[arch-commits] Commit in elfutils/repos (8 files)
Laurent Carlier
lcarlier at nymeria.archlinux.org
Mon Apr 28 16:28:46 UTC 2014
Date: Monday, April 28, 2014 @ 18:28:46
Author: lcarlier
Revision: 211887
archrelease: copy trunk to extra-i686, extra-x86_64
Added:
elfutils/repos/extra-i686/CVE-2014-0172.patch
(from rev 211886, elfutils/trunk/CVE-2014-0172.patch)
elfutils/repos/extra-i686/PKGBUILD
(from rev 211886, elfutils/trunk/PKGBUILD)
elfutils/repos/extra-i686/fix-run-backtrace-native-core-test.patch
(from rev 211886, elfutils/trunk/fix-run-backtrace-native-core-test.patch)
elfutils/repos/extra-x86_64/CVE-2014-0172.patch
(from rev 211886, elfutils/trunk/CVE-2014-0172.patch)
elfutils/repos/extra-x86_64/PKGBUILD
(from rev 211886, elfutils/trunk/PKGBUILD)
elfutils/repos/extra-x86_64/fix-run-backtrace-native-core-test.patch
(from rev 211886, elfutils/trunk/fix-run-backtrace-native-core-test.patch)
Deleted:
elfutils/repos/extra-i686/CVE-2014-0172.patch
elfutils/repos/extra-x86_64/CVE-2014-0172.patch
-------------------------------------------------------+
extra-i686/CVE-2014-0172.patch | 37 ++++++++++
extra-i686/PKGBUILD | 54 ++++++++++++++++
extra-i686/fix-run-backtrace-native-core-test.patch | 43 ++++++++++++
extra-x86_64/CVE-2014-0172.patch | 37 ++++++++++
extra-x86_64/PKGBUILD | 54 ++++++++++++++++
extra-x86_64/fix-run-backtrace-native-core-test.patch | 43 ++++++++++++
6 files changed, 268 insertions(+)
Deleted: extra-i686/CVE-2014-0172.patch
===================================================================
Copied: elfutils/repos/extra-i686/CVE-2014-0172.patch (from rev 211886, elfutils/trunk/CVE-2014-0172.patch)
===================================================================
--- extra-i686/CVE-2014-0172.patch (rev 0)
+++ extra-i686/CVE-2014-0172.patch 2014-04-28 16:28:46 UTC (rev 211887)
@@ -0,0 +1,37 @@
+From 7f1eec317db79627b473c5b149a22a1b20d1f68f Mon Sep 17 00:00:00 2001
+From: Mark Wielaard <mjw at redhat.com>
+Date: Wed, 9 Apr 2014 11:33:23 +0200
+Subject: [PATCH] CVE-2014-0172 Check for overflow before calling malloc to
+ uncompress data.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1085663
+
+Reported-by: Florian Weimer <fweimer at redhat.com>
+Signed-off-by: Mark Wielaard <mjw at redhat.com>
+diff --git a/libdw/dwarf_begin_elf.c b/libdw/dwarf_begin_elf.c
+index 79daeac..34ea373 100644
+--- a/libdw/dwarf_begin_elf.c
++++ b/libdw/dwarf_begin_elf.c
+@@ -1,5 +1,5 @@
+ /* Create descriptor from ELF descriptor for processing file.
+- Copyright (C) 2002-2011 Red Hat, Inc.
++ Copyright (C) 2002-2011, 2014 Red Hat, Inc.
+ This file is part of elfutils.
+ Written by Ulrich Drepper <drepper at redhat.com>, 2002.
