Fixed
Created: Oct 17, 2018
Updated: Apr 22, 2022
Resolved Date: Oct 21, 2018
Found In Version: 8.0.0.27
Fix Version: 8.0.0.28
Severity: Severe
Applicable for: Wind River Linux 8
Component/s: Userspace
gunzip fails for files larger than 1K after CVE-2015-9261 patch.
Remove CVE-2015-9261 patch.
Configure and build project with:
--enable-board=qemuarm --enable-rootfs=glibc_core --enable-parallel-pkgbuilds=12 --enable-jobs=12 --enable-build=production --enable-doc-pages=yes --enable-ldconfig=yes --enable-sdkmachine=x86_64 --enable-sdkimage-staticlibs=yes --enable-internet-download=no --enable-checkout-all-layers=yes --with-init=sysvinit --enable-rm-work=no --enable-kernel=standard --with-rcpl-version=0027
$ make busybox.menuconfig
Enable gunzip (Archival Utilites -> gunzip) and save.
$ make busybox.rebuild
$ make fs
Run qemu to test it out:
$ make start-target
root@qemu0:~# cp /bin/busybox .
root@qemu0:~# gzip busybox
root@qemu0:~# ls -la
total 68
drwxr-xr-x 2 root root 4096 Oct 18 07:07 .
drwxr-xr-x 17 root root 4096 Oct 18 07:05 ..
-rwx------ 1 root root 60413 Oct 18 07:07 busybox.gz
root@qemu0:~# gunzip busybox.gz
root@qemu0:~# echo $?
1
root@qemu0:~# ls -la
total 68
drwxr-xr-x 2 root root 4096 Oct 18 07:08 .
drwxr-xr-x 17 root root 4096 Oct 18 07:05 ..
-rwx------ 1 root root 60413 Oct 18 07:07 busybox.gz
