summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPatrice Clement <monsieurp@gentoo.org>2018-04-04 22:34:21 +0200
committerPatrice Clement <monsieurp@gentoo.org>2018-04-04 22:35:17 +0200
commit5945809cd0c40e44313891742b0b61f90eecbfb8 (patch)
tree3a1444b88ac4442d7111f3f64848bb880a24baf5 /app-misc
parentmedia-gfx/darktable: version bump, bug #652398 (diff)
downloadgentoo-5945809cd0c40e44313891742b0b61f90eecbfb8.tar.gz
gentoo-5945809cd0c40e44313891742b0b61f90eecbfb8.tar.bz2
gentoo-5945809cd0c40e44313891742b0b61f90eecbfb8.zip
app-misc/beep: patch against CVE-2018-0292.
Bug: https://bugs.gentoo.org/652330 See-Also: https://github.com/johnath/beep/issues/11 Package-Manager: Portage-2.3.19, Repoman-2.3.6
Diffstat (limited to 'app-misc')
-rw-r--r--app-misc/beep/beep-1.3-r3.ebuild37
-rw-r--r--app-misc/beep/files/beep-1.3-CVE-2018-0492.patch106
2 files changed, 143 insertions, 0 deletions
diff --git a/app-misc/beep/beep-1.3-r3.ebuild b/app-misc/beep/beep-1.3-r3.ebuild
new file mode 100644
index 000000000000..1b0a27d17f45
--- /dev/null
+++ b/app-misc/beep/beep-1.3-r3.ebuild
@@ -0,0 +1,37 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit toolchain-funcs
+
+DESCRIPTION="The advanced PC speaker beeper"
+HOMEPAGE="http://www.johnath.com/beep"
+SRC_URI="http://www.johnath.com/beep/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~ppc ~ppc64 ~sparc ~x86"
+IUSE="suid"
+
+PATCHES=(
+ "${FILESDIR}/${P}-Makefile.patch"
+ "${FILESDIR}/${P}-CVE-2018-0492.patch"
+)
+
+pkg_setup() {
+ tc-export CC
+}
+
+src_install() {
+ dobin beep
+ if use suid; then
+ fowners :audio /usr/bin/beep
+ fperms 4710 /usr/bin/beep
+ else
+ fperms 0711 /usr/bin/beep
+ fi
+ unpack "./${PN}.1.gz"
+ doman "${PN}.1"
+ einstalldocs
+}
diff --git a/app-misc/beep/files/beep-1.3-CVE-2018-0492.patch b/app-misc/beep/files/beep-1.3-CVE-2018-0492.patch
new file mode 100644
index 000000000000..f4894b51fc81
--- /dev/null
+++ b/app-misc/beep/files/beep-1.3-CVE-2018-0492.patch
@@ -0,0 +1,106 @@
+diff --git a/beep.c b/beep.c
+index 7da2e70..4323d31 100644
+--- beep.c
++++ beep.c
+@@ -109,6 +109,7 @@ void do_beep(int freq) {
+ /* BEEP_TYPE_EVDEV */
+ struct input_event e;
+
++ memset(&e, 0, sizeof(e));
+ e.type = EV_SND;
+ e.code = SND_TONE;
+ e.value = freq;
+@@ -124,10 +125,6 @@ void do_beep(int freq) {
+ /* If we get interrupted, it would be nice to not leave the speaker beeping in
+ perpetuity. */
+ void handle_signal(int signum) {
+-
+- if(console_device)
+- free(console_device);
+-
+ switch(signum) {
+ case SIGINT:
+ case SIGTERM:
+@@ -257,7 +254,7 @@ void parse_command_line(int argc, char **argv, beep_parms_t *result) {
+ result->verbose = 1;
+ break;
+ case 'e' : /* also --device */
+- console_device = strdup(optarg);
++ console_device = optarg;
+ break;
+ case 'h' : /* notice that this is also --help */
+ default :
+@@ -276,26 +273,6 @@ void play_beep(beep_parms_t parms) {
+ "%d delay after) @ %.2f Hz\n",
+ parms.reps, parms.length, parms.delay, parms.end_delay, parms.freq);
+
+- /* try to snag the console */
+- if(console_device)
+- console_fd = open(console_device, O_WRONLY);
+- else
+- if((console_fd = open("/dev/tty0", O_WRONLY)) == -1)
+- console_fd = open("/dev/vc/0", O_WRONLY);
+-
+- if(console_fd == -1) {
+- fprintf(stderr, "Could not open %s for writing\n",
+- console_device != NULL ? console_device : "/dev/tty0 or /dev/vc/0");
+- printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */
+- perror("open");
+- exit(1);
+- }
+-
+- if (ioctl(console_fd, EVIOCGSND(0)) != -1)
+- console_type = BEEP_TYPE_EVDEV;
+- else
+- console_type = BEEP_TYPE_CONSOLE;
+-
+ /* Beep */
+ for (i = 0; i < parms.reps; i++) { /* start beep */
+ do_beep(parms.freq);
+@@ -305,8 +282,6 @@ void play_beep(beep_parms_t parms) {
+ if(parms.end_delay || (i+1 < parms.reps))
+ usleep(1000*parms.delay); /* wait... */
+ } /* repeat. */
+-
+- close(console_fd);
+ }
+
+
+@@ -328,6 +303,26 @@ int main(int argc, char **argv) {
+ signal(SIGTERM, handle_signal);
+ parse_command_line(argc, argv, parms);
+
++ /* try to snag the console */
++ if(console_device)
++ console_fd = open(console_device, O_WRONLY);
++ else
++ if((console_fd = open("/dev/tty0", O_WRONLY)) == -1)
++ console_fd = open("/dev/vc/0", O_WRONLY);
++
++ if(console_fd == -1) {
++ fprintf(stderr, "Could not open %s for writing\n",
++ console_device != NULL ? console_device : "/dev/tty0 or /dev/vc/0");
++ printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */
++ perror("open");
++ exit(1);
++ }
++
++ if (ioctl(console_fd, EVIOCGSND(0)) != -1)
++ console_type = BEEP_TYPE_EVDEV;
++ else
++ console_type = BEEP_TYPE_CONSOLE;
++
+ /* this outermost while loop handles the possibility that -n/--new has been
+ used, i.e. that we have multiple beeps specified. Each iteration will
+ play, then free() one parms instance. */
+@@ -365,8 +360,8 @@ int main(int argc, char **argv) {
+ parms = next;
+ }
+
+- if(console_device)
+- free(console_device);
++ close(console_fd);
++ console_fd = -1;
+
+ return EXIT_SUCCESS;
+ }