[arch-commits] Commit in zint/trunk (3 files)
Balló György
bgyorgy at archlinux.org
Sun May 30 10:27:14 UTC 2021
Date: Sunday, May 30, 2021 @ 10:27:14
Author: bgyorgy
Revision: 950360
upgpkg: zint 2.9.1-2: Fix arbitrary code execution (CVE-2021-27799, FS#70051)
Added:
zint/trunk/prevent-buffer-overflow.patch
Modified:
zint/trunk/PKGBUILD
zint/trunk/zint-qt.appdata.xml
-------------------------------+
PKGBUILD | 55 +++++++++++---------
prevent-buffer-overflow.patch | 107 ++++++++++++++++++++++++++++++++++++++++
zint-qt.appdata.xml | 29 ++++++++--
3 files changed, 160 insertions(+), 31 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-05-30 09:34:28 UTC (rev 950359)
+++ PKGBUILD 2021-05-30 10:27:14 UTC (rev 950360)
@@ -3,43 +3,48 @@
pkgbase=zint
pkgname=(zint zint-qt)
pkgver=2.9.1
-pkgrel=1
-pkgdesc="Barcode encoding library supporting over 50 symbologies"
+pkgrel=2
+pkgdesc='Barcode encoding library supporting over 50 symbologies'
arch=('x86_64')
-url="http://zint.org.uk/"
-license=('GPL')
+url='http://zint.org.uk/'
+license=('GPL3')
depends=('hicolor-icon-theme' 'qt5-base')
-makedepends=('cmake' 'qt5-tools')
-source=("https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver-src.tar.gz"
- zint-qt.appdata.xml)
+makedepends=('cmake' 'ninja' 'qt5-tools')
+source=("https://downloads.sourceforge.net/$pkgbase/$pkgbase-$pkgver-src.tar.gz"
+ 'prevent-buffer-overflow.patch'
+ 'zint-qt.appdata.xml')
sha256sums=('bd286d863bc60d65a805ec3e46329c5273a13719724803b0ac02e5b5804c596a'
- '6c99514fb9079b6e6322b3b11fed5ff2c43cdcdd24c15e3cbf2663b884fc2f0c')
+ '59e6d31aadb8d9c586dc4f450afca8e799f8a1e2907872d7951f0c8455a85f7e'
+ '4286c7f56f0ea8fcf8dfa164b3a3fea08a02ad3b5111c6ac63c4d55134b67564')
+prepare() {
+ # Fix arbitrary code execution (CVE-2021-27799, FS#70051)
+ patch -d $pkgbase-$pkgver-src -Np1 -i ../prevent-buffer-overflow.patch
+}
+
build() {
- cd $pkgbase-$pkgver-src
- cmake -DCMAKE_INSTALL_PREFIX=/usr
- make
+ cmake -S $pkgbase-$pkgver-src -B build -G Ninja -DCMAKE_INSTALL_PREFIX=/usr
+ cmake --build build
}
package_zint() {
- depends=('libpng')
+ depends=('libpng')
- cd $pkgbase-$pkgver-src
- make DESTDIR="$pkgdir" install
+ DESTDIR="$pkgdir" cmake --install build
- rm "$pkgdir/usr/bin/zint-qt" \
- "$pkgdir/usr/include/qzint.h" \
- "$pkgdir/usr/lib/libQZint.so"*
+ rm "$pkgdir/usr/bin/zint-qt" \
+ "$pkgdir/usr/include/qzint.h" \
+ "$pkgdir/usr/lib/libQZint.so"*
}
package_zint-qt() {
- pkgdesc="Zint Barcode Studio GUI"
- depends=('hicolor-icon-theme' 'qt5-base' 'zint')
+ pkgdesc='Zint Barcode Studio GUI'
+ depends=('hicolor-icon-theme' 'qt5-base' 'zint')
- cd $pkgbase-$pkgver-src
- make -C backend_qt DESTDIR="$pkgdir" install
- make -C frontend_qt DESTDIR="$pkgdir" install
- install -Dm644 zint.png "$pkgdir/usr/share/icons/hicolor/48x48/apps/zint.png"
- install -Dm644 zint-qt.desktop "$pkgdir/usr/share/applications/zint-qt.desktop"
- install -Dm644 ../zint-qt.appdata.xml "$pkgdir/usr/share/metainfo/zint-qt.appdata.xml"
+ DESTDIR="$pkgdir" cmake --install build/backend_qt
+ DESTDIR="$pkgdir" cmake --install build/frontend_qt
+
+ install -Dm644 $pkgbase-$pkgver-src/zint.png "$pkgdir/usr/share/icons/hicolor/48x48/apps/zint.png"
+ install -Dm644 $pkgbase-$pkgver-src/zint-qt.desktop "$pkgdir/usr/share/applications/zint-qt.desktop"
