summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'app-arch/upx')
-rw-r--r--app-arch/upx/Manifest1
-rw-r--r--app-arch/upx/files/upx-3.96_CVE-2020-24119.patch34
-rw-r--r--app-arch/upx/files/upx-3.96_CVE-2021-20285.patch76
-rw-r--r--app-arch/upx/upx-3.96-r2.ebuild41
4 files changed, 0 insertions, 152 deletions
diff --git a/app-arch/upx/Manifest b/app-arch/upx/Manifest
index 305f77a6cf04..d1fc5bbdc5a7 100644
--- a/app-arch/upx/Manifest
+++ b/app-arch/upx/Manifest
@@ -1,2 +1 @@
-DIST upx-3.96-src.tar.xz 792524 BLAKE2B 21af85dbcfdd1bf0151a653c865db13c9f30b9de0b9b4b94557ddd55736c7053dd829c5d72b9a7e5aa94a71ecc0151145dd66d7d98ded178c50ff7357d0ba442 SHA512 2d4d1be21d274d9bfdee9b9815396f5e5ff0bcdfb781b7be5fafa4d1e224028e412ec5f5ba607c482671aae27ccf9069abb2db0fb58f78f3a102a51897df2b11
DIST upx-4.0.0-src.tar.xz 1159308 BLAKE2B d2626a63b626f9b4e913b822e699fa93b7080d322b19555d44d7cf4ce17b37f0d50ec1381d07d0e4f8827e8edcd29d525d497fa79acd18d520ac58e176fb2b72 SHA512 fe3e8c594e845a91338b1e11fe3cb6371430af40a567187d63835e27da8b2abf993a104b0693063f4db984234bada7b2bd16ad79e3ad90861a1f495d99de7de6
diff --git a/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch
deleted file mode 100644
index 7e6de04948bd..000000000000
--- a/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 87b73e5cfdc12da94c251b2cd83bb01c7d9f616c Mon Sep 17 00:00:00 2001
-From: John Reiser <jreiser@BitWagon.com>
-Date: Wed, 22 Jul 2020 19:34:27 -0700
-Subject: [PATCH] Unpack: Phdrs must be within expansion of first compressed
- block
-
-https://github.com/upx/upx/issues/388
- modified: p_lx_elf.cpp
----
- src/p_lx_elf.cpp | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp
-index cd9e4ec97..453d5c457 100644
---- a/src/p_lx_elf.cpp
-+++ b/src/p_lx_elf.cpp
-@@ -4550,7 +4550,7 @@ void PackLinuxElf64::unpack(OutputFile *fo)
- unsigned c_adler = upx_adler32(NULL, 0);
- unsigned u_adler = upx_adler32(NULL, 0);
- #define MAX_ELF_HDR 1024
-- if ((MAX_ELF_HDR - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) {
-+ if ((umin64(MAX_ELF_HDR, ph.u_len) - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) {
- throwCantUnpack("bad compressed e_phnum");
- }
- #undef MAX_ELF_HDR
-@@ -5617,7 +5617,7 @@ void PackLinuxElf32::unpack(OutputFile *fo)
- unsigned c_adler = upx_adler32(NULL, 0);
- unsigned u_adler = upx_adler32(NULL, 0);
- #define MAX_ELF_HDR 512
-- if ((MAX_ELF_HDR - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) {
-+ if ((umin(MAX_ELF_HDR, ph.u_len) - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) {
- throwCantUnpack("bad compressed e_phnum");
- }
- #undef MAX_ELF_HDR
diff --git a/app-arch/upx/files/upx-3.96_CVE-2021-20285.patch b/app-arch/upx/files/upx-3.96_CVE-2021-20285.patch
deleted file mode 100644
index 1d47b2a8bb67..000000000000
--- a/app-arch/upx/files/upx-3.96_CVE-2021-20285.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 3781df9da23840e596d5e9e8493f22666802fe6c Mon Sep 17 00:00:00 2001
-From: John Reiser <jreiser@BitWagon.com>
-Date: Fri, 11 Dec 2020 13:38:18 -0800
-Subject: [PATCH] Check DT_REL/DT_RELA, DT_RELSZ/DT_RELASZ
-
-https://github.com/upx/upx/issues/421
- modified: p_lx_elf.cpp
----
- src/p_lx_elf.cpp | 34 +++++++++++++++++++++++++++++-----
- 1 file changed, 29 insertions(+), 5 deletions(-)
-
-diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp
-index 182db192..3a4101cf 100644
---- a/src/p_lx_elf.cpp
