diff options
author | leot <leot@pkgsrc.org> | 2019-03-16 10:50:31 +0000 |
---|---|---|
committer | leot <leot@pkgsrc.org> | 2019-03-16 10:50:31 +0000 |
commit | 4a0de3812a5e5ea04bf4e2443edeb0e69eb05b83 (patch) | |
tree | 7e7ca977867e8cafa7aa951deca0767a5e9cc92a /sysutils | |
parent | 8efcb8a485f34d838d73088363cb881c27d45c6d (diff) | |
download | pkgsrc-4a0de3812a5e5ea04bf4e2443edeb0e69eb05b83.tar.gz |
file: Update to 5.36
pkgsrc changes:
- Remove patches no longer needed (security backport of upstream changes)
Changes:
5.36
----
* release 5.36
* Fix cast to use cast macros
* Add UCS-32 builtin detection (PR/61) reported by tmc
* Fix stack read (PR/62) and write (PR/64) stack overflows
reported by spinpx
Diffstat (limited to 'sysutils')
-rw-r--r-- | sysutils/file/Makefile | 5 | ||||
-rw-r--r-- | sysutils/file/distinfo | 19 | ||||
-rw-r--r-- | sysutils/file/patches/patch-aa | 10 | ||||
-rw-r--r-- | sysutils/file/patches/patch-src_file.h | 18 | ||||
-rw-r--r-- | sysutils/file/patches/patch-src_fsmagic.c | 3 | ||||
-rw-r--r-- | sysutils/file/patches/patch-src_funcs.c | 26 | ||||
-rw-r--r-- | sysutils/file/patches/patch-src_readelf.c | 58 | ||||
-rw-r--r-- | sysutils/file/patches/patch-src_softmagic.c | 156 |
8 files changed, 24 insertions, 271 deletions
diff --git a/sysutils/file/Makefile b/sysutils/file/Makefile index 5721483d41e..79fa8a19331 100644 --- a/sysutils/file/Makefile +++ b/sysutils/file/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.43 2019/03/16 09:02:41 bsiegert Exp $ +# $NetBSD: Makefile,v 1.44 2019/03/16 10:50:31 leot Exp $ -DISTNAME= file-5.32 -PKGREVISION= 3 +DISTNAME= file-5.36 CATEGORIES= sysutils MASTER_SITES= ftp://ftp.astron.com/pub/file/ diff --git a/sysutils/file/distinfo b/sysutils/file/distinfo index 4d602f9e2fc..d7e16756230 100644 --- a/sysutils/file/distinfo +++ b/sysutils/file/distinfo @@ -1,12 +1,9 @@ -$NetBSD: distinfo,v 1.32 2019/03/16 09:02:41 bsiegert Exp $ +$NetBSD: distinfo,v 1.33 2019/03/16 10:50:31 leot Exp $ -SHA1 (file-5.32.tar.gz) = c2858a8043387d1229d8768ad42762a803d017db -RMD160 (file-5.32.tar.gz) = b7d41a4c6b2c28d9f202d740e353416e2036c1ef -SHA512 (file-5.32.tar.gz) = 315343229fa196335389544ee8010e9e80995ef4721938492dedcfb0465dfc45e1feb96f26dfe53cab484fb5d9bac54d2d72917fbfd28a1d998c6ad8c8f9792f -Size (file-5.32.tar.gz) = 797025 bytes -SHA1 (patch-aa) = dc787ea0d77d7ba88bcb1e17d38b26b13153a1c5 -SHA1 (patch-src_file.h) = e4bd52e3b5674300a1b87f198ed4418a65997833 -SHA1 (patch-src_fsmagic.c) = ee770cf37dfdfbc5a7c123d2691312610b76e76e -SHA1 (patch-src_funcs.c) = f86ed77c42d63290a602cb46625410cad8bb13b1 -SHA1 (patch-src_readelf.c) = 7f2f6c03050b6f49ef25d7991f368b8d3aab1e2b -SHA1 (patch-src_softmagic.c) = 5a67d73bd4ecf7711f810ad4f4c0456248955c81 +SHA1 (file-5.36.tar.gz) = 473e0a2fb4f091031d449ed4d7ea912741f0c7e9 +RMD160 (file-5.36.tar.gz) = bd7c9b60ddba58fc18a4ec07904ed7a12e142b27 +SHA512 (file-5.36.tar.gz) = 3ec5e51ffb7a82defa74845a90fbc983f6e169fc116606049bc01ff6e720d340c8abf6eb7a08b9ac1099162a5c02deac3633b07b039d486344c8abd9052ca751 +Size (file-5.36.tar.gz) = 875792 bytes +SHA1 (patch-aa) = 3da534bbbf61dadc1881b9b2827c0c425e908fc9 +SHA1 (patch-src_fsmagic.c) = f862c5335bc3c6b0d39dfcdfd79e2d99407e40f5 +SHA1 (patch-src_softmagic.c) = 82fe71f32508ad6dec04ccba794ec5f055000846 diff --git a/sysutils/file/patches/patch-aa b/sysutils/file/patches/patch-aa index e7d2d3f7712..f376edf141f 100644 --- a/sysutils/file/patches/patch-aa +++ b/sysutils/file/patches/patch-aa @@ -1,19 +1,19 @@ -$NetBSD: patch-aa,v 1.8 2016/06/16 15:27:49 fhajny Exp $ +$NetBSD: patch-aa,v 1.9 2019/03/16 10:50:31 leot Exp $ Make pkgsrc file look in @sysconfdir@/magic first. ---- src/Makefile.in.orig 2016-06-13 23:44:06.000000000 +0000 +--- src/Makefile.in.orig 2019-02-20 15:19:08.000000000 +0000 +++ src/Makefile.in @@ -337,10 +337,10 @@ target_alias = @target_alias@ top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ -MAGIC = $(pkgdatadir)/magic -+MAGIC = @sysconfdir@/magic ++MAGIC = @sysconfdir/magic lib_LTLIBRARIES = libmagic.la nodist_include_HEADERS = magic.h -AM_CPPFLAGS = -DMAGIC='"$(MAGIC)"' +AM_CPPFLAGS = -DMAGIC='"$(MAGIC):$(pkgdatadir)/magic"' AM_CFLAGS = $(CFLAG_VISIBILITY) @WARNINGS@ - libmagic_la_SOURCES = magic.c apprentice.c softmagic.c ascmagic.c \ - encoding.c compress.c is_tar.c readelf.c print.c fsmagic.c \ + libmagic_la_SOURCES = buffer.c magic.c apprentice.c softmagic.c ascmagic.c \ + encoding.c compress.c is_json.c is_tar.c readelf.c print.c fsmagic.c \ diff --git a/sysutils/file/patches/patch-src_file.h b/sysutils/file/patches/patch-src_file.h deleted file mode 100644 index 05d543f97f1..00000000000 --- a/sysutils/file/patches/patch-src_file.h +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-src_file.h,v 1.3 2019/03/16 09:02:41 bsiegert Exp $ - -fix PR/62: spinpx: limit size of file_printable. (CVE-2019-8904) - -https://bugs.astron.com/view.php?id=62 -https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b - ---- src/file.h.orig 2017-08-28 13:39:18.000000000 +0000 -+++ src/file.h -@@ -491,7 +491,7 @@ protected int file_looks_utf8(const unsi - size_t *); - protected size_t file_pstring_length_size(const struct magic *); - protected size_t file_pstring_get_length(const struct magic *, const char *); --protected char * file_printable(char *, size_t, const char *); -+protected char * file_printable(char *, size_t, const char *, size_t); - #ifdef __EMX__ - protected int file_os2_apptype(struct magic_set *, const char *, const void *, - size_t); diff --git a/sysutils/file/patches/patch-src_fsmagic.c b/sysutils/file/patches/patch-src_fsmagic.c index 56fd4cc4b06..2fb85be2ed2 100644 --- a/sysutils/file/patches/patch-src_fsmagic.c +++ b/sysutils/file/patches/patch-src_fsmagic.c @@ -1,4 +1,5 @@ -$NetBSD: