From 56ac2bf442c0639f498cdea2db4f3e57cdb49140 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 02:14:28 -0500 Subject: gnu: pixman: Add fix for CVE-2016-5296. * gnu/packages/patches/pixman-CVE-2016-5296.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/xdisorg.scm (pixman)[replacement]: New field. (pixman/fixed): New variable. --- gnu/local.mk | 1 + 1 file changed, 1 insertion(+) (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 08f99c4836..8a8b7434ad 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -785,6 +785,7 @@ dist_patch_DATA = \ %D%/packages/patches/pinball-src-deps.patch \ %D%/packages/patches/pinball-system-ltdl.patch \ %D%/packages/patches/pingus-sdl-libs-config.patch \ + %D%/packages/patches/pixman-CVE-2016-5296.patch \ %D%/packages/patches/plink-1.07-unclobber-i.patch \ %D%/packages/patches/plink-endian-detection.patch \ %D%/packages/patches/plotutils-libpng-jmpbuf.patch \ -- cgit v1.2.3 From 1a87aa75671ad6567cd57fce0936220862107478 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 04:38:27 -0500 Subject: gnu: icecat: Add fixes from Firefox ESR 45.5.0. Includes fixes for CVE-2016-5290, CVE-2016-5291, CVE-2016-5297, CVE-2016-9064, and CVE-2016-9066. * gnu/packages/gnuzilla.scm (icecat)[source][patches]: Add fixes for aforementioned CVEs and other selected fixes from Firefox ESR 45.5.0. Note that the first six patches of CVE-2016-5290 and the patch for CVE-2016-9066 were already present, but were labeled by mozilla bug number instead of CVE. * gnu/packages/patches/icecat-CVE-2016-9064.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/gnuzilla.scm | 30 +- gnu/packages/patches/icecat-CVE-2016-9064.patch | 996 ++++++++++++++++++++++++ 3 files changed, 1020 insertions(+), 7 deletions(-) create mode 100644 gnu/packages/patches/icecat-CVE-2016-9064.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 8a8b7434ad..3989cb831b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -612,6 +612,7 @@ dist_patch_DATA = \ %D%/packages/patches/hypre-ldflags.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ %D%/packages/patches/icecat-binutils.patch \ + %D%/packages/patches/icecat-CVE-2016-9064.patch \ %D%/packages/patches/icu4c-CVE-2014-6585.patch \ %D%/packages/patches/icu4c-CVE-2015-1270.patch \ %D%/packages/patches/icu4c-CVE-2015-4760.patch \ diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 6bfe90f9f5..267c621c41 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -346,13 +346,29 @@ (define-public icecat ,(mozilla-patch "icecat-CVE-2016-5284-pt5.patch" "0799490f4e6f" "1ypv6i48nabbhcqbach8fbgz9bmnhm7q5z9dnfid44z8g54l3f33") ,(mozilla-patch "icecat-CVE-2016-5284-pt6.patch" "fc990e4ae8bc" "1s2cj505ajwwiy4xvn5zlmyzqpgahxmqqvis0a6xm6mjbjh02gm4") ,(mozilla-patch "icecat-bug-1251088.patch" "5ffa912ed83e" "0v5lpv3c89c2d4y5acn0kyijv096axdnrvaj5ya5yypzfcaqxv24") - ,(mozilla-patch "icecat-bug-1292590.patch" "d4b5b8f3e373" "0w8cxn6ryhgxryy8k8i06yw4mknv509ns9ff1avd0hmgxa83mcdp") - ,(mozilla-patch "icecat-bug-1298169.patch" "adce603ae36d" "0mgs85cwx61bk17r7npl311l4m8yn4667wyhgjmm2ajiys6nn0yl") - ,(mozilla-patch "icecat-bug-1301496.patch" "97268426bb6f" "1z7hg796cgag025gm9pp2szz7w870s7naagdri1dlsilj797v8hr") - ,(mozilla-patch "icecat-bug-1299519.patch" "fc055950b6b8" "05iml5k3rzc653jk4imd111sh18625jxfxkcj12kjdihl0gdr4x4") - ,(mozilla-patch "icecat-bug-1303710.patch" "6f845c23565b" "01dlbnmpsnwr448fajs276y62gl03r74k1hxnwsg6ihwhnfdvn5a") - ,(mozilla-patch "icecat-bug-1301343.patch" "e5d51ca7a3c0" "0hshcz24hc6pkz5pcqxhajm17ibwrlfn1s00frfnpjjy56vacfz0") - ,(mozilla-patch "icecat-bug-1299686.patch" "576f1725a57e" "1lic9d3r8r1vcniw1g3ca71390lw3dmwjsw55dp6z96hyjbcq3fd"))) + ,(mozilla-patch "icecat-CVE-2016-5290-pt1.patch" "d4b5b8f3e373" "0w8cxn6ryhgxryy8k8i06yw4mknv509ns9ff1avd0hmgxa83mcdp") + ,(mozilla-patch "icecat-CVE-2016-5290-pt2.patch" "adce603ae36d" "0mgs85cwx61bk17r7npl311l4m8yn4667wyhgjmm2ajiys6nn0yl") + ,(mozilla-patch "icecat-CVE-2016-5290-pt3.patch" "97268426bb6f" "1z7hg796cgag025gm9pp2szz7w870s7naagdri1dlsilj797v8hr") + ,(mozilla-patch "icecat-CVE-2016-5290-pt4.patch" "fc055950b6b8" "05iml5k3rzc653jk4imd111sh18625jxfxkcj12kjdihl0gdr4x4") + ,(mozilla-patch "icecat-CVE-2016-5290-pt5.patch" "6f845c23565b" "01dlbnmpsnwr448fajs276y62gl03r74k1hxnwsg6ihwhnfdvn5a") + ,(mozilla-patch "icecat-CVE-2016-5290-pt6.patch" "e5d51ca7a3c0" "0hshcz24hc6pkz5pcqxhajm17ibwrlfn1s00frfnpjjy56vacfz0") + ,(mozilla-patch "icecat-CVE-2016-5290-pt7.patch" "61d1463acd04" "1iig4a79dxmfcr6w82mdhyl88wy7d36g5n4p24632kbabgl9j9sz") + ,(mozilla-patch "icecat-CVE-2016-5290-pt8.patch" "8e0bab4216de" "1knq8h5ni8crfndi3p78b2pyj5lzchqw67vk0yx061r76mq4wp4r") + ,(mozilla-patch "icecat-CVE-2016-5290-pt9.patch" "bb10104dc89e" "1flvagckrzfk7hs2xzb5j3s5i0ck57ygyskh5494xmpa2a1nnsqj") + ,(mozilla-patch "icecat-CVE-2016-5290-pt10.patch" "7006b275b829" "0sqagm247wx94mf51fyhdkn0vf1a1qy9i829shjnhssd79srxmnn") + ,(mozilla-patch "icecat-CVE-2016-5290-pt11.patch" "32ce7be98543" "1y2r9i4p1qpqi75mlwmibr51whz5h1vj28c6mh6ik57dxkqxbclb") + ,(mozilla-patch "icecat-CVE-2016-5291.patch" "3ff0c89f3b26" "1prn74aglshaj27jfrpd2s2i4slpljw4rbzjxc1qgwjvkq4m6j6f") + ,(mozilla-patch "icecat-CVE-2016-5296.patch" "5e39c1c2fded" "0rjza37gvpzhbqfmpad33kljnpl1yfd9wm8xf7ll6bay3m8cqj6j") + ,(mozilla-patch "icecat-CVE-2016-5297.patch" "46b07bdbf8b2" "1n8y1c5l0ms81dra7jsx8mp633ak5qvx105drvlg9hn3m0fwv1lj") + ,(search-patch "icecat-CVE-2016-9064.patch") ; adapted for icecat based on: + ; "00c2b7baaa0b" "0y02yb7r62656nq9dji9dnwils2lxqasjz5byv62j1xa87r7f9hp" + ,(mozilla-patch "icecat-CVE-2016-9066.patch" "576f1725a57e" "1lic9d3r8r1vcniw1g3ca71390lw3dmwjsw55dp6z96hyjbcq3fd") + ,(mozilla-patch "icecat-bug-1212939.patch" "4a0e851f83e4" "182vx1qxrr7r2175jjf0bcixwwm1khdj4sq0c8wnsyry7p9waq5q") + ,(mozilla-patch "icecat-bug-1168743.patch" "a1e06af61ab3" "07llk1ba6axjasiv30vicz96k55ff4mybxy21vjxk6j0asgyjz23") + ,(mozilla-patch "icecat-bug-1287176.patch" "0569d5dce9db" "1d41sqbq6jc3af73dz9w19win7v7c12kw1mp7j7b1gkadq46c4y7") + ,(mozilla-patch "icecat-bug-1263665.patch" "a79cafee93f4" "0bn7hpm8mh8qmkpz5wiridr792irrs5sjxyvryazy2i0p4pjh62p") + ,(mozilla-patch "icecat-bug-1304962.patch" "f61049d5f373" "04d1na31qqq7yq4jjvhq6vzqq3f23rwac8c6fw4h5fx1pdb3l997") + ,(mozilla-patch "icecat-bug-1314574.patch" "46b2558ca469" "00q8676xg4wb7p371wgi04nl05j7idkb2kna9a0l08k6lks9wdhh"))) (modules '((guix build utils))) (snippet '(begin diff --git a/gnu/packages/patches/icecat-CVE-2016-9064.patch b/gnu/packages/patches/icecat-CVE-2016-9064.patch new file mode 100644 index 0000000000..a5393815e0 --- /dev/null +++ b/gnu/packages/patches/icecat-CVE-2016-9064.patch @@ -0,0 +1,996 @@ +Copied from + +but with one hunk omitted: the git binary patch for +toolkit/mozapps/extensions/test/addons/test_update_multi2/addon.xpi +which is not present in the IceCat sources. + +# HG changeset patch +# User Andrew Swan +# Date 1474063218 25200 +# Node ID 00c2b7baaa0b4bfb7d5f1aac31c094ea6b255e1f +# Parent 46b07bdbf8b20cf3fdc28104add57ff58a55832b +Bug 1303418 - Don't allow upgrades that change the addon ID. r=mossop, a=lizzard + +MozReview-Commit-ID: JHINo8ShmeI + +diff --git a/toolkit/mozapps/extensions/AddonManager.jsm b/toolkit/mozapps/extensions/AddonManager.jsm +--- a/toolkit/mozapps/extensions/AddonManager.jsm ++++ b/toolkit/mozapps/extensions/AddonManager.jsm +@@ -2956,16 +2956,18 @@ this.AddonManager = { + // The downloaded file seems to be corrupted in some way. + ERROR_CORRUPT_FILE: -3, + // An error occured trying to write to the filesystem. + ERROR_FILE_ACCESS: -4, + // The add-on must be signed and isn't. + ERROR_SIGNEDSTATE_REQUIRED: -5, + // The downloaded add-on had a different type than expected. + ERROR_UNEXPECTED_ADDON_TYPE: -6, ++ // The addon did not have the expected ID ++ ERROR_INCORRECT_ID: -7, + + // These must be kept in sync with AddonUpdateChecker. + // No error was encountered. + UPDATE_STATUS_NO_ERROR: 0, + // The update check timed out + UPDATE_STATUS_TIMEOUT: -1, + // There was an error while downloading the update information. + UPDATE_STATUS_DOWNLOAD_ERROR: -2, +diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm +--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm ++++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm +@@ -5473,16 +5473,37 @@ AddonInstall.prototype = { + // loadManifestFromZipReader performs the certificate verification for us + this.addon = yield loadManifestFromZipReader(zipreader, this.installLocation); + } + catch (e) { + zipreader.close(); + return Promise.reject([AddonManager.ERROR_CORRUPT_FILE, e]); + } + ++ if (this.existingAddon) { ++ // Check various conditions related to upgrades ++ if (this.addon.id != this.existingAddon.id) { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_INCORRECT_ID, ++ `Refusing to upgrade addon ${this.existingAddon.id} to different ID ${this.addon.id}`]); ++ } ++ ++ if (this.addon.type == "multipackage") { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, ++ `Refusing to upgrade addon ${this.existingAddon.id} to a multi-package xpi`]); ++ } ++ ++ if (this.existingAddon.type == "webextension" && this.addon.type != "webextension") { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, ++ "Webextensions may not be updated to other extension types"]); ++ } ++ } ++ + if (mustSign(this.addon.type)) { + if (this.addon.signedState <= AddonManager.SIGNEDSTATE_MISSING) { + // This add-on isn't properly signed by a signature that chains to the + // trusted root. + let state = this.addon.signedState; + this.addon = null; + zipreader.close(); + +@@ -5510,23 +5531,16 @@ AddonInstall.prototype = { + } else { + zipreader.close(); + return Promise.reject([AddonManager.ERROR_CORRUPT_FILE, + "XPI is incorrectly signed"]); + } + } + } + +- if (this.existingAddon && this.existingAddon.type == "webextension" && +- this.addon.type != "webextension") { +- zipreader.close(); +- return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, +- "WebExtensions may not be upated to other extension types"]); +- } +- + if (this.addon.type == "multipackage") + return this._loadMultipackageManifests(zipreader); + + zipreader.close(); + + this.updateAddonURIs(); + + this.addon._install = this; +@@ -5791,16 +5805,17 @@ AddonInstall.prototype = { + else { + // TODO Should we send some event here (bug 557716)? + this.state = AddonManager.STATE_CHECKING; + new UpdateChecker(this.addon, { + onUpdateFinished: aAddon => this.downloadCompleted(), + }, AddonManager.UPDATE_WHEN_ADDON_INSTALLED); + } + }, ([error, message]) => { ++ this.removeTemporaryFile(); + this.downloadFailed(error, message); + }); + } + else { + if (aRequest instanceof Ci.nsIHttpChannel) + this.downloadFailed(AddonManager.ERROR_NETWORK_FAILURE, + aRequest.responseStatus + " " + + aRequest.responseStatusText); +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf b/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ updatemulti@tests.mozilla.org ++ 1.0 ++ http://localhost:4444/data/test_update_multi.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf +@@ -0,0 +1,9 @@ ++ ++ ++ ++ updatemulti@tests.mozilla.org ++ 32 ++ 2.0 ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ addon1@tests.mozilla.org ++ 1.0 ++ http://localhost:4444/data/test_updateid.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ addon1.changed@tests.mozilla.org ++ 2.0 ++ http://localhost:4444/data/test_updateid.