[gentoo-commits] repo/gentoo:master commit in: games-board/gnuchess/files/, games-board/gnuchess/ - gentoo-commits

From:	Sebastian Pipping <sping@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: games-board/gnuchess/files/, games-board/gnuchess/
Date:	Wed, 02 Jun 2021 11:35:40
Message-Id:	`1622633699.c2d8827505a9f03a77a066cb21976932cf7eada7.sping@gentoo`

1

commit:     c2d8827505a9f03a77a066cb21976932cf7eada7

2

Author:     Sebastian Pipping <sping <AT> gentoo <DOT> org>

3

AuthorDate: Wed Jun  2 11:32:16 2021 +0000

4

Commit:     Sebastian Pipping <sping <AT> gentoo <DOT> org>

5

CommitDate: Wed Jun  2 11:34:59 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c2d88275

7

8

games-board/gnuchess: CVE-2021-30184

9

10

Bug: https://bugs.gentoo.org/780855

11

Signed-off-by: Sebastian Pipping <sping <AT> gentoo.org>

12

Package-Manager: Portage-3.0.19, Repoman-3.0.3

13

14

 .../files/gnuchess-6.2.8-cve-2021-30184.patch      | 72 ++++++++++++++++++++++

15

 games-board/gnuchess/gnuchess-6.2.8-r1.ebuild      | 21 +++++++

16

 2 files changed, 93 insertions(+)

17

18

diff --git a/games-board/gnuchess/files/gnuchess-6.2.8-cve-2021-30184.patch b/games-board/gnuchess/files/gnuchess-6.2.8-cve-2021-30184.patch

19

new file mode 100644

20

index 00000000000..dfa89a0e17c

21

--- /dev/null

22

+++ b/games-board/gnuchess/files/gnuchess-6.2.8-cve-2021-30184.patch

23

@@ -0,0 +1,72 @@

24

+From 7059e40c7a487b17886e1d345b52fc0cfca8df72 Mon Sep 17 00:00:00 2001

25

+From: Sebastian Pipping <sebastian@×××××××.org>

26

+Date: Wed, 2 Jun 2021 13:15:29 +0200

27

+Subject: [PATCH] frontend/cmd.cc: Fix buffer overflow CVE-2021-30184

28

+

29

+Based on prior work by Michael Vaughan,

30

+with "break;" replaced by "return;" and

31

+magic number 9 resolved by strlen("setboard ").

32

+

33

+Mimics close-to-identical existing code from

34

+elsewhere in the the same file.

35

+---

36

+ src/frontend/cmd.cc | 30 ++++++++++++++++++++++--------

37

+ 1 file changed, 22 insertions(+), 8 deletions(-)

38

+

39

+diff --git a/src/frontend/cmd.cc b/src/frontend/cmd.cc

40

+index a321fc2..394d03f 100644

41

+--- a/src/frontend/cmd.cc

42

++++ b/src/frontend/cmd.cc

43

+@@ -477,13 +477,20 @@ void cmd_pgnload(void)

44

+     return;

45

+   }

46

+

47

+-  strcpy( data, "setboard " );

48

++  const char setboardCmd[] = "setboard ";

49

++  unsigned int setboardLen = strlen(setboardCmd);

50

++  strcpy( data, setboardCmd );

51

+   int i=0;

52

+   while ( epdline[i] != '\n' ) {

53

+-    data[i+9] = epdline[i];

54

+-    ++i;

55

++    if (i + setboardLen < MAXSTR - 1) {

56

++      data[i+setboardLen] = epdline[i];

57

++      ++i;

58

++    } else {

59

++      printf( _("Error reading contents of file '%s'.\n"), token[1] );

60

++      return;

61

++    }

62

+   }

63

+-  data[i+9] = '\0';

64

++  data[i+setboardLen] = '\0';

65

+   SetDataToEngine( data );

66

+   SetAutoGo( true );

67

+   pgnloaded = 0;

