From 0001631411acdce8a01050c8ff0295825cca626c Mon Sep 17 00:00:00 2001 From: NP-Hardass Date: Tue, 10 May 2016 23:55:55 -0400 Subject: [PATCH] app-arch/libarchive: Revbump to 3.1.2-r5, resolves #582526 Package-Manager: portage-2.2.26 --- .../libarchive-3.1.2-CVE-2016-1541.patch | 67 ++++++++++ .../libarchive/libarchive-3.1.2-r5.ebuild | 122 ++++++++++++++++++ 2 files changed, 189 insertions(+) create mode 100644 app-arch/libarchive/files/libarchive-3.1.2-CVE-2016-1541.patch create mode 100644 app-arch/libarchive/libarchive-3.1.2-r5.ebuild diff --git a/app-arch/libarchive/files/libarchive-3.1.2-CVE-2016-1541.patch b/app-arch/libarchive/files/libarchive-3.1.2-CVE-2016-1541.patch new file mode 100644 index 0000000000000..63c6a74745627 --- /dev/null +++ b/app-arch/libarchive/files/libarchive-3.1.2-CVE-2016-1541.patch @@ -0,0 +1,67 @@ +From d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7 Mon Sep 17 00:00:00 2001 +From: Tim Kientzle +Date: Sun, 24 Apr 2016 17:13:45 -0700 +Subject: [PATCH] Issue #656: Fix CVE-2016-1541, VU#862384 + +When reading OS X metadata entries in Zip archives that were stored +without compression, libarchive would use the uncompressed entry size +to allocate a buffer but would use the compressed entry size to limit +the amount of data copied into that buffer. Since the compressed +and uncompressed sizes are provided by data in the archive itself, +an attacker could manipulate these values to write data beyond +the end of the allocated buffer. + +This fix provides three new checks to guard against such +manipulation and to make libarchive generally more robust when +handling this type of entry: + 1. If an OS X metadata entry is stored without compression, + abort the entire archive if the compressed and uncompressed + data sizes do not match. + 2. When sanity-checking the size of an OS X metadata entry, + abort this entry if either the compressed or uncompressed + size is larger than 4MB. + 3. When copying data into the allocated buffer, check the copy + size against both the compressed entry size and uncompressed + entry size. +--- + libarchive/archive_read_support_format_zip.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/libarchive/archive_read_support_format_zip.c b/libarchive/archive_read_support_format_zip.c +index 0f8262c..0a0be96 100644 +--- a/libarchive/archive_read_support_format_zip.c ++++ b/libarchive/archive_read_support_format_zip.c +@@ -2778,6 +2778,11 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry, + + switch(rsrc->compression) { + case 0: /* No compression. */ ++ if (rsrc->uncompressed_size != rsrc->compressed_size) { ++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, ++ "Malformed OS X metadata entry: inconsistent size"); ++ return (ARCHIVE_FATAL); ++ } + #ifdef HAVE_ZLIB_H + case 8: /* Deflate compression. */ + #endif +@@ -2798,6 +2803,12 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry, + (intmax_t)rsrc->uncompressed_size); + return (ARCHIVE_WARN); + } ++ if (rsrc->compressed_size > (4 * 1024 * 1024)) { ++ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, ++ "Mac metadata is too large: %jd > 4M bytes", ++ (intmax_t)rsrc->compressed_size); ++ return (ARCHIVE_WARN); ++ } + + metadata = malloc((size_t)rsrc->uncompressed_size); + if (metadata == NULL) { +@@ -2836,6 +2847,8 @@ zip_read_mac_metadata(struct archive_read *a, struct archive_entry *entry, + bytes_avail = remaining_bytes; + switch(rsrc->compression) { + case 0: /* No compression. */ ++ if ((size_t)bytes_avail > metadata_bytes) ++ bytes_avail = metadata_bytes; + memcpy(mp, p, bytes_avail); + bytes_used = (size_t)bytes_avail; + metadata_bytes -= bytes_used; diff --git a/app-arch/libarchive/libarchive-3.1.2-r5.ebuild b/app-arch/libarchive/libarchive-3.1.2-r5.ebuild new file mode 100644 index 0000000000000..f968413bd9743 --- /dev/null +++ b/app-arch/libarchive/libarchive-3.1.2-r5.ebuild @@ -0,0 +1,122 @@ +# Copyright 1999-2016 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +inherit autotools eutils multilib-minimal toolchain-funcs + +DESCRIPTION="BSD tar command" +HOMEPAGE="http://www.libarchive.org/" +SRC_URI="http://www.libarchive.org/downloads/${P}.tar.gz" + +LICENSE="BSD BSD-2 BSD-4 public-domain" +SLOT="0/13" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~x86-interix ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="acl +bzip2 +e2fsprogs expat +iconv kernel_linux libressl +lzma lzo nettle static-libs xattr +zlib" + +RDEPEND=" + !libressl? ( dev-libs/openssl:0=[${MULTILIB_USEDEP}] ) + libressl? ( dev-libs/libressl:0=[${MULTILIB_USEDEP}] ) + acl? ( virtual/acl[${MULTILIB_USEDEP}] ) + bzip2? ( app-arch/bzip2[${MULTILIB_USEDEP}] ) + expat? ( dev-libs/expat[${MULTILIB_USEDEP}] ) + !expat? ( dev-libs/libxml2[${MULTILIB_USEDEP}] ) + iconv? ( virtual/libiconv[${MULTILIB_USEDEP}] ) + kernel_linux? ( + xattr? ( sys-apps/attr[${MULTILIB_USEDEP}] ) + ) + lzma? ( app-arch/xz-utils[${MULTILIB_USEDEP}] ) + lzo? ( >=dev-libs/lzo-2[${MULTILIB_USEDEP}] ) + nettle? ( dev-libs/nettle:0=[${MULTILIB_USEDEP}] ) + zlib? ( sys-libs/zlib[${MULTILIB_USEDEP}] )" +DEPEND="${RDEPEND} + kernel_linux? ( + virtual/os-headers + e2fsprogs? ( sys-fs/e2fsprogs ) + )" + +DOCS=( NEWS README ) + +src_prepare() { + epatch "${FILESDIR}"/${P}-CVE-2013-0211.patch + epatch "${FILESDIR}"/${P}-outofsource.patch + epatch "${FILESDIR}"/${P}-CVE-2016-1541.patch + eautoreconf +} + +multilib_src_configure() { + export ac_cv_header_ext2fs_ext2_fs_h=$(usex e2fsprogs) #354923 + + local myconf=() + myconf=( + $(use_enable static-libs static) + $(use_enable xattr) + $(use_enable acl) + $(use_with zlib) + $(use_with bzip2 bz2lib) + $(use_with iconv) + $(use_with lzma) + $(use_with lzo lzo2) + $(use_with nettle) + $(use_with !expat xml2) + $(use_with expat) + ) + if multilib_is_native_abi ; then myconf+=( + --enable-bsdtar=$(tc-is-static-only && echo static || echo shared) + --enable-bsdcpio=$(tc-is-static-only && echo static || echo shared) + ); else myconf+=( + --disable-bsdtar + --disable-bsdcpio + ); fi + + # We disable lzmadec because we support the newer liblzma from xz-utils + # and not liblzmadec with this version. + myconf+=( + --without-lzmadec + ) + + ECONF_SOURCE="${S}" econf "${myconf[@]}" +} + +multilib_src_compile() { + if multilib_is_native_abi ; then + emake + else + emake libarchive.la + fi +} + +multilib_src_test() { + # Replace the default src_test so that it builds tests in parallel + multilib_is_native_abi && emake check +} + +multilib_src_install() { + if multilib_is_native_abi ; then + emake DESTDIR="${D}" install + + # Libs.private: should be used from libarchive.pc instead + prune_libtool_files + + # Create tar symlink for FreeBSD + if ! use prefix && [[ ${CHOST} == *-freebsd* ]]; then + dosym bsdtar /usr/bin/tar + echo '.so bsdtar.1' > "${T}"/tar.1 + doman "${T}"/tar.1 + # We may wish to switch to symlink bsdcpio to cpio too one day + fi + else + emake DESTDIR="${D}" \ + install-includeHEADERS \ + install-libLTLIBRARIES \ + install-pkgconfigDATA + + # Libs.private: should be used from libarchive.pc instead + prune_libtool_files + fi +} + +multilib_src_install_all() { + cd "${S}" || die + dodoc "${DOCS[@]}" +}