1 |
commit: 05fd542aa1119b54b8ba2bb79817f7016d0cacad |
2 |
Author: Sam James <sam <AT> gentoo <DOT> org> |
3 |
AuthorDate: Tue Aug 16 00:52:04 2022 +0000 |
4 |
Commit: Sam James <sam <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Aug 16 00:52:04 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=05fd542a |
7 |
|
8 |
sys-libs/zlib: patch CVE-2022-37434 |
9 |
|
10 |
(includes the additional fix which curl exposed too) |
11 |
|
12 |
Bug: https://bugs.gentoo.org/863851 |
13 |
Signed-off-by: Sam James <sam <AT> gentoo.org> |
14 |
|
15 |
.../zlib/files/zlib-1.2.12-CVE-2022-37434.patch | 55 ++++++ |
16 |
sys-libs/zlib/zlib-1.2.12-r3.ebuild | 199 +++++++++++++++++++++ |
17 |
2 files changed, 254 insertions(+) |
18 |
|
19 |
diff --git a/sys-libs/zlib/files/zlib-1.2.12-CVE-2022-37434.patch b/sys-libs/zlib/files/zlib-1.2.12-CVE-2022-37434.patch |
20 |
new file mode 100644 |
21 |
index 000000000000..1ef3b909e435 |
22 |
--- /dev/null |
23 |
+++ b/sys-libs/zlib/files/zlib-1.2.12-CVE-2022-37434.patch |
24 |
@@ -0,0 +1,55 @@ |
25 |
+https://bugs.gentoo.org/863851 |
26 |
+https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1 |
27 |
+https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d (see https://github.com/curl/curl/issues/9271) |
28 |
+ |
29 |
+From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001 |
30 |
+From: Mark Adler <fork@××××××.net> |
31 |
+Date: Sat, 30 Jul 2022 15:51:11 -0700 |
32 |
+Subject: [PATCH] Fix a bug when getting a gzip header extra field with |
33 |
+ inflate(). |
34 |
+ |
35 |
+If the extra field was larger than the space the user provided with |
36 |
+inflateGetHeader(), and if multiple calls of inflate() delivered |
37 |
+the extra header data, then there could be a buffer overflow of the |
38 |
+provided space. This commit assures that provided space is not |
39 |
+exceeded. |
40 |
+--- a/inflate.c |
41 |
++++ b/inflate.c |
42 |
+@@ -763,9 +763,10 @@ int flush; |
43 |
+ copy = state->length; |
44 |
+ if (copy > have) copy = have; |
45 |
+ if (copy) { |
46 |
++ len = state->head->extra_len - state->length; |
47 |
+ if (state->head != Z_NULL && |
48 |
+- state->head->extra != Z_NULL) { |
49 |
+- len = state->head->extra_len - state->length; |
50 |
++ state->head->extra != Z_NULL && |
51 |
++ len < state->head->extra_max) { |
52 |
+ zmemcpy(state->head->extra + len, next, |
53 |
+ len + copy > state->head->extra_max ? |
54 |
+ state->head->extra_max - len : copy); |
55 |
+ |
56 |
+From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001 |
57 |
+From: Mark Adler <fork@××××××.net> |
58 |
+Date: Mon, 8 Aug 2022 10:50:09 -0700 |
59 |
+Subject: [PATCH] Fix extra field processing bug that dereferences NULL |
60 |
+ state->head. |
61 |
+ |
62 |
+The recent commit to fix a gzip header extra field processing bug |
63 |
+introduced the new bug fixed here. |
64 |
+--- a/inflate.c |
65 |
++++ b/inflate.c |
66 |
+@@ -763,10 +763,10 @@ int flush; |
67 |
+ copy = state->length; |
68 |
+ if (copy > have) copy = have; |
69 |
+ if (copy) { |
70 |
+- len = state->head->extra_len - state->length; |
71 |
+ if (state->head != Z_NULL && |
72 |
+ state->head->extra != Z_NULL && |
73 |
+- len < state->head->extra_max) { |
74 |
++ (len = state->head->extra_len - state->length) < |
75 |
++ state->head->extra_max) { |
76 |
+ zmemcpy(state->head->extra + len, next, |
77 |
+ len + copy > state->head->extra_max ? |
78 |
+ state->head->extra_max - len : copy); |
79 |
+ |
80 |
|
81 |
