diff options
Diffstat (limited to 'patches/source/libtasn1')
-rw-r--r-- | patches/source/libtasn1/libtasn1.CVE-2014-3467_8_9.diff | 152 | ||||
-rwxr-xr-x | patches/source/libtasn1/libtasn1.SlackBuild | 127 | ||||
-rw-r--r-- | patches/source/libtasn1/slack-desc | 19 |
3 files changed, 298 insertions, 0 deletions
diff --git a/patches/source/libtasn1/libtasn1.CVE-2014-3467_8_9.diff b/patches/source/libtasn1/libtasn1.CVE-2014-3467_8_9.diff new file mode 100644 index 000000000..9b190c611 --- /dev/null +++ b/patches/source/libtasn1/libtasn1.CVE-2014-3467_8_9.diff @@ -0,0 +1,152 @@ +diff -u -r libtasn1-2.14.orig/lib/decoding.c libtasn1-2.14/lib/decoding.c +--- libtasn1-2.14.orig/lib/decoding.c 2012-09-13 01:16:23.000000000 -0500 ++++ libtasn1-2.14/lib/decoding.c 2014-06-05 16:42:36.495243018 -0500 +@@ -149,7 +149,7 @@ + /* Long form */ + punt = 1; + ris = 0; +- while (punt <= der_len && der[punt] & 128) ++ while (punt < der_len && der[punt] & 128) + { + last = ris; + +@@ -226,12 +226,11 @@ + int *ret_len, unsigned char *str, int str_size, + int *str_len) + { +- int len_len; ++ int len_len = 0; + + if (der_len <= 0) + return ASN1_GENERIC_ERROR; + +- /* if(str==NULL) return ASN1_SUCCESS; */ + *str_len = asn1_get_length_der (der, der_len, &len_len); + + if (*str_len < 0) +@@ -239,7 +238,10 @@ + + *ret_len = *str_len + len_len; + if (str_size >= *str_len) +- memcpy (str, der + len_len, *str_len); ++ { ++ if (*str_len > 0 && str != NULL) ++ memcpy (str, der + len_len, *str_len); ++ } + else + { + return ASN1_MEM_ERROR; +@@ -259,7 +261,7 @@ + if (der_len <= 0 || str == NULL) + return ASN1_DER_ERROR; + str_len = asn1_get_length_der (der, der_len, &len_len); +- if (str_len < 0 || str_size < str_len) ++ if (str_len <= 0 || str_size < str_len) + return ASN1_DER_ERROR; + memcpy (str, der + len_len, str_len); + str[str_len] = 0; +@@ -285,7 +287,7 @@ + return ASN1_GENERIC_ERROR; + len = asn1_get_length_der (der, der_len, &len_len); + +- if (len < 0 || len > der_len || len_len > der_len) ++ if (len <= 0 || len > der_len || len_len > der_len) + return ASN1_DER_ERROR; + + val1 = der[len_len] / 40; +@@ -347,7 +349,7 @@ + int *ret_len, unsigned char *str, int str_size, + int *bit_len) + { +- int len_len, len_byte; ++ int len_len = 0, len_byte; + + if (der_len <= 0) + return ASN1_GENERIC_ERROR; +@@ -358,8 +360,14 @@ + *ret_len = len_byte + len_len + 1; + *bit_len = len_byte * 8 - der[len_len]; + ++ if (*bit_len <= 0) ++ return ASN1_DER_ERROR; ++ + if (str_size >= len_byte) +- memcpy (str, der + len_len + 1, len_byte); ++ { ++ if (len_byte > 0 && str) ++ memcpy (str, der + len_len + 1, len_byte); ++ } + else + { + return ASN1_MEM_ERROR; +diff -u -r libtasn1-2.14.orig/lib/element.c libtasn1-2.14/lib/element.c +--- libtasn1-2.14.orig/lib/element.c 2012-09-24 06:51:43.000000000 -0500 ++++ libtasn1-2.14/lib/element.c 2014-06-05 16:50:27.290222945 -0500 +@@ -112,8 +112,11 @@ + /* VALUE_OUT is too short to contain the value conversion */ + return ASN1_MEM_ERROR; + +- for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) +- value_out[k2 - k] = val[k2]; ++ if (value_out != NULL) ++ { ++ for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) ++ value_out[k2 - k] = val[k2]; ++ } + + #if 0 + printf ("_asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len); +@@ -617,7 +620,8 @@ + if (ptr_size < data_size) { \ + return ASN1_MEM_ERROR; \ + } else { \ +- memcpy( ptr, data, data_size); \ ++ if (ptr && data_size > 0) \ ++ memcpy( ptr, data, data_size); \ + } + + #define PUT_STR_VALUE( ptr, ptr_size, data) \ +@@ -626,16 +630,19 @@ + return ASN1_MEM_ERROR; \ + } else { \ + /* this strcpy is checked */ \ +- _asn1_strcpy(ptr, data); \ ++ if (ptr) { \ ++ _asn1_strcpy(ptr, data); \ ++ } \ + } + + #define ADD_STR_VALUE( ptr, ptr_size, data) \ +- *len = (int) _asn1_strlen(data) + 1; \ +- if (ptr_size < (int) _asn1_strlen(ptr)+(*len)) { \ ++ *len += _asn1_strlen(data); \ ++ if (ptr_size < (int) *len) { \ ++ (*len)++; \ + return ASN1_MEM_ERROR; \ + } else { \ + /* this strcat is checked */ \ +- _asn1_strcat(ptr, data); \ ++ if (ptr) _asn1_strcat(ptr, data); \ + } + + /** +@@ -792,7 +799,9 @@ + case TYPE_OBJECT_ID: + if (node->type & CONST_ASSIGN) + { +- value[0] = 0; ++ *len = 0; ++ if (value) ++ value[0] = 0; + p = node->down; + while (p) + { +@@ -806,7 +815,7 @@ + } + p = p->right; + } +- *len = _asn1_strlen (value) + 1; ++ (*len)++; + } + else if ((node->type & CONST_DEFAULT) && (node->value == NULL)) + { diff --git a/patches/source/libtasn1/libtasn1.SlackBuild b/patches/source/libtasn1/libtasn1.SlackBuild new file mode 100755 index 000000000..af4b24a96 --- /dev/null +++ b/patches/source/libtasn1/libtasn1.SlackBuild @@ -0,0 +1,127 @@ +#!/bin/sh + +# Slackware build script for libtasn1 + +# Copyright 2010-2012 Robby Workman, Northport, Alabama, USA +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=libtasn1 +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack14.0} + +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:--j6} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +zcat $CWD/libtasn1.CVE-2014-3467_8_9.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --enable-shared \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + #--disable-gtk-doc \ + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Don't ship .la files: +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* NEWS README* THANKS \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/libtasn1/slack-desc b/patches/source/libtasn1/slack-desc new file mode 100644 index 000000000..da00dacb8 --- /dev/null +++ b/patches/source/libtasn1/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-----------------------------------------------------| +libtasn1: libtasn1 (ASN.1 library) +libtasn1: +libtasn1: Libtasn1 is the GNU ASN.1 library. Abstract Syntax Notation One +libtasn1: (ASN.1) is a standard and flexible notation that describes rules and +libtasn1: structures for representing, encoding, transmitting, and decoding +libtasn1: data in telecommunications and computer networking. +libtasn1: +libtasn1: Libtasn1 was written by Fabio Fiorina. +libtasn1: +libtasn1: +libtasn1: |