Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Matt Thode <prometheanfire@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: app-arch/p7zip/, app-arch/p7zip/files/
Date: Thu, 28 Jun 2018 19:07:23
Message-Id: 1530212824.2b160b9fd86e68ee72f39ce96db2e0c7de72e5f7.prometheanfire@gentoo
1 commit: 2b160b9fd86e68ee72f39ce96db2e0c7de72e5f7
2 Author: Matthew Thode <prometheanfire <AT> gentoo <DOT> org>
3 AuthorDate: Thu Jun 28 19:06:34 2018 +0000
4 Commit: Matt Thode <prometheanfire <AT> gentoo <DOT> org>
5 CommitDate: Thu Jun 28 19:07:04 2018 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2b160b9f
7
8 app-arch/p7zip: add fix for CVE-2018-10115
9
10 Bug: https://bugs.gentoo.org/655270
11 Package-Manager: Portage-2.3.40, Repoman-2.3.9
12
13 app-arch/p7zip/files/CVE-2018-10115.patch | 311 ++++++++++++++++++++++++++++++
14 app-arch/p7zip/p7zip-16.02-r4.ebuild | 165 ++++++++++++++++
15 2 files changed, 476 insertions(+)
16
17 diff --git a/app-arch/p7zip/files/CVE-2018-10115.patch b/app-arch/p7zip/files/CVE-2018-10115.patch
18 new file mode 100644
19 index 00000000000..7d9c4bf81f0
20 --- /dev/null
21 +++ b/app-arch/p7zip/files/CVE-2018-10115.patch
22 @@ -0,0 +1,311 @@
23 +From: Robert Luberda <robert@××××××.org>
24 +Date: Tue, 29 May 2018 23:59:09 +0200
25 +Subject: Fix CVE-2018-10115
26 +
27 +Apply "patch" taken from https://landave.io/files/patch_7zip_CVE-2018-10115.txt
28 +
29 +
30 +Bugs-Debian: https://bugs.debian.org/897674
31 +---
32 + CPP/7zip/Compress/Rar1Decoder.cpp | 16 +++++++++++-----
33 + CPP/7zip/Compress/Rar1Decoder.h | 3 ++-
34 + CPP/7zip/Compress/Rar2Decoder.cpp | 17 +++++++++++++----
35 + CPP/7zip/Compress/Rar2Decoder.h | 3 ++-
36 + CPP/7zip/Compress/Rar3Decoder.cpp | 19 +++++++++++++++----
37 + CPP/7zip/Compress/Rar3Decoder.h | 3 ++-
38 + CPP/7zip/Compress/Rar5Decoder.cpp | 8 ++++++++
39 + CPP/7zip/Compress/Rar5Decoder.h | 1 +
40 + 8 files changed, 54 insertions(+), 16 deletions(-)
41 +
42 +diff --git a/CPP/7zip/Compress/Rar1Decoder.cpp b/CPP/7zip/Compress/Rar1Decoder.cpp
43 +index 68030c7..8c890c8 100644
44 +--- a/CPP/7zip/Compress/Rar1Decoder.cpp
45 ++++ b/CPP/7zip/Compress/Rar1Decoder.cpp
46 +@@ -29,7 +29,7 @@ public:
47 + };
48 + */
49 +
50 +-CDecoder::CDecoder(): m_IsSolid(false), _errorMode(false) { }
51 ++CDecoder::CDecoder(): _isSolid(false), _solidAllowed(false), _errorMode(false) { }
52 +
53 + void CDecoder::InitStructures()
54 + {
55 +@@ -345,7 +345,7 @@ void CDecoder::GetFlagsBuf()
56 +
57 + void CDecoder::InitData()
58 + {
59 +- if (!m_IsSolid)
60 ++ if (!_isSolid)
61 + {
62 + AvrPlcB = AvrLn1 = AvrLn2 = AvrLn3 = NumHuf = Buf60 = 0;
63 + AvrPlc = 0x3500;
64 +@@ -391,6 +391,11 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
65 + if (inSize == NULL || outSize == NULL)