+ install -Dm644 zint-qt.appdata.xml "$pkgdir/usr/share/metainfo/zint-qt.appdata.xml"
}
Added: prevent-buffer-overflow.patch
===================================================================
--- prevent-buffer-overflow.patch (rev 0)
+++ prevent-buffer-overflow.patch 2021-05-30 10:27:14 UTC (rev 950360)
@@ -0,0 +1,107 @@
+diff -Naur zint-2.9.1-src.orig/backend/composite.c zint-2.9.1-src/backend/composite.c
+--- zint-2.9.1-src.orig/backend/composite.c 2020-08-04 15:10:16.000000000 +0200
++++ zint-2.9.1-src/backend/composite.c 2021-05-30 12:12:34.021736406 +0200
+@@ -65,7 +65,7 @@
+
+ INTERNAL int eanx(struct zint_symbol *symbol, unsigned char source[], int length);
+ INTERNAL int ean_128(struct zint_symbol *symbol, unsigned char source[], const size_t length);
+-INTERNAL void ean_leading_zeroes(struct zint_symbol *symbol, unsigned char source[], unsigned char local_source[]);
++INTERNAL int ean_leading_zeroes(struct zint_symbol *symbol, unsigned char source[], unsigned char local_source[]);
+ INTERNAL int rss14(struct zint_symbol *symbol, unsigned char source[], int length);
+ INTERNAL int rsslimited(struct zint_symbol *symbol, unsigned char source[], int length);
+ INTERNAL int rssexpanded(struct zint_symbol *symbol, unsigned char source[], int length);
+@@ -1422,7 +1422,10 @@
+ int padded_pri_len;
+ char padded_pri[20];
+ padded_pri[0] = '\0';
+- ean_leading_zeroes(symbol, (unsigned char *) symbol->primary, (unsigned char *) padded_pri);
++ if (!ean_leading_zeroes(symbol, (unsigned char *) symbol->primary, (unsigned char *) padded_pri)) {
++ strcpy(symbol->errtxt, "448: Input wrong length in linear component");
++ return ZINT_ERROR_TOO_LONG;
++ }
+ padded_pri_len = strlen(padded_pri);
+ if (padded_pri_len <= 7) { /* EAN-8 */
+ cc_width = 3;
+diff -Naur zint-2.9.1-src.orig/backend/upcean.c zint-2.9.1-src/backend/upcean.c
+--- zint-2.9.1-src.orig/backend/upcean.c 2020-08-04 15:10:16.000000000 +0200
++++ zint-2.9.1-src/backend/upcean.c 2021-05-30 12:17:31.795044601 +0200
+@@ -125,7 +125,7 @@
+ /* Make a UPC A barcode when we haven't been given the check digit */
+ static int upca(struct zint_symbol *symbol, unsigned char source[], char dest[]) {
+ int length;
+- char gtin[15];
++ char gtin[13];
+
+ strcpy(gtin, (char*) source);
+ length = strlen(gtin);
+@@ -391,7 +391,7 @@
+ static int ean13(struct zint_symbol *symbol, unsigned char source[], char dest[]) {
+ unsigned int length, i, half_way;
+ char parity[6];
+- char gtin[15];
++ char gtin[14];
+
+ strcpy(parity, "");
+ strcpy(gtin, (char*) source);
+@@ -569,8 +569,8 @@
+ }
+
+ /* Add leading zeroes to EAN and UPC strings */
+-INTERNAL void ean_leading_zeroes(struct zint_symbol *symbol, unsigned char source[], unsigned char local_source[]) {
+- unsigned char first_part[20], second_part[20], zfirst_part[20], zsecond_part[20];
++INTERNAL int ean_leading_zeroes(struct zint_symbol *symbol, unsigned char source[], unsigned char local_source[]) {
++ unsigned char first_part[14], second_part[6], zfirst_part[14], zsecond_part[6];
+ int with_addon = 0;
+ int first_len = 0, second_len = 0, zfirst_len = 0, zsecond_len = 0, i, h;
+
+@@ -586,6 +586,9 @@
+ }
+ }
+ }
++ if (first_len > 13 || second_len > 5) {
++ return 0;
++ }
+
+ ustrcpy(first_part, (unsigned char *) "");
