From 2b72affac85585328eb48f5933ea13345aa733bf Mon Sep 17 00:00:00 2001
From: Justin Lecher <jlec@gentoo.org>
Date: Wed, 28 Oct 2015 14:44:09 +0100
Subject: app-arch/p7zip: Version Bump

Gentoo-Bug: https://bugs.gentoo.org/show_bug.cgi?id=564266

Package-Manager: portage-2.2.23
Signed-off-by: Justin Lecher <jlec@gentoo.org>
---
 app-arch/p7zip/Manifest                            |   1 +
 .../p7zip/files/p7zip-15.09-CVE-2015-1038.patch    | 284 +++++++++++++++++++++
 app-arch/p7zip/p7zip-15.09.ebuild                  | 158 ++++++++++++
 3 files changed, 443 insertions(+)
 create mode 100644 app-arch/p7zip/files/p7zip-15.09-CVE-2015-1038.patch
 create mode 100644 app-arch/p7zip/p7zip-15.09.ebuild

(limited to 'app-arch')

diff --git a/app-arch/p7zip/Manifest b/app-arch/p7zip/Manifest
index 44c4c6179ae4..9b0a18804289 100644
--- a/app-arch/p7zip/Manifest
+++ b/app-arch/p7zip/Manifest
@@ -1,2 +1,3 @@
+DIST p7zip_15.09_src_all.tar.bz2 4048481 SHA256 8783acf747e210e00150f7311cc06c4cd8ecf7b0c27b4adf2194284cc49b4d6f SHA512 4f020b13632ef7a85aa8a98586b59bef2dde3c1cbebdbd17e01f1d09b2e13a56ecfe82546d7efc677c45df67456a71cfdb67826b53ebea4c0fb4878f20c2f6dd WHIRLPOOL 71d1cdb9b3b1208197b2c056670d057b00e9a5f80cf08b5914b5d25f2f6756d4cb53e5a000ec76b7b879f82302fca6d012a2cd397e8aa95ae4fc21fd620eb1ab
 DIST p7zip_9.20.1_src_all.tar.bz2 3835235 SHA256 49557e7ffca08100f9fc687f4dfc5aea703ca207640c76d9dee7b66f03cb4782 SHA512 7bb8a276aaefc4a83364e45633c48527de44c6b1205344f3356db570582f30f81d82a94938c99a7ad193587b584cc1c03219c28249de40018bdaee6c3b2a022a WHIRLPOOL cb20f37d3f796931a9b330728aa7148afe98bbf8a49bb91bfd80e4667c16416206b23bf34298e9ec37825e8b43f92a5710f0cea1f974296d5c17aa2c7b0931f3
 DIST p7zip_9.38.1_src_all.tar.bz2 3917925 SHA256 fd5019109c9a1bf34ad3257d37a6853eae8151ff50345f0a3ffba7d8c5fdb995 SHA512 f524ffae54e0d9563a509cc4b243e830d882a925e682eb2e15e2d19cb72c947fddecd72c8507d6c1538b997b240b0827046fc2fb4f5e3f7d49840257c92b9c04 WHIRLPOOL 6bad1cde056ab1e8db4079c0e649665fbc7e6b9a565261188bd0acaec6c583d8bd9425cb26d39315408d0180ba0be0069a77b704633cf05ec855220cb31f1c24
diff --git a/app-arch/p7zip/files/p7zip-15.09-CVE-2015-1038.patch b/app-arch/p7zip/files/p7zip-15.09-CVE-2015-1038.patch
new file mode 100644
index 000000000000..dc813174fb39
--- /dev/null
+++ b/app-arch/p7zip/files/p7zip-15.09-CVE-2015-1038.patch
@@ -0,0 +1,284 @@
+ CPP/7zip/UI/Agent/Agent.cpp                   |  2 +-
+ CPP/7zip/UI/Client7z/Client7z.cpp             | 19 ++++++++++-
+ CPP/7zip/UI/Common/ArchiveExtractCallback.cpp | 14 +++++++--
+ CPP/7zip/UI/Common/ArchiveExtractCallback.h   |  6 +++-
+ CPP/7zip/UI/Common/Extract.cpp                |  2 +-
+ CPP/Windows/FileDir.cpp                       | 45 +++++++++++++++++++++++++--
