pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2007Q2]: pkgsrc/devel/gdb Pullup ticket 2134 - requested by lk...
details: https://anonhg.NetBSD.org/pkgsrc/rev/0da6368d49cc
branches: pkgsrc-2007Q2
changeset: 530480:0da6368d49cc
user: ghen <ghen%pkgsrc.org@localhost>
date: Sat Jul 28 22:57:12 2007 +0000
description:
Pullup ticket 2134 - requested by lkundrak
security fix for gdb
- pkgsrc/devel/gdb/Makefile 1.34
- pkgsrc/devel/gdb/distinfo 1.9-1.10
- pkgsrc/devel/gdb/patches/patch-am 1.2
- pkgsrc/devel/gdb/patches/patch-ap 1.1
- pkgsrc/devel/gdb/patches/patch-aq 1.1
Module Name: pkgsrc
Committed By: lkundrak
Date: Tue Jul 3 12:41:19 UTC 2007
Modified Files:
pkgsrc/devel/gdb: Makefile distinfo
Added Files:
pkgsrc/devel/gdb/patches: patch-ap patch-aq
Log Message:
Fixes for CVE-2005-1704 and CVE-2005-1705. Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: lkundrak
Date: Wed Jul 11 13:12:02 UTC 2007
Modified Files:
pkgsrc/devel/gdb: distinfo
pkgsrc/devel/gdb/patches: patch-am
Log Message:
Attempt to fix build on >1.6
diffstat:
devel/gdb/Makefile | 4 +-
devel/gdb/distinfo | 6 ++-
devel/gdb/patches/patch-am | 43 +++++++++++++++++++++++++-
devel/gdb/patches/patch-ap | 75 ++++++++++++++++++++++++++++++++++++++++++++++
devel/gdb/patches/patch-aq | 15 +++++++++
5 files changed, 137 insertions(+), 6 deletions(-)
diffs (186 lines):
diff -r 8ac46649dddb -r 0da6368d49cc devel/gdb/Makefile
--- a/devel/gdb/Makefile Sat Jul 28 22:39:23 2007 +0000
+++ b/devel/gdb/Makefile Sat Jul 28 22:57:12 2007 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.33 2007/03/23 15:18:23 joerg Exp $
+# $NetBSD: Makefile,v 1.33.4.1 2007/07/28 22:57:12 ghen Exp $
#
DISTNAME= gdb-5.3
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_GNU:=gdb/}
diff -r 8ac46649dddb -r 0da6368d49cc devel/gdb/distinfo
--- a/devel/gdb/distinfo Sat Jul 28 22:39:23 2007 +0000
+++ b/devel/gdb/distinfo Sat Jul 28 22:57:12 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.8 2006/10/22 07:55:38 rillig Exp $
+$NetBSD: distinfo,v 1.8.6.1 2007/07/28 22:57:12 ghen Exp $
SHA1 (gdb-5.3.tar.gz) = 24a6c9da6e89b1b82b7508f27f94098d989ff662
RMD160 (gdb-5.3.tar.gz) = 3f88dc11115de08708c50c73b10acaf00ed25e96
@@ -15,6 +15,8 @@
SHA1 (patch-aj) = 16b03a5ce9b34af42dcec4e26103ebc456d091bf
SHA1 (patch-ak) = 0908ff7f7000df702a18c25bce4b4930c61ad8f8
SHA1 (patch-al) = 2721abee837d85f57b05073490d94e9e11d5193d
-SHA1 (patch-am) = 8bb74176c2e7042a74330a02d60a1976919da2a0
+SHA1 (patch-am) = 73c6077dcad00fbdde289d270418bd66a36ae9d9
SHA1 (patch-an) = c28777296917daa1a619eca092023c8f5aaf706f
SHA1 (patch-ao) = 7a38b55945cf6d9fc422e460d67b88a1e4416e62
+SHA1 (patch-ap) = e79d8a70d12098716791e3349d8606d07f8acd47
+SHA1 (patch-aq) = f7c356f7c500b84feb141ba693390378e5f71642
diff -r 8ac46649dddb -r 0da6368d49cc devel/gdb/patches/patch-am
--- a/devel/gdb/patches/patch-am Sat Jul 28 22:39:23 2007 +0000
+++ b/devel/gdb/patches/patch-am Sat Jul 28 22:57:12 2007 +0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-am,v 1.1 2006/02/27 15:45:29 joerg Exp $
+$NetBSD: patch-am,v 1.1.12.1 2007/07/28 22:57:12 ghen Exp $
---- gdb/i386bsd-nat.c.orig 2006-02-27 14:51:46.000000000 +0000
+--- gdb/i386bsd-nat.c.orig 2007-07-11 14:32:16.000000000 +0200
+++ gdb/i386bsd-nat.c
@@ -395,7 +395,7 @@ _initialize_i386bsd_nat (void)
system header files and sysctl(3) to get at the relevant
@@ -11,3 +11,42 @@
extern int i386fbsd4_sc_pc_offset;
extern int i386fbsd4_sc_sp_offset;
#define SC_PC_OFFSET i386fbsd4_sc_pc_offset
+@@ -419,26 +419,30 @@ _initialize_i386bsd_nat (void)
+
+ /* Override the default value for the offset of the program counter
+ in the sigcontext structure. */
+- sc_pc_offset = offsetof (struct sigcontext, sc_pc);
++#if defined(__DragonFly__)
++ sc_pc_offset = offsetof (ucontext_t, uc_mcontext.mc_eip);
++#else
++ sc_pc_offset = offsetof (ucontext_t, uc_mcontext.__gregs[_REG_EIP]);
++#endif
+
+ if (SC_PC_OFFSET != sc_pc_offset)
+ {
+- warning ("\
+-offsetof (struct sigcontext, sc_pc) yields %d instead of %d.\n\
+-Please report this to <bug-gdb%gnu.org@localhost>.",
++ warning ("sc_pc_offset is %d instead of %d.",
+ sc_pc_offset, SC_PC_OFFSET);
+ }
+
+ SC_PC_OFFSET = sc_pc_offset;
+
+ /* Likewise for the stack pointer. */
+- sc_sp_offset = offsetof (struct sigcontext, sc_sp);
++#if defined(__DragonFly__)
++ sc_sp_offset = offsetof (ucontext_t, uc_mcontext.mc_esp);
++#else
++ sc_sp_offset = offsetof (ucontext_t, uc_mcontext.__gregs[_REG_UESP]);
++#endif
+
+ if (SC_SP_OFFSET != sc_sp_offset)
+ {
+- warning ("\
+-offsetof (struct sigcontext, sc_sp) yields %d instead of %d.\n\
+-Please report this to <bug-gdb%gnu.org@localhost>.",
++ warning ("sc_sp_offset is %d instead of %d.",
+ sc_sp_offset, SC_SP_OFFSET);
+ }
+
diff -r 8ac46649dddb -r 0da6368d49cc devel/gdb/patches/patch-ap
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/gdb/patches/patch-ap Sat Jul 28 22:57:12 2007 +0000
@@ -0,0 +1,75 @@
+$NetBSD: patch-ap,v 1.1.2.2 2007/07/28 22:57:13 ghen Exp $
+
+Patch for CVE-2005-1704 sucked from upstream.
