summaryrefslogtreecommitdiff
path: root/gnu/packages
diff options
context:
space:
mode:
authorEfraim Flashner <efraim@flashner.co.il>2019-07-10 11:58:47 +0300
committerEfraim Flashner <efraim@flashner.co.il>2019-07-10 12:45:34 +0300
commit05f386f103bbd0145ac2fcf8b920bb27f1b518a4 (patch)
treeef0474b55e5ea911969bb92972fa9e5df4a7f0a2 /gnu/packages
parentba7047975329b747e3fb493ca6076b727b4e3b82 (diff)
gnu: plib: Fix CVE-2011-4620, CVE-2012-4552.
* gnu/packages/game-development.scm (plib)[patches]: Add patches. * gnu/packages/patches/plib-CVE-2011-4620.patch, gnu/packages/patches/plib-CVE-2012-4552.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them.
Diffstat (limited to 'gnu/packages')
-rw-r--r--gnu/packages/game-development.scm4
-rw-r--r--gnu/packages/patches/plib-CVE-2011-4620.patch13
-rw-r--r--gnu/packages/patches/plib-CVE-2012-4552.patch57
3 files changed, 73 insertions, 1 deletions
diff --git a/gnu/packages/game-development.scm b/gnu/packages/game-development.scm
index 05a68b717a..7eac935a69 100644
--- a/gnu/packages/game-development.scm
+++ b/gnu/packages/game-development.scm
@@ -1434,7 +1434,9 @@ joystick support.")))
"plib-" version ".tar.gz"))
(sha256
(base32
- "0cha71mflpa10vh2l7ipyqk67dq2y0k5xbafwdks03fwdyzj4ns8"))))
+ "0cha71mflpa10vh2l7ipyqk67dq2y0k5xbafwdks03fwdyzj4ns8"))
+ (patches (search-patches "plib-CVE-2011-4620.patch"
+ "plib-CVE-2012-4552.patch"))))
(build-system gnu-build-system)
(inputs
`(("mesa" ,mesa)
diff --git a/gnu/packages/patches/plib-CVE-2011-4620.patch b/gnu/packages/patches/plib-CVE-2011-4620.patch
new file mode 100644
index 0000000000..c5a03bd0ca
--- /dev/null
+++ b/gnu/packages/patches/plib-CVE-2011-4620.patch
@@ -0,0 +1,13 @@
+https://sources.debian.org/data/main/p/plib/1.8.5-8/debian/patches/04_CVE-2011-4620.diff
+
+--- a/src/util/ulError.cxx
++++ b/src/util/ulError.cxx
+@@ -39,7 +39,7 @@
+ {
+ va_list argp;
+ va_start ( argp, fmt ) ;
+- vsprintf ( _ulErrorBuffer, fmt, argp ) ;
++ vsnprintf ( _ulErrorBuffer, sizeof(_ulErrorBuffer), fmt, argp ) ;
+ va_end ( argp ) ;
+
+ if ( _ulErrorCB )
diff --git a/gnu/packages/patches/plib-CVE-2012-4552.patch b/gnu/packages/patches/plib-CVE-2012-4552.patch
new file mode 100644
index 0000000000..7b697855d6
--- /dev/null
+++ b/gnu/packages/patches/plib-CVE-2012-4552.patch
@@ -0,0 +1,57 @@
+https://sources.debian.org/data/main/p/plib/1.8.5-8/debian/patches/05_CVE-2012-4552.diff
+
+diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx
+--- plib-1.8.5/src/ssg/ssgParser.cxx~ 2008-03-11 03:06:23.000000000 +0100
++++ plib-1.8.5/src/ssg/ssgParser.cxx 2012-11-01 15:33:12.424483374 +0100
+@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form
+ char msgbuff[ 255 ];
+ va_list argp;
+
+- char* msgptr = msgbuff;
+- if (linenum)
+- {
+- msgptr += sprintf ( msgptr,"%s, line %d: ",
+- path, linenum );
+- }
+-
+ va_start( argp, format );
+- vsprintf( msgptr, format, argp );
++ vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
+ va_end( argp );
+
+- ulSetError ( UL_WARNING, "%s", msgbuff ) ;
++ if (linenum)
++ {
++ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ;
++ } else {
++ ulSetError ( UL_WARNING, "%s", msgbuff ) ;
++ }
+ }
+
+
+@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo
+ char msgbuff[ 255 ];
+ va_list argp;
+
+- char* msgptr = msgbuff;
+- if (linenum)
+- {
+- msgptr += sprintf ( msgptr,"%s, line %d: ",
+- path, linenum );
+- }
+-
+ va_start( argp, format );
+- vsprintf( msgptr, format, argp );
++ vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
+ va_end( argp );
+
+- ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
++ if (linenum)
++ {
++ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ;
++ } else {
++ ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
++ }
+ }
+
+ // Opens the file and does a few internal calculations based on the spec.