[gentoo-commits] repo/gentoo:master commit in: dev-util/radare2/files/, dev-util/radare2/

Sat, 28 Oct 2017 14:07:47 -0700 

commit:     b3c5759b316133acdf7fc698df524bb5472b4a7a
Author:     Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
AuthorDate: Sat Oct 28 21:06:25 2017 +0000
Commit:     Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
CommitDate: Sat Oct 28 21:06:36 2017 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b3c5759b

dev-util/radare2: fix 32-bit overflow in ELF parsing, bug #635618

Bug: https://bugs.gentoo.org/635618
Package-Manager: Portage-2.3.13, Repoman-2.3.4

 .../radare2/files/radare2-2.0.1-635618-p1.patch    | 29 +++++++++++
 .../radare2/files/radare2-2.0.1-635618-p2.patch    | 30 +++++++++++
 dev-util/radare2/radare2-2.0.1-r1.ebuild           | 58 ++++++++++++++++++++++
 3 files changed, 117 insertions(+)

diff --git a/dev-util/radare2/files/radare2-2.0.1-635618-p1.patch 
b/dev-util/radare2/files/radare2-2.0.1-635618-p1.patch
new file mode 100644
index 00000000000..5644e50cc11
--- /dev/null
+++ b/dev-util/radare2/files/radare2-2.0.1-635618-p1.patch
@@ -0,0 +1,29 @@
+From c6d0076c924891ad9948a62d89d0bcdaf965f0cd Mon Sep 17 00:00:00 2001
+From: pancake <panc...@nopcode.org>
+Date: Wed, 25 Oct 2017 18:00:11 +0200
+Subject: [PATCH] Fix #8731 - Crash in ELF parser with negative 32bit number
+
+---
+ libr/bin/format/elf/elf.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/libr/bin/format/elf/elf.c b/libr/bin/format/elf/elf.c
+index 90f6acd30..e3c852fd3 100644
+--- a/libr/bin/format/elf/elf.c
++++ b/libr/bin/format/elf/elf.c
+@@ -900,7 +900,11 @@ static Sdb *store_versioninfo_gnu_verneed(ELFOBJ *bin, 
Elf_(Shdr) *shdr, int sz)
+                       free (s);
+               }
+               sdb_num_set (sdb_version, "cnt", entry->vn_cnt, 0);
+-              vstart += entry->vn_aux;
++              st32 vnaux = entry->vn_aux;
++              if (vnaux < 1) {
++                      goto beach;
++              }
++              vstart += vnaux;
+               for (j = 0, isum = i + entry->vn_aux; j < entry->vn_cnt && 
vstart + sizeof (Elf_(Vernaux)) <= end; ++j) {
+                       int k;
+                       Elf_(Vernaux) * aux = NULL;
+-- 
+2.14.3
+

diff --git a/dev-util/radare2/files/radare2-2.0.1-635618-p2.patch 
b/dev-util/radare2/files/radare2-2.0.1-635618-p2.patch
new file mode 100644
index 00000000000..242f4cc6220
--- /dev/null
+++ b/dev-util/radare2/files/radare2-2.0.1-635618-p2.patch
@@ -0,0 +1,30 @@
+From 44ded3ff35b8264f54b5a900cab32ec489d9e5b9 Mon Sep 17 00:00:00 2001
+From: pancake <panc...@nopcode.org>
+Date: Wed, 25 Oct 2017 18:09:24 +0200
+Subject: [PATCH] Fix #8743 - Crash in ELF version parser on 32bit systems
+
+---
+ libr/bin/format/elf/elf.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/libr/bin/format/elf/elf.c b/libr/bin/format/elf/elf.c
+index e3c852fd3..2248731b3 100644
+--- a/libr/bin/format/elf/elf.c
++++ b/libr/bin/format/elf/elf.c
+@@ -748,7 +748,12 @@ static Sdb *store_versioninfo_gnu_verdef(ELFOBJ *bin, 
Elf_(Shdr) *shdr, int sz)
+               verdef->vd_hash = READ32 (dfs, j)
+               verdef->vd_aux = READ32 (dfs, j)
+               verdef->vd_next = READ32 (dfs, j)
+-              vstart += verdef->vd_aux;
++              int vdaux = verdef->vd_aux;
++              if (vdaux < 1) {
++                      sdb_free (sdb_verdef);
++                      goto out_error;
++              }
++              vstart += vdaux;
+               if (vstart > end || vstart + sizeof (Elf_(Verdaux)) > end) {
+                       sdb_free (sdb_verdef);
+                       goto out_error;
+-- 
+2.14.3
+

diff --git a/dev-util/radare2/radare2-2.0.1-r1.ebuild 
b/dev-util/radare2/radare2-2.0.1-r1.ebuild
new file mode 100644
index 00000000000..78ee0f1268e
--- /dev/null
+++ b/dev-util/radare2/radare2-2.0.1-r1.ebuild
@@ -0,0 +1,58 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit eutils
+
+DESCRIPTION="unix-like reverse engineering framework and commandline tools"
+HOMEPAGE="http://www.radare.org";
+
+if [[ ${PV} == *9999 ]]; then
+       inherit git-r3
+       EGIT_REPO_URI="https://github.com/radare/radare2";
+else
+       SRC_URI="https://github.com/radare/radare2/archive/${PV}.tar.gz -> 
${P}.tar.gz"
+       KEYWORDS="~amd64 ~x86 ~arm ~arm64"
+fi
+
+PATCHES=(
+       "${FILESDIR}"/${PN}-0.9.9-nogit.patch
+       "${FILESDIR}"/${P}-635618-p1.patch
+       "${FILESDIR}"/${P}-635618-p2.patch
+)
+
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="ssl +system-capstone zsh-completion"
+
+RDEPEND="
+       ssl? ( dev-libs/openssl:0= )
+       system-capstone? ( dev-libs/capstone:0= )
+"
+DEPEND="${RDEPEND}
+       virtual/pkgconfig
+"
+
+src_configure() {
+       econf \
+               $(use_with ssl openssl) \
+               $(use_with system-capstone syscapstone)
+}
+
+src_install() {
+       default
+
+       if use zsh-completion; then
+               insinto /usr/share/zsh/site-functions
+               doins doc/zsh/_*
+       fi
+
+       # a workaround for unstable $(INSTALL) call, bug #574866
+       local d
+       for d in doc/*; do
+               if [[ -d $d ]]; then
+                       rm -rfv "$d" || die "failed to delete '$d'"
+               fi
+       done
+}

Reply via email to