+* elfcode.h (elf_object_p): Add more sanity checks on elf header.
+
+--- bfd/elfcode.h.orig 2002-07-07 11:10:39.000000000 +0200
++++ bfd/elfcode.h
+@@ -683,8 +683,13 @@ elf_object_p (abfd)
+
+ if (i_ehdrp->e_shoff != 0)
+ {
++ bfd_signed_vma where = i_ehdrp->e_shoff;
++
++ if (where != (file_ptr) where)
++ goto got_wrong_format_error;
++
+ /* Seek to the section header table in the file. */
+- if (bfd_seek (abfd, (file_ptr) i_ehdrp->e_shoff, SEEK_SET) != 0)
++ if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0)
+ goto got_no_match;
+
+ /* Read the first section header at index 0, and convert to internal
+@@ -697,13 +702,50 @@ elf_object_p (abfd)
+ /* If the section count is zero, the actual count is in the first
+ section header. */
+ if (i_ehdrp->e_shnum == SHN_UNDEF)
+- i_ehdrp->e_shnum = i_shdr.sh_size;
++ {
++ i_ehdrp->e_shnum = i_shdr.sh_size;
++ if (i_ehdrp->e_shnum != i_shdr.sh_size)
++ goto got_wrong_format_error;
++ }
+
+ /* And similarly for the string table index. */
+ if (i_ehdrp->e_shstrndx == SHN_XINDEX)
+- i_ehdrp->e_shstrndx = i_shdr.sh_link;
++ {
++ i_ehdrp->e_shstrndx = i_shdr.sh_link;
++ if (i_ehdrp->e_shstrndx != i_shdr.sh_link)
++ goto got_wrong_format_error;
++ }
++
++ /* Sanity check that we can read all of the section headers.
++ It ought to be good enough to just read the last one. */
++ if (i_ehdrp->e_shnum != 1)
++ {
++ /* Check that we don't have a totally silly number of sections. */
++ if (i_ehdrp->e_shnum > (unsigned int) -1 / sizeof (x_shdr))
++ goto got_wrong_format_error;
++
++ where += (i_ehdrp->e_shnum - 1) * sizeof (x_shdr);
++ if (where != (file_ptr) where)
++ goto got_wrong_format_error;
++ if ((bfd_size_type) where <= i_ehdrp->e_shoff)
++ goto got_wrong_format_error;
++
++ if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0)
++ goto got_no_match;
++ if (bfd_bread (&x_shdr, sizeof x_shdr, abfd) != sizeof (x_shdr))
++ goto got_no_match;
++
++ /* Back to where we were. */
++ where = i_ehdrp->e_shoff + sizeof (x_shdr);
++ if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0)
++ goto got_no_match;
++ }
+ }
+
++ /* A further sanity check. */
++ if (i_ehdrp->e_shstrndx >= i_ehdrp->e_shnum)
++ goto got_wrong_format_error;
++
+ /* Allocate space for a copy of the section header table in
+ internal form. */
+ if (i_ehdrp->e_shnum != 0)
diff -r 8ac46649dddb -r 0da6368d49cc devel/gdb/patches/patch-aq
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/gdb/patches/patch-aq Sat Jul 28 22:57:12 2007 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-aq,v 1.1.2.2 2007/07/28 22:57:13 ghen Exp $
+
+Patch for CVE-2005-1705 from Gentoo #88398.
+
+--- gdb/main.c.orig 2002-09-28 17:10:31.000000000 +0200
++++ gdb/main.c
+@@ -626,7 +626,7 @@ extern int gdbtk_test (char *);
+
+ if (!homedir
+ || memcmp ((char *) &homebuf, (char *) &cwdbuf, sizeof (struct stat)))
+- if (!inhibit_gdbinit)
++ if (!inhibit_gdbinit && (cwdbuf.st_uid == getuid()) && (!cwdbuf.st_mode & (S_IWOTH)))
+ {
+ catch_command_errors (source_command, gdbinit, 0, RETURN_MASK_ALL);
+ }
Home |
Main Index |
Thread Index |
Old Index