+
+@@ -282,6 +282,12 @@ check_section (Dwarf *result, GElf_Ehdr *ehdr, Elf_Scn *scn, bool inscngrp)
+ memcpy (&size, data->d_buf + 4, sizeof size);
+ size = be64toh (size);
+
++ /* Check for unsigned overflow so malloc always allocated
++ enough memory for both the Elf_Data header and the
++ uncompressed section data. */
++ if (unlikely (sizeof (Elf_Data) + size < size))
++ break;
++
+ Elf_Data *zdata = malloc (sizeof (Elf_Data) + size);
+ if (unlikely (zdata == NULL))
+ break;
+--
+1.9.2
+
Copied: elfutils/repos/extra-i686/PKGBUILD (from rev 211886, elfutils/trunk/PKGBUILD)
===================================================================
--- extra-i686/PKGBUILD (rev 0)
+++ extra-i686/PKGBUILD 2014-04-28 16:28:46 UTC (rev 211887)
@@ -0,0 +1,54 @@
+# $Id$
+# Maintainer: Stéphane Gaudreault <stephane at archlinux.org>
+# Contributor: Andrej Gelenberg <andrej.gelenberg at udo.edu>
+
+pkgname=elfutils
+pkgver=0.158
+pkgrel=2
+pkgdesc="Libraries and utilities to handle ELF object files and DWARF debugging information"
+arch=('i686' 'x86_64')
+url="https://fedorahosted.org/elfutils/"
+license=('LGPL3' 'GPL' 'GPL3')
+depends=('gcc-libs' 'zlib' 'bzip2' 'xz')
+provides=('libelf')
+replaces=('libelf')
+conflicts=('libelf')
+source=(https://fedorahosted.org/releases/e/l/elfutils/${pkgver}/elfutils-${pkgver}.tar.bz2{,.sig}
+ fix-run-backtrace-native-core-test.patch
+ CVE-2014-0172.patch)
+options=('staticlibs')
+sha1sums=('09adbbf0f3a35bb1bcb77c2eaa40de8d3443af4d'
+ 'SKIP'
+ '8ecef640f3d1229cdf45ffda016a69848c18e61b'
+ '3e776c07d6ca2c7604a384d266f79c3ece1fb179')
+
+prepare() {
+ cd ${pkgname}-${pkgver}
+
+ patch -Np1 -i ../fix-run-backtrace-native-core-test.patch
+ # merged upstream
+ patch -Np1 -i ../CVE-2014-0172.patch
+}
+
+build() {
+ cd ${pkgname}-${pkgver}
+
+ CFLAGS+=" -g" # required for test-suite success
+ ./configure --prefix=/usr --program-prefix="eu-"
+
+ make
+}
+
+check() {
+ cd ${pkgname}-${pkgver}
+
+ make check
+}
+
+package() {
+ cd ${pkgname}-${pkgver}
+
+ make DESTDIR="${pkgdir}" install
+
+ rm "${pkgdir}"/usr/lib/lib{asm,dw,elf}.a
+}
Copied: elfutils/repos/extra-i686/fix-run-backtrace-native-core-test.patch (from rev 211886, elfutils/trunk/fix-run-backtrace-native-core-test.patch)
===================================================================
--- extra-i686/fix-run-backtrace-native-core-test.patch (rev 0)
+++ extra-i686/fix-run-backtrace-native-core-test.patch 2014-04-28 16:28:46 UTC (rev 211887)
@@ -0,0 +1,43 @@
+From e922ec4e3bcd7c164a9ce424accac4394e7d5afd Mon Sep 17 00:00:00 2001
+From: Matthias Klose <doko at ubuntu.com>
+Date: Tue, 07 Jan 2014 09:25:29 +0000
+Subject: tests: backtrace-subr.sh (check_native_core) should check core file name.
+
+Needed when /proc/sys/kernel/core_uses_pid is set to 0. Try to rename
+the core file, and if it does still fail, skip the test.
+
+Signed-off-by: Mark Wielaard <mjw at redhat.com>
+---
+diff --git a/tests/ChangeLog b/tests/ChangeLog
+index 63b7bed..7e9dcf4 100644
+--- a/tests/ChangeLog
++++ b/tests/ChangeLog
+@@ -1,3 +1,9 @@
++2014-01-07 Matthias Klose <doko at ubuntu.com>
++
++ * backtrace-subr.sh (check_native_core): Check to see if core file
++ was created without ".PID" extension, if so mv core to core.PID.
++ Skip test if no core file was created or could be found.
++
+ 2014-01-04 Mark Wielaard <mjw at redhat.com>
+
+ * backtrace-data.c (main): Don't assert if raise returns.