+ CPP/Windows/FileDir.h                         | 31 +++++++++++++++++-
+ 7 files changed, 109 insertions(+), 10 deletions(-)
+
+diff --git a/CPP/7zip/UI/Agent/Agent.cpp b/CPP/7zip/UI/Agent/Agent.cpp
+index 201e82c..b0b8316 100644
+--- a/CPP/7zip/UI/Agent/Agent.cpp
++++ b/CPP/7zip/UI/Agent/Agent.cpp
+@@ -1515,7 +1515,7 @@ STDMETHODIMP CAgentFolder::Extract(const UInt32 *indices,
+   HRESULT result = _agentSpec->GetArchive()->Extract(&realIndices.Front(),
+       realIndices.Size(), testMode, extractCallback);
+   if (result == S_OK)
+-    result = extractCallbackSpec->SetDirsTimes();
++    result = extractCallbackSpec->SetFinalAttribs();
+   return result;
+   COM_TRY_END
+ }
+diff --git a/CPP/7zip/UI/Client7z/Client7z.cpp b/CPP/7zip/UI/Client7z/Client7z.cpp
+index c6522fe..1919389 100644
+--- a/CPP/7zip/UI/Client7z/Client7z.cpp
++++ b/CPP/7zip/UI/Client7z/Client7z.cpp
+@@ -230,8 +230,11 @@ private:
+   COutFileStream *_outFileStreamSpec;
+   CMyComPtr<ISequentialOutStream> _outFileStream;
+ 
++  CObjectVector<NWindows::NFile::NDir::CDelayedSymLink> _delayedSymLinks;
++
+ public:
+   void Init(IInArchive *archiveHandler, const FString &directoryPath);
++  HRESULT SetFinalAttribs();
+ 
+   UInt64 NumErrors;
+   bool PasswordIsDefined;
+@@ -449,11 +452,23 @@ STDMETHODIMP CArchiveExtractCallback::SetOperationResult(Int32 operationResult)
+   }
+   _outFileStream.Release();
+   if (_extractMode && _processedFileInfo.AttribDefined)
+-    SetFileAttrib(_diskFilePath, _processedFileInfo.Attrib);
++    SetFileAttrib(_diskFilePath, _processedFileInfo.Attrib, &_delayedSymLinks);
+   PrintNewLine();
+   return S_OK;
+ }
+ 
++HRESULT CArchiveExtractCallback::SetFinalAttribs()
++{
++  HRESULT result = S_OK;
++
++  for (int i = 0; i != _delayedSymLinks.Size(); ++i)
++    if (!_delayedSymLinks[i].Create())
++      result = E_FAIL;
++
++  _delayedSymLinks.Clear();
++
++  return result;
++}
+ 
+ STDMETHODIMP CArchiveExtractCallback::CryptoGetTextPassword(BSTR *password)
+ {
+@@ -914,6 +929,8 @@ int MY_CDECL main(int numArgs, const char *args[])
+       // extractCallbackSpec->PasswordIsDefined = true;
+       // extractCallbackSpec->Password = L"1";
+       HRESULT result = archive->Extract(NULL, (UInt32)(Int32)(-1), false, extractCallback);
++      if (result == S_OK)
++	result = extractCallbackSpec->SetFinalAttribs();
+       if (result != S_OK)
+       {
+         PrintError("Extract Error");
+diff --git a/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp b/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp
+index 877326b..05b13f3 100644
+--- a/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp
++++ b/CPP/7zip/UI/Common/ArchiveExtractCallback.cpp
+@@ -1502,7 +1502,7 @@ STDMETHODIMP CArchiveExtractCallback::SetOperationResult(Int32 opRes)