66 + return E_INVALIDARG;
67 +
68 ++ if (_isSolid && !_solidAllowed)
69 ++ return S_FALSE;
70 ++
71 ++ _solidAllowed = false;
72 ++
73 + if (!m_OutWindowStream.Create(kHistorySize))
74 + return E_OUTOFMEMORY;
75 + if (!m_InBitStream.Create(1 << 20))
76 +@@ -398,13 +403,13 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
77 +
78 + m_UnpackSize = (Int64)*outSize;
79 + m_OutWindowStream.SetStream(outStream);
80 +- m_OutWindowStream.Init(m_IsSolid);
81 ++ m_OutWindowStream.Init(_isSolid);
82 + m_InBitStream.SetStream(inStream);
83 + m_InBitStream.Init();
84 +
85 + // CCoderReleaser coderReleaser(this);
86 + InitData();
87 +- if (!m_IsSolid)
88 ++ if (!_isSolid)
89 + {
90 + _errorMode = false;
91 + InitStructures();
92 +@@ -475,6 +480,7 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
93 + }
94 + if (m_UnpackSize < 0)
95 + return S_FALSE;
96 ++ _solidAllowed = true;
97 + return m_OutWindowStream.Flush();
98 + }
99 +
100 +@@ -491,7 +497,7 @@ STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size)
101 + {
102 + if (size < 1)
103 + return E_INVALIDARG;
104 +- m_IsSolid = ((data[0] & 1) != 0);
105 ++ _isSolid = ((data[0] & 1) != 0);
106 + return S_OK;
107 + }
108 +
109 +diff --git a/CPP/7zip/Compress/Rar1Decoder.h b/CPP/7zip/Compress/Rar1Decoder.h
110 +index 01b606b..8abb3a3 100644
111 +--- a/CPP/7zip/Compress/Rar1Decoder.h
112 ++++ b/CPP/7zip/Compress/Rar1Decoder.h
113 +@@ -38,7 +38,8 @@ public:
114 + UInt32 LastLength;
115 +
116 + Int64 m_UnpackSize;
117 +- bool m_IsSolid;
118 ++ bool _isSolid;
119 ++ bool _solidAllowed;
120 + bool _errorMode;
121 +
122 + UInt32 ReadBits(int numBits);
123 +diff --git a/CPP/7zip/Compress/Rar2Decoder.cpp b/CPP/7zip/Compress/Rar2Decoder.cpp
124 +index 0580c8d..be8d842 100644
125 +--- a/CPP/7zip/Compress/Rar2Decoder.cpp
126 ++++ b/CPP/7zip/Compress/Rar2Decoder.cpp
127 +@@ -80,7 +80,8 @@ static const UInt32 kHistorySize = 1 << 20;
128 + static const UInt32 kWindowReservSize = (1 << 22) + 256;
129 +
130 + CDecoder::CDecoder():
131 +- m_IsSolid(false),
132 ++ _isSolid(false),
133 ++ _solidAllowed(false),
134 + m_TablesOK(false)
135 + {
136 + }
137 +@@ -320,6 +321,10 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
138 + if (inSize == NULL || outSize == NULL)
139 + return E_INVALIDARG;
140 +
141 ++ if (_isSolid && !_solidAllowed)
142 ++ return S_FALSE;
143 ++ _solidAllowed = false;
144 ++
145 + if (!m_OutWindowStream.Create(kHistorySize))
146 + return E_OUTOFMEMORY;
147 + if (!m_InBitStream.Create(1 << 20))
148 +@@ -330,12 +335,12 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
149 + UInt64 pos = 0, unPackSize = *outSize;
150 +
151 + m_OutWindowStream.SetStream(outStream);
152 +- m_OutWindowStream.Init(m_IsSolid);