-+++ b/src/p_lx_elf.cpp
-@@ -2222,8 +2222,20 @@ bool PackLinuxElf32::canPack()
- int z_rsz = dt_table[Elf32_Dyn::DT_RELSZ];
- if (z_rel && z_rsz) {
- unsigned rel_off = get_te32(&dynseg[-1+ z_rel].d_val);
-+ if ((unsigned)file_size <= rel_off) {
-+ char msg[70]; snprintf(msg, sizeof(msg),
-+ "bad Elf32_Dynamic[DT_REL] %#x\n",
-+ rel_off);
-+ throwCantPack(msg);
-+ }
- Elf32_Rel *rp = (Elf32_Rel *)&file_image[rel_off];
- unsigned relsz = get_te32(&dynseg[-1+ z_rsz].d_val);
-+ if ((unsigned)file_size <= relsz) {
-+ char msg[70]; snprintf(msg, sizeof(msg),
-+ "bad Elf32_Dynamic[DT_RELSZ] %#x\n",
-+ relsz);
-+ throwCantPack(msg);
-+ }
- Elf32_Rel *last = (Elf32_Rel *)(relsz + (char *)rp);
- for (; rp < last; ++rp) {
- unsigned r_va = get_te32(&rp->r_offset);
-@@ -2562,14 +2574,26 @@ PackLinuxElf64::canPack()
- int z_rel = dt_table[Elf64_Dyn::DT_RELA];
- int z_rsz = dt_table[Elf64_Dyn::DT_RELASZ];
- if (z_rel && z_rsz) {
-- unsigned rel_off = get_te64(&dynseg[-1+ z_rel].d_val);
-+ upx_uint64_t rel_off = get_te64(&dynseg[-1+ z_rel].d_val);
-+ if ((u64_t)file_size <= rel_off) {
-+ char msg[70]; snprintf(msg, sizeof(msg),
-+ "bad Elf64_Dynamic[DT_RELA] %#llx\n",
-+ rel_off);
-+ throwCantPack(msg);
-+ }
- Elf64_Rela *rp = (Elf64_Rela *)&file_image[rel_off];
-- unsigned relsz = get_te64(&dynseg[-1+ z_rsz].d_val);
-+ upx_uint64_t relsz = get_te64(&dynseg[-1+ z_rsz].d_val);
-+ if ((u64_t)file_size <= relsz) {
-+ char msg[70]; snprintf(msg, sizeof(msg),
-+ "bad Elf64_Dynamic[DT_RELASZ] %#llx\n",
-+ relsz);
-+ throwCantPack(msg);
-+ }
- Elf64_Rela *last = (Elf64_Rela *)(relsz + (char *)rp);
- for (; rp < last; ++rp) {
-- unsigned r_va = get_te64(&rp->r_offset);
-+ upx_uint64_t r_va = get_te64(&rp->r_offset);
- if (r_va == user_init_ava) { // found the Elf64_Rela
-- unsigned r_info = get_te64(&rp->r_info);
-+ upx_uint64_t r_info = get_te64(&rp->r_info);
- unsigned r_type = ELF64_R_TYPE(r_info);
- if (Elf64_Ehdr::EM_AARCH64 == e_machine
- && R_AARCH64_RELATIVE == r_type) {
-@@ -2581,7 +2605,7 @@ PackLinuxElf64::canPack()
- }
- else {
- char msg[50]; snprintf(msg, sizeof(msg),
-- "bad relocation %#x DT_INIT_ARRAY[0]",
-+ "bad relocation %#llx DT_INIT_ARRAY[0]",
- r_info);
- throwCantPack(msg);
- }
diff --git a/app-arch/upx/upx-3.96-r2.ebuild b/app-arch/upx/upx-3.96-r2.ebuild
deleted file mode 100644
index 14c355bb6351..000000000000
--- a/app-arch/upx/upx-3.96-r2.ebuild
+++ /dev/null
@@ -1,41 +0,0 @@
-# Copyright 1999-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit toolchain-funcs
-
-DESCRIPTION="Ultimate Packer for eXecutables (free version using UCL compression and not NRV)"
-HOMEPAGE="https://upx.github.io/"
-SRC_URI="https://github.com/upx/upx/releases/download/v${PV}/${P}-src.tar.xz"
-
-LICENSE="GPL-2+ UPX-exception" # Read the exception before applying any patches
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86"
-IUSE=""
-
-DEPEND=">=dev-libs/ucl-1.03
- sys-libs/zlib"
-RDEPEND="${RDEPEND}
- !app-arch/upx-bin"
-BDEPEND="
- app-arch/xz-utils[extra-filters]
- dev-lang/perl"
-
-S="${WORKDIR}/${P}-src"
-
-PATCHES=(
- "${FILESDIR}/${P}_CVE-2020-24119.patch"
- "${FILESDIR}/${P}_CVE-2021-20285.patch"
-)
-
-src_compile() {
- tc-export CXX
- emake CXXFLAGS_WERROR="" all
-}
-
-src_install() {
- newbin src/upx.out upx
- dodoc BUGS NEWS PROJECTS README* THANKS doc/*.txt doc/upx.html
- doman doc/upx.1
-}