+     NumFiles++;
+ 
+   if (!_stdOutMode && _extractMode && _fi.AttribDefined)
+-    SetFileAttrib(_diskFilePath, _fi.Attrib);
++    SetFileAttrib(_diskFilePath, _fi.Attrib, &_delayedSymLinks);
+   
+   RINOK(_extractCallback2->SetOperationResult(opRes, BoolToInt(_encrypted)));
+   
+@@ -1584,8 +1584,9 @@ static unsigned GetNumSlashes(const FChar *s)
+   }
+ }
+ 
+-HRESULT CArchiveExtractCallback::SetDirsTimes()
++HRESULT CArchiveExtractCallback::SetFinalAttribs()
+ {
++  HRESULT result = S_OK;
+   CRecordVector<CExtrRefSortPair> pairs;
+   pairs.ClearAndSetSize(_extractedFolderPaths.Size());
+   unsigned i;
+@@ -1622,5 +1623,12 @@ HRESULT CArchiveExtractCallback::SetDirsTimes()
+       (WriteATime && ATimeDefined) ? &ATime : NULL,
+       (WriteMTime && MTimeDefined) ? &MTime : (_arc->MTimeDefined ? &_arc->MTime : NULL));
+   }
+-  return S_OK;
++
++  for (int i = 0; i != _delayedSymLinks.Size(); ++i)
++    if (!_delayedSymLinks[i].Create())
++      result = E_FAIL;
++
++  _delayedSymLinks.Clear();
++
++  return result;
+ }
+diff --git a/CPP/7zip/UI/Common/ArchiveExtractCallback.h b/CPP/7zip/UI/Common/ArchiveExtractCallback.h
+index 1e9f0b6..b51d78f 100644
+--- a/CPP/7zip/UI/Common/ArchiveExtractCallback.h
++++ b/CPP/7zip/UI/Common/ArchiveExtractCallback.h
+@@ -6,6 +6,8 @@
+ #include "../../../Common/MyCom.h"
+ #include "../../../Common/Wildcard.h"
+ 
++#include "../../../Windows/FileDir.h"
++
+ #include "../../IPassword.h"
+ 
+ #include "../../Common/FileStreams.h"
+@@ -237,6 +239,8 @@ class CArchiveExtractCallback:
+   bool _saclEnabled;
+   #endif
+ 
++  CObjectVector<NWindows::NFile::NDir::CDelayedSymLink> _delayedSymLinks;
++
+   void CreateComplexDirectory(const UStringVector &dirPathParts, FString &fullPath);
+   HRESULT GetTime(int index, PROPID propID, FILETIME &filetime, bool &filetimeIsDefined);
+   HRESULT GetUnpackSize();
+@@ -330,7 +334,7 @@ public:
+   }
+   #endif
+ 
+-  HRESULT SetDirsTimes();
++  HRESULT SetFinalAttribs();
+ };
+ 
+ bool CensorNode_CheckPath(const NWildcard::CCensorNode &node, const CReadArcItem &item);
+diff --git a/CPP/7zip/UI/Common/Extract.cpp b/CPP/7zip/UI/Common/Extract.cpp
+index 5b96071..98192fa 100644
+--- a/CPP/7zip/UI/Common/Extract.cpp
++++ b/CPP/7zip/UI/Common/Extract.cpp
+@@ -207,7 +207,7 @@ static HRESULT DecompressArchive(
+   else
+     result = archive->Extract(&realIndices.Front(), realIndices.Size(), testMode, ecs);
+   if (result == S_OK && !options.StdInMode)
+-    result = ecs->SetDirsTimes();
++    result = ecs->SetFinalAttribs();
+   return callback->ExtractResult(result);
+ }
+ 
+diff --git a/CPP/Windows/FileDir.cpp b/CPP/Windows/FileDir.cpp
+index 422edfc..baa6255 100644
