diff options
Diffstat (limited to 'external/poky/meta/recipes-devtools/file')
5 files changed, 257 insertions, 0 deletions
diff --git a/external/poky/meta/recipes-devtools/file/file/CVE-2019-8904.patch b/external/poky/meta/recipes-devtools/file/file/CVE-2019-8904.patch new file mode 100644 index 00000000..5c3d6f73 --- /dev/null +++ b/external/poky/meta/recipes-devtools/file/file/CVE-2019-8904.patch @@ -0,0 +1,30 @@ +From 94b7501f48e134e77716e7ebefc73d6bbe72ba55 Mon Sep 17 00:00:00 2001 +From: Christos Zoulas <christos@zoulas.com> +Date: Mon, 18 Feb 2019 17:30:41 +0000 +Subject: [PATCH] PR/62: spinpx: Avoid non-nul-terminated string read. + +Upstream-Status: Backport +CVE: CVE-2019-8904 +Affects < 5.36 +[Fixup for thud context] +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + src/readelf.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +Index: git/src/readelf.c +=================================================================== +--- git.orig/src/readelf.c ++++ git/src/readelf.c +@@ -558,8 +558,8 @@ do_bid_note(struct magic_set *ms, unsign + } + if (namesz == 4 && strcmp((char *)&nbuf[noff], "Go") == 0 && + type == NT_GO_BUILD_ID && descsz < 128) { +- if (file_printf(ms, ", Go BuildID=%s", +- (char *)&nbuf[doff]) == -1) ++ if (file_printf(ms, ", Go BuildID=%.*s", ++ CAST(int, descsz), CAST(char *, &nbuf[doff])) == -1) + return 1; + return 1; + } diff --git a/external/poky/meta/recipes-devtools/file/file/CVE-2019-8905_CVE-2019-8907.patch b/external/poky/meta/recipes-devtools/file/file/CVE-2019-8905_CVE-2019-8907.patch new file mode 100644 index 00000000..a55b94c6 --- /dev/null +++ b/external/poky/meta/recipes-devtools/file/file/CVE-2019-8905_CVE-2019-8907.patch @@ -0,0 +1,120 @@ +From d65781527c8134a1202b2649695d48d5701ac60b Mon Sep 17 00:00:00 2001 +From: Christos Zoulas <christos@zoulas.com> +Date: Mon, 18 Feb 2019 17:46:56 +0000 +Subject: [PATCH] PR/62: spinpx: limit size of file_printable. + +Upstream-Status: Backport +CVE: CVE-2019-8905 +CVE: CVE-2019-8907 +affects < 5.36 + +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + src/file.h | 4 ++-- + src/funcs.c | 9 +++++---- + src/readelf.c | 7 ++++--- + src/softmagic.c | 14 ++++++++------ + 4 files changed, 19 insertions(+), 15 deletions(-) + +Index: git/src/file.h +=================================================================== +--- git.orig/src/file.h ++++ git/src/file.h +@@ -501,7 +501,7 @@ protected int file_looks_utf8(const unsi + size_t *); + protected size_t file_pstring_length_size(const struct magic *); + protected size_t file_pstring_get_length(const struct magic *, const char *); +-protected char * file_printable(char *, size_t, const char *); ++protected char * file_printable(char *, size_t, const char *, size_t); + #ifdef __EMX__ + protected int file_os2_apptype(struct magic_set *, const char *, const void *, + size_t); +Index: git/src/funcs.c +=================================================================== +--- git.orig/src/funcs.c ++++ git/src/funcs.c +@@ -595,12 +595,13 @@ file_pop_buffer(struct magic_set *ms, fi + * convert string to ascii printable format. + */ + protected char * +-file_printable(char *buf, size_t bufsiz, const char *str) ++file_printable(char *buf, size_t bufsiz, const char *str, size_t slen) + { +- char *ptr, *eptr; ++ char *ptr, *eptr = buf + bufsiz - 1; + const unsigned char *s = (const unsigned char *)str; ++ const unsigned char *es = s + slen; + +- for (ptr = buf, eptr = ptr + bufsiz - 1; ptr < eptr && *s; s++) { ++ for (ptr = buf; ptr < eptr && s < es && *s; s++) { + if (isprint(*s)) { + *ptr++ = *s; + continue; +Index: git/src/readelf.c +=================================================================== +--- git.orig/src/readelf.c ++++ git/src/readelf.c +@@ -750,7 +750,7 @@ do_core_note(struct magic_set *ms, unsig + if (file_printf(ms, ", from '%.31s', pid=%u, uid=%u, " + "gid=%u, nlwps=%u, lwp=%u (signal %u/code %u)", + file_printable(sbuf, sizeof(sbuf), +- CAST(char *, pi.cpi_name)), ++ CAST(char *, pi.cpi_name), sizeof(pi.cpi_name)), + elf_getu32(swap, (uint32_t)pi.cpi_pid), + elf_getu32(swap, pi.cpi_euid), + elf_getu32(swap, pi.cpi_egid), +@@ -1655,7 +1655,8 @@ dophn_exec(struct magic_set *ms, int cla + return -1; + if (interp[0]) + if (file_printf(ms, ", interpreter %s", +- file_printable(ibuf, sizeof(ibuf), interp)) == -1) ++ file_printable(ibuf, sizeof(ibuf), interp, sizeof(interp))) ++ == -1) + return -1; + return 0; + } +Index: git/src/softmagic.c +=================================================================== +--- git.orig/src/softmagic.c ++++ git/src/softmagic.c +@@ -616,8 +616,8 @@ mprint(struct magic_set *ms, struct magi + case FILE_LESTRING16: + if (m->reln == '=' || m->reln == '!') { + if (file_printf(ms, F(ms, desc, "%s"), +- file_printable(sbuf, sizeof(sbuf), m->value.s)) +- == -1) ++ file_printable(sbuf, sizeof(sbuf), m->value.s, ++ sizeof(m->value.s))) == -1) + return -1; + t = ms->offset + m->vallen; + } +@@ -644,7 +644,8 @@ mprint(struct magic_set *ms, struct magi + } + + if (file_printf(ms, F(ms, desc, "%s"), +- file_printable(sbuf, sizeof(sbuf), str)) == -1) ++ file_printable(sbuf, sizeof(sbuf), str, ++ sizeof(p->s) - (str - p->s))) == -1) + return -1; + + if (m->type == FILE_PSTRING) +@@ -750,7 +751,7 @@ mprint(struct magic_set *ms, struct magi + return -1; + } + rval = file_printf(ms, F(ms, desc, "%s"), +- file_printable(sbuf, sizeof(sbuf), cp)); ++ file_printable(sbuf, sizeof(sbuf), cp, ms->search.rm_len)); + free(cp); + + if (rval == -1) +@@ -777,7 +778,8 @@ mprint(struct magic_set *ms, struct magi + break; + case FILE_DER: + if (file_printf(ms, F(ms, desc, "%s"), +- file_printable(sbuf, sizeof(sbuf), ms->ms_value.s)) == -1) ++ file_printable(sbuf, sizeof(sbuf), ms->ms_value.s, ++ sizeof(ms->ms_value.s))) == -1) + return -1; + t = ms->offset; + break; diff --git a/external/poky/meta/recipes-devtools/file/file/CVE-2019-8906.patch b/external/poky/meta/recipes-devtools/file/file/CVE-2019-8906.patch new file mode 100644 index 00000000..1079ac66 --- /dev/null +++ b/external/poky/meta/recipes-devtools/file/file/CVE-2019-8906.patch @@ -0,0 +1,27 @@ +From 2858eaf99f6cc5aae129bcbf1e24ad160240185f Mon Sep 17 00:00:00 2001 +From: Christos Zoulas <christos@zoulas.com> +Date: Wed, 2 Jan 2019 19:44:14 +0000 +Subject: [PATCH] Avoid OOB read (found by ASAN reported by F. Alonso) + +Upstream-Status: Backport +CVE: CVE-2019-8906 +Affects < 5.36 +[Fixup for thud context] +Signed-off-by: Armin Kuster <akuster@mvista.com> +--- + src/readelf.