diff --git a/sys-libs/zlib/zlib-1.2.12-r3.ebuild b/sys-libs/zlib/zlib-1.2.12-r3.ebuild |
82 |
new file mode 100644 |
83 |
index 000000000000..1117652b5367 |
84 |
--- /dev/null |
85 |
+++ b/sys-libs/zlib/zlib-1.2.12-r3.ebuild |
86 |
@@ -0,0 +1,199 @@ |
87 |
+# Copyright 1999-2022 Gentoo Authors |
88 |
+# Distributed under the terms of the GNU General Public License v2 |
89 |
+ |
90 |
+EAPI=8 |
91 |
+ |
92 |
+# Worth keeping an eye on 'develop' branch upstream for possible backports. |
93 |
+AUTOTOOLS_AUTO_DEPEND="no" |
94 |
+VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/madler.asc |
95 |
+inherit autotools multilib-minimal usr-ldscript verify-sig |
96 |
+ |
97 |
+CYGWINPATCHES=( |
98 |
+ "https://github.com/cygwinports/zlib/raw/22a3462cae33a82ad966ea0a7d6cbe8fc1368fec/1.2.11-gzopen_w.patch -> ${PN}-1.2.11-cygwin-gzopen_w.patch" |
99 |
+ "https://github.com/cygwinports/zlib/raw/22a3462cae33a82ad966ea0a7d6cbe8fc1368fec/1.2.7-minizip-cygwin.patch -> ${PN}-1.2.7-cygwin-minizip.patch" |
100 |
+) |
101 |
+ |
102 |
+DESCRIPTION="Standard (de)compression library" |
103 |
+HOMEPAGE="https://zlib.net/" |
104 |
+SRC_URI="https://zlib.net/${P}.tar.gz |
105 |
+ https://zlib.net/fossils/${P}.tar.gz |
106 |
+ https://www.gzip.org/zlib/${P}.tar.gz |
107 |
+ https://www.zlib.net/current/beta/${P}.tar.gz |
108 |
+ verify-sig? ( https://zlib.net/${P}.tar.gz.asc ) |
109 |
+ elibc_Cygwin? ( ${CYGWINPATCHES[*]} )" |
110 |
+ |
111 |
+LICENSE="ZLIB" |
112 |
+SLOT="0/1" # subslot = SONAME |
113 |
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris ~x86-winnt" |
114 |
+IUSE="minizip static-libs" |
115 |
+ |
116 |
+RDEPEND="!sys-libs/zlib-ng[compat]" |
117 |
+DEPEND="${RDEPEND}" |
118 |
+BDEPEND="minizip? ( ${AUTOTOOLS_DEPEND} ) |
119 |
+ verify-sig? ( sec-keys/openpgp-keys-madler )" |
120 |
+ |
121 |
+PATCHES=( |
122 |
+ # Don't install unexpected & unused crypt.h header (which would clash with other pkgs) |
123 |
+ # Pending upstream. bug #658536 |
124 |
+ "${FILESDIR}"/${PN}-1.2.11-minizip-drop-crypt-header.patch |
125 |
+ |
126 |
+ # Respect AR, RANLIB, NM during build. Pending upstream. bug #831628 |
127 |
+ "${FILESDIR}"/${PN}-1.2.11-configure-fix-AR-RANLIB-NM-detection.patch |
128 |
+ |
129 |
+ # Respect LDFLAGS during configure tests. Pending upstream |
130 |
+ "${FILESDIR}"/${PN}-1.2.12-use-LDFLAGS-in-configure.patch |
131 |
+ |
132 |
+ # Fix broken CC logic |
133 |
+ "${FILESDIR}"/${P}-fix-CC-logic-in-configure.patch |
134 |
+ |
135 |
+ # Backport for Java (and others), bug #836370 |
136 |
+ "${FILESDIR}"/${P}-CRC-buggy-input.patch |
137 |
+ |
138 |
+ # bug #863851 |
139 |
+ "${FILESDIR}"/${P}-CVE-2022-37434.patch |
140 |
+) |
141 |
+ |
142 |
+src_prepare() { |
143 |
+ default |
144 |
+ |
145 |
+ if use elibc_Cygwin ; then |
146 |
+ local p |
147 |
+ for p in "${CYGWINPATCHES[@]}" ; do |
148 |
+ # Strip out the "... -> " from the array |
149 |
+ eapply -p2 "${DISTDIR}/${p#*> }" |
150 |
+ done |
151 |
+ fi |
152 |
+ |
153 |
+ if use minizip ; then |
154 |
+ cd contrib/minizip || die |
155 |
+ eautoreconf |
156 |
+ fi |
157 |
+ |
158 |
+ case ${CHOST} in |
159 |
+ *-cygwin*) |
160 |
+ # Do not use _wopen, it's a mingw-only symbol |
161 |
+ sed -i -e '/define WIDECHAR/d' "${S}"/gzguts.h || die |
162 |
+ |
163 |
+ # zlib1.dll is the mingw name, need cygz.dll |
164 |
+ # cygz.dll is loaded by toolchain, put into subdir |
165 |
+ sed -i -e 's|zlib1.dll|win32/cygz.dll|' win32/Makefile.gcc || die |
166 |
+ |
167 |
+ ;; |