153 ++ m_OutWindowStream.Init(_isSolid);
154 + m_InBitStream.SetStream(inStream);
155 + m_InBitStream.Init();
156 +
157 + // CCoderReleaser coderReleaser(this);
158 +- if (!m_IsSolid)
159 ++ if (!_isSolid)
160 + {
161 + InitStructures();
162 + if (unPackSize == 0)
163 +@@ -343,6 +348,7 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
164 + if (m_InBitStream.GetProcessedSize() + 2 <= m_PackSize) // test it: probably incorrect;
165 + if (!ReadTables())
166 + return S_FALSE;
167 ++ _solidAllowed = true;
168 + return S_OK;
169 + }
170 + if (!ReadTables())
171 +@@ -386,6 +392,9 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
172 +
173 + if (!ReadLastTables())
174 + return S_FALSE;
175 ++
176 ++ _solidAllowed = true;
177 ++
178 + return m_OutWindowStream.Flush();
179 + }
180 +
181 +@@ -402,7 +411,7 @@ STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size)
182 + {
183 + if (size < 1)
184 + return E_INVALIDARG;
185 +- m_IsSolid = ((data[0] & 1) != 0);
186 ++ _isSolid = ((data[0] & 1) != 0);
187 + return S_OK;
188 + }
189 +
190 +diff --git a/CPP/7zip/Compress/Rar2Decoder.h b/CPP/7zip/Compress/Rar2Decoder.h
191 +index 0e9005f..370bce2 100644
192 +--- a/CPP/7zip/Compress/Rar2Decoder.h
193 ++++ b/CPP/7zip/Compress/Rar2Decoder.h
194 +@@ -138,7 +138,8 @@ class CDecoder :
195 + Byte m_LastLevels[kMaxTableSize];
196 +
197 + UInt64 m_PackSize;
198 +- bool m_IsSolid;
199 ++ bool _isSolid;
200 ++ bool _solidAllowed;
201 + bool m_TablesOK;
202 +
203 + void InitStructures();
204 +diff --git a/CPP/7zip/Compress/Rar3Decoder.cpp b/CPP/7zip/Compress/Rar3Decoder.cpp
205 +index 6cb8a6a..7b85833 100644
206 +--- a/CPP/7zip/Compress/Rar3Decoder.cpp
207 ++++ b/CPP/7zip/Compress/Rar3Decoder.cpp
208 +@@ -92,7 +92,8 @@ CDecoder::CDecoder():
209 + _writtenFileSize(0),
210 + _vmData(0),
211 + _vmCode(0),
212 +- m_IsSolid(false),
213 ++ _isSolid(false),
214 ++ _solidAllowed(false),
215 + _errorMode(false)
216 + {
217 + Ppmd7_Construct(&_ppmd);
218 +@@ -821,7 +822,7 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress)
219 + {
220 + _writtenFileSize = 0;
221 + _unsupportedFilter = false;
222 +- if (!m_IsSolid)
223 ++ if (!_isSolid)
224 + {
225 + _lzSize = 0;
226 + _winPos = 0;
227 +@@ -840,12 +841,15 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress)
228 + if (_errorMode)
229 + return S_FALSE;
230 +
231 +- if (!m_IsSolid || !TablesRead)
232 ++ if (!_isSolid || !TablesRead)
233 + {
234 + bool keepDecompressing;
235 + RINOK(ReadTables(keepDecompressing));
236 + if (!keepDecompressing)
237 ++ {
238 ++ _solidAllowed = true;
239 + return S_OK;
240 ++ }
241 + }
242 +
243 + for (;;)
244 +@@ -870,6 +874,9 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress)
245 + if (!keepDecompressing)
246 + break;
