From 56ac2bf442c0639f498cdea2db4f3e57cdb49140 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 02:14:28 -0500 Subject: gnu: pixman: Add fix for CVE-2016-5296. * gnu/packages/patches/pixman-CVE-2016-5296.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/xdisorg.scm (pixman)[replacement]: New field. (pixman/fixed): New variable. --- gnu/local.mk | 1 + 1 file changed, 1 insertion(+) (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 08f99c4836..8a8b7434ad 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -785,6 +785,7 @@ dist_patch_DATA = \ %D%/packages/patches/pinball-src-deps.patch \ %D%/packages/patches/pinball-system-ltdl.patch \ %D%/packages/patches/pingus-sdl-libs-config.patch \ + %D%/packages/patches/pixman-CVE-2016-5296.patch \ %D%/packages/patches/plink-1.07-unclobber-i.patch \ %D%/packages/patches/plink-endian-detection.patch \ %D%/packages/patches/plotutils-libpng-jmpbuf.patch \ -- cgit v1.2.3 From 1a87aa75671ad6567cd57fce0936220862107478 Mon Sep 17 00:00:00 2001 From: Mark H Weaver Date: Wed, 16 Nov 2016 04:38:27 -0500 Subject: gnu: icecat: Add fixes from Firefox ESR 45.5.0. Includes fixes for CVE-2016-5290, CVE-2016-5291, CVE-2016-5297, CVE-2016-9064, and CVE-2016-9066. * gnu/packages/gnuzilla.scm (icecat)[source][patches]: Add fixes for aforementioned CVEs and other selected fixes from Firefox ESR 45.5.0. Note that the first six patches of CVE-2016-5290 and the patch for CVE-2016-9066 were already present, but were labeled by mozilla bug number instead of CVE. * gnu/packages/patches/icecat-CVE-2016-9064.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + gnu/packages/gnuzilla.scm | 30 +- gnu/packages/patches/icecat-CVE-2016-9064.patch | 996 ++++++++++++++++++++++++ 3 files changed, 1020 insertions(+), 7 deletions(-) create mode 100644 gnu/packages/patches/icecat-CVE-2016-9064.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 8a8b7434ad..3989cb831b 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -612,6 +612,7 @@ dist_patch_DATA = \ %D%/packages/patches/hypre-ldflags.patch \ %D%/packages/patches/icecat-avoid-bundled-libraries.patch \ %D%/packages/patches/icecat-binutils.patch \ + %D%/packages/patches/icecat-CVE-2016-9064.patch \ %D%/packages/patches/icu4c-CVE-2014-6585.patch \ %D%/packages/patches/icu4c-CVE-2015-1270.patch \ %D%/packages/patches/icu4c-CVE-2015-4760.patch \ diff --git a/gnu/packages/gnuzilla.scm b/gnu/packages/gnuzilla.scm index 6bfe90f9f5..267c621c41 100644 --- a/gnu/packages/gnuzilla.scm +++ b/gnu/packages/gnuzilla.scm @@ -346,13 +346,29 @@ standards.") ,(mozilla-patch "icecat-CVE-2016-5284-pt5.patch" "0799490f4e6f" "1ypv6i48nabbhcqbach8fbgz9bmnhm7q5z9dnfid44z8g54l3f33") ,(mozilla-patch "icecat-CVE-2016-5284-pt6.patch" "fc990e4ae8bc" "1s2cj505ajwwiy4xvn5zlmyzqpgahxmqqvis0a6xm6mjbjh02gm4") ,(mozilla-patch "icecat-bug-1251088.patch" "5ffa912ed83e" "0v5lpv3c89c2d4y5acn0kyijv096axdnrvaj5ya5yypzfcaqxv24") - ,(mozilla-patch "icecat-bug-1292590.patch" "d4b5b8f3e373" "0w8cxn6ryhgxryy8k8i06yw4mknv509ns9ff1avd0hmgxa83mcdp") - ,(mozilla-patch "icecat-bug-1298169.patch" "adce603ae36d" "0mgs85cwx61bk17r7npl311l4m8yn4667wyhgjmm2ajiys6nn0yl") - ,(mozilla-patch "icecat-bug-1301496.patch" "97268426bb6f" "1z7hg796cgag025gm9pp2szz7w870s7naagdri1dlsilj797v8hr") - ,(mozilla-patch "icecat-bug-1299519.patch" "fc055950b6b8" "05iml5k3rzc653jk4imd111sh18625jxfxkcj12kjdihl0gdr4x4") - ,(mozilla-patch "icecat-bug-1303710.patch" "6f845c23565b" "01dlbnmpsnwr448fajs276y62gl03r74k1hxnwsg6ihwhnfdvn5a") - ,(mozilla-patch "icecat-bug-1301343.patch" "e5d51ca7a3c0" "0hshcz24hc6pkz5pcqxhajm17ibwrlfn1s00frfnpjjy56vacfz0") - ,(mozilla-patch "icecat-bug-1299686.patch" "576f1725a57e" "1lic9d3r8r1vcniw1g3ca71390lw3dmwjsw55dp6z96hyjbcq3fd"))) + ,(mozilla-patch "icecat-CVE-2016-5290-pt1.patch" "d4b5b8f3e373" "0w8cxn6ryhgxryy8k8i06yw4mknv509ns9ff1avd0hmgxa83mcdp") + ,(mozilla-patch "icecat-CVE-2016-5290-pt2.patch" "adce603ae36d" "0mgs85cwx61bk17r7npl311l4m8yn4667wyhgjmm2ajiys6nn0yl") + ,(mozilla-patch "icecat-CVE-2016-5290-pt3.patch" "97268426bb6f" "1z7hg796cgag025gm9pp2szz7w870s7naagdri1dlsilj797v8hr") + ,(mozilla-patch "icecat-CVE-2016-5290-pt4.patch" "fc055950b6b8" "05iml5k3rzc653jk4imd111sh18625jxfxkcj12kjdihl0gdr4x4") + ,(mozilla-patch "icecat-CVE-2016-5290-pt5.patch" "6f845c23565b" "01dlbnmpsnwr448fajs276y62gl03r74k1hxnwsg6ihwhnfdvn5a") + ,(mozilla-patch "icecat-CVE-2016-5290-pt6.patch" "e5d51ca7a3c0" "0hshcz24hc6pkz5pcqxhajm17ibwrlfn1s00frfnpjjy56vacfz0") + ,(mozilla-patch "icecat-CVE-2016-5290-pt7.patch" "61d1463acd04" "1iig4a79dxmfcr6w82mdhyl88wy7d36g5n4p24632kbabgl9j9sz") + ,(mozilla-patch "icecat-CVE-2016-5290-pt8.patch" "8e0bab4216de" "1knq8h5ni8crfndi3p78b2pyj5lzchqw67vk0yx061r76mq4wp4r") + ,(mozilla-patch "icecat-CVE-2016-5290-pt9.patch" "bb10104dc89e" "1flvagckrzfk7hs2xzb5j3s5i0ck57ygyskh5494xmpa2a1nnsqj") + ,(mozilla-patch "icecat-CVE-2016-5290-pt10.patch" "7006b275b829" "0sqagm247wx94mf51fyhdkn0vf1a1qy9i829shjnhssd79srxmnn") + ,(mozilla-patch "icecat-CVE-2016-5290-pt11.patch" "32ce7be98543" "1y2r9i4p1qpqi75mlwmibr51whz5h1vj28c6mh6ik57dxkqxbclb") + ,(mozilla-patch "icecat-CVE-2016-5291.patch" "3ff0c89f3b26" "1prn74aglshaj27jfrpd2s2i4slpljw4rbzjxc1qgwjvkq4m6j6f") + ,(mozilla-patch "icecat-CVE-2016-5296.patch" "5e39c1c2fded" "0rjza37gvpzhbqfmpad33kljnpl1yfd9wm8xf7ll6bay3m8cqj6j") + ,(mozilla-patch "icecat-CVE-2016-5297.patch" "46b07bdbf8b2" "1n8y1c5l0ms81dra7jsx8mp633ak5qvx105drvlg9hn3m0fwv1lj") + ,(search-patch "icecat-CVE-2016-9064.patch") ; adapted for icecat based on: + ; "00c2b7baaa0b" "0y02yb7r62656nq9dji9dnwils2lxqasjz5byv62j1xa87r7f9hp" + ,(mozilla-patch "icecat-CVE-2016-9066.patch" "576f1725a57e" "1lic9d3r8r1vcniw1g3ca71390lw3dmwjsw55dp6z96hyjbcq3fd") + ,(mozilla-patch "icecat-bug-1212939.patch" "4a0e851f83e4" "182vx1qxrr7r2175jjf0bcixwwm1khdj4sq0c8wnsyry7p9waq5q") + ,(mozilla-patch "icecat-bug-1168743.patch" "a1e06af61ab3" "07llk1ba6axjasiv30vicz96k55ff4mybxy21vjxk6j0asgyjz23") + ,(mozilla-patch "icecat-bug-1287176.patch" "0569d5dce9db" "1d41sqbq6jc3af73dz9w19win7v7c12kw1mp7j7b1gkadq46c4y7") + ,(mozilla-patch "icecat-bug-1263665.patch" "a79cafee93f4" "0bn7hpm8mh8qmkpz5wiridr792irrs5sjxyvryazy2i0p4pjh62p") + ,(mozilla-patch "icecat-bug-1304962.patch" "f61049d5f373" "04d1na31qqq7yq4jjvhq6vzqq3f23rwac8c6fw4h5fx1pdb3l997") + ,(mozilla-patch "icecat-bug-1314574.patch" "46b2558ca469" "00q8676xg4wb7p371wgi04nl05j7idkb2kna9a0l08k6lks9wdhh"))) (modules '((guix build utils))) (snippet '(begin diff --git a/gnu/packages/patches/icecat-CVE-2016-9064.patch b/gnu/packages/patches/icecat-CVE-2016-9064.patch new file mode 100644 index 0000000000..a5393815e0 --- /dev/null +++ b/gnu/packages/patches/icecat-CVE-2016-9064.patch @@ -0,0 +1,996 @@ +Copied from + +but with one hunk omitted: the git binary patch for +toolkit/mozapps/extensions/test/addons/test_update_multi2/addon.xpi +which is not present in the IceCat sources. + +# HG changeset patch +# User Andrew Swan +# Date 1474063218 25200 +# Node ID 00c2b7baaa0b4bfb7d5f1aac31c094ea6b255e1f +# Parent 46b07bdbf8b20cf3fdc28104add57ff58a55832b +Bug 1303418 - Don't allow upgrades that change the addon ID. r=mossop, a=lizzard + +MozReview-Commit-ID: JHINo8ShmeI + +diff --git a/toolkit/mozapps/extensions/AddonManager.jsm b/toolkit/mozapps/extensions/AddonManager.jsm +--- a/toolkit/mozapps/extensions/AddonManager.jsm ++++ b/toolkit/mozapps/extensions/AddonManager.jsm +@@ -2956,16 +2956,18 @@ this.AddonManager = { + // The downloaded file seems to be corrupted in some way. + ERROR_CORRUPT_FILE: -3, + // An error occured trying to write to the filesystem. + ERROR_FILE_ACCESS: -4, + // The add-on must be signed and isn't. + ERROR_SIGNEDSTATE_REQUIRED: -5, + // The downloaded add-on had a different type than expected. + ERROR_UNEXPECTED_ADDON_TYPE: -6, ++ // The addon did not have the expected ID ++ ERROR_INCORRECT_ID: -7, + + // These must be kept in sync with AddonUpdateChecker. + // No error was encountered. + UPDATE_STATUS_NO_ERROR: 0, + // The update check timed out + UPDATE_STATUS_TIMEOUT: -1, + // There was an error while downloading the update information. + UPDATE_STATUS_DOWNLOAD_ERROR: -2, +diff --git a/toolkit/mozapps/extensions/internal/XPIProvider.jsm b/toolkit/mozapps/extensions/internal/XPIProvider.jsm +--- a/toolkit/mozapps/extensions/internal/XPIProvider.jsm ++++ b/toolkit/mozapps/extensions/internal/XPIProvider.jsm +@@ -5473,16 +5473,37 @@ AddonInstall.prototype = { + // loadManifestFromZipReader performs the certificate verification for us + this.addon = yield loadManifestFromZipReader(zipreader, this.installLocation); + } + catch (e) { + zipreader.close(); + return Promise.reject([AddonManager.ERROR_CORRUPT_FILE, e]); + } + ++ if (this.existingAddon) { ++ // Check various conditions related to upgrades ++ if (this.addon.id != this.existingAddon.id) { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_INCORRECT_ID, ++ `Refusing to upgrade addon ${this.existingAddon.id} to different ID ${this.addon.id}`]); ++ } ++ ++ if (this.addon.type == "multipackage") { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, ++ `Refusing to upgrade addon ${this.existingAddon.id} to a multi-package xpi`]); ++ } ++ ++ if (this.existingAddon.type == "webextension" && this.addon.type != "webextension") { ++ zipreader.close(); ++ return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, ++ "Webextensions may not be updated to other extension types"]); ++ } ++ } ++ + if (mustSign(this.addon.type)) { + if (this.addon.signedState <= AddonManager.SIGNEDSTATE_MISSING) { + // This add-on isn't properly signed by a signature that chains to the + // trusted root. + let state = this.addon.signedState; + this.addon = null; + zipreader.close(); + +@@ -5510,23 +5531,16 @@ AddonInstall.prototype = { + } else { + zipreader.close(); + return Promise.reject([AddonManager.ERROR_CORRUPT_FILE, + "XPI is incorrectly signed"]); + } + } + } + +- if (this.existingAddon && this.existingAddon.type == "webextension" && +- this.addon.type != "webextension") { +- zipreader.close(); +- return Promise.reject([AddonManager.ERROR_UNEXPECTED_ADDON_TYPE, +- "WebExtensions may not be upated to other extension types"]); +- } +- + if (this.addon.type == "multipackage") + return this._loadMultipackageManifests(zipreader); + + zipreader.close(); + + this.updateAddonURIs(); + + this.addon._install = this; +@@ -5791,16 +5805,17 @@ AddonInstall.prototype = { + else { + // TODO Should we send some event here (bug 557716)? + this.state = AddonManager.STATE_CHECKING; + new UpdateChecker(this.addon, { + onUpdateFinished: aAddon => this.downloadCompleted(), + }, AddonManager.UPDATE_WHEN_ADDON_INSTALLED); + } + }, ([error, message]) => { ++ this.removeTemporaryFile(); + this.downloadFailed(error, message); + }); + } + else { + if (aRequest instanceof Ci.nsIHttpChannel) + this.downloadFailed(AddonManager.ERROR_NETWORK_FAILURE, + aRequest.responseStatus + " " + + aRequest.responseStatusText); +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi1/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf b/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi1/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ updatemulti@tests.mozilla.org ++ 1.0 ++ http://localhost:4444/data/test_update_multi.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_update_multi2/install.rdf +@@ -0,0 +1,9 @@ ++ ++ ++ ++ updatemulti@tests.mozilla.org ++ 32 ++ 2.0 ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid1/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid1/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ addon1@tests.mozilla.org ++ 1.0 ++ http://localhost:4444/data/test_updateid.