diff options
author | 2018-02-27 16:04:39 +0000 | |
---|---|---|
committer | 2018-02-27 23:41:35 +0100 | |
commit | af28844cc92f8edd1fcd049e357d169a3dddc176 (patch) | |
tree | 8178e2a64c1037ce0bd2d18f4d955824649dfbe9 /dev-db/unixODBC/files | |
parent | net-misc/lksctp-tools: stable 1.0.17 for ppc, bug #610438 (diff) | |
download | gentoo-af28844cc92f8edd1fcd049e357d169a3dddc176.tar.gz gentoo-af28844cc92f8edd1fcd049e357d169a3dddc176.tar.bz2 gentoo-af28844cc92f8edd1fcd049e357d169a3dddc176.zip |
dev-db/unixODBC: add fix against CVE-2018-7485.
Adding a patch based on
https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f
Without the changes for 2.3.6 in ChangeLog and configure.ac.
Package-Manager: Portage-2.3.19, Repoman-2.3.6
Closes: https://github.com/gentoo/gentoo/pull/7300
Diffstat (limited to 'dev-db/unixODBC/files')
-rw-r--r-- | dev-db/unixODBC/files/unixODBC-2.3.5-CVE-2018-7485.patch | 135 |
1 files changed, 135 insertions, 0 deletions
diff --git a/dev-db/unixODBC/files/unixODBC-2.3.5-CVE-2018-7485.patch b/dev-db/unixODBC/files/unixODBC-2.3.5-CVE-2018-7485.patch new file mode 100644 index 000000000000..2c4178cda48f --- /dev/null +++ b/dev-db/unixODBC/files/unixODBC-2.3.5-CVE-2018-7485.patch @@ -0,0 +1,135 @@ +From 45ef78e037f578b15fc58938a3a3251655e71d6f Mon Sep 17 00:00:00 2001 +From: Nick Gorham <nick@lurcher.ink.org> +Date: Mon, 8 Jan 2018 11:12:39 +0000 +Subject: [PATCH] New Pre Source + +diff --git a/DriverManager/SQLGetDiagRecW.c b/DriverManager/SQLGetDiagRecW.c +index a6368d7..be89120 100644 +--- a/DriverManager/SQLGetDiagRecW.c ++++ b/DriverManager/SQLGetDiagRecW.c +@@ -98,6 +98,8 @@ + + static char const rcsid[]= "$RCSfile: SQLGetDiagRecW.c,v $"; + ++extern int __is_env( EHEAD * head ); /* in SQLGetDiagRec.c */ ++ + static SQLRETURN extract_sql_error_rec_w( EHEAD *head, + SQLWCHAR *sqlstate, + SQLINTEGER rec_number, +diff --git a/DriverManager/SQLSetDescField.c b/DriverManager/SQLSetDescField.c +index 333d786..0e2f67c 100644 +--- a/DriverManager/SQLSetDescField.c ++++ b/DriverManager/SQLSetDescField.c +@@ -306,7 +306,7 @@ SQLRETURN SQLSetDescField( SQLHDESC descriptor_handle, + return function_return_nodrv( SQL_HANDLE_DESC, descriptor, SQL_ERROR ); + } + +- if ( field_identifier == SQL_DESC_COUNT && (SQLINTEGER)value < 0 ) ++ if ( field_identifier == SQL_DESC_COUNT && (intptr_t)value < 0 ) + { + __post_internal_error( &descriptor -> error, + ERROR_07009, NULL, +@@ -315,9 +315,9 @@ SQLRETURN SQLSetDescField( SQLHDESC descriptor_handle, + return function_return_nodrv( SQL_HANDLE_DESC, descriptor, SQL_ERROR ); + } + +- if ( field_identifier == SQL_DESC_PARAMETER_TYPE && value != SQL_PARAM_INPUT +- && value != SQL_PARAM_OUTPUT && value != SQL_PARAM_INPUT_OUTPUT && +- value != SQL_PARAM_INPUT_OUTPUT_STREAM && value != SQL_PARAM_OUTPUT_STREAM ) ++ if ( field_identifier == SQL_DESC_PARAMETER_TYPE && (intptr_t)value != SQL_PARAM_INPUT ++ && (intptr_t)value != SQL_PARAM_OUTPUT && (intptr_t)value != SQL_PARAM_INPUT_OUTPUT && ++ (intptr_t)value != SQL_PARAM_INPUT_OUTPUT_STREAM && (intptr_t)value != SQL_PARAM_OUTPUT_STREAM ) + { + __post_internal_error( &descriptor -> error, + ERROR_HY105, NULL, +diff --git a/DriverManager/SQLSetDescFieldW.c b/DriverManager/SQLSetDescFieldW.c +index 5e066ac..45125ff 100644 +--- a/DriverManager/SQLSetDescFieldW.c ++++ b/DriverManager/SQLSetDescFieldW.c +@@ -288,7 +288,7 @@ SQLRETURN SQLSetDescFieldW( SQLHDESC descriptor_handle, + return function_return_nodrv( SQL_HANDLE_DESC, descriptor, SQL_ERROR ); + } + +- if ( field_identifier == SQL_DESC_COUNT && (SQLINTEGER)value < 0 ) ++ if ( field_identifier == SQL_DESC_COUNT && (intptr_t)value < 0 ) + { + __post_internal_error( &descriptor -> error, + ERROR_07009, NULL, +@@ -297,9 +297,9 @@ SQLRETURN SQLSetDescFieldW( SQLHDESC descriptor_handle, + return function_return_nodrv( SQL_HANDLE_DESC, descriptor, SQL_ERROR ); + } + +- if ( field_identifier == SQL_DESC_PARAMETER_TYPE && value != SQL_PARAM_INPUT +- && value != SQL_PARAM_OUTPUT && value != SQL_PARAM_INPUT_OUTPUT && +- value != SQL_PARAM_INPUT_OUTPUT_STREAM && value != SQL_PARAM_OUTPUT_STREAM ) ++ if ( field_identifier == SQL_DESC_PARAMETER_TYPE && (intptr_t)value != SQL_PARAM_INPUT ++ && (intptr_t)value != SQL_PARAM_OUTPUT && (intptr_t)value != SQL_PARAM_INPUT_OUTPUT && ++ (intptr_t)value != SQL_PARAM_INPUT_OUTPUT_STREAM && (intptr_t)value != SQL_PARAM_OUTPUT_STREAM ) + { + __post_internal_error( &descriptor -> error, + ERROR_HY105, NULL, +diff --git a/exe/iusql.c b/exe/iusql.c +index aac5329..484a889 100644 +--- a/exe/iusql.c ++++ b/exe/iusql.c +@@ -413,7 +413,6 @@ static int ExecuteSQL( SQLHDBC hDbc, char *szSQL, char cDelimiter, int bColumnNa + if ( bVerbose ) DumpODBCLog( hEnv, hDbc, hStmt ); + fprintf( stderr, "[ISQL]ERROR: Could not SQLExecDirect\n" ); + SQLFreeStmt( hStmt, SQL_DROP ); +- free(szSepLine); + return 0; + } + } +diff --git a/odbcinst/SQLCreateDataSource.c b/odbcinst/SQLCreateDataSource.c +index a9fa735..83a1e9e 100644 +--- a/odbcinst/SQLCreateDataSource.c ++++ b/odbcinst/SQLCreateDataSource.c +@@ -26,7 +26,7 @@ char* _multi_string_alloc_and_copy( LPCWSTR in ) + + if ( !in ) + { +- return in; ++ return NULL; + } + + while ( in[ len ] != 0 || in[ len + 1 ] != 0 ) +@@ -55,7 +55,7 @@ char* _single_string_alloc_and_copy( LPCWSTR in ) + + if ( !in ) + { +- return in; ++ return NULL; + } + + while ( in[ len ] != 0 ) +@@ -83,7 +83,7 @@ SQLWCHAR* _multi_string_alloc_and_expand( LPCSTR in ) + + if ( !in ) + { +- return in; ++ return NULL; + } + + while ( in[ len ] != 0 || in[ len + 1 ] != 0 ) +@@ -112,7 +112,7 @@ SQLWCHAR* _single_string_alloc_and_expand( LPCSTR in ) + + if ( !in ) + { +- return in; ++ return NULL; + } + + while ( in[ len ] != 0 ) +diff --git a/odbcinst/SQLWriteFileDSN.c b/odbcinst/SQLWriteFileDSN.c +index c2f987b..e225796 100644 +--- a/odbcinst/SQLWriteFileDSN.c ++++ b/odbcinst/SQLWriteFileDSN.c +@@ -21,7 +21,7 @@ BOOL SQLWriteFileDSN( LPCSTR pszFileName, + + if ( pszFileName[0] == '/' ) + { +- strncpy( szFileName, sizeof(szFileName) - 5, pszFileName ); ++ strncpy( szFileName, pszFileName, sizeof(szFileName) - 5 ); + } + else + { |