247 + }
248 ++
249 ++ _solidAllowed = true;
250 ++
251 + RINOK(WriteBuf());
252 + UInt64 packSize = m_InBitStream.BitDecoder.GetProcessedSize();
253 + RINOK(progress->SetRatioInfo(&packSize, &_writtenFileSize));
254 +@@ -890,6 +897,10 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream
255 + if (!inSize)
256 + return E_INVALIDARG;
257 +
258 ++ if (_isSolid && !_solidAllowed)
259 ++ return S_FALSE;
260 ++ _solidAllowed = false;
261 ++
262 + if (!_vmData)
263 + {
264 + _vmData = (Byte *)::MidAlloc(kVmDataSizeMax + kVmCodeSizeMax);
265 +@@ -928,7 +939,7 @@ STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size)
266 + {
267 + if (size < 1)
268 + return E_INVALIDARG;
269 +- m_IsSolid = ((data[0] & 1) != 0);
270 ++ _isSolid = ((data[0] & 1) != 0);
271 + return S_OK;
272 + }
273 +
274 +diff --git a/CPP/7zip/Compress/Rar3Decoder.h b/CPP/7zip/Compress/Rar3Decoder.h
275 +index 2f72d7d..32c8943 100644
276 +--- a/CPP/7zip/Compress/Rar3Decoder.h
277 ++++ b/CPP/7zip/Compress/Rar3Decoder.h
278 +@@ -191,7 +191,8 @@ class CDecoder:
279 + CRecordVector<CTempFilter *> _tempFilters;
280 + UInt32 _lastFilter;
281 +
282 +- bool m_IsSolid;
283 ++ bool _isSolid;
284 ++ bool _solidAllowed;
285 + bool _errorMode;
286 +
287 + bool _lzMode;
288 +diff --git a/CPP/7zip/Compress/Rar5Decoder.cpp b/CPP/7zip/Compress/Rar5Decoder.cpp
289 +index dc8830f..a826d5a 100644
290 +--- a/CPP/7zip/Compress/Rar5Decoder.cpp
291 ++++ b/CPP/7zip/Compress/Rar5Decoder.cpp
292 +@@ -72,6 +72,7 @@ CDecoder::CDecoder():
293 + _writtenFileSize(0),
294 + _dictSizeLog(0),
295 + _isSolid(false),
296 ++ _solidAllowed(false),
297 + _wasInit(false),
298 + _inputBuf(NULL)
299 + {
300 +@@ -801,7 +802,10 @@ HRESULT CDecoder::CodeReal()
301 + */
302 +
303 + if (res == S_OK)
304 ++ {
305 ++ _solidAllowed = true;
306 + res = res2;
307 ++ }
308 +
309 + if (res == S_OK && _unpackSize_Defined && _writtenFileSize != _unpackSize)
310 + return S_FALSE;
311 +@@ -821,6 +825,10 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream
312 + {
313 + try
314 + {
315 ++ if (_isSolid && !_solidAllowed)
316 ++ return S_FALSE;
317 ++ _solidAllowed = false;
318 ++
319 + if (_dictSizeLog >= sizeof(size_t) * 8)
320 + return E_NOTIMPL;
321 +
322 +diff --git a/CPP/7zip/Compress/Rar5Decoder.h b/CPP/7zip/Compress/Rar5Decoder.h
323 +index b0a4dd1..3db5018 100644
324 +--- a/CPP/7zip/Compress/Rar5Decoder.h
325 ++++ b/CPP/7zip/Compress/Rar5Decoder.h
326 +@@ -271,6 +271,7 @@ class CDecoder:
327 + Byte _dictSizeLog;
328 + bool _tableWasFilled;
329 + bool _isSolid;
330 ++ bool _solidAllowed;
331 + bool _wasInit;
332 +
333 + UInt32 _reps[kNumReps];
334
335 diff --git a/app-arch/p7zip/p7zip-16.02-r4.ebuild b/app-arch/p7zip/p7zip-16.02-r4.ebuild
336 new file mode 100644
