commit: 48627ba2203445afedb3eb0e99c24cf931896f1e Author: David Roman <davidroman96 <AT> gmail <DOT> com> AuthorDate: Fri Apr 22 10:45:36 2022 +0000 Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> CommitDate: Mon Apr 25 06:56:56 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=48627ba2
dev-util/radare2: verbump to 5.6.8 Bug: https://bugs.gentoo.org/831057 Package-Manager: Portage-3.0.30, Repoman-3.0.3 Signed-off-by: David Roman <davidroman96 <AT> gmail.com> Closes: https://github.com/gentoo/gentoo/pull/25155 Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> dev-util/radare2/Manifest | 3 + dev-util/radare2/files/CVE-2022-1437.patch | 72 +++++++++++++++++++ dev-util/radare2/radare2-5.6.8.ebuild | 109 +++++++++++++++++++++++++++++ 3 files changed, 184 insertions(+) diff --git a/dev-util/radare2/Manifest b/dev-util/radare2/Manifest index 38f5a0afce87..37816a87aff6 100644 --- a/dev-util/radare2/Manifest +++ b/dev-util/radare2/Manifest @@ -1,4 +1,7 @@ DIST radare2-5.5.4-vector35-arm64.tar.gz 1021299 BLAKE2B 389bdc43e90ba71961e5d8afca495bd63b25d4c0dc9513c5e9cc0770f091199197dc1e4b8a9d4c57206acfd892a6b4ff9ba8b0f925e493f540956c64edfcd809 SHA512 7762cee60acc7605c2c127acab646c5c58c5736e6801058eec69c2da52901d0ecab85b0496d798be6403bedf27ffd4fe4e3a8d47c8802af1fe3805a4ac32ae26 DIST radare2-5.5.4-vector35-armv7.tar.gz 255288 BLAKE2B ca96b3f68381a0987c4efa10dcb798194486019762e89d1eb19a3fd24f6983535eea792099c60e4c1a9d2bdb5baab119fe2e9a7a889fad5a14023e5f984959b8 SHA512 e9eb6cee02bbbb265914b1f9118c7a143ed76a201c085af5516855475bf7f3ad5f9c82d1548e85a0339fbc33e029ef0e4be9d8cef68d212ae16ce1a7f18453ff DIST radare2-5.5.4.tar.gz 9610424 BLAKE2B 4e113d854a55597270663f9c18f1d71da21fa8e539a997773f30178e93de54d397f56103813ec2c60cfabdf2d811151ad7285fc479e1ee681687831030e18da2 SHA512 b64268a8fcfbd89455b991557c82bb24d5f42471f4424cd971c1143ff604720fb4c00216a7054d72df6bbbdace1b814a6c3538708926c229dd2f8476b7d325da +DIST radare2-5.6.8-vector35-arm64.tar.gz 1021299 BLAKE2B 389bdc43e90ba71961e5d8afca495bd63b25d4c0dc9513c5e9cc0770f091199197dc1e4b8a9d4c57206acfd892a6b4ff9ba8b0f925e493f540956c64edfcd809 SHA512 7762cee60acc7605c2c127acab646c5c58c5736e6801058eec69c2da52901d0ecab85b0496d798be6403bedf27ffd4fe4e3a8d47c8802af1fe3805a4ac32ae26 +DIST radare2-5.6.8-vector35-armv7.tar.gz 255288 BLAKE2B ca96b3f68381a0987c4efa10dcb798194486019762e89d1eb19a3fd24f6983535eea792099c60e4c1a9d2bdb5baab119fe2e9a7a889fad5a14023e5f984959b8 SHA512 e9eb6cee02bbbb265914b1f9118c7a143ed76a201c085af5516855475bf7f3ad5f9c82d1548e85a0339fbc33e029ef0e4be9d8cef68d212ae16ce1a7f18453ff +DIST radare2-5.6.8.tar.gz 9627480 BLAKE2B 4de904ee779b72f0a0e305170cdf62b3a4c3fdad768bb2c9a96a90b429c94c2bae1523439d5b869d2fefed89849fde1d996dd1de400fe47ea657bee3dd258fe1 SHA512 e29a3ff235f37bcde4ec6c1c97d1b9c521b57e93512ca40d71be9e88ac1c002f41af905865fdf4685ee94287425cff32500b5a111eec5594bdd7f32f05631910 DIST radare2-testbins-a6d1a0331605b4a5db9aa9260386c850d484dc70.tar.gz 118148516 BLAKE2B 