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid2/bootstrap.js +@@ -0,0 +1,5 @@ ++ ++function install(data, reason) {} ++function startup(data, reason) {} ++function shutdown(data, reason) {} ++function uninstall(data, reason) {} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/addons/test_updateid2/install.rdf +@@ -0,0 +1,16 @@ ++ ++ ++ ++ addon1.changed@tests.mozilla.org ++ 2.0 ++ http://localhost:4444/data/test_updateid.rdf ++ true ++ Test Addon 1 ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ ++ ++ +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid2_2/install.rdf ++++ /dev/null +@@ -1,24 +0,0 @@ +- +- +- +- +- +- addon2@tests.mozilla.org +- 2.0 +- http://localhost:4444/data/test_updateid.rdf +- +- +- Test 2 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid2_5/install.rdf ++++ /dev/null +@@ -1,24 +0,0 @@ +- +- +- +- +- +- addon2@tests.mozilla.org +- 5.0 +- http://localhost:4444/data/test_updateid.rdf +- +- +- Test 2 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/bootstrap.js ++++ /dev/null +@@ -1,21 +0,0 @@ +-Components.utils.import("resource://gre/modules/Services.jsm"); +- +-function install(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 3); +- Services.prefs.setIntPref("bootstraptest.install_reason", reason); +-} +- +-function startup(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 3); +- Services.prefs.setIntPref("bootstraptest.startup_reason", reason); +-} +- +-function shutdown(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 0); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", reason); +-} +- +-function uninstall(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 0); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", reason); +-} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid3_3/install.rdf ++++ /dev/null +@@ -1,25 +0,0 @@ +- +- +- +- +- +- addon3@tests.mozilla.org +- 3.0 +- http://localhost:4444/data/test_updateid.rdf +- true +- +- +- Test 3 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js b/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/bootstrap.js ++++ /dev/null +@@ -1,21 +0,0 @@ +-Components.utils.import("resource://gre/modules/Services.jsm"); +- +-function install(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 4); +- Services.prefs.setIntPref("bootstraptest.install_reason", reason); +-} +- +-function startup(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 4); +- Services.prefs.setIntPref("bootstraptest.startup_reason", reason); +-} +- +-function shutdown(data, reason) { +- Services.prefs.setIntPref("bootstraptest.active_version", 0); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", reason); +-} +- +-function uninstall(data, reason) { +- Services.prefs.setIntPref("bootstraptest.installed_version", 0); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", reason); +-} +diff --git a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf b/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf +deleted file mode 100644 +--- a/toolkit/mozapps/extensions/test/addons/test_updateid4_4/install.rdf ++++ /dev/null +@@ -1,25 +0,0 @@ +- +- +- +- +- +- addon4@tests.mozilla.org +- 4.0 +- http://localhost:4444/data/test_updateid.rdf +- true +- +- +- Test 4 +- Test Description +- +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- +- +- +- +- +diff --git a/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf b/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf +new file mode 100644 +--- /dev/null ++++ b/toolkit/mozapps/extensions/test/xpcshell/data/test_update_multi.rdf +@@ -0,0 +1,26 @@ ++ ++ ++ ++ ++ ++ ++ ++
  • ++ ++ 2.0 ++ ++ ++ xpcshell@tests.mozilla.org ++ 1 ++ 1 ++ http://localhost:4444/addons/test_update_multi2.xpi ++ ++ ++ ++
    • ++     ++     ++     ++ ++     +diff --git a/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf b/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf +--- a/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf ++++ b/toolkit/mozapps/extensions/test/xpcshell/data/test_updateid.rdf +@@ -9,77 +9,17 @@ +
  • + + 2.0 + + + xpcshell@tests.mozilla.org + 1 + 1 +- http://localhost:4444/addons/test_updateid2_2.xpi +- +- +- +-
    • +- +- +- +- +- +- +- +-
  • +- +- 3.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid3_3.xpi +- +- +- +-
    • +-     +-     +-     +- +- +- +- +-
  • +- +- 4.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid4_4.xpi +- +- +- +-
    • +-     +-     +-     +- +- +- +- +-
  • +- +- 5.0 +- +- +- xpcshell@tests.mozilla.org +- 1 +- 1 +- http://localhost:4444/addons/test_updateid2_5.xpi ++ http://localhost:4444/addons/test_updateid2.xpi + + + +
    • +     +     +     + +diff --git a/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js b/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js +--- a/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js ++++ b/toolkit/mozapps/extensions/test/xpcshell/test_updateid.js +@@ -2,421 +2,85 @@ + * http://creativecommons.org/publicdomain/zero/1.0/ + */ + + // This verifies that updating an add-on to a new ID works + + // The test extension uses an insecure update url. + Services.prefs.setBoolPref("extensions.checkUpdateSecurity", false); + +-Components.utils.import("resource://testing-common/httpd.js"); +-var testserver; + const profileDir = gProfD.clone(); + profileDir.append("extensions"); + +-function resetPrefs() { +- Services.prefs.setIntPref("bootstraptest.active_version", -1); +- Services.prefs.setIntPref("bootstraptest.installed_version", -1); +- Services.prefs.setIntPref("bootstraptest.startup_reason", -1); +- Services.prefs.setIntPref("bootstraptest.shutdown_reason", -1); +- Services.prefs.setIntPref("bootstraptest.install_reason", -1); +- Services.prefs.setIntPref("bootstraptest.uninstall_reason", -1); +-} +- +-function getActiveVersion() { +- return Services.prefs.getIntPref("bootstraptest.active_version"); +-} +- +-function getInstalledVersion() { +- return Services.prefs.getIntPref("bootstraptest.installed_version"); +-} +- +-function run_test() { +- createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1.9.2"); +- +- // Create and configure the HTTP server. +- testserver = new HttpServer(); +- testserver.registerDirectory("/data/", do_get_file("data")); +- testserver.registerDirectory("/addons/", do_get_file("addons")); +- testserver.start(4444); +- +- do_test_pending(); +- run_test_1(); +-} +- +-function end_test() { +- testserver.stop(do_test_finished); +-} +- +-function installUpdate(aInstall, aCallback) { +- aInstall.addListener({ +- onInstallEnded: function(aInstall) { +- // give the startup time to run +- do_execute_soon(function() { +- aCallback(aInstall); +- }); +- } +- }); +- +- aInstall.install(); +-} +- +-// Verify that an update to an add-on with a new ID uninstalls the old add-on +-function run_test_1() { +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- +- startupManager(); +- +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); ++function promiseInstallUpdate(install) { ++ return new Promise((resolve, reject) => { ++ install.addListener({ ++ onDownloadFailed: () => { ++ let err = new Error("download error"); ++ err.code = install.error; ++ reject(err); ++ }, ++ onInstallFailed: () => { ++ let err = new Error("install error"); ++ err.code = install.error; ++ reject(err); ++ }, ++ onInstallEnded: resolve, ++ }); + +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- do_check_eq(install.name, addon.name); +- do_check_eq(install.version, "2.0"); +- do_check_eq(install.state, AddonManager.STATE_AVAILABLE); +- do_check_eq(install.existingAddon, a1); +- +- installUpdate(install, check_test_1); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_1(install) { +- AddonManager.getAddonByID("addon1@tests.mozilla.org", callback_soon(function(a1) { +- // Existing add-on should have a pending upgrade +- do_check_neq(a1.pendingUpgrade, null); +- do_check_eq(a1.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a1.pendingUpgrade.install.existingAddon, a1); +- do_check_neq(a1.syncGUID); +- +- let a1SyncGUID = a1.syncGUID; +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have uninstalled the old and installed the new +- do_check_eq(a1, null); +- do_check_neq(a2, null); +- do_check_neq(a2.syncGUID, null); +- +- // The Sync GUID should change when the ID changes +- do_check_neq(a1SyncGUID, a2.syncGUID); +- +- a2.uninstall(); +- +- do_execute_soon(run_test_2); +- }); +- })); +-} +- +-// Test that when the new add-on already exists we just upgrade that +-function run_test_2() { +- restartManager(); +- shutdownManager(); +- +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- writeInstallRDFForExtension({ +- id: "addon2@tests.mozilla.org", +- version: "1.0", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 2", +- }, profileDir); +- +- startupManager(); +- +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); +- +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_2); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ install.install(); + }); + } + +-function check_test_2(install) { +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a1, a2]) { +- do_check_eq(a1.pendingUpgrade, null); +- // Existing add-on should have a pending upgrade +- do_check_neq(a2.pendingUpgrade, null); +- do_check_eq(a2.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a2.pendingUpgrade.install.existingAddon, a2); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have uninstalled the old and installed the new +- do_check_neq(a1, null); +- do_check_neq(a2, null); +- +- a1.uninstall(); +- a2.uninstall(); +- +- do_execute_soon(run_test_3); +- }); +- })); +-} +- +-// Test that we rollback correctly when removing the old add-on fails +-function run_test_3() { +- restartManager(); +- shutdownManager(); +- +- // This test only works on Windows +- if (!("nsIWindowsRegKey" in AM_Ci)) { +- run_test_4(); +- return; +- } +- +- writeInstallRDFForExtension({ +- id: "addon1@tests.mozilla.org", +- version: "1.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 1", +- }, profileDir); +- +- startupManager(); ++// Create and configure the HTTP server. ++let testserver = createHttpServer(4444); ++testserver.registerDirectory("/data/", do_get_file("data")); ++testserver.registerDirectory("/addons/", do_get_file("addons")); + +- AddonManager.getAddonByID("addon1@tests.mozilla.org", function(a1) { +- do_check_neq(a1, null); +- do_check_eq(a1.version, "1.0"); +- +- a1.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_3); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_3(install) { +- AddonManager.getAddonByID("addon1@tests.mozilla.org", callback_soon(function(a1) { +- // Existing add-on should have a pending upgrade +- do_check_neq(a1.pendingUpgrade, null); +- do_check_eq(a1.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- do_check_eq(a1.pendingUpgrade.install.existingAddon, a1); +- +- // Lock the old add-on open so it can't be uninstalled +- var file = profileDir.clone(); +- file.append("addon1@tests.mozilla.org"); +- if (!file.exists()) +- file.leafName += ".xpi"; +- else +- file.append("install.rdf"); +- +- var fstream = AM_Cc["@mozilla.org/network/file-output-stream;1"]. +- createInstance(AM_Ci.nsIFileOutputStream); +- fstream.init(file, FileUtils.MODE_APPEND | FileUtils.MODE_WRONLY, FileUtils.PERMS_FILE, 0); +- +- restartManager(); +- +- fstream.close(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a1, a2]) { +- // Should not have installed the new add-on but it should still be +- // pending install +- do_check_neq(a1, null); +- do_check_eq(a2, null); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon1@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a1, a2]) { +- // Should have installed the new add-on +- do_check_eq(a1, null); +- do_check_neq(a2, null); +- +- a2.uninstall(); +- +- do_execute_soon(run_test_4); +- }); +- })); +- })); ++function run_test() { ++ createAppInfo("xpcshell@tests.mozilla.org", "XPCShell", "1", "1.9.2"); ++ startupManager(); ++ run_next_test(); + } + +-// Tests that upgrading to a bootstrapped add-on works but requires a restart +-function run_test_4() { +- restartManager(); +- shutdownManager(); +- +- writeInstallRDFForExtension({ +- id: "addon2@tests.mozilla.org", +- version: "2.0", +- updateURL: "http://localhost:4444/data/test_updateid.rdf", +- targetApplications: [{ +- id: "xpcshell@tests.mozilla.org", +- minVersion: "1", +- maxVersion: "1" +- }], +- name: "Test Addon 2", +- }, profileDir); +- +- startupManager(); +- +- resetPrefs(); +- +- AddonManager.getAddonByID("addon2@tests.mozilla.org", function(a2) { +- do_check_neq(a2, null); +- do_check_neq(a2.syncGUID, null); +- do_check_eq(a2.version, "2.0"); +- +- a2.