+ ustrcpy(second_part, (unsigned char *) "");
+@@ -598,9 +601,6 @@
+ first_part[i + 1] = '\0';
+ }
+
+- if (second_len >= 6) { /* Allow 6 (actual max 5) so as to trigger too long error */
+- second_len = 6;
+- }
+ for (i = 0; i < second_len; i++) {
+ second_part[i] = source[i + first_len + 1];
+ second_part[i + 1] = '\0';
+@@ -698,12 +698,13 @@
+ strcat((char*) local_source, "+");
+ strcat((char*) local_source, (char*) zsecond_part);
+ }
++
++ return 1; /* Success */
+ }
+
+-/* splits string to parts before and after '+' parts */
+ INTERNAL int eanx(struct zint_symbol *symbol, unsigned char source[], int src_len) {
+- unsigned char first_part[20] = {0}, second_part[7] = {0}, dest[1000] = {0};
+- unsigned char local_source[20] = {0};
++ unsigned char first_part[14] = {0}, second_part[6] = {0}, dest[1000] = {0};
++ unsigned char local_source[20] = {0}; /* Allow 13 + "+" + 5 + 1 */
+ unsigned int latch, reader, writer, with_addon;
+ int error_number, i, plus_count;
+ int addon_gap = 0;
+@@ -743,8 +744,11 @@
+ return ZINT_ERROR_INVALID_DATA;
+ }
+
+- /* Add leading zeroes */
+- ean_leading_zeroes(symbol, source, local_source);
++ /* Add leading zeroes, checking max lengths of parts */
++ if (!ean_leading_zeroes(symbol, source, local_source)) {
++ strcpy(symbol->errtxt, "294: Input too long");
++ return ZINT_ERROR_TOO_LONG;
++ }
+
+ for (reader = 0; reader < ustrlen(local_source); reader++) {
+ if (local_source[reader] == '+') {
Modified: zint-qt.appdata.xml
===================================================================
--- zint-qt.appdata.xml 2021-05-30 09:34:28 UTC (rev 950359)
+++ zint-qt.appdata.xml 2021-05-30 10:27:14 UTC (rev 950360)
@@ -1,7 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<component type="desktop-application">
- <id>org.zint.zint-qt</id>
- <launchable type="desktop-id">zint-qt.desktop</launchable>
+ <id>uk.org.zint.zint-qt</id>
<name>Zint Barcode Studio</name>
<summary>Barcode generator</summary>
<metadata_license>CC0-1.0</metadata_license>
@@ -12,18 +11,36 @@
</description>
<screenshots>
<screenshot type="default">
- <image>http://zint.org.uk/_images/manualImages/gui1.png</image>
+ <image>
+ https://sourceforge.net/p/zint/screenshot/zint_26_shap4.png
+ </image>
+ <caption>Create barcodes from any data</caption>
</screenshot>
<screenshot>
- <image>http://zint.org.uk/_images/manualImages/gui2.png</image>
+ <image>
+ https://sourceforge.net/p/zint/screenshot/zint_26_shap1.png
+ </image>
+ <caption>Add binding bars or boundary boxes</caption>
</screenshot>
<screenshot>
- <image>http://zint.org.uk/_images/manualImages/gui3.png</image>
+ <image>
+ https://sourceforge.net/p/zint/screenshot/zint_26_shap2.png
+ </image>
+ <caption>Create composite symbols from GS1 data</caption>
</screenshot>
<screenshot>
- <image>http://zint.org.uk/_images/manualImages/gui4.png</image>
+ <image>
+ https://sourceforge.net/p/zint/screenshot/zint_26_shap3.png
+ </image>
+ <caption>Create matrix symbols and specify symbol size</caption>
</screenshot>
</screenshots>
+
<url type="bugtracker">https://sourceforge.net/p/zint/tickets/</url>
<url type="homepage">http://zint.org.uk/</url>
+
+ <launchable type="desktop-id">zint-qt.desktop</launchable>
+
+ <content_rating type="oars-1.1" />
+
</component>
More information about the arch-commits
mailing list