From 047fcf15a0a9442cc739d205a3f3fa5850c5fcfd Mon Sep 17 00:00:00 2001
From: =?utf8?q?Elan=20Ruusam=C3=A4e?= <glen@delfi.ee>
Date: Tue, 13 Sep 2016 09:09:00 +0300
Subject: [PATCH] fix Buffer overflow in bzip2's bzip2recover

patch from fedora
---
 bzip2-1.0.4-bzip2recover.patch | 21 +++++++++++++++++++++
 bzip2.spec                     |  2 ++
 2 files changed, 23 insertions(+)
 create mode 100644 bzip2-1.0.4-bzip2recover.patch

diff --git a/bzip2-1.0.4-bzip2recover.patch b/bzip2-1.0.4-bzip2recover.patch
new file mode 100644
index 0000000..032ceed
--- /dev/null
+++ b/bzip2-1.0.4-bzip2recover.patch
@@ -0,0 +1,21 @@
+
+https://bugzilla.redhat.com/226979
+
+commit d92c60c24c16e46363dd15b94b47f04a7535898e
+Author: Ivana Varekova <varekova@fedoraproject.org>
+Date:   Mon Feb 5 11:12:02 2007 +0000
+
+    - Resolves: 226979 Buffer overflow in bzip2's bzip2recover
+
+--- bzip2-1.0.4/bzip2recover.c.pom	2007-01-03 03:00:55.000000000 +0100
++++ bzip2-1.0.4/bzip2recover.c	2007-02-05 11:55:17.000000000 +0100
+@@ -309,7 +309,8 @@
+    UInt32      buffHi, buffLo, blockCRC;
+    Char*       p;
+ 
+-   strcpy ( progName, argv[0] );
++   strncpy ( progName, argv[0], BZ_MAX_FILENAME-1);
++   progName[BZ_MAX_FILENAME-1]='\0';
+    inFileName[0] = outFileName[0] = 0;
+ 
+    fprintf ( stderr, 
diff --git a/bzip2.spec b/bzip2.spec
index 79172d9..e68af7b 100644
--- a/bzip2.spec
+++ b/bzip2.spec
@@ -24,6 +24,7 @@ Patch0:		%{name}-libtoolizeautoconf.patch
 Patch1:		%{name}-bzgrep.patch
 # Modified from http://www.vanheusden.com/Linux/bzip2-1.0.2.diff.gz
 Patch2:		%{name}-progress-counter-1.0.2.patch
+Patch3:		%{name}-1.0.4-bzip2recover.patch
 URL:		http://www.bzip.org/
 BuildRequires:	autoconf >= 2.50
 BuildRequires:	automake >= 1:1.6
@@ -169,6 +170,7 @@ Bibliotecas estáticas para desenvolvimento com a bzip2.
 %patch0 -p1
 %patch1 -p1
 %{?with_progress:%patch2 -p1}
+%patch3 -p1
 
 %build
 %{__libtoolize}
-- 
2.44.0