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_4); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_4() { +- AddonManager.getAddonsByIDs(["addon2@tests.mozilla.org", +- "addon3@tests.mozilla.org"], +- callback_soon(function([a2, a3]) { +- // Should still be pending install even though the new add-on is restartless +- do_check_neq(a2, null); +- do_check_eq(a3, null); +- +- do_check_neq(a2.pendingUpgrade, null); +- do_check_eq(a2.pendingUpgrade.id, "addon3@tests.mozilla.org"); +- +- do_check_eq(getInstalledVersion(), -1); +- do_check_eq(getActiveVersion(), -1); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon2@tests.mozilla.org", +- "addon3@tests.mozilla.org"], function([a2, a3]) { +- // Should have updated +- do_check_eq(a2, null); +- do_check_neq(a3, null); +- +- do_check_eq(getInstalledVersion(), 3); +- do_check_eq(getActiveVersion(), 3); +- +- do_execute_soon(run_test_5); +- }); +- })); +-} +- +-// Tests that upgrading to another bootstrapped add-on works without a restart +-function run_test_5() { +- AddonManager.getAddonByID("addon3@tests.mozilla.org", function(a3) { +- do_check_neq(a3, null); +- do_check_eq(a3.version, "3.0"); ++// Verify that an update to an add-on with a new ID fails ++add_task(function* test_update_new_id() { ++ yield promiseInstallAllFiles([do_get_addon("test_updateid1")]); + +- a3.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_5); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} +- +-function check_test_5() { +- AddonManager.getAddonsByIDs(["addon3@tests.mozilla.org", +- "addon4@tests.mozilla.org"], +- callback_soon(function([a3, a4]) { +- // Should have updated +- do_check_eq(a3, null); +- do_check_neq(a4, null); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); +- +- restartManager(); +- +- AddonManager.getAddonsByIDs(["addon3@tests.mozilla.org", +- "addon4@tests.mozilla.org"], function([a3, a4]) { +- // Should still be gone +- do_check_eq(a3, null); +- do_check_neq(a4, null); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); +- +- run_test_6(); +- }); +- })); +-} ++ let addon = yield promiseAddonByID("addon1@tests.mozilla.org"); ++ do_check_neq(addon, null); ++ do_check_eq(addon.version, "1.0"); + +-// Tests that upgrading to a non-bootstrapped add-on works but requires a restart +-function run_test_6() { +- AddonManager.getAddonByID("addon4@tests.mozilla.org", function(a4) { +- do_check_neq(a4, null); +- do_check_eq(a4.version, "4.0"); +- +- a4.findUpdates({ +- onUpdateAvailable: function(addon, install) { +- installUpdate(install, check_test_6); +- } +- }, AddonManager.UPDATE_WHEN_USER_REQUESTED); +- }); +-} ++ let update = yield promiseFindAddonUpdates(addon, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ let install = update.updateAvailable; ++ do_check_eq(install.name, addon.name); ++ do_check_eq(install.version, "2.0"); ++ do_check_eq(install.state, AddonManager.STATE_AVAILABLE); ++ do_check_eq(install.existingAddon, addon); + +-function check_test_6() { +- AddonManager.getAddonsByIDs(["addon4@tests.mozilla.org", +- "addon2@tests.mozilla.org"], +- callback_soon(function([a4, a2]) { +- // Should still be pending install even though the old add-on is restartless +- do_check_neq(a4, null); +- do_check_eq(a2, null); +- +- do_check_neq(a4.pendingUpgrade, null); +- do_check_eq(a4.pendingUpgrade.id, "addon2@tests.mozilla.org"); +- +- do_check_eq(getInstalledVersion(), 4); +- do_check_eq(getActiveVersion(), 4); ++ yield Assert.rejects(promiseInstallUpdate(install), ++ function(err) { return err.code == AddonManager.ERROR_INCORRECT_ID }, ++ "Upgrade to a different ID fails"); + +- restartManager(); ++ addon.uninstall(); ++}); + +- AddonManager.getAddonsByIDs(["addon4@tests.mozilla.org", +- "addon2@tests.mozilla.org"], function([a4, a2]) { +- // Should have updated +- do_check_eq(a4, null); +- do_check_neq(a2, null); ++// Verify that an update to a multi-package xpi fails ++add_task(function* test_update_new_id() { ++ yield promiseInstallAllFiles([do_get_addon("test_update_multi1")]); + +- do_check_eq(getInstalledVersion(), 0); +- do_check_eq(getActiveVersion(), 0); ++ let addon = yield promiseAddonByID("updatemulti@tests.mozilla.org"); ++ do_check_neq(addon, null); ++ do_check_eq(addon.version, "1.0"); + +- end_test(); +- }); +- })); +-} ++ let update = yield promiseFindAddonUpdates(addon, AddonManager.UPDATE_WHEN_USER_REQUESTED); ++ let install = update.updateAvailable; ++ do_check_eq(install.name, addon.name); ++ do_check_eq(install.version, "2.0"); ++ do_check_eq(install.state, AddonManager.STATE_AVAILABLE); ++ do_check_eq(install.existingAddon, addon); ++ ++ yield Assert.rejects(promiseInstallUpdate(install), ++ function(err) { return err.code == AddonManager.ERROR_UNEXPECTED_ADDON_TYPE }, ++ "Upgrade to a multipackage xpi fails"); ++ ++ addon.uninstall(); ++}); + -- cgit v1.2.3 From 7cea56e2ac3b0a5030cbd10783865b6985c01b22 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 15 Nov 2016 14:16:37 -0500 Subject: gnu: libtiff: Fix CVE-2016-9297. * gnu/packages/patches/libtiff-CVE-2016-9297.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 3 +- gnu/packages/patches/libtiff-CVE-2016-9297.patch | 52 ++++++++++++++++++++++++ 3 files changed, 55 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/libtiff-CVE-2016-9297.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 3989cb831b..2087b8c701 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -668,6 +668,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5323.patch \ %D%/packages/patches/libtiff-CVE-2016-5652.patch \ %D%/packages/patches/libtiff-CVE-2016-9273.patch \ + %D%/packages/patches/libtiff-CVE-2016-9297.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index cd123b5298..1f3a775c16 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -300,7 +300,8 @@ collection of tools for doing simple manipulations of TIFF images.") "libtiff-CVE-2016-5321.patch" "libtiff-CVE-2016-5323.patch" "libtiff-CVE-2016-5652.patch" - "libtiff-CVE-2016-9273.patch")))))) + "libtiff-CVE-2016-9273.patch" + "libtiff-CVE-2016-9297.patch")))))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-9297.patch b/gnu/packages/patches/libtiff-CVE-2016-9297.patch new file mode 100644 index 0000000000..c9207bbd25 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-9297.patch @@ -0,0 +1,52 @@ +Fix CVE-2016-9297: + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297 +http://bugzilla.maptools.org/show_bug.cgi?id=2590 + +Patch copied from upstream source repository. + +2016-11-11 Even Rouault + + * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that + values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII + access are null terminated, to avoid potential read outside buffer + in _TIFFPrintField(). + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 + + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1154; previous revision: 1.1153 +/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- +libtiff/tif_dirread.c +new revision: 1.203; previous revision: 1.202Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.202 +retrieving revision 1.203 +diff -u -r1.202 -r1.203 +--- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:01:55 -0000 1.202 ++++ libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 +@@ -5000,6 +5000,11 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; ++ if( data[dp->tdir_count-1] != '\0' ) ++ { ++ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); ++ data[dp->tdir_count-1] = '\0'; ++ } + m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data); + if (data!=0) + _TIFFfree(data); +@@ -5172,6 +5177,11 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; ++ if( data[dp->tdir_count-1] != '\0' ) ++ { ++ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); ++ data[dp->tdir_count-1] = '\0'; ++ } + m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data); + if (data!=0) + _TIFFfree(data); -- cgit v1.2.3 From 1339a8ed1cfe2e6087b26e44a8a593d7f1a3f892 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 15 Nov 2016 15:26:53 -0500 Subject: gnu: libtiff: Fix some buffer overflows. * gnu/packages/patches/libtiff-uint32-overflow.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 1 + gnu/packages/patches/libtiff-uint32-overflow.patch | 102 +++++++++++++++++++++ 3 files changed, 104 insertions(+) create mode 100644 gnu/packages/patches/libtiff-uint32-overflow.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 2087b8c701..a5b75c1891 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -671,6 +671,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-9297.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ + %D%/packages/patches/libtiff-uint32-overflow.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ %D%/packages/patches/libupnp-CVE-2016-6255.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 1f3a775c16..8f08fad153 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -291,6 +291,7 @@ collection of tools for doing simple manipulations of TIFF images.") (patches (search-patches "libtiff-oob-accesses-in-decode.patch" "libtiff-oob-write-in-nextdecode.patch" + "libtiff-uint32-overflow.patch" "libtiff-CVE-2015-8665+CVE-2015-8683.patch" "libtiff-CVE-2016-3623.patch" "libtiff-CVE-2016-3945.patch" diff --git a/gnu/packages/patches/libtiff-uint32-overflow.patch b/gnu/packages/patches/libtiff-uint32-overflow.patch new file mode 100644 index 0000000000..b9b1bc27a4 --- /dev/null +++ b/gnu/packages/patches/libtiff-uint32-overflow.patch @@ -0,0 +1,102 @@ +Fix some buffer overflows: + +http://seclists.org/oss-sec/2016/q4/ +http://bugzilla.maptools.org/show_bug.cgi?id=2592 + +2016-11-11 Even Rouault + + * tools/tiffcrop.c: fix multiple uint32 overflows in + writeBufferToSeparateStrips(), writeBufferToContigTiles() and + writeBufferToSeparateTiles() that could cause heap buffer +overflows. + Reported by Henri Salo from Nixu Corporation. + Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2592 + + +/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog +new revision: 1.1152; previous revision: 1.1151 +/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c +new revision: 1.43; previous revision: 1.42 + +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v +retrieving revision 1.42 +retrieving revision 1.43 +diff -u -r1.42 -r1.43 +--- libtiff/tools/tiffcrop.c 14 Oct 2016 19:13:20 -0000 1.42 ++++ libtiff/tools/tiffcrop.c 11 Nov 2016 19:33:06 -0000 1.43 +@@ -148,6 +148,8 @@ + #define PATH_MAX 1024 + #endif + ++#define TIFF_UINT32_MAX 0xFFFFFFFFU ++ + #ifndef streq + #define streq(a,b) (strcmp((a),(b)) == 0) + #endif +@@ -1164,7 +1166,24 @@ + (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); + (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); + bytes_per_sample = (bps + 7) / 8; +- rowsize = ((bps * spp * width) + 7) / 8; /* source has interleaved samples */ ++ if( width == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || ++ bps * spp * width > TIFF_UINT32_MAX - 7U ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (bps * spp * width) + 7"); ++ return 1; ++ } ++ rowsize = ((bps * spp * width) + 7U) / 8; /* source has interleaved samples */ ++ if( bytes_per_sample == 0 || ++ rowsperstrip > TIFF_UINT32_MAX / bytes_per_sample || ++ rowsperstrip * bytes_per_sample > TIFF_UINT32_MAX / (width + 1) ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing rowsperstrip * " ++ "bytes_per_sample * (width + 1)"); ++ return 1; ++ } + rowstripsize = rowsperstrip * bytes_per_sample * (width + 1); + + obuf = _TIFFmalloc (rowstripsize); +@@ -1251,11 +1270,19 @@ + } + } + ++ if( imagewidth == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || ++ bps * spp * imagewidth > TIFF_UINT32_MAX - 7U ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); ++ return 1; ++ } ++ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; ++ + tilebuf = _TIFFmalloc(tile_buffsize); + if (tilebuf == 0) + return 1; +- +- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; + for (row = 0; row < imagelength; row += tl) + { + nrow = (row + tl > imagelength) ? imagelength - row : tl; +@@ -1315,7 +1342,16 @@ + TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); + TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); + TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); +- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; ++ ++ if( imagewidth == 0 || ++ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || ++ bps * spp * imagewidth > TIFF_UINT32_MAX - 7 ) ++ { ++ TIFFError(TIFFFileName(out), ++ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); ++ return 1; ++ } ++ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; + + for (row = 0; row < imagelength; row += tl) + { -- cgit v1.2.3 From fe047e1380e4b609a684a7cdbab3c625ca1a43d8 Mon Sep 17 00:00:00 2001 From: Eric Bavier Date: Fri, 25 Dec 2015 20:29:09 -0600 Subject: gnu: Add Handbrake. * gnu/packages/video.scm (handbrake): New variable. * gnu/packages/patches/handbrake-pkg-config-path.patch: New patch. * gnu/local.mk (dist_patch_DATA): Add it. --- gnu/local.mk | 1 + .../patches/handbrake-pkg-config-path.patch | 24 +++++ gnu/packages/video.scm | 109 +++++++++++++++++++++ 3 files changed, 134 insertions(+) create mode 100644 gnu/packages/patches/handbrake-pkg-config-path.