+--- a/CPP/Windows/FileDir.cpp
++++ b/CPP/Windows/FileDir.cpp
+@@ -347,7 +347,8 @@ static int convert_to_symlink(const char * name) {
+   return -1;
+ }
+ 
+-bool SetFileAttrib(CFSTR fileName, DWORD fileAttributes)
++bool SetFileAttrib(CFSTR fileName, DWORD fileAttributes,
++		   CObjectVector<CDelayedSymLink> *delayedSymLinks)
+ {
+   if (!fileName) {
+     SetLastError(ERROR_PATH_NOT_FOUND);
+@@ -379,7 +380,9 @@ bool SetFileAttrib(CFSTR fileName, DWORD fileAttributes)
+      stat_info.st_mode = fileAttributes >> 16;
+ #ifdef ENV_HAVE_LSTAT
+      if (S_ISLNK(stat_info.st_mode)) {
+-        if ( convert_to_symlink(name) != 0) {
++        if (delayedSymLinks)
++          delayedSymLinks->Add(CDelayedSymLink(name));
++        else if ( convert_to_symlink(name) != 0) {
+           TRACEN((printf("SetFileAttrib(%s,%d) : false-3\n",(const char *)name,fileAttributes)))
+           return false;
+         }
+@@ -814,6 +817,44 @@ bool CTempDir::Remove()
+   return !_mustBeDeleted;
+ }
+ 
++#ifdef ENV_UNIX
++
++CDelayedSymLink::CDelayedSymLink(const char * source)
++  : _source(source)
++{
++  struct stat st;
++
++  if (lstat(_source, &st) == 0) {
++    _dev = st.st_dev;
++    _ino = st.st_ino;
++  } else {
++    _dev = 0;
++  }
++}
++
++bool CDelayedSymLink::Create()
++{
++  struct stat st;
++
++  if (_dev == 0) {
++    errno = EPERM;
++    return false;
++  }
++  if (lstat(_source, &st) != 0)
++    return false;
++  if (_dev != st.st_dev || _ino != st.st_ino) {
++    // Placeholder file has been overwritten or moved by another
++    // symbolic link creation
++    errno = EPERM;
++    return false;
++  }
++
++  return convert_to_symlink(_source) == 0;
++}
++
++#endif // ENV_UNIX
++
++
+ }}}
+ 
+ #ifndef _SFX
+diff --git a/CPP/Windows/FileDir.h b/CPP/Windows/FileDir.h
+index b13d1cc..7429a81 100644
+--- a/CPP/Windows/FileDir.h
++++ b/CPP/Windows/FileDir.h
+@@ -4,6 +4,7 @@
+ #define __WINDOWS_FILE_DIR_H
+ 
+ #include "../Common/MyString.h"
++#include "../Common/MyVector.h"
+ 
+ #include "FileIO.h"
+ 
+@@ -11,11 +12,14 @@ namespace NWindows {
+ namespace NFile {
+ namespace NDir {
+ 
++class CDelayedSymLink;
++
+ bool GetWindowsDir(FString &path);
+ bool GetSystemDir(FString &path);
+ 
+ bool SetDirTime(CFSTR path, const FILETIME *cTime, const FILETIME *aTime, const FILETIME *mTime);
+-bool SetFileAttrib(CFSTR path, DWORD attrib);
++bool SetFileAttrib(CFSTR path, DWORD attrib,
++		   CObjectVector<CDelayedSymLink> *delayedSymLinks = 0);
+ bool MyMoveFile(CFSTR existFileName, CFSTR newFileName);
+ 
+ #ifndef UNDER_CE
+@@ -76,6 +80,31 @@ public:
+   bool Remove();
+ };
+ 
++// Symbolic links must be created last so that they can't be used to
++// create or overwrite files above the extraction directory.
