diff options
| author |   Azamat H. Hackimov <azamat.hackimov@gmail.com> | 2021-05-21 22:36:03 +0300 |
|---|---|---|
| committer |   Andreas Sturmlechner <asturm@gentoo.org> | 2021-05-23 18:53:07 +0200 |
| commit | 185c785c239b6e5f7fcadc14be183c2f5fb37cfe (patch) | |
| tree | 377e47f10e95d865aa4aaa3eafc5b60d66b0f2c8 /app-arch | |
| parent | app-backup/dar: remove 2.7.0 (diff) | |
| download | gentoo-185c785c239b6e5f7fcadc14be183c2f5fb37cfe.tar.gz gentoo-185c785c239b6e5f7fcadc14be183c2f5fb37cfe.tar.bz2 gentoo-185c785c239b6e5f7fcadc14be183c2f5fb37cfe.zip | |
app-arch/upx: fix CVE-2020-24119
Bug: https://bugs.gentoo.org/790281
Package-Manager: Portage-3.0.18, Repoman-3.0.2
Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/20914
Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
Diffstat (limited to 'app-arch')
| -rw-r--r-- | app-arch/upx/files/upx-3.96_CVE-2020-24119.patch | 34 | ||||
| -rw-r--r-- | app-arch/upx/upx-3.96-r2.ebuild | 39 |
2 files changed, 73 insertions, 0 deletions
diff --git a/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch new file mode 100644 index 000000000000..7e6de04948bd --- /dev/null +++ b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch @@ -0,0 +1,34 @@ +From 87b73e5cfdc12da94c251b2cd83bb01c7d9f616c Mon Sep 17 00:00:00 2001 +From: John Reiser <jreiser@BitWagon.com> +Date: Wed, 22 Jul 2020 19:34:27 -0700 +Subject: [PATCH] Unpack: Phdrs must be within expansion of first compressed + block + +https://github.com/upx/upx/issues/388 + modified: p_lx_elf.cpp +--- + src/p_lx_elf.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp +index cd9e4ec97..453d5c457 100644 +--- a/src/p_lx_elf.cpp ++++ b/src/p_lx_elf.cpp +@@ -4550,7 +4550,7 @@ void PackLinuxElf64::unpack(OutputFile *fo) + unsigned c_adler = upx_adler32(NULL, 0); + unsigned u_adler = upx_adler32(NULL, 0); + #define MAX_ELF_HDR 1024 +- if ((MAX_ELF_HDR - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) { ++ if ((umin64(MAX_ELF_HDR, ph.u_len) - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) { + throwCantUnpack("bad compressed e_phnum"); + } + #undef MAX_ELF_HDR +@@ -5617,7 +5617,7 @@ void PackLinuxElf32::unpack(OutputFile *fo) + unsigned c_adler = upx_adler32(NULL, 0); + unsigned u_adler = upx_adler32(NULL, 0); + #define MAX_ELF_HDR 512 +- if ((MAX_ELF_HDR - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) { ++ if ((umin(MAX_ELF_HDR, ph.u_len) - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) { + throwCantUnpack("bad compressed e_phnum"); + } + #undef MAX_ELF_HDR diff --git a/app-arch/upx/upx-3.96-r2.ebuild b/app-arch/upx/upx-3.96-r2.ebuild new file mode 100644 index 000000000000..cf9f4c4f87d3 --- /dev/null +++ b/app-arch/upx/upx-3.96-r2.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit toolchain-funcs + +DESCRIPTION="Ultimate Packer for eXecutables (free version using UCL compression and not NRV)" +HOMEPAGE="https://upx.github.io/" +SRC_URI="https://github.com/upx/upx/releases/download/v${PV}/${P}-src.tar.xz" + +LICENSE="GPL-2+ UPX-exception" # Read the exception before applying any patches +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86" +IUSE="" + +DEPEND=">=dev-libs/ucl-1.03 + sys-libs/zlib" +RDEPEND="${RDEPEND} + !app-arch/upx-bin" +BDEPEND="dev-lang/perl" + +S="${WORKDIR}/${P}-src" + +PATCHES=( + "${FILESDIR}/${P}_CVE-2020-24119.patch" + "${FILESDIR}/${P}_CVE-2021-20285.patch" +) + +src_compile() { + tc-export CXX + emake CXXFLAGS_WERROR="" all +} + +src_install() { + newbin src/upx.out upx + dodoc BUGS NEWS PROJECTS README* THANKS doc/*.txt doc/upx.html + doman doc/upx.1 +} |