+diff --git a/tests/backtrace-subr.sh b/tests/backtrace-subr.sh
+index e7ece91..62b873c 100644
+--- a/tests/backtrace-subr.sh
++++ b/tests/backtrace-subr.sh
+@@ -111,6 +111,11 @@ check_native_core()
+
+ # Skip the test if we cannot adjust core ulimit.
+ core="core.`ulimit -c unlimited || exit 77; set +ex; testrun ${abs_builddir}/$child --gencore; true`"
++ # see if /proc/sys/kernel/core_uses_pid is set to 0
++ if [ -f core ]; then
++ mv core "$core"
++ fi
++ if [ ! -f "$core" ]; then exit 77; fi
+
+ if [ "x$SAVED_VALGRIND_CMD" != "x" ]; then
+ VALGRIND_CMD="$SAVED_VALGRIND_CMD"
+--
+cgit v0.9.2
+
Deleted: extra-x86_64/CVE-2014-0172.patch
===================================================================
Copied: elfutils/repos/extra-x86_64/CVE-2014-0172.patch (from rev 211886, elfutils/trunk/CVE-2014-0172.patch)
===================================================================
--- extra-x86_64/CVE-2014-0172.patch (rev 0)
+++ extra-x86_64/CVE-2014-0172.patch 2014-04-28 16:28:46 UTC (rev 211887)
@@ -0,0 +1,37 @@
+From 7f1eec317db79627b473c5b149a22a1b20d1f68f Mon Sep 17 00:00:00 2001
+From: Mark Wielaard <mjw at redhat.com>
+Date: Wed, 9 Apr 2014 11:33:23 +0200
+Subject: [PATCH] CVE-2014-0172 Check for overflow before calling malloc to
+ uncompress data.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1085663
+
+Reported-by: Florian Weimer <fweimer at redhat.com>
+Signed-off-by: Mark Wielaard <mjw at redhat.com>
+diff --git a/libdw/dwarf_begin_elf.c b/libdw/dwarf_begin_elf.c
+index 79daeac..34ea373 100644
+--- a/libdw/dwarf_begin_elf.c
++++ b/libdw/dwarf_begin_elf.c
+@@ -1,5 +1,5 @@
+ /* Create descriptor from ELF descriptor for processing file.
+- Copyright (C) 2002-2011 Red Hat, Inc.
++ Copyright (C) 2002-2011, 2014 Red Hat, Inc.
+ This file is part of elfutils.
+ Written by Ulrich Drepper <drepper at redhat.com>, 2002.
+
+@@ -282,6 +282,12 @@ check_section (Dwarf *result, GElf_Ehdr *ehdr, Elf_Scn *scn, bool inscngrp)
+ memcpy (&size, data->d_buf + 4, sizeof size);
+ size = be64toh (size);
+
++ /* Check for unsigned overflow so malloc always allocated
++ enough memory for both the Elf_Data header and the
++ uncompressed section data. */
++ if (unlikely (sizeof (Elf_Data) + size < size))
++ break;
++
+ Elf_Data *zdata = malloc (sizeof (Elf_Data) + size);
+ if (unlikely (zdata == NULL))
+ break;
+--
+1.9.2
+
Copied: elfutils/repos/extra-x86_64/PKGBUILD (from rev 211886, elfutils/trunk/PKGBUILD)
===================================================================
--- extra-x86_64/PKGBUILD (rev 0)
+++ extra-x86_64/PKGBUILD 2014-04-28 16:28:46 UTC (rev 211887)
@@ -0,0 +1,54 @@
+# $Id$
+# Maintainer: Stéphane Gaudreault <stephane at archlinux.org>
+# Contributor: Andrej Gelenberg <andrej.gelenberg at udo.edu>
+
+pkgname=elfutils
+pkgver=0.158
+pkgrel=2
+pkgdesc="Libraries and utilities to handle ELF object files and DWARF debugging information"
+arch=('i686' 'x86_64')
+url="https://fedorahosted.org/elfutils/"