337 index 00000000000..57134020e70
338 --- /dev/null
339 +++ b/app-arch/p7zip/p7zip-16.02-r4.ebuild
340 @@ -0,0 +1,165 @@
341 +# Copyright 1999-2018 Gentoo Foundation
342 +# Distributed under the terms of the GNU General Public License v2
343 +
344 +EAPI=6
345 +
346 +WX_GTK_VER="3.0"
347 +
348 +inherit toolchain-funcs wxwidgets
349 +
350 +DESCRIPTION="Port of 7-Zip archiver for Unix"
351 +HOMEPAGE="http://p7zip.sourceforge.net/"
352 +SRC_URI="mirror://sourceforge/${PN}/${PN}_${PV}_src_all.tar.bz2"
353 +
354 +LICENSE="LGPL-2.1 rar? ( unRAR )"
355 +SLOT="0"
356 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris"
357 +IUSE="abi_x86_x32 doc kde +pch rar static wxwidgets"
358 +
359 +REQUIRED_USE="kde? ( wxwidgets )"
360 +
361 +RDEPEND="wxwidgets? ( x11-libs/wxGTK:${WX_GTK_VER}[X] )"
362 +DEPEND="${RDEPEND}
363 + abi_x86_x32? ( >=dev-lang/yasm-1.2.0-r1 )
364 + amd64? ( dev-lang/yasm )
365 + x86? ( dev-lang/nasm )"
366 +
367 +S=${WORKDIR}/${PN}_${PV}
368 +
369 +DOCS=( ChangeLog README TODO )
370 +
371 +PATCHES=(
372 + "${FILESDIR}"/${P}-darwin.patch
373 + "${FILESDIR}"/CVE-2016-9296.patch
374 + "${FILESDIR}"/CVE-2017-17969.patch
375 + "${FILESDIR}"/CVE-2018-5996.patch
376 + "${FILESDIR}"/CVE-2018-10115.patch
377 +)
378 +
379 +src_prepare() {
380 + default
381 +
382 + if ! use pch; then
383 + sed "s:PRE_COMPILED_HEADER=StdAfx.h.gch:PRE_COMPILED_HEADER=:g" -i makefile.* || die
384 + fi
385 +
386 + sed \
387 + -e 's:-m32 ::g' \
388 + -e 's:-m64 ::g' \
389 + -e 's:-pipe::g' \
390 + -e '/ALLFLAGS/s:-s ::' \
391 + -e "/OPTFLAGS=/s:=.*:=${CXXFLAGS}:" \
392 + -i makefile* || die
393 +
394 + # remove non-free RAR codec
395 + if use rar; then
396 + ewarn "Enabling nonfree RAR decompressor"
397 + else
398 + sed \
399 + -e '/Rar/d' \
400 + -e '/RAR/d' \
401 + -i makefile* CPP/7zip/Bundles/Format7zFree/makefile || die
402 + rm -rf CPP/7zip/Compress/Rar || die
403 + fi
404 +
405 + if use abi_x86_x32; then
406 + sed -i -e "/^ASM=/s:amd64:x32:" makefile* || die
407 + cp -f makefile.linux_amd64_asm makefile.machine || die
408 + elif use amd64; then
409 + cp -f makefile.linux_amd64_asm makefile.machine || die
410 + elif use x86; then
411 + cp -f makefile.linux_x86_asm_gcc_4.X makefile.machine || die
412 + elif [[ ${CHOST} == *-darwin* ]] ; then
413 + # Mac OS X needs this special makefile, because it has a non-GNU
414 + # linker, it doesn't matter so much for bitwidth, for it doesn't
415 + # do anything with it
416 + cp -f makefile.macosx_llvm_64bits makefile.machine
417 + # bundles have extension .bundle but don't die because USE=-rar
418 + # removes the Rar directory
419 + sed -i -e '/strcpy(name/s/\.so/.bundle/' \
420 + CPP/Windows/DLL.cpp || die
421 + sed -i -e '/^PROG=/s/\.so/.bundle/' \
