diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2021-04-28 20:21:43 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2021-04-28 20:21:43 +0100 |
| commit | 40aaaa64e86ba6710bbeb31c4615a6ce80e75e11 (patch) | |
| tree | 758c221bad35c9288d0bd6df9c7dfc226728e52c /app-arch/upx | |
| parent | 8d5dbd847cbc704a6a06405856e94b461011afe3 (diff) | |
gentoo resync : 28.04.2021
Diffstat (limited to 'app-arch/upx')
| -rw-r--r-- | app-arch/upx/Manifest | 3 | ||||
| -rw-r--r-- | app-arch/upx/files/upx-3.96_CVE-2021-20285.patch | 76 | ||||
| -rw-r--r-- | app-arch/upx/upx-3.96-r1.ebuild (renamed from app-arch/upx/upx-3.96.ebuild) | 6 |
3 files changed, 83 insertions, 2 deletions
diff --git a/app-arch/upx/Manifest b/app-arch/upx/Manifest index 6e16694059fa..f6ef79daac62 100644 --- a/app-arch/upx/Manifest +++ b/app-arch/upx/Manifest @@ -1,3 +1,4 @@ +AUX upx-3.96_CVE-2021-20285.patch 4481 BLAKE2B 345bce505a045c53b48dad3102f52588ceb7f2736cdbeab31ed5f65a5cf5a5344cb9ca700cfc3d7fac2569a91f454a652a676c83aafb1be884b0fae229d3afae SHA512 f596f13634eb2173f4c549d41387bdb6785501afb7d3a68d70f90dcdbadc615e95de024e1810af2b3663137692a7322d32a290357e0f7a96ca2acf51228b0abc DIST upx-3.96-src.tar.xz 792524 BLAKE2B 21af85dbcfdd1bf0151a653c865db13c9f30b9de0b9b4b94557ddd55736c7053dd829c5d72b9a7e5aa94a71ecc0151145dd66d7d98ded178c50ff7357d0ba442 SHA512 2d4d1be21d274d9bfdee9b9815396f5e5ff0bcdfb781b7be5fafa4d1e224028e412ec5f5ba607c482671aae27ccf9069abb2db0fb58f78f3a102a51897df2b11 -EBUILD upx-3.96.ebuild 810 BLAKE2B a7c7fabd58c3b527f48b7a6905032150aed66eea7efbfd5e07938367d0bd61dadf2f55924252bfbb2bcc1867af40ef7a55e46113ee2651695343dc6ffea8fb1a SHA512 221f0fc937505130b3c1d0014fd0236e2fbff597a0e2a1d19bb8b4a0dc5141800d50013f352f49b64599b106b6b0825b214854cbaaf181c4943364f79aaa66b1 +EBUILD upx-3.96-r1.ebuild 864 BLAKE2B 227dd8b0cc3d09522229cfeecf0f1c4a864d66aa558b0d7ac5589bef470cad6e0dd3db0e53006ce870bc127704f10a823af4c284943516e76173081f40ce36da SHA512 b83bba2a294a4f79d412e18319d5b3985ae1107cecf7b742a3e0a9672a8df38a53c51266c22327b01c2b205253775eab538c333b5ac057ca2c18b03e41eb02e4 MISC metadata.xml 478 BLAKE2B c0d96932b628c0448fbdc1756445798bb382ea120b499a2bc2c9320b392730835e5bad5785ef719f5a95d381f3768e7bf2d7f4dbce76d8993052ac9a761f422d SHA512 5bd0548fcf13bbd34c5fc97bd139a6b1398bbc99db984cd730188280fc490864cf704858c132e0154b0681eca5a26a93fa0eeb029d5760fcf17d83be2d83d51d diff --git a/app-arch/upx/files/upx-3.96_CVE-2021-20285.patch b/app-arch/upx/files/upx-3.96_CVE-2021-20285.patch new file mode 100644 index 000000000000..1d47b2a8bb67 --- /dev/null +++ b/app-arch/upx/files/upx-3.96_CVE-2021-20285.patch @@ -0,0 +1,76 @@ +From 3781df9da23840e596d5e9e8493f22666802fe6c Mon Sep 17 00:00:00 2001 +From: John Reiser <jreiser@BitWagon.com> +Date: Fri, 11 Dec 2020 13:38:18 -0800 +Subject: [PATCH] Check DT_REL/DT_RELA, DT_RELSZ/DT_RELASZ + +https://github.com/upx/upx/issues/421 + modified: p_lx_elf.cpp +--- + src/p_lx_elf.cpp | 34 +++++++++++++++++++++++++++++----- + 1 file changed, 29 insertions(+), 5 deletions(-) + +diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp +index 182db192..3a4101cf 100644 +--- a/src/p_lx_elf.cpp ++++ b/src/p_lx_elf.cpp +@@ -2222,8 +2222,20 @@ bool PackLinuxElf32::canPack() + int z_rsz = dt_table[Elf32_Dyn::DT_RELSZ]; + if (z_rel && z_rsz) { + unsigned rel_off = get_te32(&dynseg[-1+ z_rel].d_val); ++ if ((unsigned)file_size <= rel_off) { ++ char msg[70]; snprintf(msg, sizeof(msg), ++ "bad Elf32_Dynamic[DT_REL] %#x\n", ++ rel_off); ++ throwCantPack(msg); ++ } + Elf32_Rel *rp = (Elf32_Rel *)&file_image[rel_off]; + unsigned relsz = get_te32(&dynseg[-1+ z_rsz].d_val); ++ if ((unsigned)file_size <= relsz) { ++ char msg[70]; snprintf(msg, sizeof(msg), ++ "bad Elf32_Dynamic[DT_RELSZ] %#x\n", ++ relsz); ++ throwCantPack(msg); ++ } + Elf32_Rel *last = (Elf32_Rel *)(relsz + (char *)rp); + for (; rp < last; ++rp) { + unsigned r_va = get_te32(&rp->r_offset); +@@ -2562,14 +2574,26 @@ PackLinuxElf64::canPack() + int z_rel = dt_table[Elf64_Dyn::DT_RELA]; + int z_rsz = dt_table[Elf64_Dyn::DT_RELASZ]; + if (z_rel && z_rsz) { +- unsigned rel_off = get_te64(&dynseg[-1+ z_rel].d_val); ++ upx_uint64_t rel_off = get_te64(&dynseg[-1+ z_rel].d_val); ++ if ((u64_t)file_size <= rel_off) { ++ char msg[70]; snprintf(msg, sizeof(msg), ++ "bad Elf64_Dynamic[DT_RELA] %#llx\n", ++ rel_off); ++ throwCantPack(msg); ++ } + Elf64_Rela *rp = (Elf64_Rela *)&file_image[rel_off]; +- unsigned relsz = get_te64(&dynseg[-1+ z_rsz].d_val); ++ upx_uint64_t relsz = get_te64(&dynseg[-1+ z_rsz].d_val); ++ if ((u64_t)file_size <= relsz) { ++ char msg[70]; snprintf(msg, sizeof(msg), ++ "bad Elf64_Dynamic[DT_RELASZ] %#llx\n", ++ relsz); ++ throwCantPack(msg); ++ } + Elf64_Rela *last = (Elf64_Rela *)(relsz + (char *)rp); + for (; rp < last; ++rp) { +- unsigned r_va = get_te64(&rp->r_offset); ++ upx_uint64_t r_va = get_te64(&rp->r_offset); + if (r_va == user_init_ava) { // found the Elf64_Rela +- unsigned r_info = get_te64(&rp->r_info); ++ upx_uint64_t r_info = get_te64(&rp->r_info); + unsigned r_type = ELF64_R_TYPE(r_info); + if (Elf64_Ehdr::EM_AARCH64 == e_machine + && R_AARCH64_RELATIVE == r_type) { +@@ -2581,7 +2605,7 @@ PackLinuxElf64::canPack() + } + else { + char msg[50]; snprintf(msg, sizeof(msg), +- "bad relocation %#x DT_INIT_ARRAY[0]", ++ "bad relocation %#llx DT_INIT_ARRAY[0]", + r_info); + throwCantPack(msg); + } diff --git a/app-arch/upx/upx-3.96.ebuild b/app-arch/upx/upx-3.96-r1.ebuild index c9a668ebacec..26a73f6191a8 100644 --- a/app-arch/upx/upx-3.96.ebuild +++ b/app-arch/upx/upx-3.96-r1.ebuild @@ -1,4 +1,4 @@ -# Copyright 1999-2020 Gentoo Authors +# Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 EAPI=7 @@ -22,6 +22,10 @@ DEPEND="${RDEPEND} S="${WORKDIR}/${P}-src" +PATCHES=( + "${FILESDIR}/${P}_CVE-2021-20285.patch" +) + src_compile() { tc-export CXX emake CXXFLAGS_WERROR="" all |