diff options
author | Mike Frysinger <vapier@gentoo.org> | 2005-07-02 13:44:07 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2005-07-02 13:44:07 +0000 |
commit | 028468160c74c8e99ef09f16e32dc5b73b34eef8 (patch) | |
tree | b0498f38cf7a7cbe1a4e241d04aa08669db7faed /app-arch/gzip | |
parent | Stable on alpha. (diff) | |
download | gentoo-2-028468160c74c8e99ef09f16e32dc5b73b34eef8.tar.gz gentoo-2-028468160c74c8e99ef09f16e32dc5b73b34eef8.tar.bz2 gentoo-2-028468160c74c8e99ef09f16e32dc5b73b34eef8.zip |
Fix crash on bad input #94584 by Tavis Ormandy.
(Portage version: 2.0.51.22-r1)
Diffstat (limited to 'app-arch/gzip')
-rw-r--r-- | app-arch/gzip/ChangeLog | 8 | ||||
-rw-r--r-- | app-arch/gzip/files/digest-gzip-1.3.5-r8 | 1 | ||||
-rw-r--r-- | app-arch/gzip/files/gzip-1.3.5-huft-build-return-fix.patch | 22 | ||||
-rw-r--r-- | app-arch/gzip/gzip-1.3.5-r8.ebuild | 88 |
4 files changed, 118 insertions, 1 deletions
diff --git a/app-arch/gzip/ChangeLog b/app-arch/gzip/ChangeLog index a0a4a5d34633..7e8a0a0487b3 100644 --- a/app-arch/gzip/ChangeLog +++ b/app-arch/gzip/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-arch/gzip # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/gzip/ChangeLog,v 1.55 2005/05/31 03:13:26 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-arch/gzip/ChangeLog,v 1.56 2005/07/02 13:44:07 vapier Exp $ + +*gzip-1.3.5-r8 (02 Jul 2005) + + 02 Jul 2005; Mike Frysinger <vapier@gentoo.org> + +files/gzip-1.3.5-huft-build-return-fix.patch, +gzip-1.3.5-r8.ebuild: + Fix crash on bad input #94584 by Tavis Ormandy. *gzip-1.3.5-r7 (31 May 2005) diff --git a/app-arch/gzip/files/digest-gzip-1.3.5-r8 b/app-arch/gzip/files/digest-gzip-1.3.5-r8 new file mode 100644 index 000000000000..07db7e681363 --- /dev/null +++ b/app-arch/gzip/files/digest-gzip-1.3.5-r8 @@ -0,0 +1 @@ +MD5 3d6c191dfd2bf307014b421c12dc8469 gzip-1.3.5.tar.gz 331550 diff --git a/app-arch/gzip/files/gzip-1.3.5-huft-build-return-fix.patch b/app-arch/gzip/files/gzip-1.3.5-huft-build-return-fix.patch new file mode 100644 index 000000000000..2558634de1d9 --- /dev/null +++ b/app-arch/gzip/files/gzip-1.3.5-huft-build-return-fix.patch @@ -0,0 +1,22 @@ +The huft_build() function should return 2 if the input is invalid (such +as all zero length codes) and 0 if the input is valid. The zero length +code check incorrectly returns 0 however causing gzip to segv on some +invalid input cases. + +Discovered & fixed by Tavis Ormandy. + +http://bugs.gentoo.org/94584 + +--- inflate.c ++++ inflate.c +@@ -336,9 +336,9 @@ int huft_build(b, n, s, d, e, t, m) + if (c[0] == n) /* null input--all zero length codes */ + { + *t = (struct huft *)NULL; + *m = 0; +- return 0; ++ return 2; + } + + + /* Find minimum and maximum length, bound *m by those */ diff --git a/app-arch/gzip/gzip-1.3.5-r8.ebuild b/app-arch/gzip/gzip-1.3.5-r8.ebuild new file mode 100644 index 000000000000..42c6a97d16a5 --- /dev/null +++ b/app-arch/gzip/gzip-1.3.5-r8.ebuild @@ -0,0 +1,88 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-arch/gzip/gzip-1.3.5-r8.ebuild,v 1.1 2005/07/02 13:44:07 vapier Exp $ + +inherit eutils flag-o-matic + +DESCRIPTION="Standard GNU compressor" +HOMEPAGE="http://www.gnu.org/software/gzip/gzip.html" +SRC_URI="mirror://gentoo/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86" +IUSE="nls build static pic" + +RDEPEND="" +DEPEND="${RDEPEND} + nls? ( sys-devel/gettext )" +PROVIDE="virtual/gzip" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${P}-debian.patch + epatch "${FILESDIR}"/${P}-znew-tempfile-2.patch + epatch "${FILESDIR}"/${P}-gunzip-dir.patch + epatch "${FILESDIR}"/${P}-asm-execstack.patch + epatch "${FILESDIR}"/${P}-gzip-perm.patch + epatch "${FILESDIR}"/${P}-infodir.patch + epatch "${FILESDIR}"/${P}-rsync.patch + epatch "${FILESDIR}"/${P}-zgrep-sed.patch + epatch "${FILESDIR}"/${P}-alpha.patch + epatch "${FILESDIR}"/${P}-huft-build-return-fix.patch + epatch "${FILESDIR}"/${P}-zgreppipe.patch +} + +src_compile() { + use static && append-flags -static + # avoid text relocation in gzip + use pic && export DEFS="NO_ASM" + econf --exec-prefix=/ $(use_enable nls) || die + emake || die +} + +src_install() { + dodir /usr/bin /usr/share/man/man1 + make prefix=${D}/usr \ + exec_prefix=${D}/ \ + mandir=${D}/usr/share/man \ + infodir=${D}/usr/share/info \ + install || die + + cd ${D}/bin + + for i in gzexe zforce zgrep zmore znew zcmp + do + sed -i -e "s:${D}::" ${i} || die + chmod 755 ${i} + done + + # No need to waste space -- these guys should be links + # gzcat is equivilant to zcat, but historically zcat + # was a link to compress. + rm -f gunzip zcat zcmp zegrep zfgrep + dosym gzip /bin/gunzip + dosym gzip /bin/gzcat + dosym gzip /bin/zcat + dosym zdiff /bin/zcmp + dosym zgrep /bin/zegrep + dosym zgrep /bin/zfgrep + + if ! use build + then + cd ${D}/usr/share/man/man1 + rm -f gunzip.* zcmp.* zcat.* + ln -s gzip.1.gz gunzip.1.gz + ln -s zdiff.1.gz zcmp.1.gz + ln -s gzip.1.gz zcat.1.gz + ln -s gzip.1.gz gzcat.1.gz + cd ${S} + rm -rf ${D}/usr/man ${D}/usr/lib + dodoc ChangeLog NEWS README THANKS TODO + docinto txt + dodoc algorithm.doc gzip.doc + else + rm -rf ${D}/usr + fi +} |