diff options
Diffstat (limited to 'abs')
-rw-r--r-- | abs/extra/cpio/PKGBUILD | 49 | ||||
-rw-r--r-- | abs/extra/cpio/cpio-2.11-CVE-2014-9112.patch | 212 | ||||
-rw-r--r-- | abs/extra/cpio/cpio-2.11-stdio.in.patch | 13 | ||||
-rw-r--r-- | abs/extra/cpio/cpio-2.11-testsuite-CVE-2014-9112.patch | 30 | ||||
-rw-r--r-- | abs/extra/cpio/cpio.install | 21 |
5 files changed, 325 insertions, 0 deletions
diff --git a/abs/extra/cpio/PKGBUILD b/abs/extra/cpio/PKGBUILD new file mode 100644 index 0000000..c9e2054 --- /dev/null +++ b/abs/extra/cpio/PKGBUILD @@ -0,0 +1,49 @@ +# $Id$ +# Maintainer: judd <jvinet@zeroflux.org> +pkgname=cpio +pkgver=2.11 +pkgrel=5 +pkgdesc="A tool to copy files into or out of a cpio or tar archive" +arch=(i686 x86_64) +license=('GPL') +url="http://www.gnu.org/software/cpio" +depends=('glibc') +source=(ftp://ftp.gnu.org/gnu/cpio/cpio-${pkgver}.tar.gz + cpio-2.11-stdio.in.patch + cpio-2.11-CVE-2014-9112.patch + cpio-2.11-testsuite-CVE-2014-9112.patch) +install=cpio.install +md5sums=('1112bb6c45863468b5496ba128792f6c' + 'd7e58f2a1ec286febd09ea75042cf96e' + '2541e37b85cb7baffc3a3f687453737c' + '348870bebae57146eafeb189adbd43a4') + +prepare() { + cd ${srcdir}/${pkgname}-${pkgver} + patch -Np1 -i ${srcdir}/cpio-2.11-stdio.in.patch + # from fedora git + patch -Np1 -i ${srcdir}/cpio-2.11-CVE-2014-9112.patch + patch -Np1 -i ${srcdir}/cpio-2.11-testsuite-CVE-2014-9112.patch +} + +build() { + cd ${srcdir}/${pkgname}-${pkgver} + ./configure --prefix=/usr --mandir=/usr/share/man + make +} + +check() { + cd ${srcdir}/${pkgname}-${pkgver} + make check +} + +package() { + cd ${srcdir}/${pkgname}-${pkgver} + make DESTDIR=${pkgdir} install + rm -f ${pkgdir}/usr/bin/mt ${pkgdir}/pkg/usr/share/man/man1/mt.1 + rm -rf ${pkgdir}/usr/libexec + # remove mt manpage it conflicts with mt-st from extra + rm $pkgdir/usr/share/man/man1/mt.1 || return 1 + # remove infodir + rm $pkgdir/usr/share/info/dir +} diff --git a/abs/extra/cpio/cpio-2.11-CVE-2014-9112.patch b/abs/extra/cpio/cpio-2.11-CVE-2014-9112.patch new file mode 100644 index 0000000..64fec9f --- /dev/null +++ b/abs/extra/cpio/cpio-2.11-CVE-2014-9112.patch @@ -0,0 +1,212 @@ +diff --git a/src/copyin.c b/src/copyin.c +index d505407..db8ee66 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -124,10 +124,30 @@ tape_skip_padding (int in_file_des, off_t offset) + if (pad != 0) + tape_toss_input (in_file_des, pad); + } +- ++ ++static char * ++get_link_name (struct cpio_file_stat *file_hdr, int in_file_des) ++{ ++ char *link_name; ++ ++ if (file_hdr->c_filesize < 0 || file_hdr->c_filesize > SIZE_MAX-1) ++ { ++ error (0, 0, _("%s: stored filename length is out of range"), ++ file_hdr->c_name); ++ link_name = NULL; ++ } ++ else ++ { ++ link_name = xmalloc (file_hdr->c_filesize + 1); ++ tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); ++ link_name[file_hdr->c_filesize] = '\0'; ++ tape_skip_padding (in_file_des, file_hdr->c_filesize); ++ } ++ return link_name; ++} + + static void +-list_file(struct cpio_file_stat* file_hdr, int in_file_des) ++list_file (struct cpio_file_stat* file_hdr, int in_file_des) + { + if (verbose_flag) + { +@@ -136,21 +156,16 @@ list_file(struct cpio_file_stat* file_hdr, int in_file_des) + { + if (archive_format != arf_tar && archive_format != arf_ustar) + { +- char *link_name = NULL; /* Name of hard and symbolic links. */ +- +- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1); +- link_name[file_hdr->c_filesize] = '\0'; +- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); +- long_format (file_hdr, link_name); +- free (link_name); +- tape_skip_padding (in_file_des, file_hdr->c_filesize); +- return; ++ char *link_name = get_link_name (file_hdr, in_file_des); ++ if (link_name) ++ { ++ long_format (file_hdr, link_name); ++ free (link_name); ++ } + } + else +- { +- long_format (file_hdr, file_hdr->c_tar_linkname); +- return; +- } ++ long_format (file_hdr, file_hdr->c_tar_linkname); ++ return; + } + else + #endif +@@ -650,10 +665,7 @@ copyin_link(struct cpio_file_stat *file_hdr, int in_file_des) + + if (archive_format != arf_tar && archive_format != arf_ustar) + { +- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1); +- link_name[file_hdr->c_filesize] = '\0'; +- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); +- tape_skip_padding (in_file_des, file_hdr->c_filesize); ++ link_name = get_link_name (file_hdr, in_file_des); + } + else + { +diff --git a/tests/Makefile.am b/tests/Makefile.am +index b3e8e60..cf186da 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -52,6 +52,8 @@ TESTSUITE_AT = \ + setstat04.at\ + setstat05.at\ + symlink.at\ ++ symlink-bad-length.at\ ++ symlink-long.at\ + version.at + + TESTSUITE = $(srcdir)/testsuite +diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at +new file mode 100644 +index 0000000..cbf4aa7 +--- /dev/null ++++ b/tests/symlink-bad-length.at +@@ -0,0 +1,49 @@ ++# Process this file with autom4te to create testsuite. -*- Autotest -*- ++# Copyright (C) 2014 Free Software Foundation, Inc. ++ ++# This program is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 3, or (at your option) ++# any later version. ++ ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++ ++# You should have received a copy of the GNU General Public License ++# along with this program; if not, write to the Free Software ++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA ++# 02110-1301 USA. ++ ++# Cpio v2.11 did segfault with badly set symlink length. ++# References: ++# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html ++ ++AT_SETUP([symlink-bad-length]) ++AT_KEYWORDS([symlink-long copyout]) ++ ++AT_DATA([ARCHIVE.base64], ++[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv ++JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF ++UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA ++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= ++]) ++ ++AT_CHECK([ ++base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST ++cpio -ntv < ARCHIVE ++test $? -eq 2 ++], ++[0], ++[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE ++],[cpio: LINK: stored filename length is out of range ++cpio: premature end of file ++]) ++ ++AT_CLEANUP +diff --git a/tests/symlink-long.at b/tests/symlink-long.at +new file mode 100644 +index 0000000..d3def2d +--- /dev/null ++++ b/tests/symlink-long.at +@@ -0,0 +1,46 @@ ++# Process this file with autom4te to create testsuite. -*- Autotest -*- ++# Copyright (C) 2014 Free Software Foundation, Inc. ++ ++# This program is free software; you can redistribute it and/or modify ++# it under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 3, or (at your option) ++# any later version. ++ ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++ ++# You should have received a copy of the GNU General Public License ++# along with this program; if not, write to the Free Software ++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA ++# 02110-1301 USA. ++ ++# Cpio v2.11.90 changed the way symlink name is read from archive. ++# References: ++# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html ++ ++AT_SETUP([symlink-long]) ++AT_KEYWORDS([symlink-long copyout]) ++ ++AT_CHECK([ ++ ++# len(dirname) > READBUFSIZE ++dirname= ++for i in {1..52}; do ++ dirname="xxxxxxxxx/$dirname" ++ mkdir "$dirname" ++done ++ln -s "$dirname" x || AT_SKIP_TEST ++ ++echo x | cpio -o > ar ++list=`cpio -tv < ar | sed 's|.