gentoo resync : 24.12.2018

2 files changed, 141 insertions, 0 deletions

diff --git a/app-forensics/sleuthkit/files/sleuthkit-4.6.4-CVE-2018-19497-backport.patch b/app-forensics/sleuthkit/files/sleuthkit-4.6.4-CVE-2018-19497-backport.patch
new file mode 100644
index 000000000000..3ed904774814
--- /dev/null
+++ b/app-forensics/sleuthkit/files/sleuthkit-4.6.4-CVE-2018-19497-backport.patch
@@ -0,0 +1,83 @@
+From dd679ad1d855e7f69a887eb343bb53d49dc664e7 Mon Sep 17 00:00:00 2001
+From: Jordy Zomer <zome8499@student.alfa-college.nl>
+Date: Sat, 24 Nov 2018 12:19:38 +0100
+Subject: [PATCH 1/3] Fix CVE-2018-19497.
+
+An issue was discovered in The Sleuth Kit (TSK) through 4.6.4.
+The "tsk_getu16(hfs->fs_info.endian, &rec_buf[rec_off2])" call in hfs_dir_open_meta_cb in
+tsk/fs/hfs_dent.c does not properly check boundaries. This results in
+a crash (SEGV on unknown address
+READ memory access)
+when reading too much in the destination buffer.
+---
+ tsk/fs/hfs.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
+index 00f1720b1b..0dec507165 100644
+--- a/tsk/fs/hfs.c
++++ b/tsk/fs/hfs.c
+@@ -956,7 +956,8 @@ hfs_cat_traverse(HFS_INFO * hfs,
+                 key = (hfs_btree_key_cat *) & node[rec_off];
+ 
+                 keylen = 2 + tsk_getu16(hfs->fs_info.endian, key->key_len);
+-                if ((keylen) > nodesize) {
++               
++                if (keylen > nodesize - rec_off) {
+                     tsk_error_set_errno(TSK_ERR_FS_GENFS);
+                     tsk_error_set_errstr
+                         ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %"
+
+From fb2bc0ad693db852fac1dcc77a072aeabe106ac8 Mon Sep 17 00:00:00 2001
+From: Jordy Zomer <zome8499@student.alfa-college.nl>
+Date: Sat, 24 Nov 2018 12:37:09 +0100
+Subject: [PATCH 2/3] fix length in printf of nodesize
+
+Also fix the length in printf next to comit dd679ad1d855e7f69a887eb343bb53d49dc664e7
+---
+ tsk/fs/hfs.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
+index 0dec507165..4f7c0679a8 100644
+--- a/tsk/fs/hfs.c
++++ b/tsk/fs/hfs.c
+@@ -961,7 +961,7 @@ hfs_cat_traverse(HFS_INFO * hfs,
+                     tsk_error_set_errno(TSK_ERR_FS_GENFS);
+                     tsk_error_set_errstr
+                         ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %"
+-                        PRIu16 ")", rec, cur_node, keylen, nodesize);
++                        PRIu16 ")", rec, cur_node, keylen, nodesize - rec_off);
+                     free(node);
+                     return 1;
+                 }
+
+From 8242588f4354339d9cb1ad82622e7c16c55391c9 Mon Sep 17 00:00:00 2001
+From: Jordy Zomer <zome8499@student.alfa-college.nl>
+Date: Sat, 24 Nov 2018 12:47:23 +0100
+Subject: [PATCH 3/3] UPDATE on CVE-2018-19497.
+
+make it >= because if keylen == nodesize - rec_off it's already past it's destination.
+Also fix the sprintf
+---
+ tsk/fs/hfs.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
+index 4f7c0679a8..bb3819ada9 100644
+--- a/tsk/fs/hfs.c
++++ b/tsk/fs/hfs.c
+@@ -957,11 +957,11 @@ hfs_cat_traverse(HFS_INFO * hfs,
+ 
+                 keylen = 2 + tsk_getu16(hfs->fs_info.endian, key->key_len);
+                
+-                if (keylen > nodesize - rec_off) {
++                if (keylen >= nodesize - rec_off) {
+                     tsk_error_set_errno(TSK_ERR_FS_GENFS);
+                     tsk_error_set_errstr
+                         ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %"
+-                        PRIu16 ")", rec, cur_node, keylen, nodesize - rec_off);
++                        PRIu16 ")", rec, cur_node, keylen, (nodesize - rec_off));
+                     free(node);
+                     return 1;
+                 }
diff --git a/app-forensics/sleuthkit/files/sleuthkit-4.6.4-default-jar-location-fix.patch b/app-forensics/sleuthkit/files/sleuthkit-4.6.4-default-jar-location-fix.patch
new file mode 100644
index 000000000000..126fce904a8f
--- /dev/null
+++ b/app-forensics/sleuthkit/files/sleuthkit-4.6.4-default-jar-location-fix.patch
@@ -0,0 +1,58 @@
+From f8c1cada7f01826b15a82b20600b8df7562fa2ed Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?G=C3=B6kt=C3=BCrk=20Y=C3=BCksek?= <gokturk@gentoo.org>
+Date: Wed, 28 Nov 2018 21:33:46 -0500
+Subject: [PATCH v1] Allow --enable-offline to accept a directory argument for
+ jar libs
+
+Allow the hardcoded default_jar_location in build.xml to
+/usr/share/java to be changed using the argument provided to
+--enable-offline. Note that this changes the behavior of the switch
+from "anything other than yes or no is incorrect" to "anything other
+than no implies offline mode".
+---
+ bindings/java/Makefile.am |  4 ++++
+ configure.ac              | 10 +++++++++-
+ 2 files changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/bindings/java/Makefile.am b/bindings/java/Makefile.am
+index ad27526e..f0bb9f68 100644
+--- a/bindings/java/Makefile.am
++++ b/bindings/java/Makefile.am
+@@ -7,6 +7,10 @@ jar_DATA = $(tsk_jar)
+ 
+ if OFFLINE
+  ant_args=-Doffline=true
++if CUSTOM_DEFAULT_JAR_LOCATION
++  ant_args+= -Ddefault-jar-location="@DEFAULT_JAR_LOCATION@"
++else
++endif
+ else
+ 
+ endif
+diff --git a/configure.ac b/configure.ac
+index dc9026ed..d3d41646 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -221,10 +221,18 @@ AC_ARG_ENABLE([offline],
+     [case "${enableval}" in
+ 	yes) offline=true ;;
+ 	no) offline=false ;;
+-	*) AC_MSG_ERROR([bad value ${enableval} for --enable-online]) ;;
++	*)
++	    offline=true
++	    default_jar_location="${enableval}"
++	    ;;
+      esac],[offline=false])
+ 
+ AM_CONDITIONAL([OFFLINE], [test "x$offline" = xtrue])
++AM_CONDITIONAL([CUSTOM_DEFAULT_JAR_LOCATION], [test "x$default_jar_location" != "x"])
++AM_COND_IF([CUSTOM_DEFAULT_JAR_LOCATION],
++    [AC_SUBST([DEFAULT_JAR_LOCATION], [$default_jar_location])]
++)
++
+ 
+ 
+ dnl Check if we should link libewf.
+-- 
+2.19.1
+