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf ++++ /dev/null +@@ -1,24 +0,0 @@ +- +- +- +- +- +- addon2@tests.mozilla.org +- 2.0 +- http://localhost:4444/data/test_updateid.rdf +- +- +- Test 2 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf ++++ /dev/null +@@ -1,24 +0,0 @@ +- +- +- +- +- +- addon2@tests.mozilla.org +- 5.0 +- http://localhost:4444/data/test_updateid.rdf +- +- +- Test 2 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js ++++ /dev/null +@@ -1,21 +0,0 @@ +-Components.utils.import("resource://gre/modules/Services.jsm"); +- +-function install(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 3); +- Services.prefs.setIntPref("bootstraptest.install_reason", reason); +-} +- +-function startup(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 3); +- Services.prefs.setIntPref("bootstraptest.startup_reason", reason); +-} +- +-function shutdown(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 0); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", reason); +-} +- +-function uninstall(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 0); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", reason); +-} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf ++++ /dev/null +@@ -1,25 +0,0 @@ +- +- +- +- +- +- addon3@tests.mozilla.org +- 3.0 +- http://localhost:4444/data/test_updateid.rdf +- true +- +- +- Test 3 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js ++++ /dev/null +@@ -1,21 +0,0 @@ +-Components.utils.import("resource://gre/modules/Services.jsm"); +- +-function install(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 4); +- Services.prefs.setIntPref("bootstraptest.install_reason", reason); +-} +- +-function startup(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 4); +- Services.prefs.setIntPref("bootstraptest.startup_reason", reason); +-} +- +-function shutdown(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 0); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", reason); +-} +- +-function uninstall(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 0); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", reason); +-} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf ++++ /dev/null +@@ -1,25 +0,0 @@ +- +- +- +- +- +- addon4@tests.mozilla.org +- 4.0 +- http://localhost:4444/data/test_updateid.rdf +- true +- +- +- Test 4 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf b/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf +@@ -0,0 +1,26 @@ ++ ++ ++ ++ ++ ++ ++ ++
  • ++ ++ 2.0 ++ ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ http://localhost:4444/addons/test_update_multi2.xpi ++ ++ ++ ++
    • ++     ++     ++     ++ ++     +diff --git a/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf b/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf +--- a/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf ++++ b/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf +@@ -9,77 +9,17 @@ +
  • + + 2.0 + + + xpcshell@tests.mozilla.org + 1 + 1 +- http://localhost:4444/addons/test_updateid2_2.xpi +- +- +- +-
    • +- +- +- +- +- +- +- +-
  • +- +- 3.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid3_3.xpi +- +- +- +-
    • +-     +-     +-     +- +- +- +- +-
  • +- +- 4.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid4_4.xpi +- +- +- +-
    • +-     +-     +-     +- +- +- +- +-
  • +- +- 5.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid2_5.xpi ++ http://localhost:4444/addons/test_updateid2.xpi + + + +
    • +     +     +     + +diff --git a/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js b/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js +--- a/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js ++++ b/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js +@@ -2,421 +2,85 @@ + * http://creativecommons.org/publicdomain/zero/1.0/ + */ + + // This verifies that updating an add-on to a new ID works + + // The test extension uses an insecure update url. + Services.prefs.setBoolPref("extensions.checkUpdateSecurity", false); + +-Components.utils.import("resource://testing-common/httpd.js"); +-var testserver; + const profileDir = gProfD.clone(); + profileDir.append("extensions"); + +-function resetPrefs() { +- Services.prefs.setIntPref("bootstraptest.active_version", -1); +- Services.prefs.setIntPref("bootstraptest.installed_version", -1); +- Services.prefs.setIntPref("bootstraptest.startup_reason", -1); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", -1); +- Services.prefs.setIntPref("bootstraptest.install_reason", -1); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", -1); +-} +- +-function getActiveVersion() { +- return Services.prefs.getIntPref("bootstraptest.active_version"); +-} +- +-function getInstalledVersion() { +- return Services.prefs.getIntPref("bootstraptest.installed_version"); +-} +- +-function run_test() { +- createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1.9.2"); +- +- // Create and configure the HTTP server. +- testserver = new HttpServer(); +- testserver.registerDirectory("/data/", do_get_file("data")); +- testserver.registerDirectory("/addons/", do_get_file("addons")); +- testserver.start(4444); +- +- do_test_pending(); +- run_test_1(); +-} +- +-function end_test() { +- testserver.stop(do_test_finished); +-} +- +-function installUpdate(aInstall, aCallback) { +- aInstall.addListener({ +- onInstallEnded: function(aInstall) { +- // give the startup time to run +- do_execute_soon(function() { +- aCallback(aInstall); +- }); +- } +- }); +- +- aInstall.install(); +-} +- +-// Verify that an update to an add-on with a new ID uninstalls the old add-on +-function run_test_1() { +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- +- startupManager(); +- +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); ++function promiseInstallUpdate(install) { ++ return new Promise((resolve, reject) => { ++ install.addListener({ ++ onDownloadFailed: () => { ++ let err = new Error("download error"); ++ err.code = install.error; ++ reject(err); ++ }, ++ onInstallFailed: () => { ++ let err = new Error("install error"); ++ err.code = install.error; ++ reject(err); ++ }, ++ onInstallEnded: resolve, ++ }); + +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- do_check_eq(install.name, addon.name); +- do_check_eq(install.version, "2.0"); +- do_check_eq(install.state, AddonManager.STATE_AVAILABLE); +- do_check_eq(install.existingAddon, a1); +- +- installUpdate(install, check_test_1); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_1(install) { +- AddonManager.getAddonByID("addon1@tests.mozilla.org", callback_soon(function(a1) { +- // Existing add-on should have a pending upgrade +- do_check_neq(a1.pendingUpgrade, null); +- do_check_eq(a1.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a1.pendingUpgrade.install.existingAddon, a1); +- do_check_neq(a1.syncGUID); +- +- let a1SyncGUID = a1.syncGUID; +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have uninstalled the old and installed the new +- do_check_eq(a1, null); +- do_check_neq(a2, null); +- do_check_neq(a2.syncGUID, null); +- +- // The Sync GUID should change when the ID changes +- do_check_neq(a1SyncGUID, a2.syncGUID); +- +- a2.uninstall(); +- +- do_execute_soon(run_test_2); +- }); +- })); +-} +- +-// Test that when the new add-on already exists we just upgrade that +-function run_test_2() { +- restartManager(); +- shutdownManager(); +- +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- writeInstallRDFForExtension({ +- id: "addon2@tests.mozilla.org", +- version: "1.0", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 2", +- }, profileDir); +- +- startupManager(); +- +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); +- +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_2); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ install.install(); + }); + } + +-function check_test_2(install) { +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a1, a2]) { +- do_check_eq(a1.pendingUpgrade, null); +- // Existing add-on should have a pending upgrade +- do_check_neq(a2.pendingUpgrade, null); +- do_check_eq(a2.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a2.pendingUpgrade.install.existingAddon, a2); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have uninstalled the old and installed the new +- do_check_neq(a1, null); +- do_check_neq(a2, null); +- +- a1.uninstall(); +- a2.uninstall(); +- +- do_execute_soon(run_test_3); +- }); +- })); +-} +- +-// Test that we rollback correctly when removing the old add-on fails +-function run_test_3() { +- restartManager(); +- shutdownManager(); +- +- // This test only works on Windows +- if (!("nsIWindowsRegKey" in AM_Ci)) { +- run_test_4(); +- return; +- } +- +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- +- startupManager(); ++// Create and configure the HTTP server. ++let testserver = createHttpServer(4444); ++testserver.registerDirectory("/data/", do_get_file("data")); ++testserver.registerDirectory("/addons/", do_get_file("addons")); + +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); +- +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_3); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_3(install) { +- AddonManager.getAddonByID("addon1@tests.mozilla.org", callback_soon(function(a1) { +- // Existing add-on should have a pending upgrade +- do_check_neq(a1.pendingUpgrade, null); +- do_check_eq(a1.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a1.pendingUpgrade.install.existingAddon, a1); +- +- // Lock the old add-on open so it can't be uninstalled +- var file = profileDir.clone(); +- file.append("addon1@tests.mozilla.org"); +- if (!file.exists()) +- file.leafName += ".xpi"; +- else +- file.append("install.rdf"); +- +- var fstream = AM_Cc["@mozilla.org/network/file-output-stream;1"]. +- createInstance(AM_Ci.nsIFileOutputStream); +- fstream.init(file, FileUtils.MODE_APPEND | FileUtils.MODE_WRONLY, FileUtils.PERMS_FILE, 0); +- +- restartManager(); +- +- fstream.close(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a1, a2]) { +- // Should not have installed the new add-on but it should still be +- // pending install +- do_check_neq(a1, null); +- do_check_eq(a2, null); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have installed the new add-on +- do_check_eq(a1, null); +- do_check_neq(a2, null); +- +- a2.uninstall(); +- +- do_execute_soon(run_test_4); +- }); +- })); +- })); ++function run_test() { ++ createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1.9.2"); ++ startupManager(); ++ run_next_test(); + } + +-// Tests that upgrading to a bootstrapped add-on works but requires a restart +-function run_test_4() { +- restartManager(); +- shutdownManager(); +- +- writeInstallRDFForExtension({ +- id: "addon2@tests.mozilla.org", +- version: "2.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 2", +- }, profileDir); +- +- startupManager(); +- +- resetPrefs(); +- +- AddonManager.getAddonByID("addon2@tests.mozilla.org", function(a2) { +- do_check_neq(a2, null); +- do_check_neq(a2.syncGUID, null); +- do_check_eq(a2.version, "2.0"); +- +- a2.