68

+@@ -501,13 +508,20 @@ void cmd_pgnreplay(void)

69

+     return;

70

+   }

71

+

72

+-  strcpy( data, "setboard " );

73

++  const char setboardCmd[] = "setboard ";

74

++  unsigned int setboardLen = strlen(setboardCmd);

75

++  strcpy( data, setboardCmd );

76

+   int i=0;

77

+   while ( epdline[i] != '\n' ) {

78

+-    data[i+9] = epdline[i];

79

+-    ++i;

80

++    if (i + setboardLen < MAXSTR - 1) {

81

++      data[i+setboardLen] = epdline[i];

82

++      ++i;

83

++    } else {

84

++      printf( _("Error reading contents of file '%s'.\n"), token[1] );

85

++      return;

86

++    }

87

+   }

88

+-  data[i+9] = '\0';

89

++  data[i+setboardLen] = '\0';

90

+

91

+   SetDataToEngine( data );

92

+   SetAutoGo( true );

93

+--

94

+2.31.1

95

+

96

97

diff --git a/games-board/gnuchess/gnuchess-6.2.8-r1.ebuild b/games-board/gnuchess/gnuchess-6.2.8-r1.ebuild

98

new file mode 100644

99

index 00000000000..af4c32879a8

100

--- /dev/null

101

+++ b/games-board/gnuchess/gnuchess-6.2.8-r1.ebuild

102

@@ -0,0 +1,21 @@

103

+# Copyright 1999-2021 Gentoo Authors

104

+# Distributed under the terms of the GNU General Public License v2

105

+

106

+EAPI=7

107

+

108

+DESCRIPTION="Console based chess interface"

109

+HOMEPAGE="https://www.gnu.org/software/chess/chess.html"

110

+SRC_URI="mirror://gnu/chess/${P}.tar.gz"

111

+

112

+LICENSE="GPL-3"

113

+SLOT="0"

114

+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"

115

+

116

+PATCHES=(

117

+	"${FILESDIR}"/${P}-cve-2021-30184.patch  # bug 780855

118

+)