*-> ||'` ++test "$list" = "$dirname" && echo success || echo fail ++], ++[0], ++[success ++],[2 blocks ++2 blocks ++]) ++ ++AT_CLEANUP +diff --git a/tests/testsuite.at b/tests/testsuite.at +index 8f3330b..590bdcb 100644 +--- a/tests/testsuite.at ++++ b/tests/testsuite.at +@@ -31,6 +31,8 @@ m4_include([version.at]) + + m4_include([inout.at]) + m4_include([symlink.at]) ++m4_include([symlink-bad-length.at]) ++m4_include([symlink-long.at]) + m4_include([interdir.at]) + + m4_include([setstat01.at]) diff --git a/abs/extra/cpio/cpio-2.11-stdio.in.patch b/abs/extra/cpio/cpio-2.11-stdio.in.patch new file mode 100644 index 0000000..f7016ba --- /dev/null +++ b/abs/extra/cpio/cpio-2.11-stdio.in.patch @@ -0,0 +1,13 @@ +diff -urNp cpio-2.11-orig/gnu/stdio.in.h cpio-2.11/gnu/stdio.in.h +--- cpio-2.11-orig/gnu/stdio.in.h 2010-03-10 10:27:03.000000000 +0100 ++++ cpio-2.11/gnu/stdio.in.h 2012-06-04 10:23:23.804471185 +0200 +@@ -139,7 +139,9 @@ _GL_WARN_ON_USE (fflush, "fflush is not + so any use of gets warrants an unconditional warning. Assume it is + always declared, since it is required by C89. */ + #undef gets ++#if HAVE_RAW_DECL_GETS + _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); ++#endif + + #if @GNULIB_FOPEN@ + # if @REPLACE_FOPEN@ diff --git a/abs/extra/cpio/cpio-2.11-testsuite-CVE-2014-9112.patch b/abs/extra/cpio/cpio-2.11-testsuite-CVE-2014-9112.patch new file mode 100644 index 0000000..b1b268a --- /dev/null +++ b/abs/extra/cpio/cpio-2.11-testsuite-CVE-2014-9112.patch @@ -0,0 +1,30 @@ +diff --git a/tests/symlink-bad-length.at b/tests/symlink-bad-length.at +index cbf4aa7..d8d250b 100644 +--- a/tests/symlink-bad-length.at ++++ b/tests/symlink-bad-length.at +@@ -37,13 +37,20 @@ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= + + AT_CHECK([ + base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST +-cpio -ntv < ARCHIVE +-test $? -eq 2 ++TZ=UTC cpio -ntv < ARCHIVE 2>stderr ++rc=$? ++cat stderr | grep -v \ ++ -e 'stored filename length is out of range' \ ++ -e 'premature end of file' \ ++ -e 'archive header has reverse byte-order' \ ++ -e 'memory exhausted' \ ++ >&2 ++echo >&2 STDERR ++test "$rc" -ne 0 + ], + [0], +-[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE +-],[cpio: LINK: stored filename length is out of range +-cpio: premature end of file ++[-rw-rw-r-- 1 10029 10031 13 Nov 25 11:52 FILE ++],[STDERR + ]) + + AT_CLEANUP diff --git a/abs/extra/cpio/cpio.install b/abs/extra/cpio/cpio.install new file mode 100644 index 0000000..e5502ca --- /dev/null +++ b/abs/extra/cpio/cpio.install @@ -0,0 +1,21 @@ +infodir=/usr/share/info +filelist=(cpio.info) + +post_install() { + [ -x usr/bin/install-info ] || return 0 + for file in ${filelist[@]}; do + usr/bin/install-info $infodir/$file $infodir/dir 2> /dev/null + done +} + +post_upgrade() { + post_install $1 +} + +pre_remove() { + [ -x usr/bin/install-info ] || return 0 + for file in ${filelist[@]}; do + usr/bin/install-info --delete $infodir/$file $infodir/dir 2> /dev/null + done +} + |