patch-src_fsmagic.c,v 1.1 2015/03/27 18:57:43 bsiegert Exp $ +$NetBSD: patch-src_fsmagic.c,v 1.2 2019/03/16 10:50:31 leot Exp $ + Explicitly convert mode_t to unsigned int for formatted output --- src/fsmagic.c.orig 2014-12-04 15:56:46.000000000 +0000 diff --git a/sysutils/file/patches/patch-src_funcs.c b/sysutils/file/patches/patch-src_funcs.c deleted file mode 100644 index a015f6c1d06..00000000000 --- a/sysutils/file/patches/patch-src_funcs.c +++ /dev/null @@ -1,26 +0,0 @@ -$NetBSD: patch-src_funcs.c,v 1.1 2019/03/16 09:02:41 bsiegert Exp $ - -fix PR/62: spinpx: limit size of file_printable. (CVE-2019-8904) - -https://bugs.astron.com/view.php?id=62 -https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b - ---- src/funcs.c.orig 2017-08-28 13:39:18.000000000 +0000 -+++ src/funcs.c -@@ -581,12 +581,13 @@ file_pop_buffer(struct magic_set *ms, fi - * convert string to ascii printable format. - */ - protected char * --file_printable(char *buf, size_t bufsiz, const char *str) -+file_printable(char *buf, size_t bufsiz, const char *str, size_t slen) - { -- char *ptr, *eptr; -+ char *ptr, *eptr = buf + bufsiz - 1; - const unsigned char *s = (const unsigned char *)str; -+ const unsigned char *es = s + slen; - -- for (ptr = buf, eptr = ptr + bufsiz - 1; ptr < eptr && *s; s++) { -+ for (ptr = buf; ptr < eptr && s < es && *s; s++) { - if (isprint(*s)) { - *ptr++ = *s; - continue; diff --git a/sysutils/file/patches/patch-src_readelf.c b/sysutils/file/patches/patch-src_readelf.c deleted file mode 100644 index ef4a1e8f7c3..00000000000 --- a/sysutils/file/patches/patch-src_readelf.c +++ /dev/null @@ -1,58 +0,0 @@ -$NetBSD: patch-src_readelf.c,v 1.2 2019/03/16 09:02:41 bsiegert Exp $ - -apply https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22 -against https://nvd.nist.gov/vuln/detail/CVE-2018-10360 - - ... - The do_core_note function in readelf.c in libmagic.a in file - 5.33 allows remote attackers to cause a denial of service - (out-of-bounds read and application crash) via a crafted ELF - file. - ... - -Avoid OOB read (found by ASAN reported by F. Alonso) (CVE-2019-8906) - -https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f - -fix PR/62: spinpx: limit size of file_printable. (CVE-2019-8904) - -https://bugs.astron.com/view.php?id=62 -https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b - ---- src/readelf.c.orig 2017-08-27 07:55:02.000000000 +0000 -+++ src/readelf.c -@@ -720,12 +720,12 @@ do_core_note(struct magic_set *ms, unsig - char sbuf[512]; - struct NetBSD_elfcore_procinfo pi; - memset(&pi, 0, sizeof(pi)); -- memcpy(&pi, nbuf + doff, descsz); -+ memcpy(&pi, nbuf + doff, MIN(descsz, sizeof(pi))); - - if (file_printf(ms, ", from '%.31s', pid=%u, uid=%u, " - "gid=%u, nlwps=%u, lwp=%u (signal %u/code %u)", - file_printable(sbuf, sizeof(sbuf), -- CAST(char *, pi.cpi_name)), -+ RCAST(char *, pi.cpi_name), sizeof(pi.cpi_name)), - elf_getu32(swap, pi.cpi_pid), - elf_getu32(swap, pi.cpi_euid), - elf_getu32(swap, pi.cpi_egid), -@@ -824,7 +824,8 @@ do_core_note(struct magic_set *ms, unsig - - cname = (unsigned char *) - &nbuf[doff + prpsoffsets(i)]; -- for (cp = cname; *cp && isprint(*cp); cp++) -+ for (cp = cname; cp < nbuf + size && *cp -+ && isprint(*cp); cp++) - continue; - /* - * Linux apparently appends a space at the end -@@ -1564,7 +1565,8 @@ dophn_exec(struct magic_set *ms, int cla - return -1; - if (interp[0]) - if (file_printf(ms, ", interpreter %s", -- file_printable(ibuf, sizeof(ibuf), interp)) == -1) -+ file_printable(ibuf, sizeof(ibuf), interp, sizeof(interp))) -+ == -1) - return -1; - return 0; - } diff --git a/sysutils/file/patches/patch-src_softmagic.c b/sysutils/file/patches/patch-src_softmagic.c index e638e2d6cfc..137cb7e7c1d 100644 --- a/sysutils/file/patches/patch-src_softmagic.c +++ b/sysutils/file/patches/patch-src_softmagic.c @@ -1,158 +1,16 @@ -$NetBSD: patch-src_softmagic.c,v 1.4 2019/03/16 09:02:41 bsiegert Exp $ +$NetBSD: patch-src_softmagic.c,v 1.5 2019/03/16 10:50:31 leot Exp $ Fix functionality under NetBSD-current after format check change https://mail-index.netbsd.org/source-changes/2017/12/11/msg090400.html -fix PR/62: spinpx: limit size of file_printable. (CVE-2019-8904) - -https://bugs.astron.com/view.php?id=62 -https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b - ---- src/softmagic.c.orig 2017-07-21 10:29:00.000000000 +0000 +--- src/softmagic.c.orig 2019-02-20 02:35:27.000000000 +0000 +++ src/softmagic.c -@@ -121,6 +121,8 @@ private const char * __attribute__((__fo - file_fmtcheck(struct magic_set *ms, const struct magic *m, const char *def, +@@ -147,6 +147,8 @@ private const char * __attribute__((__fo + file_fmtcheck(struct magic_set *ms, const char *desc, const char *def, const char *file, size_t line) { -+ if (strchr(m->desc, '%') == NULL) -+ return m->desc; - const char *ptr = fmtcheck(m->desc, def); ++ if (strchr(desc, '%') == NULL) ++ return desc; + const char *ptr = fmtcheck(desc, def); if (ptr == def) file_magerror(ms, -@@ -546,8 +548,8 @@ mprint(struct magic_set *ms, struct magi - case FILE_LESTRING16: - if (m->reln == '=' || m->reln == '!') { - if (file_printf(ms, F(ms, m, "%s"), -- file_printable(sbuf, sizeof(sbuf), m->value.s)) -- == -1) -+ file_printable(sbuf, sizeof(sbuf), m->value.s, -+ sizeof(m->value.s))) == -1) - return -1; - t = ms->offset + m->vallen; - } -@@ -574,7 +576,8 @@ mprint(struct magic_set *ms, struct magi - } - - if (file_printf(ms, F(ms, m, "%s"), -- file_printable(sbuf, sizeof(sbuf), str)) == -1) -+ file_printable(sbuf, sizeof(sbuf), str, -+ sizeof(p->s) - (str - p->s))) == -1) - return -1; - - if (m->type == FILE_PSTRING) -@@ -680,7 +683,7 @@ mprint(struct magic_set *ms, struct magi - return -1; - } - rval = file_printf(ms, F(ms, m, "%s"), -- file_printable(sbuf, sizeof(sbuf), cp)); -+ file_printable(sbuf, sizeof(sbuf), cp, ms->search.rm_len)); - free(cp); - - if (rval == -1) -@@ -707,7 +710,8 @@ mprint(struct magic_set *ms, struct magi - break; - case FILE_DER: - if (file_printf(ms, F(ms, m, "%s"), -- file_printable(sbuf, sizeof(sbuf), ms->ms_value.s)) == -1) -+ file_printable(sbuf, sizeof(sbuf), ms->ms_value.s, -+ sizeof(ms->ms_value.s))) == -1) - return -1; - t = ms->offset; - break; -@@ -1383,38 +1387,64 @@ mget(struct magic_set *ms, const unsigne - if (m->flag & INDIR) { - intmax_t off = m->in_offset; - const int sgn = m->in_op & FILE_OPSIGNED; -- if (m->in_op & FILE_OPINDIRECT) { -- const union VALUETYPE *q = CAST(const union VALUETYPE *, -- ((const void *)(s + offset + off))); -- if (OFFSET_OOB(nbytes, offset + off, sizeof(*q))) -- return 0; -- switch (cvt_flip(m->in_type, flip)) { -- case FILE_BYTE: -- off = SEXT(sgn,8,q->b); -- break; -- case FILE_SHORT: -- off = SEXT(sgn,16,q->h); -- break; -- case FILE_BESHORT: -- off = SEXT(sgn,16,BE16(q)); -- break; -- case FILE_LESHORT: -- off = SEXT(sgn,16,LE16(q)); -- break; -- case FILE_LONG: -- off = SEXT(sgn,32,q->l); -- break; -- case FILE_BELONG: -- case FILE_BEID3: -- off = SEXT(sgn,32,BE32(q)); -- break; -- case FILE_LEID3: -- case FILE_LELONG: -- off = SEXT(sgn,32,LE32(q)); -- break; -- case FILE_MELONG: -- off = SEXT(sgn,32,ME32(q)); -- break; -+ if (m->in_op & FILE_OPINDIRECT) { -+ const union VALUETYPE *q = CAST(const union VALUETYPE *, -+ ((const void *)(s + offset + off))); -+ switch (cvt_flip(m->in_type, flip)) { -+ case FILE_BYTE: -+ if (OFFSET_OOB(nbytes, offset + off, 1)) -+ return 0; -+ off = SEXT(sgn,8,q->b); -+ break; -+ case FILE_SHORT: -+ if (OFFSET_OOB(nbytes, offset + off, 2)) -+ return 0; -+ off = SEXT(sgn,16,q->h); -+ break; -+ case FILE_BESHORT: -+ if (OFFSET_OOB(nbytes, offset + off, 2)) -+ return 0; -+ off = SEXT(sgn,16,BE16(q)); -+ break; -+ case FILE_LESHORT: -+ if (OFFSET_OOB(nbytes, offset + off, 2)) -+ return 0; -+ off = SEXT(sgn,16,LE16(q)); -+ break; -+ case FILE_LONG: -+ if (OFFSET_OOB(nbytes, offset + off, 4)) -+ return 0; -+ off = SEXT(sgn,32,q->l); -+ break; -+ case FILE_BELONG: -+ case FILE_BEID3: -+ if (OFFSET_OOB(nbytes, offset + off, 4)) -+ return 0; -+ off = SEXT(sgn,32,BE32(q)); -+ break; -+ case FILE_LEID3: -+ case FILE_LELONG: -+ if (OFFSET_OOB(nbytes, offset + off, 4)) -+ return 0; -+ off = SEXT(sgn,32,LE32(q)); -+ break; -+ case FILE_MELONG: -+ if (OFFSET_OOB(nbytes, offset + off, 4)) -+ return 0; -+ off = SEXT(sgn,32,ME32(q)); -+ break; -+ case FILE_BEQUAD: -+ if (OFFSET_OOB(nbytes, offset + off, 8)) -+ return 0; -+ off = SEXT(sgn,64,BE64(q)); -+ break; -+ case FILE_LEQUAD: -+ if (OFFSET_OOB(nbytes, offset + off, 8)) -+ return 0; -+ off = SEXT(sgn,64,LE64(q)); -+ break; -+ default: -+ abort(); - } - if ((ms->flags & MAGIC_DEBUG) != 0) - fprintf(stderr, "indirect offs=%jd\n", off); |