diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
commit | 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch) | |
tree | 7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /dev-libs/capstone/files | |
parent | 30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'dev-libs/capstone/files')
-rw-r--r-- | dev-libs/capstone/files/capstone-3.0.5_rc2-CVE-2017-6952.patch | 41 | ||||
-rw-r--r-- | dev-libs/capstone/files/capstone-3.0.5_rc2-FLAGS.patch | 16 |
2 files changed, 57 insertions, 0 deletions
diff --git a/dev-libs/capstone/files/capstone-3.0.5_rc2-CVE-2017-6952.patch b/dev-libs/capstone/files/capstone-3.0.5_rc2-CVE-2017-6952.patch new file mode 100644 index 000000000000..ba16126f7411 --- /dev/null +++ b/dev-libs/capstone/files/capstone-3.0.5_rc2-CVE-2017-6952.patch @@ -0,0 +1,41 @@ +commit 6fe86eef621b9849f51a5e1e5d73258a93440403 +Author: Quang Nguyễn <quangnh89@users.noreply.github.com> +Date: Mon Mar 13 22:34:48 2017 +0700 + + provide a validity check to prevent against Integer overflow conditions (#870) + + * provide a validity check to prevent against Integer overflow conditions + + * fix some style issues. + +diff --git a/windows/winkernel_mm.c b/windows/winkernel_mm.c +index c127da3a..ecdc1ca2 100644 +--- a/windows/winkernel_mm.c ++++ b/windows/winkernel_mm.c +@@ -3,6 +3,7 @@ + + #include "winkernel_mm.h" + #include <ntddk.h> ++#include <Ntintsafe.h> + + // A pool tag for memory allocation + static const ULONG CS_WINKERNEL_POOL_TAG = 'kwsC'; +@@ -33,8 +34,16 @@ void * CAPSTONE_API cs_winkernel_malloc(size_t size) + + // FP; a use of NonPagedPool is required for Windows 7 support + #pragma prefast(suppress : 30030) // Allocating executable POOL_TYPE memory +- CS_WINKERNEL_MEMBLOCK *block = (CS_WINKERNEL_MEMBLOCK *)ExAllocatePoolWithTag( +- NonPagedPool, size + sizeof(CS_WINKERNEL_MEMBLOCK), CS_WINKERNEL_POOL_TAG); ++ size_t number_of_bytes = 0; ++ CS_WINKERNEL_MEMBLOCK *block = NULL; ++ // A specially crafted size value can trigger the overflow. ++ // If the sum in a value that overflows or underflows the capacity of the type, ++ // the function returns NULL. ++ if (!NT_SUCCESS(RtlSizeTAdd(size, sizeof(CS_WINKERNEL_MEMBLOCK), &number_of_bytes))) { ++ return NULL; ++ } ++ block = (CS_WINKERNEL_MEMBLOCK *)ExAllocatePoolWithTag( ++ NonPagedPool, number_of_bytes, CS_WINKERNEL_POOL_TAG); + if (!block) { + return NULL; + } diff --git a/dev-libs/capstone/files/capstone-3.0.5_rc2-FLAGS.patch b/dev-libs/capstone/files/capstone-3.0.5_rc2-FLAGS.patch new file mode 100644 index 000000000000..4be2ed4ba0e6 --- /dev/null +++ b/dev-libs/capstone/files/capstone-3.0.5_rc2-FLAGS.patch @@ -0,0 +1,16 @@ +Add support for user overridden CFLAGS and LDFLAGS +diff --git a/cstool/Makefile b/cstool/Makefile +index 450ac1b..3cf2a81 100644 +--- a/cstool/Makefile ++++ b/cstool/Makefile +@@ -3,2 +3,3 @@ + include ../functions.mk ++include ../config.mk + +@@ -8,4 +9,4 @@ LIBNAME = capstone + +-CFLAGS = -I../include +-LDFLAGS = -O3 -Wall -L.. -l$(LIBNAME) ++CFLAGS += -I../include ++LDFLAGS += -Wall -L.. -l$(LIBNAME) + |