summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--net-libs/openslp/files/openslp-2.0.0-CVE-2012-4428.patch51
-rw-r--r--net-libs/openslp/openslp-2.0.0-r3.ebuild43
2 files changed, 94 insertions, 0 deletions
diff --git a/net-libs/openslp/files/openslp-2.0.0-CVE-2012-4428.patch b/net-libs/openslp/files/openslp-2.0.0-CVE-2012-4428.patch
new file mode 100644
index 000000000000..28564c007cf3
--- /dev/null
+++ b/net-libs/openslp/files/openslp-2.0.0-CVE-2012-4428.patch
@@ -0,0 +1,51 @@
+
+Description: Fix out-of-bounds buffer access (CVE-2012-4428)
+ Fix handling of string-list in common/slp_common.c by not increasing
+ the item pointer past the string-list pointer, and letting '\\' only
+ escape the item separator ','.
+Author: Guillem Jover <guillem@debian.org>
+Origin: vendor
+Bug: http://sourceforge.net/p/openslp/bugs/122/
+Bug-Debian: https://bugs.debian.org/687597
+Last-Update: 2014-07-25
+
+Strangely nobody seems to have fixed this in openslp-2.0.0 ever.
+Patch forward-ported; one chunk isn't needed anymore as the code has been
+independently rewritten. Andreas K. Hüttel <dilfridge@gentoo.org>
+
+
+diff -ruN openslp-2.0.0.orig/common/slp_compare.c openslp-2.0.0/common/slp_compare.c
+--- openslp-2.0.0.orig/common/slp_compare.c 2012-12-12 20:12:43.000000000 +0100
++++ openslp-2.0.0/common/slp_compare.c 2017-02-18 19:59:55.296473698 +0100
+@@ -587,13 +587,10 @@
+ /* seek to the end of the next list item */
+ while(1)
+ {
+- if(itemend == listend || *itemend == ',')
+- {
+- if(*(itemend - 1) != '\\')
+- {
+- break;
+- }
+- }
++ if(itemend == listend)
++ break;
++ if(*itemend == ',' && *(itemend - 1) != '\\')
++ break;
+
+ itemend++;
+ }
+@@ -683,9 +680,10 @@
+ /* seek to the end of the next list item */
+ while (1)
+ {
+- if (itemend == listend || *itemend == ',')
+- if (*(itemend - 1) != '\\')
+- break;
++ if(itemend == listend)
++ break;
++ if(*itemend == ',' && *(itemend - 1) != '\\')
++ break;
+ itemend++;
+ }
+
diff --git a/net-libs/openslp/openslp-2.0.0-r3.ebuild b/net-libs/openslp/openslp-2.0.0-r3.ebuild
new file mode 100644
index 000000000000..d350e7d90ea2
--- /dev/null
+++ b/net-libs/openslp/openslp-2.0.0-r3.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit autotools systemd
+
+DESCRIPTION="An open-source implementation of Service Location Protocol"
+HOMEPAGE="http://www.openslp.org/"
+SRC_URI="mirror://sourceforge/openslp/${P}.tar.gz"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
+IUSE="libressl"
+RESTRICT="test"
+
+DEPEND="
+ !libressl? ( dev-libs/openssl:0= )
+ libressl? ( dev-libs/libressl:0= )
+"
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-2.0.0-cflags.patch
+ "${FILESDIR}"/${PN}-2.0.0-CVE-2016-4912.patch
+ "${FILESDIR}"/${PN}-2.0.0-CVE-2012-4428.patch
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_install() {
+ make DESTDIR="${D}" install || die "make install failed"
+ dodoc AUTHORS FAQ ChangeLog NEWS README* THANKS
+ rm -rfv "${D}"/usr/doc
+ dohtml -r .
+ newinitd "${FILESDIR}"/slpd-init slpd
+ systemd_dounit "${FILESDIR}"/slpd.service
+}