diff options
| author |   Robert Buchholz <rbu@gentoo.org> | 2008-10-04 18:57:18 +0000 |
|---|---|---|
| committer | Robert Buchholz <rbu@gentoo.org> | 2008-10-04 18:57:18 +0000 |
| commit | fd21736491fb436fd5ce292570b8b0dbe2af6f30 (patch) | |
| tree | aa36efa33094f66497b0deecc7a0e991b9b2f134 /dev-util/yacc | |
| parent | fix bug #216403 (diff) | |
| download | gentoo-2-fd21736491fb436fd5ce292570b8b0dbe2af6f30.tar.gz gentoo-2-fd21736491fb436fd5ce292570b8b0dbe2af6f30.tar.bz2 gentoo-2-fd21736491fb436fd5ce292570b8b0dbe2af6f30.zip | |
Fix stack access error (security bug #232005).
(Portage version: 2.2_rc11/cvs/Linux 2.6.25-gentoo-r6 x86_64)
Diffstat (limited to 'dev-util/yacc')
| -rw-r--r-- | dev-util/yacc/ChangeLog | 10 | ||||
| -rw-r--r-- | dev-util/yacc/files/yacc-1.9.1-CVE-2008-3196.patch | 33 | ||||
| -rw-r--r-- | dev-util/yacc/yacc-1.9.1-r4.ebuild | 62 |
3 files changed, 103 insertions, 2 deletions
diff --git a/dev-util/yacc/ChangeLog b/dev-util/yacc/ChangeLog index e25bca921db9..0e2ade6099ed 100644 --- a/dev-util/yacc/ChangeLog +++ b/dev-util/yacc/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for dev-util/yacc -# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-util/yacc/ChangeLog,v 1.18 2007/05/15 09:10:31 bangert Exp $ +# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/dev-util/yacc/ChangeLog,v 1.19 2008/10/04 18:57:18 rbu Exp $ + +*yacc-1.9.1-r4 (04 Oct 2008) + + 04 Oct 2008; Robert Buchholz <rbu@gentoo.org> + +files/yacc-1.9.1-CVE-2008-3196.patch, +yacc-1.9.1-r4.ebuild: + Fix stack access error (security bug #232005). 14 May 2007; Thilo Bangert <bangert@gentoo.org> metadata.xml: add <herd>no-herd</herd> diff --git a/dev-util/yacc/files/yacc-1.9.1-CVE-2008-3196.patch b/dev-util/yacc/files/yacc-1.9.1-CVE-2008-3196.patch new file mode 100644 index 000000000000..2fbb83cfc6b1 --- /dev/null +++ b/dev-util/yacc/files/yacc-1.9.1-CVE-2008-3196.patch @@ -0,0 +1,33 @@ +Tue Jul 8 15:06:50 2008 UTC by otto + +Fix an venerable bug: if we're reducing a rule that has an empty +right hand side and the yacc stackpointer is pointing at the very +end of the allocated stack, we end up accessing the stack out of +bounds by the implicit $$ = $1 action. Detected by my new malloc, +experienced by sturm@ on sparc64; ok deraadt@ + + +Index: yacc-1.9.1/skeleton.c +=================================================================== +--- yacc-1.9.1.orig/skeleton.c ++++ yacc-1.9.1/skeleton.c +@@ -18,6 +18,7 @@ char *banner[] = + "/*static char yysccsid[] = \"from: @(#)yaccpar 1.9 (Berkeley) 02/21/93\";*/", + "static char yyrcsid[] = \"$Id: yacc-1.9.1-CVE-2008-3196.patch,v 1.1 2008/10/04 18:57:18 rbu Exp $\";", + "#endif", ++ "#include <string.h>", + "#define YYBYACC 1", + "#define YYMAJOR 1", + "#define YYMINOR 9", +@@ -226,7 +227,10 @@ char *body[] = + " YYPREFIX, yystate, yyn, yyrule[yyn]);", + "#endif", + " yym = yylen[yyn];", +- " yyval = yyvsp[1-yym];", ++ " if (yym)", ++ " yyval = yyvsp[1-yym];", ++ " else", ++ " memset(&yyval, 0, sizeof yyval);", + " switch (yyn)", + " {", + 0 diff --git a/dev-util/yacc/yacc-1.9.1-r4.ebuild b/dev-util/yacc/yacc-1.9.1-r4.ebuild new file mode 100644 index 000000000000..39df10424cc7 --- /dev/null +++ b/dev-util/yacc/yacc-1.9.1-r4.ebuild @@ -0,0 +1,62 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-util/yacc/yacc-1.9.1-r4.ebuild,v 1.1 2008/10/04 18:57:18 rbu Exp $ + +inherit eutils toolchain-funcs + +DESCRIPTION="Yacc: Yet Another Compiler-Compiler" +HOMEPAGE="http://dinosaur.compilertools.net/#yacc" +SRC_URI="ftp://metalab.unc.edu/pub/Linux/devel/compiler-tools/${P}.tar.Z" + +LICENSE="as-is" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="" + +DEPEND="" + +src_unpack() { + unpack ${A} + cd "${S}" + + # Use our CFLAGS + sed -i -e 's: -O : $(CFLAGS) :' Makefile || die 'sed failed' + + # mkstemp patch from byacc ebuild + epatch "${FILESDIR}"/mkstemp.patch + + # The following patch fixes yacc to run correctly on ia64 (and + # other 64-bit arches). See bug 46233 + epatch "${FILESDIR}"/${P}-ia64.patch + + # avoid stack access error, bug 232005 + epatch "${FILESDIR}"/${P}-CVE-2008-3196.patch +} + +src_compile() { + make clean || die + emake -j1 CC="$(tc-getCC)" CFLAGS="${CFLAGS}" || die +} + +src_install() { + dobin yacc || die + doman yacc.1 + dodoc 00README* ACKNOWLEDGEMENTS NEW_FEATURES NO_WARRANTY NOTES README* +} + +pkg_preinst() { + # bison installs a /usr/bin/yacc symlink ... + # we need to remove it to avoid triggering + # collision-protect errors #90089 + if [[ -L ${ROOT}/usr/bin/yacc ]] ; then + rm -f "${ROOT}"/usr/bin/yacc + fi +} + +pkg_postrm() { + # and if we uninstall yacc but keep bison, + # lets restore the /usr/bin/yacc symlink + if [[ ! -e ${ROOT}/usr/bin/yacc ]] && [[ -e ${ROOT}/usr/bin/yacc.bison ]] ; then + ln -s yacc.bison "${ROOT}"/usr/bin/yacc + fi +} |