++class CDelayedSymLink
++{
++#ifdef ENV_UNIX
++  // Where the symlink should be created.  The target is specified in
++  // the placeholder file.
++  AString _source;
++
++  // Device and inode of the placeholder file.  Before creating the
++  // symlink, we must check that these haven't been changed by creation
++  // of another symlink.
++  dev_t _dev;
++  ino_t _ino;
++
++public:
++  explicit CDelayedSymLink(const char * source);
++  bool Create();
++#else // !ENV_UNIX
++public:
++  CDelayedSymLink(const char * source) {}
++  bool Create() { return true; }
++#endif // ENV_UNIX
++};
++
+ #if !defined(UNDER_CE)
+ class CCurrentDirRestorer
+ {
diff --git a/app-arch/p7zip/p7zip-15.09.ebuild b/app-arch/p7zip/p7zip-15.09.ebuild
new file mode 100644
index 000000000000..048f4ccf81d8
--- /dev/null
+++ b/app-arch/p7zip/p7zip-15.09.ebuild
@@ -0,0 +1,158 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+WX_GTK_VER="3.0"
+
+inherit eutils multilib toolchain-funcs wxwidgets
+
+DESCRIPTION="Port of 7-Zip archiver for Unix"
+HOMEPAGE="http://p7zip.sourceforge.net/"
+SRC_URI="mirror://sourceforge/${PN}/${PN}_${PV}_src_all.tar.bz2"
+
+LICENSE="LGPL-2.1 rar? ( unRAR )"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~x86-fbsd ~x86-freebsd ~x86-interix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris"
+IUSE="doc kde rar +pch static wxwidgets abi_x86_x32"
+
+REQUIRED_USE="kde? ( wxwidgets )"
+
+RDEPEND="
+	kde? ( x11-libs/wxGTK:${WX_GTK_VER}[X] kde-base/kdelibs )
+	wxwidgets? ( x11-libs/wxGTK:${WX_GTK_VER}[X] )"
+DEPEND="${RDEPEND}
+	amd64? ( dev-lang/yasm )
+	abi_x86_x32? ( >=dev-lang/yasm-1.2.0-r1 )
+	x86? ( dev-lang/nasm )"
+
+S=${WORKDIR}/${PN}_${PV}
+
+src_prepare() {
+	epatch \
+		"${FILESDIR}"/${P}-CVE-2015-1038.patch
+
+	if ! use pch; then
+		sed "s:PRE_COMPILED_HEADER=StdAfx.h.gch:PRE_COMPILED_HEADER=:g" -i makefile.* || die
+	fi
+
+	sed \
+		-e 's:-m32 ::g' \
+		-e 's:-m64 ::g' \
+		-e 's:-O::g' \
+		-e 's: -s ::g' \
+		-e 's: -s$::g' \
+		-e 's:-pipe::g' \
+		-e "/^CXX=/s:g++:$(tc-getCXX):" \
+		-e "/^CC=/s:gcc:$(tc-getCC):" \
+		-e '/ALLFLAGS/s:-s ::' \
+		-e "/OPTFLAGS=/s:=.*:=${CXXFLAGS}:" \
+		-i makefile* || die
+
+	# remove non-free RAR codec
+	if use rar; then
+		ewarn "Enabling nonfree RAR decompressor"
+	else
+		sed \
+			-e '/Rar/d' \
+			-e '/RAR/d' \
+			-i makefile* CPP/7zip/Bundles/Format7zFree/makefile || die
+		rm -rf CPP/7zip/Compress/Rar || die
+	fi
+
+	if use abi_x86_x32; then
+		sed -i -e "/^ASM=/s:amd64:x32:" makefile* || die
+		cp -f makefile.linux_amd64_asm makefile.machine || die
+	elif use amd64; then
+		cp -f makefile.linux_amd64_asm makefile.machine || die