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index a5b75c1891..ff8586eba3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -594,6 +594,7 @@ dist_patch_DATA = \ %D%/packages/patches/gtk3-respect-GUIX_GTK3_PATH.patch \ %D%/packages/patches/gtk3-respect-GUIX_GTK3_IM_MODULE_FILE.patch \ %D%/packages/patches/gtkglext-disable-disable-deprecated.patch \ + %D%/packages/patches/handbrake-pkg-config-path.patch \ %D%/packages/patches/hdf4-architectures.patch \ %D%/packages/patches/hdf4-reproducibility.patch \ %D%/packages/patches/hdf4-shared-fortran.patch \ diff --git a/gnu/packages/patches/handbrake-pkg-config-path.patch b/gnu/packages/patches/handbrake-pkg-config-path.patch new file mode 100644 index 0000000000..18f3953eaa --- /dev/null +++ b/gnu/packages/patches/handbrake-pkg-config-path.patch @@ -0,0 +1,24 @@ +Do not clobber PKG_CONFIG_PATH during configure. + +--- HandBrake-0.10.5/gtk/module.rules.orig 2016-02-11 14:14:05.000000000 -0600 ++++ HandBrake-0.10.5/gtk/module.rules 2016-10-29 22:27:50.550960848 -0500 +@@ -15,7 +15,7 @@ + set -e; cd $(GTK.src/); NOCONFIGURE=1 ./autogen.sh + set -e; cd $(GTK.build/); $(call fn.ABSOLUTE,$(GTK.src/))configure \ + $(GTK.CONFIGURE.extra) \ +- PKG_CONFIG_PATH=$(BUILD/)contrib/lib/pkgconfig \ ++ PKG_CONFIG_PATH=$(BUILD/)contrib/lib/pkgconfig$(if $(PKG_CONFIG_PATH),:)$(PKG_CONFIG_PATH) \ + CFLAGS="$(call fn.ARGS,GTK.GCC,.g .O *D ?extra)" \ + LDFLAGS="$(call fn.ARGS,GTK.GCC,?strip .g .O ?extra.exe)" \ + --prefix=$(PREFIX) \ +--- Handbrake-0.10.5-0.77d09e9-checkout/make/include/contrib.defs 1969-12-31 18:00:00.000000000 -0600 ++++ Handbrake-0.10.5-0.77d09e9-checkout/make/include/contrib.defs 2016-11-01 13:11:43.826144311 -0500 +@@ -119,7 +119,7 @@ + endif + $(1).CONFIGURE.env.CPPFLAGS = CPPFLAGS="-I$$(call fn.ABSOLUTE,$(CONTRIB.build/))include $$(call fn.ARGS,$(1).GCC,*archs *sysroot *minver ?extra *D)" + $(1).CONFIGURE.env.LDFLAGS = LDFLAGS="-L$$(call fn.ABSOLUTE,$(CONTRIB.build/))lib $$(call fn.ARGS,$(1).GCC,*archs *sysroot *minver ?extra.exe *D)" +- $(1).CONFIGURE.env.PKG_CONFIG_PATH = PKG_CONFIG_PATH="$$(call fn.ABSOLUTE,$$(CONTRIB.build/))lib/pkgconfig" ++ $(1).CONFIGURE.env.PKG_CONFIG_PATH = PKG_CONFIG_PATH="$$(call fn.ABSOLUTE,$$(CONTRIB.build/))lib/pkgconfig$(if $(PKG_CONFIG_PATH),:)$(PKG_CONFIG_PATH)" + + $(1).CONFIGURE.env.args = !CC !CFLAGS !CXX !CXXFLAGS !CPPFLAGS !LD !LDFLAGS !PKG_CONFIG_PATH !LOCAL_PATH !CROSS + $(1).CONFIGURE.env = $$(call fn.ARGS,$(1).CONFIGURE.env,$$($(1).CONFIGURE.env.args)) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 4329d20c2e..82ef017618 100644 --- a/gnu/packages/video.scm +++ b/gnu/packages/video.scm @@ -12,6 +12,7 @@ ;;; Copyright © 2016 Dmitry Nikolaev ;;; Copyright © 2016 Andy Patterson ;;; Copyright © 2016 ng0 +;;; Copyright © 2016 Eric Bavier ;;; ;;; This file is part of GNU Guix. ;;; @@ -51,6 +52,7 @@ #:use-module (gnu packages base) #:use-module (gnu packages bison) #:use-module (gnu packages cdrom) + #:use-module (gnu packages cmake) #:use-module (gnu packages compression) #:use-module (gnu packages curl) #:use-module (gnu packages databases) @@ -64,11 +66,14 @@ #:use-module (gnu packages gl) #:use-module (gnu packages glib) #:use-module (gnu packages guile) + #:use-module (gnu packages gnome) #:use-module (gnu packages gnupg) + #:use-module (gnu packages gstreamer) #:use-module (gnu packages gtk) #:use-module (gnu packages image) #:use-module (gnu packages linux) #:use-module (gnu packages lua) + #:use-module (gnu packages m4) #:use-module (gnu packages mp3) #:use-module (gnu packages ncurses) #:use-module (gnu packages ocr) @@ -85,6 +90,7 @@ #:use-module (gnu packages tls) #:use-module (gnu packages version-control) #:use-module (gnu packages web) + #:use-module (gnu packages webkit) #:use-module (gnu packages xdisorg) #:use-module (gnu packages xiph) #:use-module (gnu packages xml) @@ -1715,3 +1721,106 @@ It can use either mpv or mplayer for playback, and for conversion of formats ffmpeg or libav is used. Users should install one of the supported players in addition to this package.") (license license:gpl3+))) + +(define-public handbrake + (package + (name "handbrake") + (version "0.10.5") + (source (origin + (method url-fetch) + (uri (string-append "https://handbrake.fr/rotation.php?file=" + "HandBrake-" version ".tar.bz2")) + (file-name (string-append "handbrake-" version ".tar.bz2")) + (sha256 + (base32 + "1w720y3bplkz187wgvy4a4xm0vpppg45mlni55l6yi8v2bfk14pv")) + (patches (search-patches "handbrake-pkg-config-path.patch")) + (modules '((guix build utils))) + (snippet + ;; Remove bundled libraries and source not necessary for + ;; running under a GNU environment. + '(begin + (for-each delete-file-recursively '("contrib" "macosx" "win")) + #t)))) + (build-system glib-or-gtk-build-system) + (native-inputs + `(("automake" ,automake) ;gui subpackage must be bootstrapped + ("autoconf" ,autoconf) + ("curl" ,curl) ;not actually used, but tested for + ("intltool" ,intltool) + ("libtool" ,libtool) + ("pkg-config" ,pkg-config) + ("python" ,python-2))) ;for configuration + (inputs + `(("bzip2" ,bzip2) + ("dbus-glib" ,dbus-glib) + ("ffmpeg" ,ffmpeg) + ("fontconfig" ,fontconfig) + ("freetype" ,freetype) + ("glib" ,glib) + ("gstreamer" ,gstreamer) + ("gst-plugins-base" ,gst-plugins-base) + ("gtk+" ,gtk+) + ("lame" ,lame) + ("libass" ,libass) + ("libbluray" ,libbluray) + ("libdvdnav" ,libdvdnav) + ("libdvdread" ,libdvdread) + ("libgudev" ,libgudev) + ("libmpeg2" ,libmpeg2) + ("libnotify" ,libnotify) + ("libogg" ,libogg) + ("libsamplerate" ,libsamplerate) + ("libtheora" ,libtheora) + ("libvorbis" ,libvorbis) + ("libvpx" ,libvpx) + ("libxml2" ,libxml2) + ("libx264" ,libx264) + ("x265" ,x265) + ("zlib" ,zlib))) + (arguments + `(#:tests? #f ;tests require Ruby and claim to be unsupported + #:phases + (modify-phases %standard-phases + (add-before 'patch-source-shebangs 'bootstrap-gtk + ;; Run bootstrap ahead of time so that shebangs get patched. + (lambda _ + (setenv "CONFIG_SHELL" (which "sh")) + (setenv "NOCONFIGURE" "1") + ;; Patch the Makefile so that it doesn't bootstrap again. + (substitute* "gtk/module.rules" + ((".*autogen\\.sh.*") "")) + (zero? (system* "sh" "./gtk/autogen.sh")))) + (add-before 'configure 'disable-contrib + (lambda _ + (substitute* "make/include/main.defs" + ;; Disable unconditional inclusion of some "contrib" + ;; libraries (ffmpeg, libvpx, libdvdread, libdvdnav, + ;; and libbluray), which would lead to fetching and + ;; building of these libraries. Use our own instead. + (("MODULES \\+= contrib") "# MODULES += contrib")) + #t)) + (add-before 'configure 'fix-x265-linking + (lambda _ + (substitute* "test/module.defs" + ;; Fix missing library during linking error + (("TEST.GCC.l =") "TEST.GCC.l = x265")) + #t)) + (replace 'configure + (lambda* (#:key outputs configure-flags #:allow-other-keys) + ;; 'configure' is not an autoconf-generated script, and + ;; errors on unrecognized arguments, + ;; e.g. --enable-fast-install + (let ((out (assoc-ref outputs "out"))) + (zero? (apply system* "./configure" + (string-append "--prefix=" out) + (or configure-flags '())))))) + (add-after 'configure 'chdir-build + (lambda _ (chdir "./build") #t))))) + (home-page "https://handbrake.fr") + (synopsis "Video transcoder") + (description + "HandBrake is a tool for converting video from any format to a selection +of modern, widely supported codecs.") + ;; Most under GPL version 2 or later, and portions under BSD 3 Clause + (license (list license:gpl2+ license:bsd-3)))) -- cgit v1.2.3 From 8134dc1f74c2df2d42e1510fd3ac35234a4d89df Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Fri, 18 Nov 2016 10:37:46 +0100 Subject: gnu: guile@2.0.13: Fix non-determinism issue in REPL server test. * gnu/packages/patches/guile-repl-server-test.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/guile.scm (guile-2.0.13)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/guile.scm | 3 +- gnu/packages/patches/guile-repl-server-test.patch | 48 +++++++++++++++++++++++ 3 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/guile-repl-server-test.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index ff8586eba3..17bfda2a77 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -587,6 +587,7 @@ dist_patch_DATA = \ %D%/packages/patches/guile-linux-syscalls.patch \ %D%/packages/patches/guile-present-coding.patch \ %D%/packages/patches/guile-relocatable.patch \ + %D%/packages/patches/guile-repl-server-test.patch \ %D%/packages/patches/guile-rsvg-pkgconfig.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_PATH.patch \ %D%/packages/patches/gtk2-respect-GUIX_GTK2_IM_MODULE_FILE.patch \ diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 3f45b29038..4572544ec3 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -217,7 +217,8 @@ without requiring the source code to be rewritten.") ".tar.xz")) (sha256 (base32 - "12yqkr974y91ylgw6jnmci2v90i90s7h9vxa4zk0sai8vjnz4i1p")))))) + "12yqkr974y91ylgw6jnmci2v90i90s7h9vxa4zk0sai8vjnz4i1p")) + (patches (search-patches "guile-repl-server-test.patch")))))) (define-public guile-next (package (inherit guile-2.0) diff --git a/gnu/packages/patches/guile-repl-server-test.patch b/gnu/packages/patches/guile-repl-server-test.patch new file mode 100644 index 0000000000..81e724ecc4 --- /dev/null +++ b/gnu/packages/patches/guile-repl-server-test.patch @@ -0,0 +1,48 @@ +commit 8d6209ea56241bb1890c142539927c9ef3fb5a13 +Author: Ludovic Courtès +Date: Fri Nov 4 22:44:32 2016 +0100 + + tests: Throw 'unresolved when the REPL server is too slow. + +commit 2fbde7f02adb8c6585e9baf6e293ee49cd23d4c4 +Author: Ludovic Courtès +Date: Fri Nov 4 22:45:51 2016 +0100 + + tests: Avoid race condition in REPL server test. + +index ca389ba..4b5ec0c 100644 +--- a/test-suite/tests/00-repl-server.test ++++ b/test-suite/tests/00-repl-server.test +@@ -61,10 +61,11 @@ socket connected to that server." + (lambda () + (connect client-socket sockaddr)) + (lambda args +- (when (and (memv (system-error-errno args) +- (list ENOENT ECONNREFUSED)) +- (< tries 3)) +- (sleep 1) ++ (when (memv (system-error-errno args) ++ (list ENOENT ECONNREFUSED)) ++ (when (> tries 30) ++ (throw 'unresolved)) ++ (usleep 100) + (loop (+ tries 1)))))) + + (proc client-socket)) +@@ -104,8 +105,14 @@ reached." + "scheme@(repl-server)> $1 = 42\n" + (with-repl-server socket + (read-until-prompt socket %last-line-before-prompt) +- (display "(+ 40 2)\n(quit)\n" socket) +- (read-string socket))) ++ ++ ;; Wait until 'repl-reader' in boot-9 has written the prompt. ++ ;; Otherwise, if we write too quickly, 'repl-reader' checks for ++ ;; 'char-ready?' and doesn't print the prompt. ++ (match (select (list socket) '() (list socket) 3) ++ (((_) () ()) ++ (display "(+ 40 2)\n(quit)\n" socket) ++ (read-string socket))))) + + (pass-if "HTTP inter-protocol attack" ;CVE-2016-8606 + (with-repl-server socket -- cgit v1.2.3 From 2fedcd1895fa8c2c378091de278815050fe79d55 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 19 Nov 2016 11:12:34 -0500 Subject: gnu: libtiff: Fix CVE-2016-9448. * gnu/packages/patches/libtiff-CVE-2016-9448.