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_4); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_4() { +- AddonManager.getAddonsByIDs(["addon2@tests.mozilla.org", +- "addon3@tests.mozilla.org"], +- callback_soon(function([a2, a3]) { +- // Should still be pending install even though the new add-on is restartless +- do_check_neq(a2, null); +- do_check_eq(a3, null); +- +- do_check_neq(a2.pendingUpgrade, null); +- do_check_eq(a2.pendingUpgrade.id, "addon3@tests.mozilla.org"); +- +- do_check_eq(getInstalledVersion(), -1); +- do_check_eq(getActiveVersion(), -1); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon2@tests.mozilla.org", +- "addon3@tests.mozilla.org"], function([a2, a3]) { +- // Should have updated +- do_check_eq(a2, null); +- do_check_neq(a3, null); +- +- do_check_eq(getInstalledVersion(), 3); +- do_check_eq(getActiveVersion(), 3); +- +- do_execute_soon(run_test_5); +- }); +- })); +-} +- +-// Tests that upgrading to another bootstrapped add-on works without a restart +-function run_test_5() { +- AddonManager.getAddonByID("addon3@tests.mozilla.org", function(a3) { +- do_check_neq(a3, null); +- do_check_eq(a3.version, "3.0"); ++// Verify that an update to an add-on with a new ID fails ++add_task(function* test_update_new_id() { ++ yield promiseInstallAllFiles([do_get_addon("test_updateid1")]); + +- a3.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_5); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_5() { +- AddonManager.getAddonsByIDs(["addon3@tests.mozilla.org", +- "addon4@tests.mozilla.org"], +- callback_soon(function([a3, a4]) { +- // Should have updated +- do_check_eq(a3, null); +- do_check_neq(a4, null); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon3@tests.mozilla.org", +- "addon4@tests.mozilla.org"], function([a3, a4]) { +- // Should still be gone +- do_check_eq(a3, null); +- do_check_neq(a4, null); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); +- +- run_test_6(); +- }); +- })); +-} ++ let addon = yield promiseAddonByID("addon1@tests.mozilla.org"); ++ do_check_neq(addon, null); ++ do_check_eq(addon.version, "1.0"); + +-// Tests that upgrading to a non-bootstrapped add-on works but requires a restart +-function run_test_6() { +- AddonManager.getAddonByID("addon4@tests.mozilla.org", function(a4) { +- do_check_neq(a4, null); +- do_check_eq(a4.version, "4.0"); +- +- a4.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_6); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} ++ let update = yield promiseFindAddonUpdates(addon, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ let install = update.updateAvailable; ++ do_check_eq(install.name, addon.name); ++ do_check_eq(install.version, "2.0"); ++ do_check_eq(install.state, AddonManager.STATE_AVAILABLE); ++ do_check_eq(install.existingAddon, addon); + +-function check_test_6() { +- AddonManager.getAddonsByIDs(["addon4@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a4, a2]) { +- // Should still be pending install even though the old add-on is restartless +- do_check_neq(a4, null); +- do_check_eq(a2, null); +- +- do_check_neq(a4.pendingUpgrade, null); +- do_check_eq(a4.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); ++ yield Assert.rejects(promiseInstallUpdate(install), ++ function(err) { return err.code == AddonManager.ERROR_INCORRECT_ID }, ++ "Upgrade to a different ID fails"); + +- restartManager(); ++ addon.uninstall(); ++}); + +- AddonManager.getAddonsByIDs(["addon4@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a4, a2]) { +- // Should have updated +- do_check_eq(a4, null); +- do_check_neq(a2, null); ++// Verify that an update to a multi-package xpi fails ++add_task(function* test_update_new_id() { ++ yield promiseInstallAllFiles([do_get_addon("test_update_multi1")]); + +- do_check_eq(getInstalledVersion(), 0); +- do_check_eq(getActiveVersion(), 0); ++ let addon = yield promiseAddonByID("updatemulti@tests.mozilla.org"); ++ do_check_neq(addon, null); ++ do_check_eq(addon.version, "1.0"); + +- end_test(); +- }); +- })); +-} ++ let update = yield promiseFindAddonUpdates(addon, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ let install = update.updateAvailable; ++ do_check_eq(install.name, addon.name); ++ do_check_eq(install.version, "2.0"); ++ do_check_eq(install.state, AddonManager.STATE_AVAILABLE); ++ do_check_eq(install.existingAddon, addon); ++ ++ yield Assert.rejects(promiseInstallUpdate(install), ++ function(err) { return err.code == AddonManager.ERROR_UNEXPECTED_ADDON_TYPE }, ++ "Upgrade to a multipackage xpi fails"); ++ ++ addon.uninstall(); ++}); + -- cgit v1.2.3 From 7cea56e2ac3b0a5030cbd10783865b6985c01b22 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 15 Nov 2016 14:16:37 -0500 Subject: gnu: libtiff: Fix CVE-2016-9297. * gnu/packages/patches/libtiff-CVE-2016-9297.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 3 +- gnu/packages/patches/libtiff-CVE-2016-9297.patch | 52 ++++++++++++++++++++++++ 3 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/libtiff-CVE-2016-9297.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 3989cb831b..2087b8c701 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -668,6 +668,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5323.patch \ %D%/packages/patches/libtiff-CVE-2016-5652.patch \ %D%/packages/patches/libtiff-CVE-2016-9273.patch \ + %D%/packages/patches/libtiff-CVE-2016-9297.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index cd123b5298..1f3a775c16 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -300,7 +300,8 @@ (define libtiff/fixed "libtiff-CVE-2016-5321.patch" "libtiff-CVE-2016-5323.patch" "libtiff-CVE-2016-5652.patch" - "libtiff-CVE-2016-9273.patch")))))) + "libtiff-CVE-2016-9273.patch" + "libtiff-CVE-2016-9297.patch")))))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-9297.patch b/gnu/packages/patches/libtiff-CVE-2016-9297.patch new file mode 100644 index 0000000000..c9207bbd25 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-9297.patch @@ -0,0 +1,52 @@ +Fix CVE-2016-9297: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297 +http://bugzilla.maptools.org/show_bug.cgi?id=2590 + +Patch copied from upstream source repository. + +2016-11-11 Even Rouault + + * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that + values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII + access are null terminated, to avoid potential read outside buffer + in _TIFFPrintField(). + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 + + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1154; previous revision: 1.1153 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- +libtiff/tif_dirread.c +new revision: 1.203; previous revision: 1.202Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.202 +retrieving revision 1.203 +diff -u -r1.202 -r1.203 +--- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:01:55 -0000 1.202 ++++ libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 +@@ -5000,6 +5000,11 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; ++ if( data[dp->tdir_count-1] != '\0' ) ++ { ++ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); ++ data[dp->tdir_count-1] = '\0'; ++ } + m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data); + if (data!=0) + _TIFFfree(data); +@@ -5172,6 +5177,11 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; ++ if( data[dp->tdir_count-1] != '\0' ) ++ { ++ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); ++ data[dp->tdir_count-1] = '\0'; ++ } + m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data); + if (data!=0) + _TIFFfree(data); -- cgit v1.2.3 From 1339a8ed1cfe2e6087b26e44a8a593d7f1a3f892 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 15 Nov 2016 15:26:53 -0500 Subject: gnu: libtiff: Fix some buffer overflows. * gnu/packages/patches/libtiff-uint32-overflow.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 1 + gnu/packages/patches/libtiff-uint32-overflow.patch | 102 +++++++++++++++++++++ 3 files changed, 104 insertions(+) create mode 100644 gnu/packages/patches/libtiff-uint32-overflow.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 2087b8c701..a5b75c1891 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -671,6 +671,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-9297.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ + %D%/packages/patches/libtiff-uint32-overflow.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ %D%/packages/patches/libupnp-CVE-2016-6255.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 1f3a775c16..8f08fad153 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -291,6 +291,7 @@ (define libtiff/fixed (patches (search-patches "libtiff-oob-accesses-in-decode.patch" "libtiff-oob-write-in-nextdecode.patch" + "libtiff-uint32-overflow.patch" "libtiff-CVE-2015-8665+CVE-2015-8683.patch" "libtiff-CVE-2016-3623.patch" "libtiff-CVE-2016-3945.patch" diff --git a/gnu/packages/patches/libtiff-uint32-overflow.patch b/gnu/packages/patches/libtiff-uint32-overflow.patch new file mode 100644 index 0000000000..b9b1bc27a4 --- /dev/null +++ b/gnu/packages/patches/libtiff-uint32-overflow.patch @@ -0,0 +1,102 @@ +Fix some buffer overflows: + +http://seclists.org/oss-sec/2016/q4/ +http://bugzilla.maptools.org/show_bug.cgi?id=2592 + +2016-11-11 Even Rouault + + * tools/tiffcrop.c: fix multiple uint32 overflows in + writeBufferToSeparateStrips(), writeBufferToContigTiles() and + writeBufferToSeparateTiles() that could cause heap buffer +overflows. + Reported by Henri Salo from Nixu Corporation. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2592 + + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1152; previous revision: 1.1151 +/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c +new revision: 1.43; previous revision: 1.42 + +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v +retrieving revision 1.42 +retrieving revision 1.43 +diff -u -r1.42 -r1.43 +--- libtiff/tools/tiffcrop.c 14 Oct 2016 19:13:20 -0000 1.42 ++++ libtiff/tools/tiffcrop.c 11 Nov 2016 19:33:06 -0000 1.43 +@@ -148,6 +148,8 @@ + #define PATH_MAX 1024 + #endif + ++#define TIFF_UINT32_MAX 0xFFFFFFFFU ++ + #ifndef streq + #define streq(a,b) (strcmp((a),(b)) == 0) + #endif +@@ -1164,7 +1166,24 @@ + (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); + (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); + bytes_per_sample = (bps + 7) / 8; +- rowsize = ((bps * spp * width) + 7) / 8; /* source has interleaved samples */ ++ if( width == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || ++ bps * spp * width > TIFF_UINT32_MAX - 7U ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (bps * spp * width) + 7"); ++ return 1; ++ } ++ rowsize = ((bps * spp * width) + 7U) / 8; /* source has interleaved samples */ ++ if( bytes_per_sample == 0 || ++ rowsperstrip > TIFF_UINT32_MAX / bytes_per_sample || ++ rowsperstrip * bytes_per_sample > TIFF_UINT32_MAX / (width + 1) ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing rowsperstrip * " ++ "bytes_per_sample * (width + 1)"); ++ return 1; ++ } + rowstripsize = rowsperstrip * bytes_per_sample * (width + 1); + + obuf = _TIFFmalloc (rowstripsize); +@@ -1251,11 +1270,19 @@ + } + } + ++ if( imagewidth == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || ++ bps * spp * imagewidth > TIFF_UINT32_MAX - 7U ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); ++ return 1; ++ } ++ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; ++ + tilebuf = _TIFFmalloc(tile_buffsize); + if (tilebuf == 0) + return 1; +- +- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; + for (row = 0; row < imagelength; row += tl) + { + nrow = (row + tl > imagelength) ? imagelength - row : tl; +@@ -1315,7 +1342,16 @@ + TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); + TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); + TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); +- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; ++ ++ if( imagewidth == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || ++ bps * spp * imagewidth > TIFF_UINT32_MAX - 7 ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); ++ return 1; ++ } ++ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; + + for (row = 0; row < imagelength; row += tl) + { -- cgit v1.2.3 From fe047e1380e4b609a684a7cdbab3c625ca1a43d8 Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Fri, 25 Dec 2015 20:29:09 -0600 Subject: gnu: Add Handbrake. * gnu/packages/video.scm (handbrake): New variable. * gnu/packages/patches/handbrake-pkg-config-path.patch: New patch. