@t-online.de>
+Addressess: https://bugzilla.redhat.com/show_bug.cgi?id=2068113
+---
+ lib/ext2fs/extent.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/lib/ext2fs/extent.c b/lib/ext2fs/extent.c
+index b324c7b0..1a206a16 100644
+--- ./lib/ext2fs/extent.c
++++ b/lib/ext2fs/extent.c
+@@ -495,6 +495,10 @@ retry:
+ 			ext2fs_le16_to_cpu(eh->eh_entries);
+ 		newpath->max_entries = ext2fs_le16_to_cpu(eh->eh_max);
+ 
++		/* Make sure there is at least one extent present */
++		if (newpath->left <= 0)
++			return EXT2_ET_EXTENT_NO_DOWN;
++
+ 		if (path->left > 0) {
+ 			ix++;
+ 			newpath->end_blk = ext2fs_le32_to_cpu(ix->ei_block);
+@@ -1630,6 +1634,10 @@ errcode_t ext2fs_extent_delete(ext2_extent_handle_t handle, int flags)
+ 
+ 	cp = path->curr;
+ 
++	/* Sanity check before memmove() */
++	if (path->left < 0)
++		return EXT2_ET_EXTENT_LEAF_BAD;
++
+ 	if (path->left) {
+ 		memmove(cp, cp + sizeof(struct ext3_extent_idx),
+ 			path->left * sizeof(struct ext3_extent_idx));
+-- 
+2.35.1
+
+