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/image.scm (libtiff/fixed)[source]: Use it. --- gnu/local.mk | 1 + gnu/packages/image.scm | 3 ++- gnu/packages/patches/libtiff-CVE-2016-9448.patch | 34 ++++++++++++++++++++++++ 3 files changed, 37 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/libtiff-CVE-2016-9448.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 17bfda2a77..7112451586 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -671,6 +671,7 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5652.patch \ %D%/packages/patches/libtiff-CVE-2016-9273.patch \ %D%/packages/patches/libtiff-CVE-2016-9297.patch \ + %D%/packages/patches/libtiff-CVE-2016-9448.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ %D%/packages/patches/libtiff-uint32-overflow.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index 8f08fad153..309c336779 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -302,7 +302,8 @@ collection of tools for doing simple manipulations of TIFF images.") "libtiff-CVE-2016-5323.patch" "libtiff-CVE-2016-5652.patch" "libtiff-CVE-2016-9273.patch" - "libtiff-CVE-2016-9297.patch")))))) + "libtiff-CVE-2016-9297.patch" + "libtiff-CVE-2016-9448.patch")))))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-9448.patch b/gnu/packages/patches/libtiff-CVE-2016-9448.patch new file mode 100644 index 0000000000..05a3af8a84 --- /dev/null +++ b/gnu/packages/patches/libtiff-CVE-2016-9448.patch @@ -0,0 +1,34 @@ +Fix CVE-2016-9448 (regression caused by fix for CVE-2016-9297). + +http://bugzilla.maptools.org/show_bug.cgi?id=2593 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 + +Patch copied from upstream source repository with: +$ cvs diff -u -r 1.203 -r 1.204 libtiff/libtiff/tif_dirread.c + +Index: libtiff/libtiff/tif_dirread.c +=================================================================== +RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v +retrieving revision 1.203 +retrieving revision 1.204 +diff -u -r1.203 -r1.204 +--- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 ++++ libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 +@@ -5000,7 +5000,7 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; +- if( data[dp->tdir_count-1] != '\0' ) ++ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) + { + TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); + data[dp->tdir_count-1] = '\0'; +@@ -5177,7 +5177,7 @@ + if (err==TIFFReadDirEntryErrOk) + { + int m; +- if( data[dp->tdir_count-1] != '\0' ) ++ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) + { + TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); + data[dp->tdir_count-1] = '\0'; -- cgit v1.2.3 From 1845c2a4362c96d7feea3132f21aec34a607f855 Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Fri, 11 Nov 2016 15:18:29 +0100 Subject: gnu: Add php. * gnu/packages/php.scm: New file. * gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch: New file. * gnu/packages/patches/gd-fix-truecolor-format-correction.patch: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add php. (dist_patch_DATA): Add gd patches. Co-authored-by: Marius Bakke --- gnu/local.mk | 3 + .../patches/gd-fix-chunk-size-on-boundaries.patch | 102 +++++++ .../gd-fix-truecolor-format-correction.patch | 95 ++++++ gnu/packages/php.scm | 334 +++++++++++++++++++++ 4 files changed, 534 insertions(+) create mode 100644 gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch create mode 100644 gnu/packages/patches/gd-fix-truecolor-format-correction.patch create mode 100644 gnu/packages/php.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 7112451586..df7fb4c995 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -295,6 +295,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/pem.scm \ %D%/packages/perl.scm \ %D%/packages/photo.scm \ + %D%/packages/php.scm \ %D%/packages/pkg-config.scm \ %D%/packages/plotutils.scm \ %D%/packages/polkit.scm \ @@ -551,8 +552,10 @@ dist_patch_DATA = \ %D%/packages/patches/gcc-6-cross-environment-variables.patch \ %D%/packages/patches/gd-CVE-2016-7568.patch \ %D%/packages/patches/gd-CVE-2016-8670.patch \ + %D%/packages/patches/gd-fix-chunk-size-on-boundaries.patch \ %D%/packages/patches/gd-fix-gd2-read-test.patch \ %D%/packages/patches/gd-fix-tests-on-i686.patch \ + %D%/packages/patches/gd-fix-truecolor-format-correction.patch \ %D%/packages/patches/gegl-CVE-2012-4433.patch \ %D%/packages/patches/geoclue-config.patch \ %D%/packages/patches/ghostscript-CVE-2013-5653.patch \ diff --git a/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch new file mode 100644 index 0000000000..e395c66d89 --- /dev/null +++ b/gnu/packages/patches/gd-fix-chunk-size-on-boundaries.patch @@ -0,0 +1,102 @@ +This fixes PHP bug #73155: https://bugs.php.net/bug.php?id=73155 + +Patch adapted from upstream source repository: + +https://github.com/libgd/libgd/commit/8067a8ac336dfe0acbe96ec2eb24572209a7f279 + +(.gitignore change removed) + +From 8067a8ac336dfe0acbe96ec2eb24572209a7f279 Mon Sep 17 00:00:00 2001 +From: "Christoph M. Becker" +Date: Fri, 23 Sep 2016 18:29:52 +0200 +Subject: [PATCH] Fix #309: gdImageGd2() writes wrong chunk sizes on boundaries + +(cherry picked from commit bb1998a16e30d542ab22eba5501911a9aa066edb) +--- + src/gd_gd2.c | 4 ++-- + tests/gd2/CMakeLists.txt | 1 + + tests/gd2/Makemodule.am | 1 + + tests/gd2/bug00309.c | 37 +++++++++++++++++++++++++++++++++++++ + 4 files changed, 41 insertions(+), 2 deletions(-) + create mode 100644 tests/gd2/bug00309.c + +diff --git a/src/gd_gd2.c b/src/gd_gd2.c +index 75e5e1f..b9b2f93 100644 +--- a/src/gd_gd2.c ++++ b/src/gd_gd2.c +@@ -938,8 +938,8 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt) + }; + + /* Work out number of chunks. */ +- ncx = im->sx / cs + 1; +- ncy = im->sy / cs + 1; ++ ncx = (im->sx + cs - 1) / cs; ++ ncy = (im->sy + cs - 1) / cs; + + /* Write the standard header. */ + _gd2PutHeader (im, out, cs, fmt, ncx, ncy); +diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt +index 3b650ad..247b466 100644 +--- a/tests/gd2/CMakeLists.txt ++++ b/tests/gd2/CMakeLists.txt +@@ -1,5 +1,6 @@ + SET(TESTS_FILES + bug_289 ++ bug00309 + gd2_empty_file + gd2_im2im + gd2_null +diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am +index b8ee946..d69aee0 100644 +--- a/tests/gd2/Makemodule.am ++++ b/tests/gd2/Makemodule.am +@@ -1,5 +1,6 @@ + libgd_test_programs += \ + gd2/bug_289 \ ++ gd2/bug00309 \ + gd2/gd2_empty_file \ + gd2/php_bug_72339 \ + gd2/gd2_read_corrupt +diff --git a/tests/gd2/bug00309.c b/tests/gd2/bug00309.c +new file mode 100644 +index 0000000..b649cdc +--- /dev/null ++++ b/tests/gd2/bug00309.c +@@ -0,0 +1,37 @@ ++/** ++ * Regression test for . ++ * ++ * We test that an image with 64x64 pixels reports only a single chunk in the ++ * GD2 image header when the chunk size is 64. ++ */ ++ ++ ++#include "gd.h" ++#include "gdtest.h" ++ ++ ++int main() ++{ ++ gdImagePtr im; ++ unsigned char *buf; ++ int size, word; ++ ++ im = gdImageCreate(64, 64); ++ gdImageColorAllocate(im, 0, 0, 0); ++ ++ buf = gdImageGd2Ptr(im, 64, 1, &size); ++ ++ gdImageDestroy(im); ++ ++ word = buf[10] << 8 | buf[11]; ++ gdTestAssertMsg(word == 64, "chunk size is %d, but expected 64\n", word); ++ word = buf[14] << 8 | buf[15]; ++ gdTestAssertMsg(word == 1, "x chunk count is %d, but expected 1\n", word); ++ word = buf[16] << 8 | buf[17]; ++ gdTestAssertMsg(word == 1, "y chunk count is %d, but expected 1\n", word); ++ gdTestAssertMsg(size == 5145, "file size is %d, but expected 5145\n", size); ++ ++ gdFree(buf); ++ ++ return gdNumFailures(); ++} diff --git a/gnu/packages/patches/gd-fix-truecolor-format-correction.patch b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch new file mode 100644 index 0000000000..be3eff9327 --- /dev/null +++ b/gnu/packages/patches/gd-fix-truecolor-format-correction.patch @@ -0,0 +1,95 @@ +This fixes PHP bug #73159: https://bugs.php.net/bug.php?id=73159 + +Patch lifted from upstream source repository: + +https://github.com/libgd/libgd/commit/e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 + +From e1f61a4141d2e0937a13b8bfb1992b9f29eb05f5 Mon Sep 17 00:00:00 2001 +From: "Christoph M. Becker" +Date: Mon, 15 Aug 2016 17:49:40 +0200 +Subject: [PATCH] Fix #289: Passing unrecognized formats to gdImageGd2 results + in corrupted files + +We must not apply the format correction twice for truecolor images. + +(cherry picked from commit 09090c125658e23a4ae2a2e002646bb7278bd89e) +--- + src/gd_gd2.c | 2 +- + tests/gd2/CMakeLists.txt | 1 + + tests/gd2/Makemodule.am | 1 + + tests/gd2/bug_289.c | 33 +++++++++++++++++++++++++++++++++ + 4 files changed, 36 insertions(+), 1 deletion(-) + create mode 100644 tests/gd2/bug_289.c + +diff --git a/src/gd_gd2.c b/src/gd_gd2.c +index 86c881e..75e5e1f 100644 +--- a/src/gd_gd2.c ++++ b/src/gd_gd2.c +@@ -918,7 +918,7 @@ _gdImageGd2 (gdImagePtr im, gdIOCtx * out, int cs, int fmt) + /* Force fmt to a valid value since we don't return anything. */ + /* */ + if ((fmt != GD2_FMT_RAW) && (fmt != GD2_FMT_COMPRESSED)) { +- fmt = im->trueColor ? GD2_FMT_TRUECOLOR_COMPRESSED : GD2_FMT_COMPRESSED; ++ fmt = GD2_FMT_COMPRESSED; + }; + if (im->trueColor) { + fmt += 2; +diff --git a/tests/gd2/CMakeLists.txt b/tests/gd2/CMakeLists.txt +index 8aecacc..3b650ad 100644 +--- a/tests/gd2/CMakeLists.txt ++++ b/tests/gd2/CMakeLists.txt +@@ -1,4 +1,5 @@ + SET(TESTS_FILES ++ bug_289 + gd2_empty_file + gd2_im2im + gd2_null +diff --git a/tests/gd2/Makemodule.am b/tests/gd2/Makemodule.am +index 754a284..b8ee946 100644 +--- a/tests/gd2/Makemodule.am ++++ b/tests/gd2/Makemodule.am +@@ -1,4 +1,5 @@ + libgd_test_programs += \ ++ gd2/bug_289 \ + gd2/gd2_empty_file \ + gd2/php_bug_72339 \ + gd2/gd2_read_corrupt +diff --git a/tests/gd2/bug_289.c b/tests/gd2/bug_289.c +new file mode 100644 +index 0000000..ad311e9 +--- /dev/null ++++ b/tests/gd2/bug_289.c +@@ -0,0 +1,33 @@ ++/** ++ * Passing an unrecognized format to gdImageGd2() should result in ++ * GD2_FMT_TRUECOLOR_COMPRESSED for truecolor images. ++ * ++ * See . ++ */ ++ ++#include "gd.h" ++#include "gdtest.h" ++ ++ ++#define GD2_FMT_UNRECOGNIZED 0 ++#define GD2_FMT_TRUECOLOR_COMPRESSED 4 ++ ++#define MSG "expected %s byte to be %d, but got %d\n" ++ ++ ++int main() ++{ ++ gdImagePtr im; ++ char *buffer; ++ int size; ++ ++ im = gdImageCreateTrueColor(10, 10); ++ gdTestAssert(im != NULL); ++ buffer = (char *) gdImageGd2Ptr(im, 128, GD2_FMT_UNRECOGNIZED, &size); ++ gdTestAssert(buffer != NULL); ++ gdImageDestroy(im); ++ gdTestAssertMsg(buffer[12] == 0, MSG, "1st", 0, buffer[12]); ++ gdTestAssertMsg(buffer[13] == GD2_FMT_TRUECOLOR_COMPRESSED, MSG, "2nd", GD2_FMT_TRUECOLOR_COMPRESSED, buffer[13]); ++ ++ return gdNumFailures(); ++} diff --git a/gnu/packages/php.scm b/gnu/packages/php.scm new file mode 100644 index 0000000000..9ccbede873 --- /dev/null +++ b/gnu/packages/php.scm @@ -0,0 +1,334 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Julien Lepiller +;;; Copyright © 2016 Marius Bakke +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages php) + #:use-module (gnu packages) + #:use-module (gnu packages algebra) + #:use-module (gnu packages aspell) + #:use-module (gnu packages base) + #:use-module (gnu packages bison) + #:use-module (gnu packages compression) + #:use-module (gnu packages curl) + #:use-module (gnu packages cyrus-sasl) + #:use-module (gnu packages databases) + #:use-module (gnu packages fontutils) + #:use-module (gnu packages gd) + #:use-module (gnu packages gettext) + #:use-module (gnu packages glib) + #:use-module (gnu packages gnupg) + #:use-module (gnu packages image) + #:use-module (gnu packages linux) + #:use-module (gnu packages multiprecision) + #:use-module (gnu packages openldap) + #:use-module (gnu packages pcre) + #:use-module (gnu packages pkg-config) + #:use-module (gnu packages readline) + #:use-module (gnu packages textutils) + #:use-module (gnu packages tls) + #:use-module (gnu packages web) + #:use-module (gnu packages xml) + #:use-module (gnu packages xorg) + #:use-module (gnu packages zip) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system gnu) + #:use-module ((guix licenses) #:prefix license:)) + +;; This fixes PHP bugs 73155 and 73159. Remove when gd +;; is updated to > 2.2.3. +(define gd-for-php + (package (inherit gd) + (source + (origin + (inherit (package-source gd)) + (patches (search-patches + "gd-fix-truecolor-format-correction.patch" + "gd-fix-chunk-size-on-boundaries.patch")))))) + +(define-public php + (package + (name "php") + (version "7.0.13") + (home-page "https://secure.php.net/") + (source (origin + (method url-fetch) + (uri (string-append home-page "distributions/" + name "-" version ".tar.xz")) + (sha256 + (base32 + "1gzihbpcp51jc587gs1ryn59hsnr7vf5427dmcvdimvm77wsfyrm")) + (modules '((guix build utils))) + (snippet + '(with-directory-excursion "ext" + (for-each delete-file-recursively + ;; Some of the bundled libraries have no proper upstream. + ;; Ideally we'd extract these out as separate packages: + ;;"mbstring/libmbfl" + ;;"date/lib" + ;;"bcmath/libbcmath" + ;;"fileinfo/libmagic" ; This is a patched version of libmagic. + '("gd/libgd" + "mbstring/oniguruma" + "pcre/pcrelib" + "sqlite3/libsqlite" + "xmlrpc/libxmlrpc" + "zip/lib")))))) + (build-system gnu-build-system) + (arguments + '(#:configure-flags + (let-syntax ((with (syntax-rules () + ((_ option input) + (string-append option "=" + (assoc-ref %build-inputs input)))))) + (list (with "--with-bz2" "bzip2") + (with "--with-curl" "curl") + (with "--with-freetype-dir" "freetype") + (with "--with-gd" "gd") + (with "--with-gdbm" "gdbm") + (with "--with-gettext" "glibc") ; libintl.h + (with "--with-gmp" "gmp") + (with "--with-jpeg-dir" "libjpeg") + (with "--with-ldap" "openldap") + (with "--with-ldap-sasl" "cyrus-sasl") + (with "--with-libzip" "zip") + (with "--with-libxml-dir" "libxml2") + (with "--with-onig" "oniguruma") + (with "--with-pcre-dir" "pcre") + (with "--with-pcre-regex" "pcre") + (with "--with-pdo-pgsql" "postgresql") + (with "--with-pdo-sqlite" "sqlite") + (with "--with-pgsql" "postgresql") + (with "--with-png-dir" "libpng") + ;; PHP’s Pspell extension, while retaining its current name, + ;; now uses the Aspell library. + (with "--with-pspell" "aspell") + (with "--with-readline" "readline") + (with "--with-sqlite3" "sqlite") + (with "--with-tidy" "tidy") + (with "--with-webp-dir" "libwebp") + (with "--with-xpm-dir" "libxpm") + (with "--with-xsl" "libxslt") + (with "--with-zlib-dir" "zlib") + ;; We could add "--with-snmp", but it requires netsnmp that + ;; we don't have a package for. It is used to build the snmp + ;; extension of php. + "--with-iconv" + "--with-openssl" + "--with-pdo-mysql" + "--with-zlib" + "--enable-calendar" + "--enable-dba=shared" + "--enable-exif" + "--enable-flatfile" + "--enable-fpm" + "--enable-ftp" + "--enable-inifile" + "--enable-mbstring" + "--enable-pcntl" + "--enable-sockets" + "--enable-threads")) + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'do-not-record-build-flags + (lambda _ + ;; Prevent configure flags from being stored and causing + ;; unnecessary runtime dependencies. + (substitute* "scripts/php-config.in" + (("@CONFIGURE_OPTIONS@") "") + (("@PHP_LDFLAGS@") "")) + ;; This file has ISO-8859-1 encoding. + (with-fluids ((%default-port-encoding "ISO-8859-1")) + (substitute* "main/build-defs.h.in" + (("@CONFIGURE_COMMAND@") "(omitted)"))) + #t)) + (add-before 'build 'patch-/bin/sh + (lambda _ + (substitute* '("run-tests.php" "ext/standard/proc_open.c") + (("/bin/sh") (which "sh"))) + #t)) + (add-before 'check 'prepare-tests + (lambda _ + ;; Some of these files have ISO-8859-1 encoding, whereas others + ;; use ASCII, so we can't use a "catch-all" find-files here. + (with-fluids ((%default-port-encoding "ISO-8859-1")) + (substitute* '("ext/mbstring/tests/mb_send_mail02.phpt" + "ext/mbstring/tests/mb_send_mail04.phpt" + "ext/mbstring/tests/mb_send_mail05.phpt" + "ext/mbstring/tests/mb_send_mail06.phpt") + (("/bin/cat") (which "cat")))) + (substitute* '("ext/mbstring/tests/mb_send_mail01.phpt" + "ext/mbstring/tests/mb_send_mail03.phpt" + "ext/mbstring/tests/bug52861.phpt" + "ext/standard/tests/general_functions/bug34794.phpt" + "ext/standard/tests/general_functions/bug44667.phpt" + "ext/standard/tests/general_functions/proc_open.phpt") + (("/bin/cat") (which "cat"))) + ;; The encoding of this file is not recognized, so we simply drop it. + (delete-file "ext/mbstring/tests/mb_send_mail07.phpt") + + (substitute* "ext/standard/tests/streams/bug60602.phpt" + (("'ls'") (string-append "'" (which "ls") "'"))) + + ;; Drop tests that are known to fail. + (for-each delete-file + '("ext/posix/tests/posix_getgrgid.phpt" ; Requires /etc/group. + "ext/sockets/tests/bug63000.phpt" ; Fails to detect OS. + "ext/sockets/tests/socket_shutdown.phpt" ; Requires DNS. + "ext/sockets/tests/socket_send.phpt" ; Likewise. + "ext/sockets/tests/mcast_ipv4_recv.phpt" ; Requires multicast. + ;; These needs /etc/services. + "ext/standard/tests/general_functions/getservbyname_basic.phpt" + "ext/standard/tests/general_functions/getservbyport_basic.phpt" + "ext/standard/tests/general_functions/getservbyport_variation1.phpt" + ;; And /etc/protocols. + "ext/standard/tests/network/getprotobyname_basic.phpt" + "ext/standard/tests/network/getprotobynumber_basic.phpt" + ;; And exotic locales. + "ext/standard/tests/strings/setlocale_basic1.phpt" + "ext/standard/tests/strings/setlocale_basic2.phpt" + "ext/standard/tests/strings/setlocale_basic3.phpt" + "ext/standard/tests/strings/setlocale_variation1.phpt" + + ;; XXX: These gd tests fails. Likely because our version + ;; is different from the (patched) bundled one. + ;; Here, gd quits immediately after "fatal libpng error"; while the + ;; test expects it to additionally return a "setjmp" error and warning. + "ext/gd/tests/bug39780_extern.phpt" + "ext/gd/tests/libgd00086_extern.phpt" + ;; Extra newline in gd-png output. + "ext/gd/tests/bug45799.phpt" + ;; Different error message than expected from imagecrop(). + "ext/gd/tests/bug66356.phpt" + ;; Similarly for imagecreatefromgd2(). + "ext/gd/tests/bug72339.phpt" + ;; Call to undefined function imageantialias(). They are + ;; supposed to fail anyway. + "ext/gd/tests/bug72482.phpt" + "ext/gd/tests/bug72482_2.phpt" + "ext/gd/tests/bug73213.phpt" + ;; Test expects generic "gd warning" but gets the actual function name. + "ext/gd/tests/createfromwbmp2_extern.phpt" + ;; TODO: Enable these when libgd is built with xpm support. + "ext/gd/tests/xpm2gd.phpt" + "ext/gd/tests/xpm2jpg.phpt" + "ext/gd/tests/xpm2png.phpt" + + ;; XXX: These iconv tests have the expected outcome, + ;; but with different error messages. + ;; Expects "illegal character", instead gets "unknown error (84)". + "ext/iconv/tests/bug52211.phpt" + ;; Expects "wrong charset", gets unknown error (22). + "ext/iconv/tests/iconv_mime_decode_variation3.phpt" + "ext/iconv/tests/iconv_strlen_error2.phpt" + "ext/iconv/tests/iconv_strlen_variation2.phpt" + "ext/iconv/tests/iconv_substr_error2.phpt" + ;; Expects conversion error, gets "error condition Termsig=11". + "ext/iconv/tests/iconv_strpos_error2.phpt" + "ext/iconv/tests/iconv_strrpos_error2.phpt" + ;; Similar, but iterating over multiple values. + ;; iconv breaks the loop after the first error with Termsig=11. + "ext/iconv/tests/iconv_strpos_variation4.phpt" + "ext/iconv/tests/iconv_strrpos_variation3.phpt" + + ;; XXX: These test failures appear legitimate, needs investigation. + ;; open_basedir() restriction failure. + "ext/curl/tests/bug61948.phpt" + ;; Expects a false boolean, gets empty array from glob(). + "ext/standard/tests/file/bug41655_1.phpt" + "ext/standard/tests/file/glob_variation5.phpt" + ;; Test output is correct, but in wrong order. + "ext/standard/tests/streams/proc_open_bug64438.phpt" + ;; The test expects an Array, but instead get the contents(?). + "ext/gd/tests/bug43073.phpt" + ;; imagettftext() returns wrong coordinates. + "ext/gd/tests/bug48732.phpt" + ;; Similarly for imageftbbox(). + "ext/gd/tests/bug48801.phpt" + ;; Different expected output from imagecolorallocate(). + "ext/gd/tests/bug53504.phpt" + ;; Wrong image size after scaling an image. + "ext/gd/tests/bug73272.phpt" + ;; Expects iconv to detect illegal characters, instead gets + ;; "unknown error (84)" and heap corruption(!). + "ext/iconv/tests/bug48147.phpt" + ;; Expects illegal character ".", gets "=?utf-8?Q?." + "ext/iconv/tests/bug51250.phpt" + ;; @iconv() does not return expected output. + "ext/iconv/tests/iconv003.phpt" + ;; iconv throws "buffer length exceeded" on some string checks. + "ext/iconv/tests/iconv_mime_encode.phpt" + ;; file_get_contents(): iconv stream filter + ;; ("ISO-8859-1"=>"UTF-8") unknown error. + "ext/standard/tests/file/bug43008.phpt" + ;; Table data not created in sqlite(?). + "ext/pdo_sqlite/tests/bug_42589.phpt")) + + ;; Skip tests requiring network access. + (setenv "SKIP_ONLINE_TESTS" "1") + ;; Without this variable, 'make test' passes regardless of failures. + (setenv "REPORT_EXIT_STATUS" "1") + #t))) + #:test-target "test")) + (inputs + `(("aspell" ,aspell) + ("bzip2" ,bzip2) + ("curl" ,curl) + ("cyrus-sasl" ,cyrus-sasl) + ("freetype" ,freetype) + ("gd" ,gd-for-php) + ("gdbm" ,gdbm) + ("glibc" ,glibc) + ("gmp" ,gmp) + ("libgcrypt" ,libgcrypt) + ("libjpeg" ,libjpeg) + ("libpng" ,libpng) + ("libwebp" ,libwebp) + ("libxml2" ,libxml2) + ("libxpm" ,libxpm) + ("libxslt" ,libxslt) + ("libx11" ,libx11) + ("oniguruma" ,oniguruma) + ("openldap" ,openldap) + ("openssl" ,openssl) + ("pcre" ,pcre) + ("postgresql" ,postgresql) + ("readline" ,readline) + ("sqlite" ,sqlite-3.15.1) + ("tidy" ,tidy) + ("zip" ,zip) + ("zlib" ,zlib))) + (native-inputs + `(("pkg-config" ,pkg-config) + ("bison" ,bison) + ("intltool" ,intltool) + ("procps" ,procps))) ; For tests. + (synopsis "PHP programming language") + (description + "PHP (PHP Hypertext Processor) is a server-side (CGI) scripting +language designed primarily for web development but is also used as +a general-purpose programming language. PHP code may be embedded into +HTML code, or it can be used in combination with various web template +systems, web content management systems and web frameworks." ) + (license (list + (license:non-copyleft "file://LICENSE") ; The PHP license. + (license:non-copyleft "file://Zend/LICENSE") ; The Zend license. + license:lgpl2.1 ; ext/mbstring/libmbfl + license:lgpl2.1+ ; ext/bcmath/libbcmath + license:bsd-2 ; ext/fileinfo/libmagic + license:expat)))) ; ext/date/lib -- cgit v1.2.3 From e01e2c6c525f1c0ef0ab62b832435a4ece0348ec Mon Sep 17 00:00:00 2001 From: ng0 Date: Sat, 19 Nov 2016 21:49:06 +0000 Subject: gnu: services: Add git-service. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/version-control.