fix do_brk vuln

author: Brian Jackson <iggy@gentoo.org> 2003-12-02 03:20:36 +0000
committer: Brian Jackson <iggy@gentoo.org> 2003-12-02 03:20:36 +0000
commit: e80a601b503e8e348d0f61224f958d57450dda8c (patch)
tree: 0676dec9b0216759aac8ec13447340f2463240d0 /sys-kernel/selinux-sources
parent: fix do_brk vuln (diff)
download: gentoo-2-e80a601b503e8e348d0f61224f958d57450dda8c.tar.gz
gentoo-2-e80a601b503e8e348d0f61224f958d57450dda8c.tar.bz2
gentoo-2-e80a601b503e8e348d0f61224f958d57450dda8c.zip
4 files changed, 22 insertions, 5 deletions
diff --git a/sys-kernel/selinux-sources/ChangeLog b/sys-kernel/selinux-sources/ChangeLog
index b7f7b1eeb9cd..ef2dbc79e4c6 100644
--- a/sys-kernel/selinux-sources/ChangeLog
+++ b/sys-kernel/selinux-sources/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for sys-kernel/selinux-sources
 # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/selinux-sources/ChangeLog,v 1.23 2003/11/20 07:43:38 lostlogic Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/selinux-sources/ChangeLog,v 1.24 2003/12/02 03:20:34 iggy Exp $
+
+  01 Dec 2003; Brian Jackson <iggy@gentoo.org>
+  selinux-sources-2.4.21-r4.ebuild, files/do_brk_fix.patch:
+  fix do_brk vuln
 
   20 Nov 2003; Brandon Low <lostlogic@gentoo.org>
   selinux-sources-2.4.21-r4.ebuild:
diff --git a/sys-kernel/selinux-sources/Manifest b/sys-kernel/selinux-sources/Manifest
index 3fd5c4e8ec1a..4fe3255da9d3 100644
--- a/sys-kernel/selinux-sources/Manifest
+++ b/sys-kernel/selinux-sources/Manifest
@@ -1,5 +1,5 @@
-MD5 945a68166d01f99d21a3e532cce30224 selinux-sources-2.4.21-r4.ebuild 1063
-MD5 6b53befc1649d5517608c0754db91212 ChangeLog 3562
+MD5 d06e186a49502b4eb5afeb2d32e968b4 selinux-sources-2.4.21-r4.ebuild 1058
+MD5 8714173f7e9ae01a4d479c0d0f4b40ac ChangeLog 3683
 MD5 f455fbb5d96167058282b93599457a4f metadata.xml 470
 MD5 e637c6fa41097ea2c4693d0766f2e1c5 files/do_brk_fix.patch 242
 MD5 76ec5f9fe491fd7c166830604f3651e2 files/digest-selinux-sources-2.4.21-r4 145
diff --git a/sys-kernel/selinux-sources/files/do_brk_fix.patch b/sys-kernel/selinux-sources/files/do_brk_fix.patch
new file mode 100644
index 000000000000..fef1f1e981e2
--- /dev/null
+++ b/sys-kernel/selinux-sources/files/do_brk_fix.patch
@@ -0,0 +1,12 @@
+--- a/mm/mmap.c Fri Sep 12 06:44:06 2003
++++ b/mm/mmap.c Thu Oct  2 01:18:19 2003
+@@ -1041,6 +1041,9 @@
+	if (!len)
+		return addr;
+ 
++ 	if ((addr + len) > TASK_SIZE || (addr + len) < addr)
++ 		return -EINVAL;
++ 
+	/*
+	 * mlock MCL_FUTURE?
+	 */
diff --git a/sys-kernel/selinux-sources/selinux-sources-2.4.21-r4.ebuild b/sys-kernel/selinux-sources/selinux-sources-2.4.21-r4.ebuild
index 451a12a5d86d..7732bbd4a0a3 100644
--- a/sys-kernel/selinux-sources/selinux-sources-2.4.21-r4.ebuild
+++ b/sys-kernel/selinux-sources/selinux-sources-2.4.21-r4.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2003 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/selinux-sources/selinux-sources-2.4.21-r4.ebuild,v 1.2 2003/11/20 07:43:38 lostlogic Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/selinux-sources/selinux-sources-2.4.21-r4.ebuild,v 1.3 2003/12/02 03:20:34 iggy Exp $
 
 IUSE=""
 
@@ -24,7 +24,8 @@ src_unpack() {
 	unpack ${A}
 	mv linux-${OKV} linux-${KV} || die
 
-	cd ${KV}
+	cd ${S}
+	epatch ${FILESDIR}/do_brk_fix.patch || die "failed to patch for do_brk vuln"
 	kernel_src_unpack
 }
author	Brian Jackson <iggy@gentoo.org>	2003-12-02 03:20:36 +0000
committer	Brian Jackson <iggy@gentoo.org>	2003-12-02 03:20:36 +0000
commit	e80a601b503e8e348d0f61224f958d57450dda8c (patch)
tree	0676dec9b0216759aac8ec13447340f2463240d0 /sys-kernel/selinux-sources
parent	fix do_brk vuln (diff)
download	gentoo-2-e80a601b503e8e348d0f61224f958d57450dda8c.tar.gz gentoo-2-e80a601b503e8e348d0f61224f958d57450dda8c.tar.bz2 gentoo-2-e80a601b503e8e348d0f61224f958d57450dda8c.zip