sysutils/file: patch for CVE-2019-18218

[Matthias Ferdinand <mf+ml.pkgsrc-users%netzwerkagentursaarland.de@localhost>]

Hello,

please find attached the patch for CVE-2019-18218
(https://nvd.nist.gov/vuln/detail/CVE-2019-18218).

Taken from
    https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
but without changing RCSID.

Best regards
Matthias Ferdinand

$NetBSD$

patch for CVE-2019-18218, picked from https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84

--- src/cdf.c.orig	2019-02-20 02:35:27.000000000 +0000
+++ src/cdf.c
@@ -1013,8 +1013,9 @@ cdf_read_property_info(const cdf_stream_
 				goto out;
 			}
 			nelements = CDF_GETUINT32(q, 1);
-			if (nelements == 0) {
-				DPRINTF(("CDF_VECTOR with nelements == 0\n"));
+			if (nelements > CDF_ELEMENT_LIMIT || nelements == 0) {
+				DPRINTF(("CDF_VECTOR with nelements == %"
+				    SIZE_T_FORMAT "u\n", nelements));
 				goto out;
 			}
 			slen = 2;
@@ -1056,8 +1057,6 @@ cdf_read_property_info(const cdf_stream_
 					goto out;
 				inp += nelem;
 			}
-			DPRINTF(("nelements = %" SIZE_T_FORMAT "u\n",
-			    nelements));
 			for (j = 0; j < nelements && i < sh.sh_properties;
 			    j++, i++)
 			{

$NetBSD$

patch for CVE-2019-18218, picked from https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84

--- src/cdf.h.orig	2019-02-20 01:24:19.000000000 +0000
+++ src/cdf.h
@@ -48,6 +48,7 @@
 typedef int32_t cdf_secid_t;
 
 #define CDF_LOOP_LIMIT					10000
+#define CDF_ELEMENT_LIMIT				100000
 
 #define CDF_SECID_NULL					0
 #define CDF_SECID_FREE					-1