From a3d14731a358642c2bd9b6ed63c5823fd0b41262 Mon Sep 17 00:00:00 2001 From: Stefan Knoblich Date: Mon, 29 Mar 2004 23:21:23 +0000 Subject: Fixes #46017 and #45846 (possible buffer overflow in asn parser), cleaned up libpt.so symlink creation, pwlib-1.5.2-r3 tested on x86, ppc, sparc and alpha, pwlib-1.6.3-r2 on sparc --- dev-libs/pwlib/ChangeLog | 13 ++- dev-libs/pwlib/files/digest-pwlib-1.5.2-r3 | 1 + .../pwlib/files/pwlib-1.5.2-asnparser-secfix.diff | 56 +++++++++++ dev-libs/pwlib/pwlib-1.5.2-r3.ebuild | 107 +++++++++++++++++++++ dev-libs/pwlib/pwlib-1.6.3-r2.ebuild | 13 +-- 5 files changed, 181 insertions(+), 9 deletions(-) create mode 100644 dev-libs/pwlib/files/digest-pwlib-1.5.2-r3 create mode 100644 dev-libs/pwlib/files/pwlib-1.5.2-asnparser-secfix.diff create mode 100644 dev-libs/pwlib/pwlib-1.5.2-r3.ebuild (limited to 'dev-libs') diff --git a/dev-libs/pwlib/ChangeLog b/dev-libs/pwlib/ChangeLog index 32f64a6ae32d..361d72158141 100644 --- a/dev-libs/pwlib/ChangeLog +++ b/dev-libs/pwlib/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for dev-libs/pwlib # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/pwlib/ChangeLog,v 1.42 2004/03/25 15:41:17 jhuebel Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/pwlib/ChangeLog,v 1.43 2004/03/29 23:21:23 stkn Exp $ + + 29 Mar 2004; Stefan Knoblich pwlib-1.6.3-r2.ebuild: + Fix #46017 and cleanup libpt.so symlink creation. Tested on sparc. + +*pwlib-1.5.2-r3 (29 Mar 2004) + + 29 Mar 2004; Stefan Knoblich pwlib-1.5.2-r3.ebuild, + files/pwlib-1.5.2-asnparser-secfix.diff: + Fix #45864 (possible buffer overflow in asn parser, + fixed by James Strandboge ), #46017 and amd64. + Cleanup libpt.so symlink creation. Tested on ppc, alpha and sparc. *pwlib-1.6.3-r2 (25 Mar 2004) diff --git a/dev-libs/pwlib/files/digest-pwlib-1.5.2-r3 b/dev-libs/pwlib/files/digest-pwlib-1.5.2-r3 new file mode 100644 index 000000000000..612e63c4b4d3 --- /dev/null +++ b/dev-libs/pwlib/files/digest-pwlib-1.5.2-r3 @@ -0,0 +1 @@ +MD5 0fa33ba1b32b254abe0b731a52c0f2f9 pwlib_1.5.2.tar.gz 1085203 diff --git a/dev-libs/pwlib/files/pwlib-1.5.2-asnparser-secfix.diff b/dev-libs/pwlib/files/pwlib-1.5.2-asnparser-secfix.diff new file mode 100644 index 000000000000..444214a14f71 --- /dev/null +++ b/dev-libs/pwlib/files/pwlib-1.5.2-asnparser-secfix.diff @@ -0,0 +1,56 @@ +--- pwlib/src/ptclib/asnper.cxx.orig Fri Aug 1 02:11:38 2003 ++++ pwlib-1.5.2/src/ptclib/asnper.cxx Fri Feb 20 15:35:05 2004 +@@ -1224,7 +1224,12 @@ + return -1; + + value += lower; +- return 0; ++ ++ // clamp value to upper limit ++ if (value > upper) ++ value = upper; ++ ++ return 0; + } + + +@@ -1268,7 +1273,13 @@ + unsigned base; + if (!MultiBitDecode(CountBits(upper - lower + 1), base)) + return -1; +- return lower + base; // 10.9.4.1 ++ len = lower + base; // 10.9.4.1 ++ ++ // clamp value to upper limit ++ if (len > upper) ++ len = upper; ++ ++ return 0; + } + + if (upper < 65536) // 10.9.3.3 +@@ -1279,13 +1290,20 @@ + if (IsAtEnd()) + return -1; + +- if (SingleBitDecode() == 0) +- return MultiBitDecode(7, len) ? 