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + .../patches/handbrake-pkg-config-path.patch | 24 +++++ gnu/packages/video.scm | 109 +++++++++++++++++++++ 3 files changed, 134 insertions(+) create mode 100644 gnu/packages/patches/handbrake-pkg-config-path.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index a5b75c1891..ff8586eba3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -594,6 +594,7 @@ dist_patch_DATA = \ %D%/packages/patches/gtk3-respect-GUIX_GTK3_PATH.patch \ %D%/packages/patches/gtk3-respect-GUIX_GTK3_IM_MODULE_FILE.patch \ %D%/packages/patches/gtkglext-disable-disable-deprecated.patch \ + %D%/packages/patches/handbrake-pkg-config-path.patch \ %D%/packages/patches/hdf4-architectures.patch \ %D%/packages/patches/hdf4-reproducibility.patch \ %D%/packages/patches/hdf4-shared-fortran.patch \ diff --git a/gnu/packages/patches/handbrake-pkg-config-path.patch b/gnu/packages/patches/handbrake-pkg-config-path.patch new file mode 100644 index 0000000000..18f3953eaa --- /dev/null +++ b/gnu/packages/patches/handbrake-pkg-config-path.patch @@ -0,0 +1,24 @@ +Do not clobber PKG_CONFIG_PATH during configure. + +--- HandBrake-0.10.5/gtk/module.rules.orig 2016-02-11 14:14:05.000000000 -0600 ++++ HandBrake-0.10.5/gtk/module.rules 2016-10-29 22:27:50.550960848 -0500 +@@ -15,7 +15,7 @@ + set -e; cd $(GTK.src/); NOCONFIGURE=1 ./autogen.sh + set -e; cd $(GTK.build/); $(call fn.ABSOLUTE,$(GTK.src/))configure \ + $(GTK.CONFIGURE.extra) \ +- PKG_CONFIG_PATH=$(BUILD/)contrib/lib/pkgconfig \ ++ PKG_CONFIG_PATH=$(BUILD/)contrib/lib/pkgconfig$(if $(PKG_CONFIG_PATH),:)$(PKG_CONFIG_PATH) \ + CFLAGS="$(call fn.ARGS,GTK.GCC,.g .O *D ?extra)" \ + LDFLAGS="$(call fn.ARGS,GTK.GCC,?strip .g .O ?extra.exe)" \ + --prefix=$(PREFIX) \ +--- Handbrake-0.10.5-0.77d09e9-checkout/make/include/contrib.defs 1969-12-31 18:00:00.000000000 -0600 ++++ Handbrake-0.10.5-0.77d09e9-checkout/make/include/contrib.defs 2016-11-01 13:11:43.826144311 -0500 +@@ -119,7 +119,7 @@ + endif + $(1).CONFIGURE.env.CPPFLAGS = CPPFLAGS="-I$$(call fn.ABSOLUTE,$(CONTRIB.build/))include $$(call fn.ARGS,$(1).GCC,*archs *sysroot *minver ?extra *D)" + $(1).CONFIGURE.env.LDFLAGS = LDFLAGS="-L$$(call fn.ABSOLUTE,$(CONTRIB.build/))lib $$(call fn.ARGS,$(1).GCC,*archs *sysroot *minver ?extra.exe *D)" +- $(1).CONFIGURE.env.PKG_CONFIG_PATH = PKG_CONFIG_PATH="$$(call fn.ABSOLUTE,$$(CONTRIB.build/))lib/pkgconfig" ++ $(1).CONFIGURE.env.PKG_CONFIG_PATH = PKG_CONFIG_PATH="$$(call fn.ABSOLUTE,$$(CONTRIB.build/))lib/pkgconfig$(if $(PKG_CONFIG_PATH),:)$(PKG_CONFIG_PATH)" + + $(1).CONFIGURE.env.args = !CC !CFLAGS !CXX !CXXFLAGS !CPPFLAGS !LD !LDFLAGS !PKG_CONFIG_PATH !LOCAL_PATH !CROSS + $(1).CONFIGURE.env = $$(call fn.ARGS,$(1).CONFIGURE.env,$$($(1).CONFIGURE.env.args)) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 4329d20c2e..82ef017618 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -12,6 +12,7 @@ ;;; Copyright © 2016 Dmitry Nikolaev ;;; Copyright © 2016 Andy Patterson ;;; Copyright © 2016 ng0 +;;; Copyright © 2016 Eric Bavier ;;; ;;; This file is part of GNU Guix. ;;; @@ -51,6 +52,7 @@ (define-module (gnu packages video) #:use-module (gnu packages base) #:use-module (gnu packages bison) #:use-module (gnu packages cdrom) + #:use-module (gnu packages cmake) #:use-module (gnu packages compression) #:use-module (gnu packages curl) #:use-module (gnu packages databases) @@ -64,11 +66,14 @@ (define-module (gnu packages video) #:use-module (gnu packages gl) #:use-module (gnu packages glib) #:use-module (gnu packages guile) + #:use-module (gnu packages gnome) #:use-module (gnu packages gnupg) + #:use-module (gnu packages gstreamer) #:use-module (gnu packages gtk) #:use-module (gnu packages image) #:use-module (gnu packages linux) #:use-module (gnu packages lua) + #:use-module (gnu packages m4) #:use-module (gnu packages mp3) #:use-module (gnu packages ncurses) #:use-module (gnu packages ocr) @@ -85,6 +90,7 @@ (define-module (gnu packages video) #:use-module (gnu packages tls) #:use-module (gnu packages version-control) #:use-module (gnu packages web) + #:use-module (gnu packages webkit) #:use-module (gnu packages xdisorg) #:use-module (gnu packages xiph) #:use-module (gnu packages xml) @@ -1715,3 +1721,106 @@ (define-public mps-youtube formats ffmpeg or libav is used. Users should install one of the supported players in addition to this package.") (license license:gpl3+))) + +(define-public handbrake + (package + (name "handbrake") + (version "0.10.5") + (source (origin + (method url-fetch) + (uri (string-append "https://handbrake.fr/rotation.php?file=" + "HandBrake-" version ".tar.bz2")) + (file-name (string-append "handbrake-" version ".tar.bz2")) + (sha256 + (base32 + "1w720y3bplkz187wgvy4a4xm0vpppg45mlni55l6yi8v2bfk14pv")) + (patches (search-patches "handbrake-pkg-config-path.patch")) + (modules '((guix build utils))) + (snippet + ;; Remove bundled libraries and source not necessary for + ;; running under a GNU environment. + '(begin + (for-each delete-file-recursively '("contrib" "macosx" "win")) + #t)))) + (build-system glib-or-gtk-build-system) + (native-inputs + `(("automake" ,automake) ;gui subpackage must be bootstrapped + ("autoconf" ,autoconf) + ("curl" ,curl) ;not actually used, but tested for + ("intltool" ,intltool) + ("libtool" ,libtool) + ("pkg-config" ,pkg-config) + ("python" ,python-2))) ;for configuration + (inputs + `(("bzip2" ,bzip2) + ("dbus-glib" ,dbus-glib) + ("ffmpeg" ,ffmpeg) + ("fontconfig" ,fontconfig) + ("freetype" ,freetype) + ("glib" ,glib) + ("gstreamer" ,gstreamer) + ("gst-plugins-base" ,gst-plugins-base) + ("gtk+" ,gtk+) + ("lame" ,lame) + ("libass" ,libass) + ("libbluray" ,libbluray) + ("libdvdnav" ,libdvdnav) + ("libdvdread" ,libdvdread) + ("libgudev" ,libgudev) + ("libmpeg2" ,libmpeg2) + ("libnotify" ,libnotify) + ("libogg" ,libogg) + ("libsamplerate" ,libsamplerate) + ("libtheora" ,libtheora) + ("libvorbis" ,libvorbis) + ("libvpx" ,libvpx) + ("libxml2" ,libxml2) + ("libx264" ,libx264) + ("x265" ,x265) + ("zlib" ,zlib))) + (arguments + `(#:tests? #f ;tests require Ruby and claim to be unsupported + #:phases + (modify-phases %standard-phases + (add-before 'patch-source-shebangs 'bootstrap-gtk + ;; Run bootstrap ahead of time so that shebangs get patched. + (lambda _ + (setenv "CONFIG_SHELL" (which "sh")) + (setenv "NOCONFIGURE" "1") + ;; Patch the Makefile so that it doesn't bootstrap again. + (substitute* "gtk/module.rules" + ((".*autogen\\.sh.*") "")) + (zero? (system* "sh" "./gtk/autogen.sh")))) + (add-before 'configure 'disable-contrib + (lambda _ + (substitute* "make/include/main.defs" + ;; Disable unconditional inclusion of some "contrib" + ;; libraries (ffmpeg, libvpx, libdvdread, libdvdnav, + ;; and libbluray), which would lead to fetching and + ;; building of these libraries. Use our own instead. + (("MODULES \\+= contrib") "# MODULES += contrib")) + #t)) + (add-before 'configure 'fix-x265-linking + (lambda _ + (substitute* "test/module.defs" + ;; Fix missing library during linking error + (("TEST.GCC.l =") "TEST.GCC.l = x265")) + #t)) + (replace 'configure + (lambda* (#:key outputs configure-flags #:allow-other-keys) + ;; 'configure' is not an autoconf-generated script, and + ;; errors on unrecognized arguments, + ;; e.g. --enable-fast-install + (let ((out (assoc-ref outputs "out"))) + (zero? (apply system* "./configure" + (string-append "--prefix=" out) + (or configure-flags '())))))) + (add-after 'configure 'chdir-build + (lambda _ (chdir "./build") #t))))) + (home-page "https://handbrake.fr") + (synopsis "Video transcoder") + (description + "HandBrake is a tool for converting video from any format to a selection +of modern, widely supported codecs.") + ;; Most under GPL version 2 or later, and portions under BSD 3 Clause + (license (list license:gpl2+ license:bsd-3)))) -- cgit v1.2.3 From 8134dc1f74c2df2d42e1510fd3ac35234a4d89df Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Fri, 18 Nov 2016 10:37:46 +0100 Subject: gnu: guile@2.0.13: Fix non-determinism issue in REPL server test. * gnu/packages/patches/guile-repl-server-test.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/guile.scm (guile-2.0.13)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/guile.scm | 3 +- gnu/packages/patches/guile-repl-server-test.patch | 48 +++++++++++++++++++++++ 3 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/guile-repl-server-test.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ff8586eba3..17bfda2a77 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -587,6 +587,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-linux-syscalls.patch \ %D%/packages/patches/guile-present-coding.patch \ %D%/packages/patches/guile-relocatable.patch \ + %D%/packages/patches/guile-repl-server-test.patch \ %D%/packages/patches/guile-rsvg-pkgconfig.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \ diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 3f45b29038..4572544ec3 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -217,7 +217,8 @@ (define guile-2.0.13 ".tar.xz")) (sha256 (base32 - "12yqkr974y91ylgw6jnmci2v90i90s7h9vxa4zk0sai8vjnz4i1p")))))) + "12yqkr974y91ylgw6jnmci2v90i90s7h9vxa4zk0sai8vjnz4i1p")) + (patches (search-patches "guile-repl-server-test.patch")))))) (define-public guile-next (package (inherit guile-2.0) diff --git a/gnu/packages/patches/guile-repl-server-test.patch b/gnu/packages/patches/guile-repl-server-test.patch new file mode 100644 index 0000000000..81e724ecc4 --- /dev/null +++ b/gnu/packages/patches/guile-repl-server-test.patch @@ -0,0 +1,48 @@ +commit 8d6209ea56241bb1890c142539927c9ef3fb5a13 +Author: Ludovic Courtès +Date: Fri Nov 4 22:44:32 2016 +0100 + + tests: Throw 'unresolved when the REPL server is too slow. + +commit 2fbde7f02adb8c6585e9baf6e293ee49cd23d4c4 +Author: Ludovic Courtès +Date: Fri Nov 4 22:45:51 2016 +0100 + + tests: Avoid race condition in REPL server test. + +index ca389ba..4b5ec0c 100644 +--- a/test-suite/tests/00-repl-server.test ++++ b/test-suite/tests/00-repl-server.test +@@ -61,10 +61,11 @@ socket connected to that server." + (lambda () + (connect client-socket sockaddr)) + (lambda args +- (when (and (memv (system-error-errno args) +- (list ENOENT ECONNREFUSED)) +- (< tries 3)) +- (sleep 1) ++ (when (memv (system-error-errno args) ++ (list ENOENT ECONNREFUSED)) ++ (when (> tries 30) ++ (throw 'unresolved)) ++ (usleep 100) + (loop (+ tries 1)))))) + + (proc client-socket)) +@@ -104,8 +105,14 @@ reached." + "scheme@(repl-server)> $1 = 42\n" + (with-repl-server socket + (read-until-prompt socket %last-line-before-prompt) +- (display "(+ 40 2)\n(quit)\n" socket) +- (read-string socket))) ++ ++ ;; Wait until 'repl-reader' in boot-9 has written the prompt. ++ ;; Otherwise, if we write too quickly, 'repl-reader' checks for ++ ;; 'char-ready?' and doesn't print the prompt. ++ (match (select (list socket) '() (list socket) 3) ++ (((_) () ()) ++ (display "(+ 40 2)\n(quit)\n" socket) ++ (read-string socket))))) + + (pass-if "HTTP inter-protocol attack" ;CVE-2016-8606 + (with-repl-server socket -- cgit v1.2.3 From 2fedcd1895fa8c2c378091de278815050fe79d55 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 19 Nov 2016 11:12:34 -0500 Subject: gnu: libtiff: Fix CVE-2016-9448. * gnu/packages/patches/libtiff-CVE-2016-9448.