+	elif use x86; then
+		cp -f makefile.linux_x86_asm_gcc_4.X makefile.machine || die
+	elif [[ ${CHOST} == *-darwin* ]] ; then
+		# Mac OS X needs this special makefile, because it has a non-GNU linker
+		[[ ${CHOST} == *64-* ]] \
+			&& cp -f makefile.macosx_64bits makefile.machine \
+			|| cp -f makefile.macosx_32bits makefile.machine
+		# bundles have extension .bundle but don't die because USE=-rar
+		# removes the Rar directory
+		sed -i -e '/strcpy(name/s/\.so/.bundle/' \
+			CPP/Windows/DLL.cpp || die
+		sed -i -e '/^PROG=/s/\.so/.bundle/' \
+			CPP/7zip/Bundles/Format7zFree/makefile \
+			$(use rar && echo CPP/7zip/Compress/Rar/makefile) || die
+	elif use x86-fbsd; then
+		# FreeBSD needs this special makefile, because it hasn't -ldl
+		sed -e 's/-lc_r/-pthread/' makefile.freebsd > makefile.machine
+	fi
+
+	if use static; then
+		sed -i -e '/^LOCAL_LIBS=/s/LOCAL_LIBS=/&-static /' makefile.machine || die
+	fi
+
+	if use kde || use wxwidgets; then
+		need-wxwidgets unicode
+		einfo "Preparing dependency list"
+		emake depend
+	fi
+}
+
+src_compile() {
+	emake all3
+	if use kde || use wxwidgets; then
+		emake -- 7zG
+		emake -- 7zFM
+	fi
+}
+
+src_test() {
+	emake test test_7z test_7zr
+}
+
+src_install() {
+	# this wrappers can not be symlinks, p7zip should be called with full path
+	make_wrapper 7zr "/usr/$(get_libdir)/${PN}/7zr"
+	make_wrapper 7za "/usr/$(get_libdir)/${PN}/7za"
+	make_wrapper 7z "/usr/$(get_libdir)/${PN}/7z"
+
+	if use kde || use wxwidgets; then
+		make_wrapper 7zG "/usr/$(get_libdir)/${PN}/7zG"
+		make_wrapper 7zFM "/usr/$(get_libdir)/${PN}/7zFM"
+
+		make_desktop_entry 7zFM "${PN} FM" ${PN} "GTK;Utility;Archiving;Compression"
+
+		dobin GUI/p7zipForFilemanager
+		exeinto /usr/$(get_libdir)/${PN}
+		doexe bin/7z{G,FM}
+
+		insinto /usr/$(get_libdir)/${PN}
+		doins -r GUI/{Lang,help}
+
+		insinto /usr/share/icons/hicolor/16x16/apps/
+		newins GUI/p7zip_16_ok.png p7zip.png
+
+		if use kde; then
+			rm GUI/kde4/p7zip_compress.desktop || die
+			insinto /usr/share/kde4/services/ServiceMenus
+			doins GUI/kde4/*.desktop
+		fi
+	fi
+
+	dobin contrib/gzip-like_CLI_wrapper_for_7z/p7zip
+	doman contrib/gzip-like_CLI_wrapper_for_7z/man1/p7zip.1
+
+	exeinto /usr/$(get_libdir)/${PN}
+	doexe bin/7z bin/7za bin/7zr bin/7zCon.sfx
+	doexe bin/*$(get_modname)
+	if use rar; then
+		exeinto /usr/$(get_libdir)/${PN}/Codecs/
+		doexe bin/Codecs/*$(get_modname)
+	fi
+
+	doman man1/7z.1 man1/7za.1 man1/7zr.1
+	dodoc ChangeLog README TODO
+
+	if use doc; then
+		dodoc DOC/*.txt
+		dohtml -r DOC/MANUAL/*
+	fi
+}
-- 
cgit v1.2.3-65-gdbad