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. * doc/guix.texi (Misellaneous Services)[Version Control]: New section. Co-authored-by: 宋文武 --- doc/guix.texi | 61 +++++++++++++++++ gnu/local.mk | 1 + gnu/services/version-control.scm | 141 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 203 insertions(+) create mode 100644 gnu/services/version-control.scm (limited to 'gnu/local.mk') diff --git a/doc/guix.texi b/doc/guix.texi index 7352ea973f..3a88dd4044 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -11673,6 +11673,67 @@ A @code{} object serving the GNU Collaborative International Dictonary of English using the @code{gcide} package. @end defvr +@subsubsection Version Control + +The @code{(gnu services version-control)} module provides the following services: + +@subsubheading Git daemon service + +@deffn {Scheme Procedure} git-daemon-service [#:config (git-daemon-configuration)] + +Return a service that runs @command{git daemon}, a simple TCP server to +expose repositiories over the Git protocol for annoymous access. + +The optional @var{config} argument should be a +@code{} object, by default it allows read-only +access to exported@footnote{By creating the magic file +"git-daemon-export-ok" in the repository directory.} repositories under +@file{/srv/git}. + +@end deffn + +@deftp {Data Type} git-daemon-configuration +Data type representing the configuration for @code{git-daemon-service}. + +@table @asis +@item @code{package} (default: @var{git}) +Package object of the Git distributed version control system. + +@item @code{export-all?} (default: @var{#f}) +Whether to allow access for all Git repositories, even if they do not +have the @file{git-daemon-export-ok} file. + +@item @code{base-path} (default: @file{/srv/git}) +Whether to remap all the path requests as relative to the given path. +If you run git daemon with @var{(base-path "/srv/git")} on example.com, +then if you later try to pull @code{git://example.com/hello.git}, git +daemon will interpret the path as @code{/srv/git/hello.git}. + +@item @code{user-path} (default: @var{#f}) +Whether to allow @code{~user} notation to be used in requests. When +specified with empty string, requests to @code{git://host/~alice/foo} is +taken as a request to access @code{foo} repository in the home directory +of user @code{alice}. If @var{(user-path "path")} is specified, the +same request is taken as a request to access @code{path/foo} repository +in the home directory of user @code{alice}. + +@item @code{listen} (default: @var{'()}) +Whether to listen on specific IP addresses or hostnames, defaults to +all. + +@item @code{port} (default: @var{#f}) +Whether to listen on an alternative port, which defaults to 9418. + +@item @code{whitelist} (default: @var{'()}) +If not empty, only allow access to this list of directories. + +@item @code{extra-options} (default: @var{'()}) +Extra options will be passed to @code{git daemon}, please run +@command{man git-daemon} for more information. + +@end table +@end deftp + @node Setuid Programs @subsection Setuid Programs diff --git a/gnu/local.mk b/gnu/local.mk index df7fb4c995..430d05ff3e 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -416,6 +416,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/sddm.scm \ %D%/services/spice.scm \ %D%/services/ssh.scm \ + %D%/services/version-control.scm \ %D%/services/web.scm \ %D%/services/xorg.scm \ \ diff --git a/gnu/services/version-control.scm b/gnu/services/version-control.scm new file mode 100644 index 0000000000..107bc8e77a --- /dev/null +++ b/gnu/services/version-control.scm @@ -0,0 +1,141 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 ng0 +;;; Copyright © 2016 Sou Bunnbu +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services version-control) + #:use-module (gnu services) + #:use-module (gnu services base) + #:use-module (gnu services shepherd) + #:use-module (gnu system shadow) + #:use-module (gnu packages version-control) + #:use-module (gnu packages admin) + #:use-module (guix records) + #:use-module (guix gexp) + #:use-module (srfi srfi-1) + #:use-module (srfi srfi-26) + #:use-module (ice-9 match) + #:export (git-daemon-service + git-daemon-service-type + git-daemon-configuration + git-daemon-configuration?)) + +;;; Commentary: +;;; +;;; Version Control related services. +;;; +;;; Code: + + +;;; +;;; Git daemon. +;;; + +(define-record-type* + git-daemon-configuration + make-git-daemon-configuration + git-daemon-configuration? + (package git-daemon-configuration-package ;package + (default git)) + (export-all? git-daemon-configuration-export-all ;boolean + (default #f)) + (base-path git-daemon-configuration-base-path ;string | #f + (default "/srv/git")) + (user-path git-daemon-configuration-user-path ;string | #f + (default #f)) + (listen git-daemon-configuration-listen ;list of string + (default '())) + (port git-daemon-configuration-port ;number | #f + (default #f)) + (whitelist git-daemon-configuration-whitelist ;list of string + (default '())) + (extra-options git-daemon-configuration-extra-options ;list of string + (default '()))) + +(define git-daemon-shepherd-service + (match-lambda + (($ + package export-all? base-path user-path + listen port whitelist extra-options) + (let* ((git (file-append package "/bin/git")) + (command `(,git + "daemon" "--syslog" "--reuseaddr" + ,@(if export-all? + '("--export-all") + '()) + ,@(if base-path + `(,(string-append "--base-path=" base-path)) + '()) + ,@(if user-path + `(,(string-append "--user-path=" user-path)) + '()) + ,@(map (cut string-append "--listen=" <>) listen) + ,@(if port + `(,(string-append + "--port=" (number->string port))) + '()) + ,@extra-options + ,@whitelist))) + (list (shepherd-service + (documentation "Run the git-daemon.") + (requirement '(networking)) + (provision '(git-daemon)) + (start #~(make-forkexec-constructor '#$command + #:user "git-daemon" + #:group "git-daemon")) + (stop #~(make-kill-destructor)))))))) + +(define %git-daemon-accounts + ;; User account and group for git-daemon. + (list (user-group + (name "git-daemon") + (system? #t)) + (user-account + (name "git-daemon") + (system? #t) + (group "git-daemon") + (comment "Git daemon user") + (home-directory "/var/empty") + (shell (file-append shadow "/sbin/nologin"))))) + +(define (git-daemon-activation config) + "Return the activation gexp for git-daemon using CONFIG." + (let ((base-path (git-daemon-configuration-base-path config))) + #~(begin + (use-modules (guix build utils)) + ;; Create the 'base-path' directory when it's not '#f'. + (and=> #$base-path mkdir-p)))) + +(define git-daemon-service-type + (service-type + (name 'git-daemon) + (extensions + (list (service-extension shepherd-root-service-type + git-daemon-shepherd-service) + (service-extension account-service-type + (const %git-daemon-accounts)) + (service-extension activation-service-type + git-daemon-activation))))) + +(define* (git-daemon-service #:key (config (git-daemon-configuration))) + "Return a service that runs @command{git daemon}, a simple TCP server to +expose repositories over the Git protocol for annoymous access. + +The optional @var{config} argument should be a +@code{} object, by default it allows read-only +access to exported repositories under @file{/srv/git}." + (service git-daemon-service-type config)) -- cgit v1.2.3 From be72eb98fa5767b3d28ab431656d8cac048bac10 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 22 Nov 2016 10:19:51 -0500 Subject: gnu: libtiff: Update replacement to 4.0.7. * gnu/packages/image.scm (libtiff)[replacement]: Update to 4.0.7. (libtiff-4.0.7): New variable. Update home-page and source URLs. (libtiff/fixed): Delete variable. * gnu/packages/patches/libtiff-CVE-2016-5652.patch, gnu/packages/patches/libtiff-CVE-2016-9273.patch, gnu/packages/patches/libtiff-CVE-2016-9297.patch, gnu/packages/patches/libtiff-CVE-2016-9448.patch, gnu/packages/patches/libtiff-uint32-overflow.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/local.mk | 5 - gnu/packages/image.scm | 29 ++---- gnu/packages/patches/libtiff-CVE-2016-5652.patch | 47 ---------- gnu/packages/patches/libtiff-CVE-2016-9273.patch | 41 --------- gnu/packages/patches/libtiff-CVE-2016-9297.patch | 52 ----------- gnu/packages/patches/libtiff-CVE-2016-9448.patch | 34 ------- gnu/packages/patches/libtiff-uint32-overflow.patch | 102 --------------------- 7 files changed, 10 insertions(+), 300 deletions(-) delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-5652.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9273.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9297.patch delete mode 100644 gnu/packages/patches/libtiff-CVE-2016-9448.patch delete mode 100644 gnu/packages/patches/libtiff-uint32-overflow.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 430d05ff3e..7c6306b5f6 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -672,13 +672,8 @@ dist_patch_DATA = \ %D%/packages/patches/libtiff-CVE-2016-5314.patch \ %D%/packages/patches/libtiff-CVE-2016-5321.patch \ %D%/packages/patches/libtiff-CVE-2016-5323.patch \ - %D%/packages/patches/libtiff-CVE-2016-5652.patch \ - %D%/packages/patches/libtiff-CVE-2016-9273.patch \ - %D%/packages/patches/libtiff-CVE-2016-9297.patch \ - %D%/packages/patches/libtiff-CVE-2016-9448.patch \ %D%/packages/patches/libtiff-oob-accesses-in-decode.patch \ %D%/packages/patches/libtiff-oob-write-in-nextdecode.patch \ - %D%/packages/patches/libtiff-uint32-overflow.patch \ %D%/packages/patches/libtool-skip-tests2.patch \ %D%/packages/patches/libunwind-CVE-2015-3239.patch \ %D%/packages/patches/libupnp-CVE-2016-6255.patch \ diff --git a/gnu/packages/image.scm b/gnu/packages/image.scm index af412b4c44..526c87cf86 100644 --- a/gnu/packages/image.scm +++ b/gnu/packages/image.scm @@ -243,7 +243,7 @@ extracting icontainer icon files.") (define-public libtiff (package (name "libtiff") - (replacement libtiff/fixed) + (replacement libtiff-4.0.7) (version "4.0.6") (source (origin (method url-fetch) @@ -283,27 +283,18 @@ collection of tools for doing simple manipulations of TIFF images.") "See COPYRIGHT in the distribution.")) (home-page "http://www.remotesensing.org/libtiff/"))) -(define libtiff/fixed +(define libtiff-4.0.7 (package (inherit libtiff) + (version "4.0.7") (source (origin - (inherit (package-source libtiff)) - (patches (search-patches - "libtiff-oob-accesses-in-decode.patch" - "libtiff-oob-write-in-nextdecode.patch" - "libtiff-uint32-overflow.patch" - "libtiff-CVE-2015-8665+CVE-2015-8683.patch" - "libtiff-CVE-2016-3623.patch" - "libtiff-CVE-2016-3945.patch" - "libtiff-CVE-2016-3990.patch" - "libtiff-CVE-2016-3991.patch" - "libtiff-CVE-2016-5314.patch" - "libtiff-CVE-2016-5321.patch" - "libtiff-CVE-2016-5323.patch" - "libtiff-CVE-2016-5652.patch" - "libtiff-CVE-2016-9273.patch" - "libtiff-CVE-2016-9297.patch" - "libtiff-CVE-2016-9448.patch")))))) + (method url-fetch) + (uri (string-append "ftp://download.osgeo.org/libtiff/tiff-" + version ".tar.gz")) + (sha256 + (base32 + "06ghqhr4db1ssq0acyyz49gr8k41gzw6pqb6mbn5r7jqp77s4hwz")))) + (home-page "http://www.simplesystems.org/libtiff/"))) (define-public libwmf (package diff --git a/gnu/packages/patches/libtiff-CVE-2016-5652.patch b/gnu/packages/patches/libtiff-CVE-2016-5652.patch deleted file mode 100644 index 54b87d0185..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-5652.patch +++ /dev/null @@ -1,47 +0,0 @@ -Fix CVE-2016-5652 (buffer overflow in t2p_readwrite_pdf_image_tile()). - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652 - -Patches exfiltrated from upstream CVS repo with: -cvs diff -u -r 1.92 -r 1.94 tools/tiff2pdf.c - -Index: tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.92 -retrieving revision 1.94 -diff -u -r1.92 -r1.94 ---- a/tools/tiff2pdf.c 23 Sep 2016 22:12:18 -0000 1.92 -+++ b/tools/tiff2pdf.c 9 Oct 2016 11:03:36 -0000 1.94 -@@ -2887,21 +2887,24 @@ - return(0); - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { -- if (count > 0) { -- _TIFFmemcpy(buffer, jpt, count); -+ if (count >= 4) { -+ /* Ignore EOI marker of JpegTables */ -+ _TIFFmemcpy(buffer, jpt, count - 2); - bufferoffset += count - 2; -+ /* Store last 2 bytes of the JpegTables */ - table_end[0] = buffer[bufferoffset-2]; - table_end[1] = buffer[bufferoffset-1]; -- } -- if (count > 0) { - xuint32 = bufferoffset; -+ bufferoffset -= 2; - bufferoffset += TIFFReadRawTile( - input, - tile, -- (tdata_t) &(((unsigned char*)buffer)[bufferoffset-2]), -+ (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), - -1); -- buffer[xuint32-2]=table_end[0]; -- buffer[xuint32-1]=table_end[1]; -+ /* Overwrite SOI marker of image scan with previously */ -+ /* saved end of JpegTables */ -+ buffer[xuint32-2]=table_end[0]; -+ buffer[xuint32-1]=table_end[1]; - } else { - bufferoffset += TIFFReadRawTile( - input, diff --git a/gnu/packages/patches/libtiff-CVE-2016-9273.patch b/gnu/packages/patches/libtiff-CVE-2016-9273.patch deleted file mode 100644 index 9cd6b3d8c5..