0 : -1; // 10.9.3.6 +- +- if (SingleBitDecode() == 0) +- return MultiBitDecode(14, len) ? 0 : -1; // 10.9.3.7 ++ if (SingleBitDecode() == 0) { ++ if (!MultiBitDecode(7, len)) // 10.9.3.6 ++ return -1; // 10.9.3.8 unsupported ++ } ++ else if (SingleBitDecode() == 0) { ++ if (!MultiBitDecode(14, len)) // 10.9.3.7 ++ return -1; // 10.9.3.8 unsupported ++ } + +- return -1; // 10.9.3.8 unsupported ++ // clamp value to upper limit ++ if (len > upper) ++ len = upper; ++ ++ return 0; + } diff --git a/dev-libs/pwlib/pwlib-1.5.2-r3.ebuild b/dev-libs/pwlib/pwlib-1.5.2-r3.ebuild new file mode 100644 index 000000000000..1f3b4fc7f525 --- /dev/null +++ b/dev-libs/pwlib/pwlib-1.5.2-r3.ebuild @@ -0,0 +1,107 @@ +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-libs/pwlib/pwlib-1.5.2-r3.ebuild,v 1.1 2004/03/29 23:21:23 stkn Exp $ + +DESCRIPTION="Portable Multiplatform Class Libraries for OpenH323" +HOMEPAGE="http://www.openh323.org/" +SRC_URI="http://www.openh323.org/bin/${PN}_${PV}.tar.gz" + +LICENSE="MPL-1.1" +SLOT="0" +KEYWORDS="~x86 ~ppc ~sparc ~alpha" +IUSE="ssl sdl ldap" + +DEPEND=">=sys-devel/bison-1.28 + >=sys-devel/flex-2.5.4a + dev-libs/expat + >=sys-apps/sed-4 + ldap? ( net-nds/openldap ) + sdl? ( media-libs/libsdl ) + ssl? ( dev-libs/openssl )" + +MAKEOPTS="${MAKEOPTS} -j1" +S=${WORKDIR}/${PN} + +src_unpack() { + unpack ${A} + cd ${S} + + # fix #45846 / CAN-2004-0097 + epatch ${FILESDIR}/${P}-asnparser-secfix.diff + + cd ${S}/make + + # filter out -O3 and -mcpu embedded compiler flags + sed -i \ + -e "s:-mcpu=\$(CPUTYPE)::" \ + -e "s:-O3 -DNDEBUG:-DNDEBUG:" \ + unix.mak +} + +src_compile() { + if [ "`use ssl`" ]; then + export OPENSSLFLAG=1 + export OPENSSLDIR="/usr" + export OPENSSLLIBS="-lssl -lcrypt" + fi + + econf || die "configure failed" + + # Horrible hack to strip out -L/usr/lib to allow upgrades + # problem is it adds -L/usr/lib before -L${S} when SSL is + # enabled. Same thing for -I/usr/include. + sed -i -e "s:^\(LDFLAGS.*\)-L/usr/lib:\1:" \ + -e "s:^\(STDCCFLAGS.*\)-I/usr/include:\1:" \ + ${S}/make/ptbuildopts.mak + sed -i -e "s:^\(LDFLAGS[\s]*=.*\) -L/usr/lib:\1:" \ + -e "s:^\(LDFLAGS[\s]*=.*\) -I/usr/include:\1:" \ + -e "s:^\(CCFLAGS[\s]*=.