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +Index: git/src/readelf.c +=================================================================== +--- git.orig/src/readelf.c ++++ git/src/readelf.c +@@ -745,7 +745,7 @@ do_core_note(struct magic_set *ms, unsig + char sbuf[512]; + struct NetBSD_elfcore_procinfo pi; + memset(&pi, 0, sizeof(pi)); +- memcpy(&pi, nbuf + doff, descsz); ++ memcpy(&pi, nbuf + doff, MIN(descsz, sizeof(pi))); + + if (file_printf(ms, ", from '%.31s', pid=%u, uid=%u, " + "gid=%u, nlwps=%u, lwp=%u (signal %u/code %u)", diff --git a/external/poky/meta/recipes-devtools/file/file/debian-742262.patch b/external/poky/meta/recipes-devtools/file/file/debian-742262.patch new file mode 100644 index 00000000..319f9dbc --- /dev/null +++ b/external/poky/meta/recipes-devtools/file/file/debian-742262.patch @@ -0,0 +1,27 @@ +The awk pattern was checked *before* the Perl pattern, so the +perl script with BEGIN{...} would be reported as awk, this patch fixes it. + +Upstream-Status: Backport [debian] + +Signed-off-by: Christoph Biedl <debian.axhn@manchmal.in-ulm.de> +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> + +Rebase on 5.31 + +Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> +--- + magic/Magdir/commands | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/magic/Magdir/commands b/magic/Magdir/commands +index f6ad1c8..f79e7dd 100644 +--- a/magic/Magdir/commands ++++ b/magic/Magdir/commands +@@ -57,6 +57,7 @@ + 0 string/wt #!\ /usr/bin/awk awk script text executable + !:mime text/x-awk + 0 regex/4096 =^[\040\t\f\r\n]{0,100}BEGIN[\040\t\f\r\n]{0,100}[{] awk or perl script text ++!:strength - 12 + + # AT&T Bell Labs' Plan 9 shell + 0 string/wt #!\ /bin/rc Plan 9 rc shell script text executable diff --git a/external/poky/meta/recipes-devtools/file/file_5.34.bb b/external/poky/meta/recipes-devtools/file/file_5.34.bb new file mode 100644 index 00000000..cb19642f --- /dev/null +++ b/external/poky/meta/recipes-devtools/file/file_5.34.bb @@ -0,0 +1,53 @@ +SUMMARY = "File classification tool" +DESCRIPTION = "File attempts to classify files depending \ +on their contents and prints a description if a match is found." +HOMEPAGE = "http://www.darwinsys.com/file/" +SECTION = "console/utils" + +# two clause BSD +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;beginline=2;md5=6a7382872edb68d33e1a9398b6e03188" + +DEPENDS = "zlib file-replacement-native" +DEPENDS_class-native = "zlib-native" + +# Blacklist a bogus tag in upstream check +UPSTREAM_CHECK_GITTAGREGEX = "FILE(?P<pver>(?!6_23).+)" + +SRC_URI = "git://github.com/file/file.git \ + file://debian-742262.patch \ + file://CVE-2019-8906.patch \ + file://CVE-2019-8904.patch \ + file://CVE-2019-8905_CVE-2019-8907.patch \ + " + +SRCREV = "315cef2f699da3c31a54bd3c6c6070680fbaf1f5" +S = "${WORKDIR}/git" + +inherit autotools update-alternatives + +ALTERNATIVE_${PN} = "file" +ALTERNATIVE_LINK_NAME[file] = "${bindir}/file" + +EXTRA_OEMAKE_append_class-target = "-e FILE_COMPILE=${STAGING_BINDIR_NATIVE}/file-native/file" +EXTRA_OEMAKE_append_class-nativesdk = "-e FILE_COMPILE=${STAGING_BINDIR_NATIVE}/file-native/file" + +CFLAGS_append = " -std=c99" + +FILES_${PN} += "${datadir}/misc/*.mgc" + +do_install_append_class-native() { + create_cmdline_wrapper ${D}/${bindir}/file \ + --magic-file ${datadir}/misc/magic.mgc +} + +do_install_append_class-nativesdk() { + create_cmdline_wrapper ${D}/${bindir}/file \ + --magic-file ${datadir}/misc/magic.mgc +} + +BBCLASSEXTEND = "native nativesdk" +PROVIDES_append_class-native = " file-replacement-native" +# Don't use NATIVE_PACKAGE_PATH_SUFFIX as that hides libmagic from anyone who +# depends on file-replacement-native. +bindir_append_class-native = "/file-native" |