File libostree-CVE-2014-9862.patch of Package libostree.25683

diff -urpN libostree-2021.6/bsdiff/bspatch.c libostree-2022.5/bsdiff/bspatch.c
--- libostree-2021.6/bsdiff/bspatch.c	2022-08-29 12:09:02.256353712 -0500
+++ libostree-2022.5/bsdiff/bspatch.c	2022-05-09 11:29:09.000000000 -0500
@@ -25,6 +25,7 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include <limits.h>
 #include "bspatch.h"
 
 static int64_t offtin(uint8_t *buf)
@@ -62,7 +63,9 @@ int bspatch(const uint8_t* old, int64_t
 		};
 
 		/* Sanity-check */
-		if(newpos+ctrl[0]>newsize)
+		if (ctrl[0]<0 || ctrl[0]>INT_MAX ||
+			ctrl[1]<0 || ctrl[1]>INT_MAX ||
+			newpos+ctrl[0]>newsize)
 			return -1;
 
 		/* Read diff string */
@@ -102,6 +105,8 @@ int bspatch(const uint8_t* old, int64_t
 #include <stdio.h>
 #include <string.h>
 #include <err.h>
+#include <sys/types.h>
+#include <sys/stat.h>
 #include <unistd.h>
 #include <fcntl.h>
 
@@ -129,6 +134,7 @@ int main(int argc,char * argv[])
 	int64_t oldsize, newsize;
 	BZFILE* bz2;
 	struct bspatch_stream stream;
+	struct stat sb;
 
 	if(argc!=4) errx(1,"usage: %s oldfile newfile patchfile\n",argv[0]);
 
@@ -158,6 +164,7 @@ int main(int argc,char * argv[])
 		((old=malloc(oldsize+1))==NULL) ||
 		(lseek(fd,0,SEEK_SET)!=0) ||
 		(read(fd,old,oldsize)!=oldsize) ||
+		(fstat(fd, &sb)) ||
 		(close(fd)==-1)) err(1,"%s",argv[1]);
 	if((new=malloc(newsize+1))==NULL) err(1,NULL);
 
@@ -174,7 +181,7 @@ int main(int argc,char * argv[])
 	fclose(f);
 
 	/* Write the new file */
-	if(((fd=open(argv[2],O_CREAT|O_TRUNC|O_WRONLY,0666))<0) ||
+	if(((fd=open(argv[2],O_CREAT|O_TRUNC|O_WRONLY,sb.st_mode))<0) ||
 		(write(fd,new,newsize)!=newsize) || (close(fd)==-1))
 		err(1,"%s",argv[2]);