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 3 ++- gnu/packages/patches/libtiff-CVE-2016-9448.patch | 34 ++++++++++++++++++++++++ 3 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/libtiff-CVE-2016-9448.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 17bfda2a77..7112451586 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -671,6 +671,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5652.patch \ %D%/packages/patches/libtiff-CVE-2016-9273.patch \ %D%/packages/patches/libtiff-CVE-2016-9297.patch \ + %D%/packages/patches/libtiff-CVE-2016-9448.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ %D%/packages/patches/libtiff-uint32-overflow.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 8f08fad153..309c336779 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -302,7 +302,8 @@ (define libtiff/fixed "libtiff-CVE-2016-5323.patch" "libtiff-CVE-2016-5652.patch" "libtiff-CVE-2016-9273.patch" - "libtiff-CVE-2016-9297.patch")))))) + "libtiff-CVE-2016-9297.patch" + "libtiff-CVE-2016-9448.patch")))))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-9448.patch b/gnu/packages/patches/libtiff-CVE-2016-9448.patch new file mode 100644 index 0000000000..05a3af8a84 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-9448.patch @@ -0,0 +1,34 @@ +Fix CVE-2016-9448 (regression caused by fix for CVE-2016-9297). + +http://bugzilla.maptools.org/show_bug.cgi?id=2593 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 + +Patch copied from upstream source repository with: +$ cvs diff -u -r 1.203 -r 1.204 libtiff/libtiff/tif_dirread.c + +Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.203 +retrieving revision 1.204 +diff -u -r1.203 -r1.204 +--- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 ++++ libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 +@@ -5000,7 +5000,7 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; +- if( data[dp->tdir_count-1] != '\0' ) ++ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) + { + TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); + data[dp->tdir_count-1] = '\0'; +@@ -5177,7 +5177,7 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; +- if( data[dp->tdir_count-1] != '\0' ) ++ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) + { + TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); + data[dp->tdir_count-1] = '\0'; -- cgit v1.2.3 From 1845c2a4362c96d7feea3132f21aec34a607f855 Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Fri, 11 Nov 2016 15:18:29 +0100 Subject: gnu: Add php. * gnu/packages/php.scm: New file. * gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch: New file. * gnu/packages/patches/gd-fix-truecolor-format-correction.patch: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add php. (dist_patch_DATA): Add gd patches. Co-authored-by: Marius Bakke --- gnu/local.mk | 3 + .../patches/gd-fix-chunk-size-on-boundaries.patch | 102 +++++++ .../gd-fix-truecolor-format-correction.patch | 95 ++++++ gnu/packages/php.scm | 334 +++++++++++++++++++++ 4 files changed, 534 insertions(+) create mode 100644 gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch create mode 100644 gnu/packages/patches/gd-fix-truecolor-format-correction.patch create mode 100644 gnu/packages/php.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 7112451586..df7fb4c995 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -295,6 +295,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/pem.scm \ %D%/packages/perl.scm \ %D%/packages/photo.scm \ + %D%/packages/php.scm \ %D%/packages/pkg-config.scm \ %D%/packages/plotutils.scm \ %D%/packages/polkit.scm \ @@ -551,8 +552,10 @@ dist_patch_DATA = \ %D%/packages/patches/gcc-6-cross-environment-variables.patch \ %D%/packages/patches/gd-CVE-2016-7568.patch \ %D%/packages/patches/gd-CVE-2016-8670.patch \ + %D%/packages/patches/gd-fix-chunk-size-on-boundaries.patch \ %D%/packages/patches/gd-fix-gd2-read-test.patch \ %D%/packages/patches/gd-fix-tests-on-i686.patch \ + %D%/packages/patches/gd-fix-truecolor-format-correction.patch \ %D%/packages/patches/gegl-CVE-2012-4433.patch \ %D%/packages/patches/geoclue-config.patch \ %D%/packages/patches/ghostscript-CVE-2013-5653.patch \ diff --git a/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch new file mode 100644 index 0000000000..e395c66d89 --- /dev/null +++ b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch @@ -0,0 +1,102 @@ +This fixes PHP bug #73155: https://bugs.php.net/bug.php?id=73155 + +Patch adapted from upstream source repository: + +https://github.com/libgd/libgd/commit/8067a8ac336dfe0acbe96ec2eb24572209a7f279 + +(.gitignore change removed) + +From 8067a8ac336dfe0acbe96ec2eb24572209a7f279 Mon Sep 17 00:00:00 2001 +From: "Christoph M. Becker" +Date: Fri, 23 Sep 2016 18:29:52 +0200 +Subject: [PATCH] Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries + +(cherry picked from commit bb1998a16e30d542ab22eba5501911a9aa066edb) +--- + src/gd_gd2.c | 4 ++-- + tests/gd2/CMakeLists.txt | 1 + + tests/gd2/Makemodule.am | 1 + + tests/gd2/bug00309.c | 37 +++++++++++++++++++++++++++++++++++++ + 4 files changed, 41 insertions(+), 2 deletions(-) + create mode 100644 tests/gd2/bug00309.c + +diff --git a/src/gd_gd2.c b/src/gd_gd2.c +index 75e5e1f..b9b2f93 100644 +--- a/src/gd_gd2.c ++++ b/src/gd_gd2.c +@@ -938,8 +938,8 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt) + }; + + /* Work out number of chunks. */ +- ncx = im->sx / cs + 1; +- ncy = im->sy / cs + 1; ++ ncx = (im->sx + cs - 1) / cs; ++ ncy = (im->sy + cs - 1) / cs; + + /* Write the standard header. */ + _gd2PutHeader (im, out, cs, fmt, ncx, ncy); +diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt +index 3b650ad..247b466 100644 +--- a/tests/gd2/CMakeLists.txt ++++ b/tests/gd2/CMakeLists.txt +@@ -1,5 +1,6 @@ + SET(TESTS_FILES + bug_289 ++ bug00309 + gd2_empty_file + gd2_im2im + gd2_null +diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am +index b8ee946..d69aee0 100644 +--- a/tests/gd2/Makemodule.am ++++ b/tests/gd2/Makemodule.am +@@ -1,5 +1,6 @@ + libgd_test_programs += \ + gd2/bug_289 \ ++ gd2/bug00309 \ + gd2/gd2_empty_file \ + gd2/php_bug_72339 \ + gd2/gd2_read_corrupt +diff --git a/tests/gd2/bug00309.c b/tests/gd2/bug00309.c +new file mode 100644 +index 0000000..b649cdc +--- /dev/null ++++ b/tests/gd2/bug00309.c +@@ -0,0 +1,37 @@ ++/** ++ * Regression test for . ++ * ++ * We test that an image with 64x64 pixels reports only a single chunk in the ++ * GD2 image header when the chunk size is 64. ++ */ ++ ++ ++#include "gd.h" ++#include "gdtest.h" ++ ++ ++int main() ++{ ++ gdImagePtr im; ++ unsigned char *buf; ++ int size, word; ++ ++ im = gdImageCreate(64, 64); ++ gdImageColorAllocate(im, 0, 0, 0); ++ ++ buf = gdImageGd2Ptr(im, 64, 1, &size); ++ ++ gdImageDestroy(im); ++ ++ word = buf[10] << 8 | buf[11]; ++ gdTestAssertMsg(word == 64, "chunk size is %d, but expected 64\n", word); ++ word = buf[14] << 8 | buf[15]; ++ gdTestAssertMsg(word == 1, "x chunk count is %d, but expected 1\n", word); ++ word = buf[16] << 8 | buf[17]; ++ gdTestAssertMsg(word == 1, "y chunk count is %d, but expected 1\n", word); ++ gdTestAssertMsg(size == 5145, "file size is %d, but expected 5145\n", size); ++ ++ gdFree(buf); ++ ++ return gdNumFailures(); ++} diff --git a/gnu/packages/patches/gd-fix-truecolor-format-correction.patch b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch new file mode 100644 index 0000000000..be3eff9327 --- /dev/null +++ b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch @@ -0,0 +1,95 @@ +This fixes PHP bug #73159: https://bugs.php.net/bug.php?id=73159 + +Patch lifted from upstream source repository: + +https://github.com/libgd/libgd/commit/e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 + +From e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 Mon Sep 17 00:00:00 2001 +From: "Christoph M. Becker" +Date: Mon, 15 Aug 2016 17:49:40 +0200 +Subject: [PATCH] Fix #289: Passing unrecognized formats to gdImageGd2 results + in corrupted files + +We must not apply the format correction twice for truecolor images. + +(cherry picked from commit 09090c125658e23a4ae2a2e002646bb7278bd89e) +--- + src/gd_gd2.c | 2 +- + tests/gd2/CMakeLists.txt | 1 + + tests/gd2/Makemodule.am | 1 + + tests/gd2/bug_289.c | 33 +++++++++++++++++++++++++++++++++ + 4 files changed, 36 insertions(+), 1 deletion(-) + create mode 100644 tests/gd2/bug_289.c + +diff --git a/src/gd_gd2.c b/src/gd_gd2.c +index 86c881e..75e5e1f 100644 +--- a/src/gd_gd2.c ++++ b/src/gd_gd2.c +@@ -918,7 +918,7 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt) + /* Force fmt to a valid value since we don't return anything. */ + /* */ + if ((fmt != GD2_FMT_RAW) && (fmt != GD2_FMT_COMPRESSED)) { +- fmt = im->trueColor ? GD2_FMT_TRUECOLOR_COMPRESSED : GD2_FMT_COMPRESSED; ++ fmt = GD2_FMT_COMPRESSED; + }; + if (im->trueColor) { + fmt += 2; +diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt +index 8aecacc..3b650ad 100644 +--- a/tests/gd2/CMakeLists.txt ++++ b/tests/gd2/CMakeLists.txt +@@ -1,4 +1,5 @@ + SET(TESTS_FILES ++ bug_289 + gd2_empty_file + gd2_im2im + gd2_null +diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am +index 754a284..b8ee946 100644 +--- a/tests/gd2/Makemodule.am ++++ b/tests/gd2/Makemodule.am +@@ -1,4 +1,5 @@ + libgd_test_programs += \ ++ gd2/bug_289 \ + gd2/gd2_empty_file \ + gd2/php_bug_72339 \ + gd2/gd2_read_corrupt +diff --git a/tests/gd2/bug_289.c b/tests/gd2/bug_289.c +new file mode 100644 +index 0000000..ad311e9 +--- /dev/null ++++ b/tests/gd2/bug_289.c +@@ -0,0 +1,33 @@ ++/** ++ * Passing an unrecognized format to gdImageGd2() should result in ++ * GD2_FMT_TRUECOLOR_COMPRESSED for truecolor images. ++ * ++ * See . ++ */ ++ ++#include "gd.h" ++#include "gdtest.h" ++ ++ ++#define GD2_FMT_UNRECOGNIZED 0 ++#define GD2_FMT_TRUECOLOR_COMPRESSED 4 ++ ++#define MSG "expected %s byte to be %d, but got %d\n" ++ ++ ++int main() ++{ ++ gdImagePtr im; ++ char *buffer; ++ int size; ++ ++ im = gdImageCreateTrueColor(10, 10); ++ gdTestAssert(im != NULL); ++ buffer = (char *) gdImageGd2Ptr(im, 128, GD2_FMT_UNRECOGNIZED, &size); ++ gdTestAssert(buffer != NULL); ++ gdImageDestroy(im); ++ gdTestAssertMsg(buffer[12] == 0, MSG, "1st", 0, buffer[12]); ++ gdTestAssertMsg(buffer[13] == GD2_FMT_TRUECOLOR_COMPRESSED, MSG, "2nd", GD2_FMT_TRUECOLOR_COMPRESSED, buffer[13]); ++ ++ return gdNumFailures(); ++} diff --git a/gnu/packages/php.scm b/gnu/packages/php.scm new file mode 100644 index 0000000000..9ccbede873 --- /dev/null +++ b/gnu/packages/php.scm @@ -0,0 +1,334 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Julien Lepiller +;;; Copyright © 2016 Marius Bakke +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages php) + #:use-module (gnu packages) + #:use-module (gnu packages algebra) + #:use-module (gnu packages aspell) + #:use-module (gnu packages base) + #:use-module (gnu packages bison) + #:use-module (gnu packages compression) + #:use-module (gnu packages curl) + #:use-module (gnu packages cyrus-sasl) + #:use-module (gnu packages databases) + #:use-module (gnu packages fontutils) + #:use-module (gnu packages gd) + #:use-module (gnu packages gettext) + #:use-module (gnu packages glib) + #:use-module (gnu packages gnupg) + #:use-module (gnu packages image) + #:use-module (gnu packages linux) + #:use-module (gnu packages multiprecision) + #:use-module (gnu packages openldap) + #:use-module (gnu packages pcre) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages readline) + #:use-module (gnu packages textutils) + #:use-module (gnu packages tls) + #:use-module (gnu packages web) + #:use-module (gnu packages xml) + #:use-module (gnu packages xorg) + #:use-module (gnu packages zip) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system gnu) + #:use-module ((guix licenses) #:prefix license:)) + +;; This fixes PHP bugs 73155 and 73159. Remove when gd +;; is updated to > 2.2.3. +(define gd-for-php + (package (inherit gd) + (source + (origin + (inherit (package-source gd)) + (patches (search-patches + "gd-fix-truecolor-format-correction.patch" + "gd-fix-chunk-size-on-boundaries.patch")))))) + +(define-public php + (package + (name "php") + (version "7.0.13") + (home-page "https://secure.php.net/") + (source (origin + (method url-fetch) + (uri (string-append home-page "distributions/" + name "-" version ".tar.xz")) + (sha256 + (base32 + "1gzihbpcp51jc587gs1ryn59hsnr7vf5427dmcvdimvm77wsfyrm")) + (modules '((guix build utils))) + (snippet + '(with-directory-excursion "ext" + (for-each delete-file-recursively + ;; Some of the bundled libraries have no proper upstream. + ;; Ideally we'd extract these out as separate packages: + ;;"mbstring/libmbfl" + ;;"date/lib" + ;;"bcmath/libbcmath" + ;;"fileinfo/libmagic" ; This is a patched version of libmagic. + '("gd/libgd" + "mbstring/oniguruma" + "pcre/pcrelib" + "sqlite3/libsqlite" + "xmlrpc/libxmlrpc" + "zip/lib")))))) + (build-system gnu-build-system) + (arguments + '(#:configure-flags + (let-syntax ((with (syntax-rules () + ((_ option input) + (string-append option "=" + (assoc-ref %build-inputs input)))))) + (list (with "--with-bz2" "bzip2") + (with "--with-curl" "curl") + (with "--with-freetype-dir" "freetype") + (with "--with-gd" "gd") + (with "--with-gdbm" "gdbm") + (with "--with-gettext" "glibc") ; libintl.h + (with "--with-gmp" "gmp") + (with "--with-jpeg-dir" "libjpeg") + (with "--with-ldap" "openldap") + (with "--with-ldap-sasl" "cyrus-sasl") + (with "--with-libzip" "zip") + (with "--with-libxml-dir" "libxml2") + (with "--with-onig" "oniguruma") + (with "--with-pcre-dir" "pcre") + (with "--with-pcre-regex" "pcre") + (with "--with-pdo-pgsql" "postgresql") + (with "--with-pdo-sqlite" "sqlite") + (with "--with-pgsql" "postgresql") + (with "--with-png-dir" "libpng") + ;; PHP’s Pspell extension, while retaining its current name, + ;; now uses the Aspell library. + (with "--with-pspell" "aspell") + (with "--with-readline" "readline") + (with "--with-sqlite3" "sqlite") + (with "--with-tidy" "tidy") + (with "--with-webp-dir" "libwebp") + (with "--with-xpm-dir" "libxpm") + (with "--with-xsl" "libxslt") + (with "--with-zlib-dir" "zlib") + ;; We could add "--with-snmp", but it requires netsnmp that + ;; we don't have a package for. It is used to build the snmp + ;; extension of php. + "--with-iconv" + "--with-openssl" + "--with-pdo-mysql" + "--with-zlib" + "--enable-calendar" + "--enable-dba=shared" + "--enable-exif" + "--enable-flatfile" + "--enable-fpm" + "--enable-ftp" + "--enable-inifile" + "--enable-mbstring" + "--enable-pcntl" + "--enable-sockets" + "--enable-threads")) + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'do-not-record-build-flags + (lambda _ + ;; Prevent configure flags from being stored and causing + ;; unnecessary runtime dependencies. + (substitute* "scripts/php-config.in" + (("@CONFIGURE_OPTIONS@") "") + (("@PHP_LDFLAGS@") "")) + ;; This file has ISO-8859-1 encoding. + (with-fluids ((%default-port-encoding "ISO-8859-1")) + (substitute* "main/build-defs.h.in" + (("@CONFIGURE_COMMAND@") "(omitted)"))) + #t)) + (add-before 'build 'patch-/bin/sh + (lambda _ + (substitute* '("run-tests.php" "ext/standard/proc_open.c") + (("/bin/sh") (which "sh"))) + #t)) + (add-before 'check 'prepare-tests + (lambda _ + ;; Some of these files have ISO-8859-1 encoding, whereas others + ;; use ASCII, so we can't use a "catch-all" find-files here. + (with-fluids ((%default-port-encoding "ISO-8859-1")) + (substitute* '("ext/mbstring/tests/mb_send_mail02.phpt" + "ext/mbstring/tests/mb_send_mail04.phpt" + "ext/mbstring/tests/mb_send_mail05.phpt" + "ext/mbstring/tests/mb_send_mail06.phpt") + (("/bin/cat") (which "cat")))) + (substitute* '("ext/mbstring/tests/mb_send_mail01.phpt" + "ext/mbstring/tests/mb_send_mail03.phpt" + "ext/mbstring/tests/bug52861.phpt" + "ext/standard/tests/general_functions/bug34794.phpt" + "ext/standard/tests/general_functions/bug44667.phpt" + "ext/standard/tests/general_functions/proc_open.phpt") + (("/bin/cat") (which "cat"))) + ;; The encoding of this file is not recognized, so we simply drop it. + (delete-file "ext/mbstring/tests/mb_send_mail07.phpt") + + (substitute* "ext/standard/tests/streams/bug60602.phpt" + (("'ls'") (string-append "'" (which "ls") "'"))) + + ;; Drop tests that are known to fail. + (for-each delete-file + '("ext/posix/tests/posix_getgrgid.phpt" ; Requires /etc/group. + "ext/sockets/tests/bug63000.phpt" ; Fails to detect OS. + "ext/sockets/tests/socket_shutdown.phpt" ; Requires DNS. + "ext/sockets/tests/socket_send.phpt" ; Likewise. + "ext/sockets/tests/mcast_ipv4_recv.phpt" ; Requires multicast. + ;; These needs /etc/services. + "ext/standard/tests/general_functions/getservbyname_basic.phpt" + "ext/standard/tests/general_functions/getservbyport_basic.phpt" + "ext/standard/tests/general_functions/getservbyport_variation1.phpt" + ;; And /etc/protocols. + "ext/standard/tests/network/getprotobyname_basic.phpt" + "ext/standard/tests/network/getprotobynumber_basic.phpt" + ;; And exotic locales. + "ext/standard/tests/strings/setlocale_basic1.phpt" + "ext/standard/tests/strings/setlocale_basic2.phpt" + "ext/standard/tests/strings/setlocale_basic3.phpt" + "ext/standard/tests/strings/setlocale_variation1.phpt" + + ;; XXX: These gd tests fails. Likely because our version + ;; is different from the (patched) bundled one. + ;; Here, gd quits immediately after "fatal libpng error"; while the + ;; test expects it to additionally return a "setjmp" error and warning. + "ext/gd/tests/bug39780_extern.phpt" + "ext/gd/tests/libgd00086_extern.phpt" + ;; Extra newline in gd-png output. + "ext/gd/tests/bug45799.phpt" + ;; Different error message than expected from imagecrop(). + "ext/gd/tests/bug66356.phpt" + ;; Similarly for imagecreatefromgd2(). + "ext/gd/tests/bug72339.phpt" + ;; Call to undefined function imageantialias(). They are + ;; supposed to fail anyway. + "ext/gd/tests/bug72482.phpt" + "ext/gd/tests/bug72482_2.phpt" + "ext/gd/tests/bug73213.phpt" + ;; Test expects generic "gd warning" but gets the actual function name. + "ext/gd/tests/createfromwbmp2_extern.phpt" + ;; TODO: Enable these when libgd is built with xpm support. + "ext/gd/tests/xpm2gd.phpt" + "ext/gd/tests/xpm2jpg.phpt" + "ext/gd/tests/xpm2png.phpt" + + ;; XXX: These iconv tests have the expected outcome, + ;; but with different error messages. + ;; Expects "illegal character", instead gets "unknown error (84)". + "ext/iconv/tests/bug52211.phpt" + ;; Expects "wrong charset", gets unknown error (22). + "ext/iconv/tests/iconv_mime_decode_variation3.phpt" + "ext/iconv/tests/iconv_strlen_error2.phpt" + "ext/iconv/tests/iconv_strlen_variation2.phpt" + "ext/iconv/tests/iconv_substr_error2.phpt" + ;; Expects conversion error, gets "error condition Termsig=11". + "ext/iconv/tests/iconv_strpos_error2.phpt" + "ext/iconv/tests/iconv_strrpos_error2.phpt" + ;; Similar, but iterating over multiple values. + ;; iconv breaks the loop after the first error with Termsig=11. + "ext/iconv/tests/iconv_strpos_variation4.phpt" + "ext/iconv/tests/iconv_strrpos_variation3.phpt" + + ;; XXX: These test failures appear legitimate, needs investigation. + ;; open_basedir() restriction failure. + "ext/curl/tests/bug61948.phpt" + ;; Expects a false boolean, gets empty array from glob(). + "ext/standard/tests/file/bug41655_1.phpt" + "ext/standard/tests/file/glob_variation5.phpt" + ;; Test output is correct, but in wrong order. + "ext/standard/tests/streams/proc_open_bug64438.phpt" + ;; The test expects an Array, but instead get the contents(?). + "ext/gd/tests/bug43073.phpt" + ;; imagettftext() returns wrong coordinates. + "ext/gd/tests/bug48732.phpt" + ;; Similarly for imageftbbox(). + "ext/gd/tests/bug48801.phpt" + ;; Different expected output from imagecolorallocate(). + "ext/gd/tests/bug53504.phpt" + ;; Wrong image size after scaling an image. + "ext/gd/tests/bug73272.phpt" + ;; Expects iconv to detect illegal characters, instead gets + ;; "unknown error (84)" and heap corruption(!). + "ext/iconv/tests/bug48147.phpt" + ;; Expects illegal character ".", gets "=?utf-8?Q?." + "ext/iconv/tests/bug51250.phpt" + ;; @iconv() does not return expected output. + "ext/iconv/tests/iconv003.phpt" + ;; iconv throws "buffer length exceeded" on some string checks. + "ext/iconv/tests/iconv_mime_encode.phpt" + ;; file_get_contents(): iconv stream filter + ;; ("ISO-8859-1"=>"UTF-8") unknown error. + "ext/standard/tests/file/bug43008.phpt" + ;; Table data not created in sqlite(?). + "ext/pdo_sqlite/tests/bug_42589.phpt")) + + ;; Skip tests requiring network access. + (setenv "SKIP_ONLINE_TESTS" "1") + ;; Without this variable, 'make test' passes regardless of failures. + (setenv "REPORT_EXIT_STATUS" "1") + #t))) + #:test-target "test")) + (inputs + `(("aspell" ,aspell) + ("bzip2" ,bzip2) + ("curl" ,curl) + ("cyrus-sasl" ,cyrus-sasl) + ("freetype" ,freetype) + ("gd" ,gd-for-php) + ("gdbm" ,gdbm) + ("glibc" ,glibc) + ("gmp" ,gmp) + ("libgcrypt" ,libgcrypt) + ("libjpeg" ,libjpeg) + ("libpng" ,libpng) + ("libwebp" ,libwebp) + ("libxml2" ,libxml2) + ("libxpm" ,libxpm) + ("libxslt" ,libxslt) + ("libx11" ,libx11) + ("oniguruma" ,oniguruma) + ("openldap" ,openldap) + ("openssl" ,openssl) + ("pcre" ,pcre) + ("postgresql" ,postgresql) + ("readline" ,readline) + ("sqlite" ,sqlite-3.15.1) + ("tidy" ,tidy) + ("zip" ,zip) + ("zlib" ,zlib))) + (native-inputs + `(("pkg-config" ,pkg-config) + ("bison" ,bison) + ("intltool" ,intltool) + ("procps" ,procps))) ; For tests. + (synopsis "PHP programming language") + (description + "PHP (PHP Hypertext Processor) is a server-side (CGI) scripting +language designed primarily for web development but is also used as +a general-purpose programming language. PHP code may be embedded into +HTML code, or it can be used in combination with various web template +systems, web content management systems and web frameworks." ) + (license (list + (license:non-copyleft "file://LICENSE") ; The PHP license. + (license:non-copyleft "file://Zend/LICENSE") ; The Zend license. + license:lgpl2.1 ; ext/mbstring/libmbfl + license:lgpl2.1+ ; ext/bcmath/libbcmath + license:bsd-2 ; ext/fileinfo/libmagic + license:expat)))) ; ext/date/lib -- cgit v1.2.3 From e01e2c6c525f1c0ef0ab62b832435a4ece0348ec Mon Sep 17 00:00:00 2001 From: ng0 Date: Sat, 19 Nov 2016 21:49:06 +0000 Subject: gnu: services: Add git-service. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/version-control.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * doc/guix.texi (Misellaneous Services)[Version Control]: New section. Co-authored-by: 宋文武 --- doc/guix.texi | 61 +++++++++++++++++ gnu/local.mk | 1 + gnu/services/version-control.scm | 141 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 203 insertions(+) create mode 100644 gnu/services/version-control.scm (limited to 'gnu/local.mk') diff --git a/doc/guix.texi b/doc/guix.texi index 7352ea973f..3a88dd4044 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -11673,6 +11673,67 @@ A @code{} object serving the GNU Collaborative International Dictonary of English using the @code{gcide} package. @end defvr +@subsubsection Version Control + +The @code{(gnu services version-control)} module provides the following services: + +@subsubheading Git daemon service + +@deffn {Scheme Procedure} git-daemon-service [#:config (git-daemon-configuration)] + +Return a service that runs @command{git daemon}, a simple TCP server to +expose repositiories over the Git protocol for annoymous access. + +The optional @var{config} argument should be a +@code{} object, by default it allows read-only +access to exported@footnote{By creating the magic file +"git-daemon-export-ok" in the repository directory.