+license=('LGPL3' 'GPL' 'GPL3')
+depends=('gcc-libs' 'zlib' 'bzip2' 'xz')
+provides=('libelf')
+replaces=('libelf')
+conflicts=('libelf')
+source=(https://fedorahosted.org/releases/e/l/elfutils/${pkgver}/elfutils-${pkgver}.tar.bz2{,.sig}
+ fix-run-backtrace-native-core-test.patch
+ CVE-2014-0172.patch)
+options=('staticlibs')
+sha1sums=('09adbbf0f3a35bb1bcb77c2eaa40de8d3443af4d'
+ 'SKIP'
+ '8ecef640f3d1229cdf45ffda016a69848c18e61b'
+ '3e776c07d6ca2c7604a384d266f79c3ece1fb179')
+
+prepare() {
+ cd ${pkgname}-${pkgver}
+
+ patch -Np1 -i ../fix-run-backtrace-native-core-test.patch
+ # merged upstream
+ patch -Np1 -i ../CVE-2014-0172.patch
+}
+
+build() {
+ cd ${pkgname}-${pkgver}
+
+ CFLAGS+=" -g" # required for test-suite success
+ ./configure --prefix=/usr --program-prefix="eu-"
+
+ make
+}
+
+check() {
+ cd ${pkgname}-${pkgver}
+
+ make check
+}
+
+package() {
+ cd ${pkgname}-${pkgver}
+
+ make DESTDIR="${pkgdir}" install
+
+ rm "${pkgdir}"/usr/lib/lib{asm,dw,elf}.a
+}
Copied: elfutils/repos/extra-x86_64/fix-run-backtrace-native-core-test.patch (from rev 211886, elfutils/trunk/fix-run-backtrace-native-core-test.patch)
===================================================================
--- extra-x86_64/fix-run-backtrace-native-core-test.patch (rev 0)
+++ extra-x86_64/fix-run-backtrace-native-core-test.patch 2014-04-28 16:28:46 UTC (rev 211887)
@@ -0,0 +1,43 @@
+From e922ec4e3bcd7c164a9ce424accac4394e7d5afd Mon Sep 17 00:00:00 2001
+From: Matthias Klose <doko at ubuntu.com>
+Date: Tue, 07 Jan 2014 09:25:29 +0000
+Subject: tests: backtrace-subr.sh (check_native_core) should check core file name.
+
+Needed when /proc/sys/kernel/core_uses_pid is set to 0. Try to rename
+the core file, and if it does still fail, skip the test.
+
+Signed-off-by: Mark Wielaard <mjw at redhat.com>
+---
+diff --git a/tests/ChangeLog b/tests/ChangeLog
+index 63b7bed..7e9dcf4 100644
+--- a/tests/ChangeLog
++++ b/tests/ChangeLog
+@@ -1,3 +1,9 @@
++2014-01-07 Matthias Klose <doko at ubuntu.com>
++
++ * backtrace-subr.sh (check_native_core): Check to see if core file
++ was created without ".PID" extension, if so mv core to core.PID.
++ Skip test if no core file was created or could be found.
++
+ 2014-01-04 Mark Wielaard <mjw at redhat.com>
+
+ * backtrace-data.c (main): Don't assert if raise returns.
+diff --git a/tests/backtrace-subr.sh b/tests/backtrace-subr.sh
+index e7ece91..62b873c 100644
+--- a/tests/backtrace-subr.sh
++++ b/tests/backtrace-subr.sh
+@@ -111,6 +111,11 @@ check_native_core()
+
+ # Skip the test if we cannot adjust core ulimit.
+ core="core.`ulimit -c unlimited || exit 77; set +ex; testrun ${abs_builddir}/$child --gencore; true`"
++ # see if /proc/sys/kernel/core_uses_pid is set to 0
++ if [ -f core ]; then
++ mv core "$core"
++ fi
++ if [ ! -f "$core" ]; then exit 77; fi
+
+ if [ "x$SAVED_VALGRIND_CMD" != "x" ]; then
+ VALGRIND_CMD="$SAVED_VALGRIND_CMD"
+--
+cgit v0.9.2
+
More information about the arch-commits
mailing list