From 5d6af474a56e5eb9b3a9e5d02180eb422a5855eb Mon Sep 17 00:00:00 2001 From: bsiegert Date: Tue, 29 Dec 2015 23:09:35 +0000 Subject: Add a patch for CVS-2014-2980: Tools/gdomap.c in gdomap in GNUstep Base 1.24.6 and earlier, when run in daemon mode, does not properly handle the file descriptor for the logger, which allows remote attackers to cause a denial of service (abort) via an invalid request. Bump pkgrevision. --- devel/gnustep-base/Makefile | 4 +- devel/gnustep-base/distinfo | 3 +- devel/gnustep-base/patches/patch-Tools_gdomap.c | 70 +++++++++++++++++++++++++ 3 files changed, 74 insertions(+), 3 deletions(-) create mode 100644 devel/gnustep-base/patches/patch-Tools_gdomap.c diff --git a/devel/gnustep-base/Makefile b/devel/gnustep-base/Makefile index a56400456ec..14e792048a0 100644 --- a/devel/gnustep-base/Makefile +++ b/devel/gnustep-base/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.64 2015/10/10 01:57:52 ryoon Exp $ +# $NetBSD: Makefile,v 1.65 2015/12/29 23:09:35 bsiegert Exp $ DISTNAME= gnustep-base-1.24.0 -PKGREVISION= 10 +PKGREVISION= 11 CATEGORIES= devel gnustep MASTER_SITES= ${MASTER_SITE_GNUSTEP:=core/} diff --git a/devel/gnustep-base/distinfo b/devel/gnustep-base/distinfo index efd4de6671a..20363833ecf 100644 --- a/devel/gnustep-base/distinfo +++ b/devel/gnustep-base/distinfo @@ -1,10 +1,11 @@ -$NetBSD: distinfo,v 1.30 2015/11/03 03:27:29 agc Exp $ +$NetBSD: distinfo,v 1.31 2015/12/29 23:09:35 bsiegert Exp $ SHA1 (gnustep-base-1.24.0.tar.gz) = 4d73df5b5a594213a4c7a0ed97fc04d10c9ced69 RMD160 (gnustep-base-1.24.0.tar.gz) = 3710966cac708c5f22b1e5eaee456951791a1620 SHA512 (gnustep-base-1.24.0.tar.gz) = 9232fed3439ee5e514e9c9194ef61ca8f1fbef294dc292e0b8ea0dd782e0e73ffda263f1a9e951e04d5dd379efae609f1f1a6ad4c9a606905a45b5daaa389049 Size (gnustep-base-1.24.0.tar.gz) = 2947759 bytes SHA1 (patch-Headers_GNUstepBase_GSConfig.h.in) = be5b7e9fd79dcb08a260caaf3092ddf7975ebbdc +SHA1 (patch-Tools_gdomap.c) = 380ce89baa8e07ac63c44e80aea6185e41d6ee9b SHA1 (patch-aa) = f1298afa2775a45e0c9a04752ab28e5d8e898965 SHA1 (patch-ab) = 1d56de33bc1320962b763ab6b7b50c38751e3210 SHA1 (patch-ac) = 4e8e209ad202385948d0f4b0d29e5e61e01da410 diff --git a/devel/gnustep-base/patches/patch-Tools_gdomap.c b/devel/gnustep-base/patches/patch-Tools_gdomap.c new file mode 100644 index 00000000000..49f65726586 --- /dev/null +++ b/devel/gnustep-base/patches/patch-Tools_gdomap.c @@ -0,0 +1,70 @@ +$NetBSD: patch-Tools_gdomap.c,v 1.1 2015/12/29 23:09:35 bsiegert Exp $ + +Fix for CVE-2014-2980. +http://svn.gna.org/viewcvs/gnustep/libs/base/trunk/Tools/gdomap.c?view=patch&r1=37756&r2=37755&pathrev=37756 + +--- Tools/gdomap.c.orig 2011-10-25 08:02:38.000000000 +0000 ++++ Tools/gdomap.c +@@ -279,7 +279,7 @@ static char ebuf[2048]; + + #if defined(HAVE_SYSLOG) + +-static int log_priority; ++static int log_priority = 0; + + static void + gdomap_log (int prio) +@@ -4422,16 +4422,7 @@ main(int argc, char** argv) + const char *machine = 0; + const char *lookupf = 0; + int donamesf = 0; +- +-#if defined(HAVE_SYSLOG) +- /* Initially, gdomap_log errors to stderr as well as to syslogd. */ +-#if defined(SYSLOG_4_2) +- openlog ("gdomap", LOG_NDELAY); +- log_priority = LOG_DAEMON; +-#else +- openlog ("gdomap", LOG_NDELAY, LOG_DAEMON); +-#endif +-#endif ++ int forked = 0; + + #if defined(__MINGW__) + WORD wVersionRequested; +@@ -4783,7 +4774,6 @@ printf( + #else + if (nofork == 0) + { +- is_daemon = 1; + /* + * Now fork off child process to run in background. + */ +@@ -4797,6 +4787,7 @@ printf( + /* + * Try to run in background. + */ ++ forked = 1; + #if defined(NeXT) + setpgrp(0, getpid()); + #else +@@ -4856,6 +4847,19 @@ printf( + + #endif /* !__MINGW__ */ + ++ if (forked) ++ { ++ is_daemon = 1; ++#if defined(HAVE_SYSLOG) ++#if defined(SYSLOG_4_2) ++ openlog ("gdomap", LOG_NDELAY); ++ log_priority = LOG_DAEMON; ++#elif !defined(HAVE_SLOGF) ++ openlog ("gdomap", LOG_NDELAY, LOG_DAEMON); ++#endif ++#endif ++ } ++ + init_my_port(); /* Determine port to listen on. */ + init_ports(); /* Create ports to handle requests. */ + -- cgit v1.2.3