summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzamat H. Hackimov <azamat.hackimov@gmail.com>2021-05-21 22:36:03 +0300
committerAndreas Sturmlechner <asturm@gentoo.org>2021-05-23 18:53:07 +0200
commit185c785c239b6e5f7fcadc14be183c2f5fb37cfe (patch)
tree377e47f10e95d865aa4aaa3eafc5b60d66b0f2c8 /app-arch/upx
parentapp-backup/dar: remove 2.7.0 (diff)
downloadgentoo-185c785c239b6e5f7fcadc14be183c2f5fb37cfe.tar.gz
gentoo-185c785c239b6e5f7fcadc14be183c2f5fb37cfe.tar.bz2
gentoo-185c785c239b6e5f7fcadc14be183c2f5fb37cfe.zip
app-arch/upx: fix CVE-2020-24119
Bug: https://bugs.gentoo.org/790281 Package-Manager: Portage-3.0.18, Repoman-3.0.2 Signed-off-by: Azamat H. Hackimov <azamat.hackimov@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/20914 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>
Diffstat (limited to 'app-arch/upx')
-rw-r--r--app-arch/upx/files/upx-3.96_CVE-2020-24119.patch34
-rw-r--r--app-arch/upx/upx-3.96-r2.ebuild39
2 files changed, 73 insertions, 0 deletions
diff --git a/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch
new file mode 100644
index 000000000000..7e6de04948bd
--- /dev/null
+++ b/app-arch/upx/files/upx-3.96_CVE-2020-24119.patch
@@ -0,0 +1,34 @@
+From 87b73e5cfdc12da94c251b2cd83bb01c7d9f616c Mon Sep 17 00:00:00 2001
+From: John Reiser <jreiser@BitWagon.com>
+Date: Wed, 22 Jul 2020 19:34:27 -0700
+Subject: [PATCH] Unpack: Phdrs must be within expansion of first compressed
+ block
+
+https://github.com/upx/upx/issues/388
+ modified: p_lx_elf.cpp
+---
+ src/p_lx_elf.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp
+index cd9e4ec97..453d5c457 100644
+--- a/src/p_lx_elf.cpp
++++ b/src/p_lx_elf.cpp
+@@ -4550,7 +4550,7 @@ void PackLinuxElf64::unpack(OutputFile *fo)
+ unsigned c_adler = upx_adler32(NULL, 0);
+ unsigned u_adler = upx_adler32(NULL, 0);
+ #define MAX_ELF_HDR 1024
+- if ((MAX_ELF_HDR - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) {
++ if ((umin64(MAX_ELF_HDR, ph.u_len) - sizeof(Elf64_Ehdr))/sizeof(Elf64_Phdr) < u_phnum) {
+ throwCantUnpack("bad compressed e_phnum");
+ }
+ #undef MAX_ELF_HDR
+@@ -5617,7 +5617,7 @@ void PackLinuxElf32::unpack(OutputFile *fo)
+ unsigned c_adler = upx_adler32(NULL, 0);
+ unsigned u_adler = upx_adler32(NULL, 0);
+ #define MAX_ELF_HDR 512
+- if ((MAX_ELF_HDR - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) {
++ if ((umin(MAX_ELF_HDR, ph.u_len) - sizeof(Elf32_Ehdr))/sizeof(Elf32_Phdr) < u_phnum) {
+ throwCantUnpack("bad compressed e_phnum");
+ }
+ #undef MAX_ELF_HDR
diff --git a/app-arch/upx/upx-3.96-r2.ebuild b/app-arch/upx/upx-3.96-r2.ebuild
new file mode 100644
index 000000000000..cf9f4c4f87d3
--- /dev/null
+++ b/app-arch/upx/upx-3.96-r2.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit toolchain-funcs
+
+DESCRIPTION="Ultimate Packer for eXecutables (free version using UCL compression and not NRV)"
+HOMEPAGE="https://upx.github.io/"
+SRC_URI="https://github.com/upx/upx/releases/download/v${PV}/${P}-src.tar.xz"
+
+LICENSE="GPL-2+ UPX-exception" # Read the exception before applying any patches
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE=""
+
+DEPEND=">=dev-libs/ucl-1.03
+ sys-libs/zlib"
+RDEPEND="${RDEPEND}
+ !app-arch/upx-bin"
+BDEPEND="dev-lang/perl"
+
+S="${WORKDIR}/${P}-src"
+
+PATCHES=(
+ "${FILESDIR}/${P}_CVE-2020-24119.patch"
+ "${FILESDIR}/${P}_CVE-2021-20285.patch"
+)
+
+src_compile() {
+ tc-export CXX
+ emake CXXFLAGS_WERROR="" all
+}
+
+src_install() {
+ newbin src/upx.out upx
+ dodoc BUGS NEWS PROJECTS README* THANKS doc/*.txt doc/upx.html
+ doman doc/upx.1
+}