summaryrefslogtreecommitdiffstats
path: root/abs
diff options
context:
space:
mode:
Diffstat (limited to 'abs')
-rw-r--r--abs/extra/cpio/PKGBUILD49
-rw-r--r--abs/extra/cpio/cpio-2.11-CVE-2014-9112.patch212
-rw-r--r--abs/extra/cpio/cpio-2.11-stdio.in.patch13
-rw-r--r--abs/extra/cpio/cpio-2.11-testsuite-CVE-2014-9112.patch30
-rw-r--r--abs/extra/cpio/cpio.install21
5 files changed, 325 insertions, 0 deletions
diff --git a/abs/extra/cpio/PKGBUILD b/abs/extra/cpio/PKGBUILD
new file mode 100644
index 0000000..c9e2054
--- /dev/null
+++ b/abs/extra/cpio/PKGBUILD
@@ -0,0 +1,49 @@
+# $Id$
+# Maintainer: judd <jvinet@zeroflux.org>
+pkgname=cpio
+pkgver=2.11
+pkgrel=5
+pkgdesc="A tool to copy files into or out of a cpio or tar archive"
+arch=(i686 x86_64)
+license=('GPL')
+url="http://www.gnu.org/software/cpio"
+depends=('glibc')
+source=(ftp://ftp.gnu.org/gnu/cpio/cpio-${pkgver}.tar.gz
+ cpio-2.11-stdio.in.patch
+ cpio-2.11-CVE-2014-9112.patch
+ cpio-2.11-testsuite-CVE-2014-9112.patch)
+install=cpio.install
+md5sums=('1112bb6c45863468b5496ba128792f6c'
+ 'd7e58f2a1ec286febd09ea75042cf96e'
+ '2541e37b85cb7baffc3a3f687453737c'
+ '348870bebae57146eafeb189adbd43a4')
+
+prepare() {
+ cd ${srcdir}/${pkgname}-${pkgver}
+ patch -Np1 -i ${srcdir}/cpio-2.11-stdio.in.patch
+ # from fedora git
+ patch -Np1 -i ${srcdir}/cpio-2.11-CVE-2014-9112.patch
+ patch -Np1 -i ${srcdir}/cpio-2.11-testsuite-CVE-2014-9112.patch
+}
+
+build() {
+ cd ${srcdir}/${pkgname}-${pkgver}
+ ./configure --prefix=/usr --mandir=/usr/share/man
+ make
+}
+
+check() {
+ cd ${srcdir}/${pkgname}-${pkgver}
+ make check
+}
+
+package() {
+ cd ${srcdir}/${pkgname}-${pkgver}
+ make DESTDIR=${pkgdir} install
+ rm -f ${pkgdir}/usr/bin/mt ${pkgdir}/pkg/usr/share/man/man1/mt.1
+ rm -rf ${pkgdir}/usr/libexec
+ # remove mt manpage it conflicts with mt-st from extra
+ rm $pkgdir/usr/share/man/man1/mt.1 || return 1
+ # remove infodir
+ rm $pkgdir/usr/share/info/dir
+}
diff --git a/abs/extra/cpio/cpio-2.11-CVE-2014-9112.patch b/abs/extra/cpio/cpio-2.11-CVE-2014-9112.patch
new file mode 100644
index 0000000..64fec9f
--- /dev/null
+++ b/abs/extra/cpio/cpio-2.11-CVE-2014-9112.patch
@@ -0,0 +1,212 @@
+diff --git a/src/copyin.c b/src/copyin.c
+index d505407..db8ee66 100644
+--- a/src/copyin.c
++++ b/src/copyin.c
+@@ -124,10 +124,30 @@ tape_skip_padding (int in_file_des, off_t offset)
+ if (pad != 0)
+ tape_toss_input (in_file_des, pad);
+ }
+-
++
++static char *
++get_link_name (struct cpio_file_stat *file_hdr, int in_file_des)
++{
++ char *link_name;
++
++ if (file_hdr->c_filesize < 0 || file_hdr->c_filesize > SIZE_MAX-1)
++ {
++ error (0, 0, _("%s: stored filename length is out of range"),
++ file_hdr->c_name);
++ link_name = NULL;
++ }
++ else
++ {
++ link_name = xmalloc (file_hdr->c_filesize + 1);
++ tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
++ link_name[file_hdr->c_filesize] = '\0';
++ tape_skip_padding (in_file_des, file_hdr->c_filesize);
++ }
++ return link_name;
++}
+
+ static void
+-list_file(struct cpio_file_stat* file_hdr, int in_file_des)
++list_file (struct cpio_file_stat* file_hdr, int in_file_des)
+ {
+ if (verbose_flag)
+ {
+@@ -136,21 +156,16 @@ list_file(struct cpio_file_stat* file_hdr, int in_file_des)