119

+

120

+src_configure() {

121

+	# bug #491088

122

+	econf --without-readline

123

+}

1	commit: c2d8827505a9f03a77a066cb21976932cf7eada7
2	Author: Sebastian Pipping <sping <AT> gentoo <DOT> org>
3	AuthorDate: Wed Jun 2 11:32:16 2021 +0000
4	Commit: Sebastian Pipping <sping <AT> gentoo <DOT> org>
5	CommitDate: Wed Jun 2 11:34:59 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c2d88275
7
8	games-board/gnuchess: CVE-2021-30184
9
10	Bug: https://bugs.gentoo.org/780855
11	Signed-off-by: Sebastian Pipping <sping <AT> gentoo.org>
12	Package-Manager: Portage-3.0.19, Repoman-3.0.3
13
14	.../files/gnuchess-6.2.8-cve-2021-30184.patch \| 72 ++++++++++++++++++++++
15	games-board/gnuchess/gnuchess-6.2.8-r1.ebuild \| 21 +++++++
16	2 files changed, 93 insertions(+)
17
18	diff --git a/games-board/gnuchess/files/gnuchess-6.2.8-cve-2021-30184.patch b/games-board/gnuchess/files/gnuchess-6.2.8-cve-2021-30184.patch
19	new file mode 100644
20	index 00000000000..dfa89a0e17c
21	--- /dev/null
22	+++ b/games-board/gnuchess/files/gnuchess-6.2.8-cve-2021-30184.patch
23	@@ -0,0 +1,72 @@
24	+From 7059e40c7a487b17886e1d345b52fc0cfca8df72 Mon Sep 17 00:00:00 2001
25	+From: Sebastian Pipping <sebastian@×××××××.org>
26	+Date: Wed, 2 Jun 2021 13:15:29 +0200
27	+Subject: [PATCH] frontend/cmd.cc: Fix buffer overflow CVE-2021-30184
28	+
29	+Based on prior work by Michael Vaughan,
30	+with "break;" replaced by "return;" and
31	+magic number 9 resolved by strlen("setboard ").
32	+
33	+Mimics close-to-identical existing code from
34	+elsewhere in the the same file.
35	+---
36	+ src/frontend/cmd.cc \| 30 ++++++++++++++++++++++--------
37	+ 1 file changed, 22 insertions(+), 8 deletions(-)
38	+
39	+diff --git a/src/frontend/cmd.cc b/src/frontend/cmd.cc
40	+index a321fc2..394d03f 100644
41	+--- a/src/frontend/cmd.cc
42	++++ b/src/frontend/cmd.cc
43	+@@ -477,13 +477,20 @@ void cmd_pgnload(void)
44	+ return;
45	+ }
46	+
47	+- strcpy( data, "setboard " );
48	++ const char setboardCmd[] = "setboard ";
49	++ unsigned int setboardLen = strlen(setboardCmd);
50	++ strcpy( data, setboardCmd );
51	+ int i=0;
52	+ while ( epdline[i] != '\n' ) {
53	+- data[i+9] = epdline[i];
54	+- ++i;
55	++ if (i + setboardLen < MAXSTR - 1) {
56	++ data[i+setboardLen] = epdline[i];
57	++ ++i;
58	++ } else {
59	++ printf( _("Error reading contents of file '%s'.\n"), token[1] );
60	++ return;
61	++ }
62	+ }
63	+- data[i+9] = '\0';
64	++ data[i+setboardLen] = '\0';
65	+ SetDataToEngine( data );
66	+ SetAutoGo( true );
67	+ pgnloaded = 0;
68	+@@ -501,13 +508,20 @@ void cmd_pgnreplay(void)
69	+ return;
70	+ }
71	+
72	+- strcpy( data, "setboard " );
73	++ const char setboardCmd[] = "setboard ";
74	++ unsigned int setboardLen = strlen(setboardCmd);
75	++ strcpy( data, setboardCmd );
76	+ int i=0;
77	+ while ( epdline[i] != '\n' ) {
78	+- data[i+9] = epdline[i];
79	+- ++i;
80	++ if (i + setboardLen < MAXSTR - 1) {
81	++ data[i+setboardLen] = epdline[i];
82	++ ++i;
83	++ } else {
84	++ printf( _("Error reading contents of file '%s'.\n"), token[1] );
85	++ return;
86	++ }
87	+ }
88	+- data[i+9] = '\0';
89	++ data[i+setboardLen] = '\0';
90	+
91	+ SetDataToEngine( data );
92	+ SetAutoGo( true );
93	+--
94	+2.31.1
95	+
96
97	diff --git a/games-board/gnuchess/gnuchess-6.2.8-r1.ebuild b/games-board/gnuchess/gnuchess-6.2.8-r1.ebuild
98	new file mode 100644
99	index 00000000000..af4c32879a8
100	--- /dev/null
101	+++ b/games-board/gnuchess/gnuchess-6.2.8-r1.ebuild
102	@@ -0,0 +1,21 @@
103	+# Copyright 1999-2021 Gentoo Authors
104	+# Distributed under the terms of the GNU General Public License v2
105	+
106	+EAPI=7
107	+
108	+DESCRIPTION="Console based chess interface"
109	+HOMEPAGE="https://www.gnu.org/software/chess/chess.html"
110	+SRC_URI="mirror://gnu/chess/${P}.tar.gz"
111	+
112	+LICENSE="GPL-3"
113	+SLOT="0"
114	+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
115	+
116	+PATCHES=(
117	+ "${FILESDIR}"/${P}-cve-2021-30184.patch # bug 780855
118	+)
119	+
120	+src_configure() {
121	+ # bug #491088
122	+ econf --without-readline
123	+}

Gentoo Archives: gentoo-commits