} repositories under +@file{/srv/git}. + +@end deffn + +@deftp {Data Type} git-daemon-configuration +Data type representing the configuration for @code{git-daemon-service}. + +@table @asis +@item @code{package} (default: @var{git}) +Package object of the Git distributed version control system. + +@item @code{export-all?} (default: @var{#f}) +Whether to allow access for all Git repositories, even if they do not +have the @file{git-daemon-export-ok} file. + +@item @code{base-path} (default: @file{/srv/git}) +Whether to remap all the path requests as relative to the given path. +If you run git daemon with @var{(base-path "/srv/git")} on example.com, +then if you later try to pull @code{git://example.com/hello.git}, git +daemon will interpret the path as @code{/srv/git/hello.git}. + +@item @code{user-path} (default: @var{#f}) +Whether to allow @code{~user} notation to be used in requests. When +specified with empty string, requests to @code{git://host/~alice/foo} is +taken as a request to access @code{foo} repository in the home directory +of user @code{alice}. If @var{(user-path "path")} is specified, the +same request is taken as a request to access @code{path/foo} repository +in the home directory of user @code{alice}. + +@item @code{listen} (default: @var{'()}) +Whether to listen on specific IP addresses or hostnames, defaults to +all. + +@item @code{port} (default: @var{#f}) +Whether to listen on an alternative port, which defaults to 9418. + +@item @code{whitelist} (default: @var{'()}) +If not empty, only allow access to this list of directories. + +@item @code{extra-options} (default: @var{'()}) +Extra options will be passed to @code{git daemon}, please run +@command{man git-daemon} for more information. + +@end table +@end deftp + @node Setuid Programs @subsection Setuid Programs diff --git a/gnu/local.mk b/gnu/local.mk index df7fb4c995..430d05ff3e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -416,6 +416,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/sddm.scm \ %D%/services/spice.scm \ %D%/services/ssh.scm \ + %D%/services/version-control.scm \ %D%/services/web.scm \ %D%/services/xorg.scm \ \ diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm new file mode 100644 index 0000000000..107bc8e77a --- /dev/null +++ b/gnu/services/version-control.scm @@ -0,0 +1,141 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 ng0 +;;; Copyright © 2016 Sou Bunnbu +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services version-control) + #:use-module (gnu services) + #:use-module (gnu services base) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (gnu packages version-control) + #:use-module (gnu packages admin) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:use-module (ice-9 match) + #:export (git-daemon-service + git-daemon-service-type + git-daemon-configuration + git-daemon-configuration?)) + +;;; Commentary: +;;; +;;; Version Control related services. +;;; +;;; Code: + + +;;; +;;; Git daemon. +;;; + +(define-record-type* + git-daemon-configuration + make-git-daemon-configuration + git-daemon-configuration? + (package git-daemon-configuration-package ;package + (default git)) + (export-all? git-daemon-configuration-export-all ;boolean + (default #f)) + (base-path git-daemon-configuration-base-path ;string | #f + (default "/srv/git")) + (user-path git-daemon-configuration-user-path ;string | #f + (default #f)) + (listen git-daemon-configuration-listen ;list of string + (default '())) + (port git-daemon-configuration-port ;number | #f + (default #f)) + (whitelist git-daemon-configuration-whitelist ;list of string + (default '())) + (extra-options git-daemon-configuration-extra-options ;list of string + (default '()))) + +(define git-daemon-shepherd-service + (match-lambda + (($ + package export-all? base-path user-path + listen port whitelist extra-options) + (let* ((git (file-append package "/bin/git")) + (command `(,git + "daemon" "--syslog" "--reuseaddr" + ,@(if export-all? + '("--export-all") + '()) + ,@(if base-path + `(,(string-append "--base-path=" base-path)) + '()) + ,@(if user-path + `(,(string-append "--user-path=" user-path)) + '()) + ,@(map (cut string-append "--listen=" <>) listen) + ,@(if port + `(,(string-append + "--port=" (number->string port))) + '()) + ,@extra-options + ,@whitelist))) + (list (shepherd-service + (documentation "Run the git-daemon.") + (requirement '(networking)) + (provision '(git-daemon)) + (start #~(make-forkexec-constructor '#$command + #:user "git-daemon" + #:group "git-daemon")) + (stop #~(make-kill-destructor)))))))) + +(define %git-daemon-accounts + ;; User account and group for git-daemon. + (list (user-group + (name "git-daemon") + (system? #t)) + (user-account + (name "git-daemon") + (system? #t) + (group "git-daemon") + (comment "Git daemon user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define (git-daemon-activation config) + "Return the activation gexp for git-daemon using CONFIG." + (let ((base-path (git-daemon-configuration-base-path config))) + #~(begin + (use-modules (guix build utils)) + ;; Create the 'base-path' directory when it's not '#f'. + (and=> #$base-path mkdir-p)))) + +(define git-daemon-service-type + (service-type + (name 'git-daemon) + (extensions + (list (service-extension shepherd-root-service-type + git-daemon-shepherd-service) + (service-extension account-service-type + (const %git-daemon-accounts)) + (service-extension activation-service-type + git-daemon-activation))))) + +(define* (git-daemon-service #:key (config (git-daemon-configuration))) + "Return a service that runs @command{git daemon}, a simple TCP server to +expose repositories over the Git protocol for annoymous access. + +The optional @var{config} argument should be a +@code{} object, by default it allows read-only +access to exported repositories under @file{/srv/git}." + (service git-daemon-service-type config)) -- cgit v1.2.3 From be72eb98fa5767b3d28ab431656d8cac048bac10 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 22 Nov 2016 10:19:51 -0500 Subject: gnu: libtiff: Update replacement to 4.0.7. * gnu/packages/image.scm (libtiff)[replacement]: Update to 4.0.7. (libtiff-4.0.7): New variable. Update home-page and source URLs. (libtiff/fixed): Delete variable. * gnu/packages/patches/libtiff-CVE-2016-5652.patch, gnu/packages/patches/libtiff-CVE-2016-9273.patch, gnu/packages/patches/libtiff-CVE-2016-9297.patch, gnu/packages/patches/libtiff-CVE-2016-9448.patch, gnu/packages/patches/libtiff-uint32-overflow.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 5 - gnu/packages/image.scm | 29 ++---- gnu/packages/patches/libtiff-CVE-2016-5652.patch | 47 ---------- gnu/packages/patches/libtiff-CVE-2016-9273.patch | 41 --------- gnu/packages/patches/libtiff-CVE-2016-9297.patch | 52 ----------- gnu/packages/patches/libtiff-CVE-2016-9448.patch | 34 ------- gnu/packages/patches/libtiff-uint32-overflow.patch | 102 --------------------- 7 files changed, 10 insertions(+), 300 deletions(-) delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-5652.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9273.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9297.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9448.patch delete mode 100644 gnu/packages/patches/libtiff-uint32-overflow.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 430d05ff3e..7c6306b5f6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -672,13 +672,8 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5314.patch \ %D%/packages/patches/libtiff-CVE-2016-5321.patch \ %D%/packages/patches/libtiff-CVE-2016-5323.patch \ - %D%/packages/patches/libtiff-CVE-2016-5652.patch \ - %D%/packages/patches/libtiff-CVE-2016-9273.patch \ - %D%/packages/patches/libtiff-CVE-2016-9297.patch \ - %D%/packages/patches/libtiff-CVE-2016-9448.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ - %D%/packages/patches/libtiff-uint32-overflow.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ %D%/packages/patches/libupnp-CVE-2016-6255.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index af412b4c44..526c87cf86 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -243,7 +243,7 @@ (define-public libicns (define-public libtiff (package (name "libtiff") - (replacement libtiff/fixed) + (replacement libtiff-4.0.7) (version "4.0.6") (source (origin (method url-fetch) @@ -283,27 +283,18 @@ (define-public libtiff "See COPYRIGHT in the distribution.")) (home-page "http://www.remotesensing.org/libtiff/"))) -(define libtiff/fixed +(define libtiff-4.0.7 (package (inherit libtiff) + (version "4.0.7") (source (origin - (inherit (package-source libtiff)) - (patches (search-patches - "libtiff-oob-accesses-in-decode.patch" - "libtiff-oob-write-in-nextdecode.patch" - "libtiff-uint32-overflow.patch" - "libtiff-CVE-2015-8665+CVE-2015-8683.patch" - "libtiff-CVE-2016-3623.patch" - "libtiff-CVE-2016-3945.patch" - "libtiff-CVE-2016-3990.patch" - "libtiff-CVE-2016-3991.patch" - "libtiff-CVE-2016-5314.patch" - "libtiff-CVE-2016-5321.patch" - "libtiff-CVE-2016-5323.patch" - "libtiff-CVE-2016-5652.patch" - "libtiff-CVE-2016-9273.patch" - "libtiff-CVE-2016-9297.patch" - "libtiff-CVE-2016-9448.patch")))))) + (method url-fetch) + (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" + version ".tar.gz")) + (sha256 + (base32 + "06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz")))) + (home-page "http://www.simplesystems.org/libtiff/"))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-5652.patch b/gnu/packages/patches/libtiff-CVE-2016-5652.patch deleted file mode 100644 index 54b87d0185..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-5652.patch +++ /dev/null @@ -1,47 +0,0 @@ -Fix CVE-2016-5652 (buffer overflow in t2p_readwrite_pdf_image_tile()). - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652 - -Patches exfiltrated from upstream CVS repo with: -cvs diff -u -r 1.92 -r 1.94 tools/tiff2pdf.c - -Index: tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.92 -retrieving revision 1.94 -diff -u -r1.92 -r1.94 ---- a/tools/tiff2pdf.c 23 Sep 2016 22:12:18 -0000 1.92 -+++ b/tools/tiff2pdf.c 9 Oct 2016 11:03:36 -0000 1.94 -@@ -2887,21 +2887,24 @@ - return(0); - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { -- if (count > 0) { -- _TIFFmemcpy(buffer, jpt, count); -+ if (count >= 4) { -+ /* Ignore EOI marker of JpegTables */ -+ _TIFFmemcpy(buffer, jpt, count - 2); - bufferoffset += count - 2; -+ /* Store last 2 bytes of the JpegTables */ - table_end[0] = buffer[bufferoffset-2]; - table_end[1] = buffer[bufferoffset-1]; -- } -- if (count > 0) { - xuint32 = bufferoffset; -+ bufferoffset -= 2; - bufferoffset += TIFFReadRawTile( - input, - tile, -- (tdata_t) &(((unsigned char*)buffer)[bufferoffset-2]), -+ (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), - -1); -- buffer[xuint32-2]=table_end[0]; -- buffer[xuint32-1]=table_end[1]; -+ /* Overwrite SOI marker of image scan with previously */ -+ /* saved end of JpegTables */ -+ buffer[xuint32-2]=table_end[0]; -+ buffer[xuint32-1]=table_end[1]; - } else { - bufferoffset += TIFFReadRawTile( - input, diff --git a/gnu/packages/patches/libtiff-CVE-2016-9273.patch b/gnu/packages/patches/libtiff-CVE-2016-9273.patch deleted file mode 100644 index 9cd6b3d8c5..