+ {
+ if (archive_format != arf_tar && archive_format != arf_ustar)
+ {
+- char *link_name = NULL; /* Name of hard and symbolic links. */
+-
+- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
+- link_name[file_hdr->c_filesize] = '\0';
+- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
+- long_format (file_hdr, link_name);
+- free (link_name);
+- tape_skip_padding (in_file_des, file_hdr->c_filesize);
+- return;
++ char *link_name = get_link_name (file_hdr, in_file_des);
++ if (link_name)
++ {
++ long_format (file_hdr, link_name);
++ free (link_name);
++ }
+ }
+ else
+- {
+- long_format (file_hdr, file_hdr->c_tar_linkname);
+- return;
+- }
++ long_format (file_hdr, file_hdr->c_tar_linkname);
++ return;
+ }
+ else
+ #endif
+@@ -650,10 +665,7 @@ copyin_link(struct cpio_file_stat *file_hdr, int in_file_des)
+
+ if (archive_format != arf_tar && archive_format != arf_ustar)
+ {
+- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
+- link_name[file_hdr->c_filesize] = '\0';
+- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
+- tape_skip_padding (in_file_des, file_hdr->c_filesize);
++ link_name = get_link_name (file_hdr, in_file_des);
+ }
+ else
+ {
+diff --git a/tests/Makefile.am b/tests/Makefile.am
+index b3e8e60..cf186da 100644
+--- a/tests/Makefile.am
++++ b/tests/Makefile.am
+@@ -52,6 +52,8 @@ TESTSUITE_AT = \
+ setstat04.at\
+ setstat05.at\
+ symlink.at\
++ symlink-bad-length.at\
++ symlink-long.at\
+ version.at
+
+ TESTSUITE = $(srcdir)/testsuite
+diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
+new file mode 100644
+index 0000000..cbf4aa7
+--- /dev/null
++++ b/tests/symlink-bad-length.at
+@@ -0,0 +1,49 @@
++# Process this file with autom4te to create testsuite. -*- Autotest -*-
++# Copyright (C) 2014 Free Software Foundation, Inc.
++
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 3, or (at your option)
++# any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++# 02110-1301 USA.
++
++# Cpio v2.11 did segfault with badly set symlink length.
++# References:
++# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
++
++AT_SETUP([symlink-bad-length])
++AT_KEYWORDS([symlink-long copyout])
++
++AT_DATA([ARCHIVE.base64],
++[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
++JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
++UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
++])
++
++AT_CHECK([
++base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
++cpio -ntv < ARCHIVE
++test $? -eq 2
++],
++[0],
++[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE
++],[cpio: LINK: stored filename length is out of range
++cpio: premature end of file
++])
++
++AT_CLEANUP
+diff --git a/tests/symlink-long.at b/tests/symlink-long.at
+new file mode 100644
+index 0000000..d3def2d
+--- /dev/null
++++ b/tests/symlink-long.at
+@@ -0,0 +1,46 @@
++# Process this file with autom4te to create testsuite. -*- Autotest -*-
++# Copyright (C) 2014 Free Software Foundation, Inc.
++
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 3, or (at your option)
++# any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++# 02110-1301 USA.
++
++# Cpio v2.11.90 changed the way symlink name is read from archive.