422 + CPP/7zip/Bundles/Format7zFree/makefile.list \
423 + $(use rar && echo CPP/7zip/Compress/Rar/makefile.list) || die
424 + elif use x86-fbsd; then
425 + # FreeBSD needs this special makefile, because it hasn't -ldl
426 + sed -e 's/-lc_r/-pthread/' makefile.freebsd > makefile.machine
427 + fi
428 +
429 + if use static; then
430 + sed -i -e '/^LOCAL_LIBS=/s/LOCAL_LIBS=/&-static /' makefile.machine || die
431 + fi
432 +
433 + if use kde || use wxwidgets; then
434 + need-wxwidgets unicode
435 + einfo "Preparing dependency list"
436 + emake depend
437 + fi
438 +}
439 +
440 +src_compile() {
441 + emake CC=$(tc-getCC) CXX=$(tc-getCXX) all3
442 + if use kde || use wxwidgets; then
443 + emake CC=$(tc-getCC) CXX=$(tc-getCXX) -- 7zG
444 +# emake -- 7zFM
445 + fi
446 +}
447 +
448 +src_test() {
449 + emake test test_7z test_7zr
450 +}
451 +
452 +src_install() {
453 + # this wrappers can not be symlinks, p7zip should be called with full path
454 + make_wrapper 7zr "/usr/$(get_libdir)/${PN}/7zr"
455 + make_wrapper 7za "/usr/$(get_libdir)/${PN}/7za"
456 + make_wrapper 7z "/usr/$(get_libdir)/${PN}/7z"
457 +
458 + if use kde || use wxwidgets; then
459 + make_wrapper 7zG "/usr/$(get_libdir)/${PN}/7zG"
460 +# make_wrapper 7zFM "/usr/$(get_libdir)/${PN}/7zFM"
461 +
462 +# make_desktop_entry 7zFM "${PN} FM" ${PN} "GTK;Utility;Archiving;Compression"
463 +
464 + dobin GUI/p7zipForFilemanager
465 + exeinto /usr/$(get_libdir)/${PN}
466 +# doexe bin/7z{G,FM}
467 + doexe bin/7zG
468 +
469 + insinto /usr/$(get_libdir)/${PN}
470 + doins -r GUI/Lang
471 + doins -r DOC/MANUAL
472 +
473 + insinto /usr/share/icons/hicolor/16x16/apps/
474 + newins GUI/p7zip_16_ok.png p7zip.png
475 +
476 + if use kde; then
477 + rm GUI/kde4/p7zip_compress.desktop || die
478 + insinto /usr/share/kservices5/ServiceMenus
479 + doins GUI/kde4/*.desktop
480 + dodir /usr/share/kde4/services/ServiceMenus # drop these lines after konqueror:4/krusader:4 are gone
481 + for item in "${ED}"usr/share/kservices5/ServiceMenus/*.desktop; do
482 + item="$(basename ${item})"
483 + dosym "/usr/share/kservices5/ServiceMenus/${item}" "/usr/share/kde4/services/ServiceMenus/${item}"
484 + done
485 + fi
486 + fi
487 +
488 + dobin contrib/gzip-like_CLI_wrapper_for_7z/p7zip
489 + doman contrib/gzip-like_CLI_wrapper_for_7z/man1/p7zip.1
490 +
491 + exeinto /usr/$(get_libdir)/${PN}
492 + doexe bin/7z bin/7za bin/7zr bin/7zCon.sfx
493 + doexe bin/*$(get_modname)
494 + if use rar; then
495 + exeinto /usr/$(get_libdir)/${PN}/Codecs/
496 + doexe bin/Codecs/*$(get_modname)
497 + fi
498 +
499 + doman man1/7z.1 man1/7za.1 man1/7zr.1
500 +
501 + if use doc; then
502 + dodoc DOC/*.txt
503 + dohtml -r DOC/MANUAL/*
504 + fi
505 +}
Report Message
Find on MARC Find on Google Groups