*\) -I/usr/include:\1:" \ + ${S}/make/ptlib-config + + emake opt || die "make failed" +} + +src_install() { + # make these because the makefile isn't smart enough + dodir /usr/bin /usr/lib /usr/share /usr/include + make PREFIX=${D}/usr install || die "install failed" + + # these are for compiling openh323 + # NOTE: symlinks don't work when upgrading + # FIXME: probably should fix this with ptlib-config + dodir /usr/share/pwlib/include + cp -r ${D}/usr/include/* ${D}/usr/share/pwlib/include + + dodir /usr/share/pwlib/lib + for x in ${D}/usr/lib/*; do + dosym /usr/lib/`basename ${x}` /usr/share/pwlib/lib/`basename ${x}` + done + + # remove CVS dirs + find ${D} -name CVS -type d | xargs rm -rf + + # fix symlink + # only amd64 needs special care, afaiks + rm ${D}/usr/lib/libpt.so + if [ ${ARCH} = "amd64" ] ; then + dosym /usr/lib/libpt_linux_x86_64_r.so.${PV} /usr/lib/libpt.so + else + dosym /usr/lib/libpt_linux_${ARCH}_r.so.${PV} /usr/lib/libpt.so + fi + + # strip ${S} stuff + dosed "s:^PWLIBDIR.*:PWLIBDIR=/usr/share/pwlib:" /usr/bin/ptlib-config + dosed "s:^PWLIBDIR.*:PWLIBDIR=/usr/share/pwlib:" /usr/share/pwlib/make/ptbuildopts.mak + + # dodgy configure/makefiles forget to expand this + dosed 's:${exec_prefix}:/usr:' /usr/bin/ptlib-config + + # satisfy ptlib.mak's weird definition (should check if true for future versions) + cp ${D}/usr/bin/ptlib-config ${D}/usr/share/pwlib/make/ptlib-config + + # copy version.h + insinto /usr/share/pwlib + doins version.h + + dodoc ReadMe.txt History.txt +} diff --git a/dev-libs/pwlib/pwlib-1.6.3-r2.ebuild b/dev-libs/pwlib/pwlib-1.6.3-r2.ebuild index 71fba4523b8e..e89d8cfd8b93 100644 --- a/dev-libs/pwlib/pwlib-1.6.3-r2.ebuild +++ b/dev-libs/pwlib/pwlib-1.6.3-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-libs/pwlib/pwlib-1.6.3-r2.ebuild,v 1.1 2004/03/25 15:41:17 jhuebel Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-libs/pwlib/pwlib-1.6.3-r2.ebuild,v 1.2 2004/03/29 23:21:23 stkn Exp $ IUSE="ssl sdl ieee1394 alsa esd" @@ -10,7 +10,7 @@ SRC_URI="http://www.gnomemeeting.org/admin/downloads/latest/sources/sources/${P} LICENSE="MPL-1.1" SLOT="0" -KEYWORDS="-* ~amd64" +KEYWORDS="~x86 ~sparc ~amd64" DEPEND=">=sys-devel/bison-1.28 >=sys-devel/flex-2.5.4a @@ -118,15 +118,12 @@ src_install() { find ${D} -name CVS -type d | xargs rm -rf # fix symlink + # only amd64 needs special handling, afaiks rm ${D}/usr/lib/libpt.so - if [ ${ARCH} = "ppc" ] ; then - dosym /usr/lib/libpt_linux_ppc_r.so.${PV} /usr/lib/libpt.so - elif [ ${ARCH} = "sparc" ] ; then - dosym /usr/lib/libpt_linux_sparc_r.so.${PV} /usr/lib/libpt.so - elif [ ${ARCH} = "amd64" ] ; then + if [ ${ARCH} = "amd64" ] ; then dosym /usr/lib/libpt_linux_x86_64_r.so.${PV} /usr/lib/libpt.so else - dosym /usr/lib/libpt_linux_x86_r.so.${PV} /usr/lib/libpt.so + dosym /usr/lib/libpt_linux_${ARCH}_r.so.${PV} /usr/lib/libpt.so fi # strip ${S} stuff -- cgit v1.2.3-65-gdbad