++# References:
++# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
++
++AT_SETUP([symlink-long])
++AT_KEYWORDS([symlink-long copyout])
++
++AT_CHECK([
++
++# len(dirname) > READBUFSIZE
++dirname=
++for i in {1..52}; do
++ dirname="xxxxxxxxx/$dirname"
++ mkdir "$dirname"
++done
++ln -s "$dirname" x || AT_SKIP_TEST
++
++echo x | cpio -o > ar
++list=`cpio -tv < ar | sed 's|.*-> ||'`
++test "$list" = "$dirname" && echo success || echo fail
++],
++[0],
++[success
++],[2 blocks
++2 blocks
++])
++
++AT_CLEANUP
+diff --git a/tests/testsuite.at b/tests/testsuite.at
+index 8f3330b..590bdcb 100644
+--- a/tests/testsuite.at
++++ b/tests/testsuite.at
+@@ -31,6 +31,8 @@ m4_include([version.at])
+
+ m4_include([inout.at])
+ m4_include([symlink.at])
++m4_include([symlink-bad-length.at])
++m4_include([symlink-long.at])
+ m4_include([interdir.at])
+
+ m4_include([setstat01.at])
diff --git a/abs/extra/cpio/cpio-2.11-stdio.in.patch b/abs/extra/cpio/cpio-2.11-stdio.in.patch
new file mode 100644
index 0000000..f7016ba
--- /dev/null
+++ b/abs/extra/cpio/cpio-2.11-stdio.in.patch
@@ -0,0 +1,13 @@
+diff -urNp cpio-2.11-orig/gnu/stdio.in.h cpio-2.11/gnu/stdio.in.h
+--- cpio-2.11-orig/gnu/stdio.in.h 2010-03-10 10:27:03.000000000 +0100
++++ cpio-2.11/gnu/stdio.in.h 2012-06-04 10:23:23.804471185 +0200
+@@ -139,7 +139,9 @@ _GL_WARN_ON_USE (fflush, "fflush is not
+ so any use of gets warrants an unconditional warning. Assume it is
+ always declared, since it is required by C89. */
+ #undef gets
++#if HAVE_RAW_DECL_GETS
+ _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
++#endif
+
+ #if @GNULIB_FOPEN@
+ # if @REPLACE_FOPEN@
diff --git a/abs/extra/cpio/cpio-2.11-testsuite-CVE-2014-9112.patch b/abs/extra/cpio/cpio-2.11-testsuite-CVE-2014-9112.patch
new file mode 100644
index 0000000..b1b268a
--- /dev/null
+++ b/abs/extra/cpio/cpio-2.11-testsuite-CVE-2014-9112.patch
@@ -0,0 +1,30 @@
+diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at
+index cbf4aa7..d8d250b 100644
+--- a/tests/symlink-bad-length.at
++++ b/tests/symlink-bad-length.at
+@@ -37,13 +37,20 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
+
+ AT_CHECK([
+ base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
+-cpio -ntv < ARCHIVE
+-test $? -eq 2
++TZ=UTC cpio -ntv < ARCHIVE 2>stderr
++rc=$?
++cat stderr | grep -v \
++ -e 'stored filename length is out of range' \
++ -e 'premature end of file' \
++ -e 'archive header has reverse byte-order' \
++ -e 'memory exhausted' \
++ >&2
++echo >&2 STDERR
++test "$rc" -ne 0
+ ],
+ [0],
+-[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE
+-],[cpio: LINK: stored filename length is out of range
+-cpio: premature end of file
++[-rw-rw-r-- 1 10029 10031 13 Nov 25 11:52 FILE
++],[STDERR
+ ])
+
+ AT_CLEANUP
diff --git a/abs/extra/cpio/cpio.install b/abs/extra/cpio/cpio.install
new file mode 100644
index 0000000..e5502ca
--- /dev/null
+++ b/abs/extra/cpio/cpio.install
@@ -0,0 +1,21 @@
+infodir=/usr/share/info
+filelist=(cpio.info)
+
+post_install() {
+ [ -x usr/bin/install-info ] || return 0
+ for file in ${filelist[@]}; do
+ usr/bin/install-info $infodir/$file $infodir/dir 2> /dev/null
+ done
+}
+
+post_upgrade() {
+ post_install $1
+}
+
+pre_remove() {
+ [ -x usr/bin/install-info ] || return 0
+ for file in ${filelist[@]}; do
+ usr/bin/install-info --delete $infodir/$file $infodir/dir 2> /dev/null
+ done
+}
+