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9273.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix CVE-2016-9273: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273 -http://bugzilla.maptools.org/show_bug.cgi?id=2587 - -Patch extracted from upstream CVS repo: - -2016-11-10 Even Rouault - -revision 1.37 -date: 2016-11-09 18:00:49 -0500; author: erouault; state: Exp; lines: +10 -1; commitid: pzKipPxDJO2dxvtz; -* libtiff/tif_strip.c: make TIFFNumberOfStrips() return the td->td_nstrips -value when it is non-zero, instead of recomputing it. This is needed in -TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outsize of -array in tiffsplit (or other utilities using TIFFNumberOfStrips()). -Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2587 - -Index: libtiff/tif_strip.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v -retrieving revision 1.36 -retrieving revision 1.37 -diff -u -r1.36 -r1.37 ---- a/libtiff/tif_strip.c 7 Jun 2015 22:35:40 -0000 1.36 -+++ b/libtiff/tif_strip.c 9 Nov 2016 23:00:49 -0000 1.37 -@@ -63,6 +63,15 @@ - TIFFDirectory *td = &tif->tif_dir; - uint32 nstrips; - -+ /* If the value was already computed and store in td_nstrips, then return it, -+ since ChopUpSingleUncompressedStrip might have altered and resized the -+ since the td_stripbytecount and td_stripoffset arrays to the new value -+ after the initial affectation of td_nstrips = TIFFNumberOfStrips() in -+ tif_dirread.c ~line 3612. -+ See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */ -+ if( td->td_nstrips ) -+ return td->td_nstrips; -+ - nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 : - TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip)); - if (td->td_planarconfig == PLANARCONFIG_SEPARATE) diff --git a/gnu/packages/patches/libtiff-CVE-2016-9297.patch b/gnu/packages/patches/libtiff-CVE-2016-9297.patch deleted file mode 100644 index c9207bbd25..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9297.patch +++ /dev/null @@ -1,52 +0,0 @@ -Fix CVE-2016-9297: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297 -http://bugzilla.maptools.org/show_bug.cgi?id=2590 - -Patch copied from upstream source repository. - -2016-11-11 Even Rouault - - * libtiff/tif_dirread.c: in TIFFFetchNormalTag(), make sure that - values of tags with TIFF_SETGET_C16_ASCII / TIFF_SETGET_C32_ASCII - access are null terminated, to avoid potential read outside buffer - in _TIFFPrintField(). - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2590 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1154; previous revision: 1.1153 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- -libtiff/tif_dirread.c -new revision: 1.203; previous revision: 1.202Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.202 -retrieving revision 1.203 -diff -u -r1.202 -r1.203 ---- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:01:55 -0000 1.202 -+++ libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 -@@ -5000,6 +5000,11 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -+ if( data[dp->tdir_count-1] != '\0' ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); -+ data[dp->tdir_count-1] = '\0'; -+ } - m=TIFFSetField(tif,dp->tdir_tag,(uint16)(dp->tdir_count),data); - if (data!=0) - _TIFFfree(data); -@@ -5172,6 +5177,11 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -+ if( data[dp->tdir_count-1] != '\0' ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); -+ data[dp->tdir_count-1] = '\0'; -+ } - m=TIFFSetField(tif,dp->tdir_tag,(uint32)(dp->tdir_count),data); - if (data!=0) - _TIFFfree(data); diff --git a/gnu/packages/patches/libtiff-CVE-2016-9448.patch b/gnu/packages/patches/libtiff-CVE-2016-9448.patch deleted file mode 100644 index 05a3af8a84..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-9448.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2016-9448 (regression caused by fix for CVE-2016-9297). - -http://bugzilla.maptools.org/show_bug.cgi?id=2593 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9448 - -Patch copied from upstream source repository with: -$ cvs diff -u -r 1.203 -r 1.204 libtiff/libtiff/tif_dirread.c - -Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.203 -retrieving revision 1.204 -diff -u -r1.203 -r1.204 ---- libtiff/libtiff/tif_dirread.c 11 Nov 2016 20:22:01 -0000 1.203 -+++ libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 -@@ -5000,7 +5000,7 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -- if( data[dp->tdir_count-1] != '\0' ) -+ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) - { - TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); - data[dp->tdir_count-1] = '\0'; -@@ -5177,7 +5177,7 @@ - if (err==TIFFReadDirEntryErrOk) - { - int m; -- if( data[dp->tdir_count-1] != '\0' ) -+ if( dp->tdir_count > 0 && data[dp->tdir_count-1] != '\0' ) - { - TIFFWarningExt(tif->tif_clientdata,module,"ASCII value for tag \"%s\" does not end in null byte. Forcing it to be null",fip->field_name); - data[dp->tdir_count-1] = '\0'; diff --git a/gnu/packages/patches/libtiff-uint32-overflow.patch b/gnu/packages/patches/libtiff-uint32-overflow.patch deleted file mode 100644 index c95126f9a1..0000000000 --- a/gnu/packages/patches/libtiff-uint32-overflow.patch +++ /dev/null @@ -1,102 +0,0 @@ -Fix some buffer overflows: - -http://seclists.org/oss-sec/2016/q4/408 -http://bugzilla.maptools.org/show_bug.cgi?id=2592 - -2016-11-11 Even Rouault - - * tools/tiffcrop.c: fix multiple uint32 overflows in - writeBufferToSeparateStrips(), writeBufferToContigTiles() and - writeBufferToSeparateTiles() that could cause heap buffer -overflows. - Reported by Henri Salo from Nixu Corporation. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2592 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1152; previous revision: 1.1151 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.43; previous revision: 1.42 - -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.42 -retrieving revision 1.43 -diff -u -r1.42 -r1.43 ---- libtiff/tools/tiffcrop.c 14 Oct 2016 19:13:20 -0000 1.42 -+++ libtiff/tools/tiffcrop.c 11 Nov 2016 19:33:06 -0000 1.43 -@@ -148,6 +148,8 @@ - #define PATH_MAX 1024 - #endif - -+#define TIFF_UINT32_MAX 0xFFFFFFFFU -+ - #ifndef streq - #define streq(a,b) (strcmp((a),(b)) == 0) - #endif -@@ -1164,7 +1166,24 @@ - (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); - (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); - bytes_per_sample = (bps + 7) / 8; -- rowsize = ((bps * spp * width) + 7) / 8; /* source has interleaved samples */ -+ if( width == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || -+ bps * spp * width > TIFF_UINT32_MAX - 7U ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (bps * spp * width) + 7"); -+ return 1; -+ } -+ rowsize = ((bps * spp * width) + 7U) / 8; /* source has interleaved samples */ -+ if( bytes_per_sample == 0 || -+ rowsperstrip > TIFF_UINT32_MAX / bytes_per_sample || -+ rowsperstrip * bytes_per_sample > TIFF_UINT32_MAX / (width + 1) ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing rowsperstrip * " -+ "bytes_per_sample * (width + 1)"); -+ return 1; -+ } - rowstripsize = rowsperstrip * bytes_per_sample * (width + 1); - - obuf = _TIFFmalloc (rowstripsize); -@@ -1251,11 +1270,19 @@ - } - } - -+ if( imagewidth == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || -+ bps * spp * imagewidth > TIFF_UINT32_MAX - 7U ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); -+ return 1; -+ } -+ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; -+ - tilebuf = _TIFFmalloc(tile_buffsize); - if (tilebuf == 0) - return 1; -- -- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; - for (row = 0; row < imagelength; row += tl) - { - nrow = (row + tl > imagelength) ? imagelength - row : tl; -@@ -1315,7 +1342,16 @@ - TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); - TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); - TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -- src_rowsize = ((imagewidth * spp * bps) + 7) / 8; -+ -+ if( imagewidth == 0 || -+ (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / imagewidth || -+ bps * spp * imagewidth > TIFF_UINT32_MAX - 7 ) -+ { -+ TIFFError(TIFFFileName(out), -+ "Error, uint32 overflow when computing (imagewidth * bps * spp) + 7"); -+ return 1; -+ } -+ src_rowsize = ((imagewidth * spp * bps) + 7U) / 8; - - for (row = 0; row < imagelength; row += tl) - { -- cgit v1.2.3 From 01f94cca19ebd843d6a518530f8acc4fc61b116b Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Tue, 22 Nov 2016 21:38:40 +0100 Subject: gnu: Add 'lvm2-static'. * gnu/packages/patches/lvm2-static-link.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/linux.scm (lvm2)[source](patches): New field. (lvm2-static): New variable. --- gnu/local.mk | 1 + gnu/packages/linux.scm | 19 ++++++++++++++++++- gnu/packages/patches/lvm2-static-link.patch | 14 ++++++++++++++ 3 files changed, 33 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/lvm2-static-link.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 7c6306b5f6..49137277f1 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -705,6 +705,7 @@ dist_patch_DATA = \ %D%/packages/patches/luajit-no_ldconfig.patch \ %D%/packages/patches/luajit-symlinks.patch \ %D%/packages/patches/luit-posix.patch \ + %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/make-impure-dirs.patch \ %D%/packages/patches/mars-install.patch \ %D%/packages/patches/mars-sfml-2.3.patch \ diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 94b9315085..5870723baf 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -1683,7 +1683,8 @@ time.") (("confdir = .*$") "confdir = @sysconfdir@\n") (("DEFAULT_SYS_DIR = @DEFAULT_SYS_DIR@") - "DEFAULT_SYS_DIR = @sysconfdir@")))))) + "DEFAULT_SYS_DIR = @sysconfdir@")))) + (patches (search-patches "lvm2-static-link.patch")))) (build-system gnu-build-system) (native-inputs `(("pkg-config" ,pkg-config) @@ -1738,6 +1739,22 @@ mapper. Kernel components are part of Linux-libre.") ;; Command-line tools are GPLv2. (license (list license:gpl2 license:lgpl2.1)))) +(define-public lvm2-static + (package + (inherit lvm2) + (name "lvm2-static") + + ;; Propagate udev because libdevmapper.a depends on libudev. + (inputs (alist-delete "udev" (package-inputs lvm2))) + (propagated-inputs `(("udev" ,eudev))) + + (arguments + (substitute-keyword-arguments (package-arguments lvm2) + ((#:configure-flags flags '()) + ;; LVM2 doesn't use Libtool, hence the custom option. + `(cons "--enable-static_link" ,flags)))) + (synopsis "Logical volume management for Linux (statically linked)"))) + (define-public wireless-tools (package (name "wireless-tools") diff --git a/gnu/packages/patches/lvm2-static-link.patch b/gnu/packages/patches/lvm2-static-link.patch new file mode 100644 index 0000000000..b4b1dd92e1 --- /dev/null +++ b/gnu/packages/patches/lvm2-static-link.patch @@ -0,0 +1,14 @@ +Fix static linking of 'lvm.static', which indirectly depend on libpthread +via libdevmapper.a. + +--- LVM2.2.02.166/tools/Makefile.in 2016-11-22 21:31:15.521045149 +0100 ++++ LVM2.2.02.166/tools/Makefile.in 2016-11-22 21:31:24.085082767 +0100 +@@ -148,7 +148,7 @@ endif + + lvm.static: $(OBJECTS) lvm-static.o $(top_builddir)/lib/liblvm-internal.a $(interfacebuilddir)/libdevmapper.a + $(CC) $(CFLAGS) $(LDFLAGS) -static -L$(interfacebuilddir) -o $@ \ +- $(OBJECTS) lvm-static.o $(LVMLIBS) $(STATIC_LIBS) $(LIBS) ++ $(OBJECTS) lvm-static.o $(LVMLIBS) $(STATIC_LIBS) $(LIBS) $(PTHREAD_LIBS) + + liblvm2cmd.a: $(top_builddir)/lib/liblvm-internal.a $(OBJECTS) lvmcmdlib.o lvm2cmd.o + cat $(top_builddir)/lib/liblvm-internal.a > $@ -- cgit v1.2.3