9b1a1861b4aea7db1cc364d16577a2b7afe082b0838178d307ed24704710edfa572533bab9b194d38c1b294e5a4fb522d1a93e92a1c577ca6622a16d94209bd5 SHA512 8888fab0d2295e92c4bd0ab4c2ba646951e41cc4c1f9915d501a27fbff21e82d5340d1a9255d998dcf0e209a57bb35fc714adcb31ed7adb58aa412f6202e69c6 diff --git a/dev-util/radare2/files/CVE-2022-1437.patch b/dev-util/radare2/files/CVE-2022-1437.patch new file mode 100644 index 000000000000..16e67c5d3193 --- /dev/null +++ b/dev-util/radare2/files/CVE-2022-1437.patch @@ -0,0 +1,72 @@ +--- a/libr/bin/format/mach0/coresymbolication.c ++++ b/libr/bin/format/mach0/coresymbolication.c +@@ -269,6 +269,9 @@ RCoreSymCacheElement *r_coresym_cache_element_new(RBinFile *bf, RBuffer *buf, ut + for (i = 0; i < hdr->n_sections && cursor < end; i++) { + ut8 *sect_start = cursor; + RCoreSymCacheElementSection *sect = &result->sections[i]; ++ if (cursor + (word_size * 4) > end) { ++ goto beach; ++ } + sect->vaddr = sect->paddr = r_read_ble (cursor, false, bits); + if (sect->vaddr < page_zero_size) { + sect->vaddr += page_zero_size; +@@ -359,6 +362,10 @@ RCoreSymCacheElement *r_coresym_cache_element_new(RBinFile *bf, RBuffer *buf, ut + continue; + } + string_origin = relative_to_strings? b + start_of_strings : cursor; ++ if (!string_origin) { ++ cursor += R_CS_EL_SIZE_LSYM; ++ continue; ++ } + lsym->flc.file = str_dup_safe (b, string_origin + file_name_off, end); + if (!lsym->flc.file) { + cursor += R_CS_EL_SIZE_LSYM; +--- a/libr/bin/p/bin_symbols.c ++++ b/libr/bin/p/bin_symbols.c +@@ -353,28 +353,30 @@ static bool check_buffer(RBinFile *bf, RBuffer *b) { + } + + static RList *symbols(RBinFile *bf) { +- RList *res = r_list_newf ((RListFree)r_bin_symbol_free); +- r_return_val_if_fail (res && bf->o && bf->o->bin_obj, res); ++ r_return_val_if_fail (bf && bf->o && bf->o->bin_obj, NULL); + RCoreSymCacheElement *element = bf->o->bin_obj; + size_t i; + HtUU *hash = ht_uu_new0 (); + if (!hash) { +- return res; ++ return NULL; + } ++ RList *res = r_list_newf ((RListFree)r_bin_symbol_free); + bool found = false; +- for (i = 0; i < element->hdr->n_lined_symbols; i++) { +- RCoreSymCacheElementSymbol *sym = (RCoreSymCacheElementSymbol *)&element->lined_symbols[i]; +- if (!sym) { +- break; +- } +- ht_uu_find (hash, sym->paddr, &found); +- if (found) { +- continue; +- } +- RBinSymbol *s = bin_symbol_from_symbol (element, sym); +- if (s) { +- r_list_append (res, s); +- ht_uu_insert (hash, sym->paddr, 1); ++ if (element->lined_symbols) { ++ for (i = 0; i < element->hdr->n_lined_symbols; i++) { ++ RCoreSymCacheElementSymbol *sym = (RCoreSymCacheElementSymbol *)&element->lined_symbols[i]; ++ if (!sym) { ++ break; ++ } ++ ht_uu_find (hash, sym->paddr, &found); ++ if (found) { ++ continue; ++ } ++ RBinSymbol *s = bin_symbol_from_symbol (element, sym); ++ if (s) { ++ r_list_append (res, s); ++ ht_uu_insert (hash, sym->paddr, 1); ++ } + } + } + if (element->symbols) { diff --git a/dev-util/radare2/radare2-5.6.8.ebuild b/dev-util/radare2/radare2-5.6.8.ebuild new file mode 100644 index 000000000000..f767f59da719 --- /dev/null +++ b/dev-util/radare2/radare2-5.6.8.ebuild @@ -0,0 +1,109 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit bash-completion-r1 toolchain-funcs + +DESCRIPTION="unix-like reverse engineering framework and commandline tools" +HOMEPAGE="https://www.radare.org"; + +ARM64_COMMIT=3c5eaba46dab72ecb7d5f5b865a13fdeee95b464 +ARMV7_COMMIT=dde39f69ffea19fc37e681874b12cb4707bc4f30 +BINS_COMMIT=a6d1a0331605b4a5db9aa9260386c850d484dc70 + +if [[ ${PV} == *9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/radareorg/radare2"; +else + SRC_URI="mirror+https://github.com/radareorg/radare2/archive/${PV}.tar.gz -> ${P}.tar.gz + mirror+https://github.com/radareorg/vector35-arch-arm64/archive/${ARM64_COMMIT}.tar.gz -> ${P}-vector35-arm64.tar.gz + mirror+https://github.com/radareorg/vector35-arch-armv7/archive/${ARMV7_COMMIT}.tar.gz -> ${P}-vector35-armv7.tar.gz + test? ( https://github.com/radareorg/radare2-testbins/archive/${BINS_COMMIT}.tar.gz -> radare2-testbins-${BINS_COMMIT}.tar.gz ) + " + + KEYWORDS="~amd64 ~arm ~arm64 ~x86" +fi + +LICENSE="GPL-2" +SLOT="0" +IUSE="ssl test" + +# Need to audit licenses of the binaries used for testing +RESTRICT="fetch test" + +RDEPEND=" + dev-libs/libzip:= + dev-libs/xxhash + sys-apps/file + sys-libs/zlib + dev-libs/capstone:0= + ssl? ( dev-libs/openssl:0= ) +" +DEPEND=" + ${RDEPEND} + dev-util/gperf +" +BDEPEND="virtual/pkgconfig" + +PATCHES=( "${FILESDIR}/CVE-2022-1437.patch" "${FILESDIR}/${PN}-5.5.0-vector35.patch" ) + +src_prepare() { + default + + # Hack for vector35 arm plugins + mv "${WORKDIR}/vector35-arch-arm64-${ARM64_COMMIT}" libr/asm/arch/arm/v35arm64/arch-arm64 || die + mv "${WORKDIR}/vector35-arch-armv7-${ARMV7_COMMIT}" libr/asm/arch/arm/v35arm64/arch-armv7 || die + + if use test; then + cp -r "${WORKDIR}/radare2-testbins-${BINS_COMMIT}" "${S}/test/bins" || die + cp -r "${WORKDIR}/radare2-testbins-${BINS_COMMIT}" "${S}" || die + fi + + # Fix hardcoded docdir for fortunes + sed -i -e "/^#define R2_FORTUNES/s/radare2/$PF/" \ + libr/include/r_userconf.h.acr +} + +src_configure() { + # Ideally these should be set by ./configure + tc-export CC AR LD OBJCOPY RANLIB + export HOST_CC=${CC} + + econf \ + --without-libuv \ + --with-syscapstone \ + --with-sysmagic \ + --with-sysxxhash \ + --with-syszip \ + $(use_with ssl openssl) +} + +src_install() { + default + + insinto /usr/share/zsh/site-functions + doins doc/zsh/_* + + newbashcomp doc/bash_autocompletion.sh "${PN}" + bashcomp_alias "${PN}" rafind2 r2 rabin2 rasm2 radiff2 + + # a workaround for unstable $(INSTALL) call, bug #574866 + local d + for d in doc/*; do + if [[ -d ${d} ]]; then + rm -rfv "${d}" || die "failed to delete '${d}'" + fi + done + + # These are not really docs. radare assumes + # uncompressed files: bug #761250 + docompress -x /usr/share/doc/${PF}/fortunes.{creepy,fun,nsfw,tips} + + # Create plugins directory although it's currently unsupported by radare2 + keepdir "/usr/$(get_libdir)/radare2/${PV}" || die +} + +src_test() { + emake -C test -k unit_tests || die +}
