diff options
author | Mike Frysinger <vapier@gentoo.org> | 2010-11-23 12:53:04 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2010-11-23 12:53:04 +0000 |
commit | c9ad8c5a870dfb529c44d2be8e066d5cdb7e8ad2 (patch) | |
tree | 2d853a126d1e9fdd9f41259b447dda50ea88913b /dev-games/hdl_dump | |
parent | Version bump (diff) | |
download | gentoo-2-c9ad8c5a870dfb529c44d2be8e066d5cdb7e8ad2.tar.gz gentoo-2-c9ad8c5a870dfb529c44d2be8e066d5cdb7e8ad2.tar.bz2 gentoo-2-c9ad8c5a870dfb529c44d2be8e066d5cdb7e8ad2.zip |
Fix buffer overflows #340145 by Diego Elio Pettenò.
(Portage version: 2.2.0_alpha4/cvs/Linux x86_64)
Diffstat (limited to 'dev-games/hdl_dump')
-rw-r--r-- | dev-games/hdl_dump/ChangeLog | 7 | ||||
-rw-r--r-- | dev-games/hdl_dump/files/hdl_dump-0.8.6.20060901-fortify.patch | 45 | ||||
-rw-r--r-- | dev-games/hdl_dump/hdl_dump-0.8.6.20060901.ebuild | 12 |
3 files changed, 58 insertions, 6 deletions
diff --git a/dev-games/hdl_dump/ChangeLog b/dev-games/hdl_dump/ChangeLog index ad65555567ce..6c473b5b3387 100644 --- a/dev-games/hdl_dump/ChangeLog +++ b/dev-games/hdl_dump/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for dev-games/hdl_dump # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-games/hdl_dump/ChangeLog,v 1.8 2010/05/20 00:39:16 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-games/hdl_dump/ChangeLog,v 1.9 2010/11/23 12:53:04 vapier Exp $ + + 23 Nov 2010; Mike Frysinger <vapier@gentoo.org> + hdl_dump-0.8.6.20060901.ebuild, + +files/hdl_dump-0.8.6.20060901-fortify.patch: + Fix buffer overflows #340145 by Diego Elio Pettenò. 20 May 2010; Mike Frysinger <vapier@gentoo.org> hdl_dump-0.8.6.20060901.ebuild: diff --git a/dev-games/hdl_dump/files/hdl_dump-0.8.6.20060901-fortify.patch b/dev-games/hdl_dump/files/hdl_dump-0.8.6.20060901-fortify.patch new file mode 100644 index 000000000000..96f85d4609af --- /dev/null +++ b/dev-games/hdl_dump/files/hdl_dump-0.8.6.20060901-fortify.patch @@ -0,0 +1,45 @@ +http://bugs.gentoo.org/340145 + +fix buffer overflows in path handling. these defines should only be used +with host paths, so bumping them up to a larger value should be fine. + +--- a/common.h ++++ b/common.h +@@ -35,7 +35,8 @@ + C_START + + #if !defined (MAX_PATH) +-# define MAX_PATH 128 ++/* This needs to be at least 256 bytes -- see iin_gi_probe_path */ ++# define MAX_PATH 1024 + #endif + + +--- a/osal.h ++++ b/osal.h +@@ -62,7 +62,8 @@ typedef struct + # define OSAL_HANDLE_INIT { -1 } /* file descriptor */ + # define OSAL_IS_OPENED(x) ((x).desc != -1) + +-# define MAX_PATH 256 ++/* This needs to be at least 256 bytes -- see iin_gi_probe_path */ ++# define MAX_PATH 1024 + + #endif + typedef /*@special@*/ /*@only@*/ /*@out@*/ osal_handle_t* osal_handle_p_t; + +the magic field is 32 bytes, so strcpy-ing 32 bytes will add a 33rd NUL char. +this isn't a problem in practice as the 33rd char is "unknown_0x02", but let's +fix the issue anyways. + +--- a/apa.c ++++ b/apa.c +@@ -1270,7 +1270,7 @@ apa_initialize_ex (hio_t *hio) + set_u32 (&header.length, 128 * 1024 * 2); + set_u16 (&header.type, 0x0001); + set_ps2fs_datetime (&header.created, time (NULL)); +- strcpy (header.mbr.magic, "Sony Computer Entertainment Inc."); ++ memcpy (header.mbr.magic, "Sony Computer Entertainment Inc.", 32); + header.mbr.unknown_0x02 = 0x02; + set_ps2fs_datetime (&header.mbr.created, time (NULL)); + set_u32 (&header.checksum, apa_partition_checksum (&header)); diff --git a/dev-games/hdl_dump/hdl_dump-0.8.6.20060901.ebuild b/dev-games/hdl_dump/hdl_dump-0.8.6.20060901.ebuild index 9e0880f7bef2..13aed3f1a7d1 100644 --- a/dev-games/hdl_dump/hdl_dump-0.8.6.20060901.ebuild +++ b/dev-games/hdl_dump/hdl_dump-0.8.6.20060901.ebuild @@ -1,9 +1,10 @@ # Copyright 1999-2010 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/dev-games/hdl_dump/hdl_dump-0.8.6.20060901.ebuild,v 1.4 2010/05/20 00:39:16 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-games/hdl_dump/hdl_dump-0.8.6.20060901.ebuild,v 1.5 2010/11/23 12:53:04 vapier Exp $ -EAPI=2 -inherit toolchain-funcs versionator +EAPI="2" + +inherit eutils toolchain-funcs versionator MY_PV=$(replace_version_separator 3 -) DESCRIPTION="game installer for playstation 2 HD Loader" @@ -18,14 +19,15 @@ IUSE="" S=${WORKDIR}/${PN} src_prepare() { + epatch "${FILESDIR}"/${P}-fortify.patch #340145 sed -i \ -e "s/-O0 -g/${CFLAGS}/" \ -e "s/@\$(CC)/$(tc-getCC)/" \ -e '/LDFLAGS =/d' \ - Makefile || die "sed failed" + Makefile || die } src_install() { - dobin hdl_dump || die "dobin failed" + dobin hdl_dump || die dodoc AUTHORS CHANGELOG README TODO } |