168 |
+ esac |
169 |
+ |
170 |
+ case ${CHOST} in |
171 |
+ *-mingw*|mingw*|*-cygwin*) |
172 |
+ # Uses preconfigured Makefile rather than configure script |
173 |
+ multilib_copy_sources |
174 |
+ |
175 |
+ ;; |
176 |
+ esac |
177 |
+} |
178 |
+ |
179 |
+echoit() { echo "$@"; "$@"; } |
180 |
+ |
181 |
+multilib_src_configure() { |
182 |
+ case ${CHOST} in |
183 |
+ *-mingw*|mingw*|*-cygwin*) |
184 |
+ ;; |
185 |
+ |
186 |
+ *) |
187 |
+ # bug #347167 |
188 |
+ local uname=$("${BROOT}"/usr/share/gnuconfig/config.sub "${CHOST}" | cut -d- -f3) |
189 |
+ |
190 |
+ local myconf=( |
191 |
+ --shared |
192 |
+ --prefix="${EPREFIX}/usr" |
193 |
+ --libdir="${EPREFIX}/usr/$(get_libdir)" |
194 |
+ ${uname:+--uname=${uname}} |
195 |
+ ) |
196 |
+ |
197 |
+ # Not an autoconf script, so can't use econf |
198 |
+ echoit "${S}"/configure "${myconf[@]}" || die |
199 |
+ |
200 |
+ ;; |
201 |
+ esac |
202 |
+ |
203 |
+ if use minizip ; then |
204 |
+ local minizipdir="contrib/minizip" |
205 |
+ mkdir -p "${BUILD_DIR}/${minizipdir}" || die |
206 |
+ |
207 |
+ cd ${minizipdir} || die |
208 |
+ ECONF_SOURCE="${S}/${minizipdir}" econf $(use_enable static-libs static) |
209 |
+ fi |
210 |
+} |
211 |
+ |
212 |
+multilib_src_compile() { |
213 |
+ case ${CHOST} in |
214 |
+ *-mingw*|mingw*|*-cygwin*) |
215 |
+ emake -f win32/Makefile.gcc STRIP=true PREFIX=${CHOST}- |
216 |
+ sed \ |
217 |
+ -e 's|@prefix@|'"${EPREFIX}"'/usr|g' \ |
218 |
+ -e 's|@exec_prefix@|${prefix}|g' \ |
219 |
+ -e 's|@libdir@|${exec_prefix}/'$(get_libdir)'|g' \ |
220 |
+ -e 's|@sharedlibdir@|${exec_prefix}/'$(get_libdir)'|g' \ |
221 |
+ -e 's|@includedir@|${prefix}/include|g' \ |
222 |
+ -e 's|@VERSION@|'${PV}'|g' \ |
223 |
+ zlib.pc.in > zlib.pc || die |
224 |
+ ;; |
225 |
+ |
226 |
+ *) |
227 |
+ emake |
228 |
+ |
229 |
+ ;; |
230 |
+ esac |
231 |
+ |
232 |
+ use minizip && emake -C contrib/minizip |
233 |
+} |
234 |
+ |
235 |
+sed_macros() { |
236 |
+ # Clean up namespace a little, bug #383179 |
237 |
+ # We do it here so we only have to tweak 2 files |
238 |
+ sed -i -r 's:\<(O[FN])\>:_Z_\1:g' "$@" || die |
239 |
+} |
240 |
+ |
241 |
+multilib_src_install() { |
242 |
+ case ${CHOST} in |
243 |
+ *-mingw*|mingw*|*-cygwin*) |
244 |
+ emake -f win32/Makefile.gcc install \ |
245 |
+ BINARY_PATH="${ED}/usr/bin" \ |
246 |
+ LIBRARY_PATH="${ED}/usr/$(get_libdir)" \ |
247 |
+ INCLUDE_PATH="${ED}/usr/include" \ |
248 |
+ SHARED_MODE=1 |
249 |
+ |
250 |
+ # Overwrites zlib.pc created from win32/Makefile.gcc, bug #620136 |
251 |
+ insinto /usr/$(get_libdir)/pkgconfig |
252 |
+ doins zlib.pc |
253 |
+ |
254 |
+ ;; |
255 |
+ |
256 |
+ *) |
257 |
+ emake install DESTDIR="${D}" LDCONFIG=: |
258 |
+ gen_usr_ldscript -a z |
259 |
+ |
260 |
+ ;; |
261 |
+ esac |
262 |
+ |
263 |
+ sed_macros "${ED}"/usr/include/*.h |
264 |
+ |
265 |
+ if use minizip ; then |
266 |
+ emake -C contrib/minizip install DESTDIR="${D}" |
267 |
+ sed_macros "${ED}"/usr/include/minizip/*.h |
268 |
+ fi |
269 |
+ |
270 |
+ if use minizip; then |
271 |
+ # This might not exist if slibtool is used. |
272 |
+ # bug #816756 |
273 |
+ rm -f "${ED}"/usr/$(get_libdir)/libminizip.la || die |
274 |
+ fi |
275 |
+ |
276 |
+ if ! use static-libs ; then |
277 |
+ # bug #419645 |
278 |
+ rm "${ED}"/usr/$(get_libdir)/libz.a || die |
279 |
+ fi |
280 |
+} |
281 |
+ |
282 |
+multilib_src_install_all() { |
283 |
+ dodoc FAQ README ChangeLog doc/*.txt |
284 |
+ use minizip && dodoc contrib/minizip/*.txt |
285 |
+} |