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9273.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix CVE-2016-9273: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273 -http://bugzilla.maptools.org/show_bug.cgi?id=2587 - -Patch extracted from upstream CVS repo: - -2016-11-10 Even Rouault - -revision 1.37 -date: 2016-11-09 18:00:49 -0500; author: erouault; state: Exp; lines: +10 -1; commitid: pzKipPxDJO2dxvtz; -* libtiff/tif_strip.c: make TIFFNumberOfStrips() return the td->td_nstrips -value when it is non-zero, instead of recomputing it. This is needed in -TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outsize of -array in tiffsplit (or other utilities using TIFFNumberOfStrips()). -Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2587 - -Index: libtiff/tif_strip.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v -retrieving revision 1.36 -retrieving revision 1.37 -diff -u -r1.36 -r1.37 ---- a/libtiff/tif_strip.c 7 Jun 2015 22:35:40 -0000 1.36 -+++ b/libtiff/tif_strip.c 9 Nov 2016 23:00:49 -0000 1.37 -@@ -63,6 +63,15 @@ - TIFFDirectory *td = &tif->tif_dir; - uint32 nstrips; - -+ /* If the value was already computed and store in td_nstrips, then return it, -+ since ChopUpSingleUncompressedStrip might have altered and resized the -+ since the td_stripbytecount and td_stripoffset arrays to the new value -+ after the initial affectation of td_nstrips = TIFFNumberOfStrips() in -+ tif_dirread.c ~line 3612. -+ See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */ -+ if( td->td_nstrips ) -+ return td->td_nstrips; -+ - nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 : - TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip)); - if (td->td_planarconfig == PLANARCONFIG_SEPARATE) diff --git a/gnu/packages/patches/libtiff-CVE-2016-9297.patch b/gnu/packages/patches/libtiff-CVE-2016-9297.patch deleted file mode 100644 index c9207bbd25..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9297.patch +++ /dev/null @@ -1,52 +0,0 @@ -Fix CVE-2016-9297: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297 -http://bugzilla.maptools.org/show_bug.cgi?id=2590 - -Patch copied from upstream source repository. - -2016-11-11 Even Rouault - - * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that - values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII - access are null terminated, to avoid potential read outside buffer - in _TIFFPrintField(). - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1154; previous revision: 1.1153 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- -libtiff/tif_dirread.c -new revision: 1.203; previous revision: 1.202Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.202 -retrieving revision 1.203 -diff -u -r1.202 -r1.203 ---- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:01:55 -0000 1.202 -+++ libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 -@@ -5000,6 +5000,11 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -+ if( data[dp->tdir_count-1] != '\0' ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); -+ data[dp->tdir_count-1] = '\0'; -+ } - m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data); - if (data!=0) - _TIFFfree(data); -@@ -5172,6 +5177,11 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -+ if( data[dp->tdir_count-1] != '\0' ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); -+ data[dp->tdir_count-1] = '\0'; -+ } - m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data); - if (data!=0) - _TIFFfree(data); diff --git a/gnu/packages/patches/libtiff-CVE-2016-9448.patch b/gnu/packages/patches/libtiff-CVE-2016-9448.patch deleted file mode 100644 index 05a3af8a84..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9448.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2016-9448 (regression caused by fix for CVE-2016-9297). - -http://bugzilla.maptools.org/show_bug.cgi?id=2593 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 - -Patch copied from upstream source repository with: -$ cvs diff -u -r 1.203 -r 1.204 libtiff/libtiff/tif_dirread.c - -Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.203 -retrieving revision 1.204 -diff -u -r1.203 -r1.204 ---- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 -+++ libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 -@@ -5000,7 +5000,7 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -- if( data[dp->tdir_count-1] != '\0' ) -+ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) - { - TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); - data[dp->tdir_count-1] = '\0'; -@@ -5177,7 +5177,7 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -- if( data[dp->tdir_count-1] != '\0' ) -+ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) - { - TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); - data[dp->tdir_count-1] = '\0'; diff --git a/gnu/packages/patches/libtiff-uint32-overflow.patch b/gnu/packages/patches/libtiff-uint32-overflow.patch deleted file mode 100644 index c95126f9a1..0000000000 --- a/gnu/packages/patches/libtiff-uint32-overflow.patch +++ /dev/null @@ -1,102 +0,0 @@ -Fix some buffer overflows: - -http://seclists.org/oss-sec/2016/q4/408 -http://bugzilla.maptools.org/show_bug.cgi?id=2592 - -2016-11-11 Even Rouault - - * tools/tiffcrop.c: fix multiple uint32 overflows in - writeBufferToSeparateStrips(), writeBufferToContigTiles() and - writeBufferToSeparateTiles() that could cause heap buffer -overflows. - Reported by Henri Salo from Nixu Corporation. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2592 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1152; previous revision: 1.1151 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.43; previous revision: 1.42 - -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.42 -retrieving revision 1.43 -diff -u -r1.42 -r1.43 ---- libtiff/tools/tiffcrop.c 14 Oct 2016 19:13:20 -0000 1.42 -+++ libtiff/tools/tiffcrop.c 11 Nov 2016 19:33:06 -0000 1.43 -@@ -148,6 +148,8 @@ - #define PATH_MAX 1024 - #endif - -+#define TIFF_UINT32_MAX 0xFFFFFFFFU -+ - #ifndef streq - #define streq(a,b) (strcmp((a),(b)) == 0) - #endif -@@ -1164,7 +1166,24 @@ - (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); - (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); - bytes_per_sample = (bps + 7) / 8; -- rowsize = ((bps * spp * width) + 7) / 8; /* source has interleaved samples */ -+ if( width == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || -+ bps * spp * width > TIFF_UINT32_MAX - 7U ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (bps * spp * width) + 7"); -+ return 1; -+ } -+ rowsize = ((bps * spp * width) + 7U) / 8; /* source has interleaved samples */ -+ if( bytes_per_sample == 0 || -+ rowsperstrip > TIFF_UINT32_MAX / bytes_per_sample || -+ rowsperstrip * bytes_per_sample > TIFF_UINT32_MAX / (width + 1) ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing rowsperstrip * " -+ "bytes_per_sample * (width + 1)"); -+ return 1; -+ } - rowstripsize = rowsperstrip * bytes_per_sample * (width + 1); - - obuf = _TIFFmalloc (rowstripsize); -@@ -1251,11 +1270,19 @@ - } - } - -+ if( imagewidth == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || -+ bps * spp * imagewidth > TIFF_UINT32_MAX - 7U ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); -+ return 1; -+ } -+ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; -+ - tilebuf = _TIFFmalloc(tile_buffsize); - if (tilebuf == 0) - return 1; -- -- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; - for (row = 0; row < imagelength; row += tl) - { - nrow = (row + tl > imagelength) ? imagelength - row : tl; -@@ -1315,7 +1342,16 @@ - TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); - TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); - TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; -+ -+ if( imagewidth == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || -+ bps * spp * imagewidth > TIFF_UINT32_MAX - 7 ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); -+ return 1; -+ } -+ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; - - for (row = 0; row < imagelength; row += tl) - { -- cgit v1.2.3 From 01f94cca19ebd843d6a518530f8acc4fc61b116b Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 22 Nov 2016 21:38:40 +0100 Subject: gnu: Add 'lvm2-static'. * gnu/packages/patches/lvm2-static-link.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/linux.scm (lvm2)[source](patches): New field. (lvm2-static): New variable. --- gnu/local.mk | 1 + gnu/packages/linux.scm | 19 ++++++++++++++++++- gnu/packages/patches/lvm2-static-link.patch | 14 ++++++++++++++ 3 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/lvm2-static-link.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 7c6306b5f6..49137277f1 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -705,6 +705,7 @@ dist_patch_DATA = \ %D%/packages/patches/luajit-no_ldconfig.patch \ %D%/packages/patches/luajit-symlinks.patch \ %D%/packages/patches/luit-posix.patch \ + %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/make-impure-dirs.patch \ %D%/packages/patches/mars-install.patch \ %D%/packages/patches/mars-sfml-2.3.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 94b9315085..5870723baf 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -1683,7 +1683,8 @@ (define-public lvm2 (("confdir = .*$") "confdir = @sysconfdir@\n") (("DEFAULT_SYS_DIR = @DEFAULT_SYS_DIR@") - "DEFAULT_SYS_DIR = @sysconfdir@")))))) + "DEFAULT_SYS_DIR = @sysconfdir@")))) + (patches (search-patches "lvm2-static-link.patch")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) @@ -1738,6 +1739,22 @@ (define-public lvm2 ;; Command-line tools are GPLv2. (license (list license:gpl2 license:lgpl2.1)))) +(define-public lvm2-static + (package + (inherit lvm2) + (name "lvm2-static") + + ;; Propagate udev because libdevmapper.a depends on libudev. + (inputs (alist-delete "udev" (package-inputs lvm2))) + (propagated-inputs `(("udev" ,eudev))) + + (arguments + (substitute-keyword-arguments (package-arguments lvm2) + ((#:configure-flags flags '()) + ;; LVM2 doesn't use Libtool, hence the custom option. + `(cons "--enable-static_link" ,flags)))) + (synopsis "Logical volume management for Linux (statically linked)"))) + (define-public wireless-tools (package (name "wireless-tools") diff --git a/gnu/packages/patches/lvm2-static-link.patch b/gnu/packages/patches/lvm2-static-link.patch new file mode 100644 index 0000000000..b4b1dd92e1 --- /dev/null +++ b/gnu/packages/patches/lvm2-static-link.patch @@ -0,0 +1,14 @@ +Fix static linking of 'lvm.static', which indirectly depend on libpthread +via libdevmapper.a. + +--- LVM2.2.02.166/tools/Makefile.in 2016-11-22 21:31:15.521045149 +0100 ++++ LVM2.2.02.166/tools/Makefile.in 2016-11-22 21:31:24.085082767 +0100 +@@ -148,7 +148,7 @@ endif + + lvm.static: $(OBJECTS) lvm-static.o $(top_builddir)/lib/liblvm-internal.a $(interfacebuilddir)/libdevmapper.a + $(CC) $(CFLAGS) $(LDFLAGS) -static -L$(interfacebuilddir) -o $@ \ +- $(OBJECTS) lvm-static.o $(LVMLIBS) $(STATIC_LIBS) $(LIBS) ++ $(OBJECTS) lvm-static.o $(LVMLIBS) $(STATIC_LIBS) $(LIBS) $(PTHREAD_LIBS) + + liblvm2cmd.a: $(top_builddir)/lib/liblvm-internal.a $(OBJECTS) lvmcmdlib.o lvm2cmd.o + cat $(top_builddir)/lib/liblvm-internal.a > $@ -- cgit v1.2.3