diff options
author | Pacho Ramos <pacho@gentoo.org> | 2022-12-04 22:16:56 +0100 |
---|---|---|
committer | Pacho Ramos <pacho@gentoo.org> | 2022-12-04 22:23:20 +0100 |
commit | 6975aded48ce0b855445ead7203905795daee608 (patch) | |
tree | b9a7c9364c532d5509c235061137788b43b50548 /games-arcade/supertux | |
parent | dev-ml/ocplib-simplex: add github upstream metadata (diff) | |
download | gentoo-6975aded48ce0b855445ead7203905795daee608.tar.gz gentoo-6975aded48ce0b855445ead7203905795daee608.tar.bz2 gentoo-6975aded48ce0b855445ead7203905795daee608.zip |
games-arcade/supertux: Fix CVE-2021-41556
Bug: https://bugs.gentoo.org/843008
Signed-off-by: Pacho Ramos <pacho@gentoo.org>
Diffstat (limited to 'games-arcade/supertux')
-rw-r--r-- | games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch | 36 | ||||
-rw-r--r-- | games-arcade/supertux/supertux-0.6.3-r2.ebuild | 64 |
2 files changed, 100 insertions, 0 deletions
diff --git a/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch b/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch new file mode 100644 index 000000000000..a63e7a6c4e69 --- /dev/null +++ b/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch @@ -0,0 +1,36 @@ +From 23a0620658714b996d20da3d4dd1a0dcf9b0bd98 Mon Sep 17 00:00:00 2001 +From: albertodemichelis <alberto@qnsoftware.com> +Date: Thu, 16 Sep 2021 22:36:53 +0800 +Subject: [PATCH] check max member count in class + +--- + squirrel/sqclass.cpp | 3 +++ + squirrel/sqclass.h | 1 + + 2 files changed, 4 insertions(+) + +diff --git a/squirrel/sqclass.cpp b/squirrel/sqclass.cpp +index fc619616..53a29763 100644 +--- a/external/squirrel/squirrel/sqclass.cpp ++++ b/external/squirrel/squirrel/sqclass.cpp +@@ -61,6 +61,9 @@ bool SQClass::NewSlot(SQSharedState *ss,const SQObjectPtr &key,const SQObjectPtr + _defaultvalues[_member_idx(temp)].val = val; + return true; + } ++ if (_members->CountUsed() >= MEMBER_MAX_COUNT) { ++ return false; ++ } + if(belongs_to_static_table) { + SQInteger mmidx; + if((sq_type(val) == OT_CLOSURE || sq_type(val) == OT_NATIVECLOSURE) && +diff --git a/squirrel/sqclass.h b/squirrel/sqclass.h +index 7d402172..60d3d21b 100644 +--- a/external/squirrel/squirrel/sqclass.h ++++ b/external/squirrel/squirrel/sqclass.h +@@ -17,6 +17,7 @@ typedef sqvector<SQClassMember> SQClassMemberVec; + + #define MEMBER_TYPE_METHOD 0x01000000 + #define MEMBER_TYPE_FIELD 0x02000000 ++#define MEMBER_MAX_COUNT 0x00FFFFFF + + #define _ismethod(o) (_integer(o)&MEMBER_TYPE_METHOD) + #define _isfield(o) (_integer(o)&MEMBER_TYPE_FIELD) diff --git a/games-arcade/supertux/supertux-0.6.3-r2.ebuild b/games-arcade/supertux/supertux-0.6.3-r2.ebuild new file mode 100644 index 000000000000..2126e741ddad --- /dev/null +++ b/games-arcade/supertux/supertux-0.6.3-r2.ebuild @@ -0,0 +1,64 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +#: ${CMAKE_MAKEFILE_GENERATOR:=emake} +inherit cmake + +MY_PV="${PV/_rc/-rc.}" +MY_P="SuperTux-v${MY_PV}-Source" + +DESCRIPTION="A game similar to Super Mario Bros" +HOMEPAGE="https://www.supertux.org" +SRC_URI="https://github.com/SuperTux/${PN}/releases/download/v${MY_PV}/${MY_P}.tar.gz" +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-2+ GPL-3+ ZLIB MIT CC-BY-SA-2.0 CC-BY-SA-3.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="debug" + +# =media-libs/libsdl2-2.0.14-r0 can cause supertux binary to move entire +# content of ${HOME} to ${HOME}/.local/share/supertux2/ +# DO NOT REMOVE THIS BLOCKER!!! See bug #764959 +RDEPEND=" + !=media-libs/libsdl2-2.0.14-r0 + >=dev-games/physfs-3.0 + dev-libs/boost:=[nls] + media-libs/freetype + media-libs/glew:= + media-libs/libpng:0= + >=media-libs/libsdl2-2.0.1[joystick,video] + media-libs/libvorbis + media-libs/openal + >=media-libs/sdl2-image-2.0.0[png,jpeg] + >=net-misc/curl-7.21.7 + virtual/opengl +" +DEPEND="${RDEPEND} + media-libs/glm" +BDEPEND=" + virtual/pkgconfig +" + +PATCHES=( + "${FILESDIR}"/${PN}-0.5.0-tinygettext.patch + "${FILESDIR}"/${PN}-0.6.0-{license,icon,obstack}.patch + "${FILESDIR}"/${PN}-0.6.3-missing-include.patch + "${FILESDIR}"/${PN}-0.6.3-squirrel-CVE-2021-41556.patch + "${FILESDIR}"/${PN}-0.6.3-squirrel-CVE-2022-30292.patch +) + +src_configure() { + local mycmakeargs=( + -DWERROR=OFF + -DINSTALL_SUBDIR_BIN=bin + -DINSTALL_SUBDIR_DOC=share/doc/${PF} + -DINSTALL_SUBDIR_SHARE=share/${PN}2 + -DENABLE_SQDBG="$(usex debug)" + -DUSE_SYSTEM_PHYSFS=ON + -DIS_SUPERTUX_RELEASE=ON + ) + cmake_src_configure +} |