summaryrefslogtreecommitdiff
path: root/dev-libs/opensc
diff options
context:
space:
mode:
Diffstat (limited to 'dev-libs/opensc')
-rw-r--r--dev-libs/opensc/Manifest2
-rw-r--r--dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch49
-rw-r--r--dev-libs/opensc/opensc-0.23.0-r1.ebuild83
3 files changed, 134 insertions, 0 deletions
diff --git a/dev-libs/opensc/Manifest b/dev-libs/opensc/Manifest
index cda17c119377..4013277bb7d4 100644
--- a/dev-libs/opensc/Manifest
+++ b/dev-libs/opensc/Manifest
@@ -1,5 +1,7 @@
+AUX opensc-0.23.0-CVE-2023-2977.patch 1936 BLAKE2B 6352f5b1e596973a0049e38ce454df6932f72669acab8ab4d117ead9f0b5a88a69ad99c8d38eaff032300fe291d863182262fec0a36bbcabd7f7dad2c5c077e6 SHA512 08924312d7a29ce9692a26379d22651fb6b38a75ad0868f1a95dadce34c2163a8f0e72718642488018233f44dc5539b102f0879f6bc838cc178440283fccb5f7
AUX opensc.module 390 BLAKE2B 4c5ea159ed2038af51c9ca3e903b23db1acdfa8a6c79be7f922f8a03602f15e3b1a98570be0a1f3f2db922c9083976eeb164d011b981c8709a9b1459e959634f SHA512 52a0a47963d0938a3a644dedcd913bb22ea6d5e3d539b759872c4175085491cc11a3958bb308029eb4942ea20e0f7890865c21cb063e335e38a154957a64ed58
DIST opensc-0.23.0.tar.gz 2366469 BLAKE2B c0f74379a70347a58be27684ae2cf833e6f35328b566af2c6daa8276174864406fa176acf7ba84931970fe07e3dd8d6eccf7884f079cb0110c4d6ff9a76792dc SHA512 cd102cd64e719c59153960a4921b7525055045f16e6f6ffa8c9def6ce999a9c5098267b41f8753b41107f626bea20c34561002f5d38eddb4ce6b371913a17a1b
+EBUILD opensc-0.23.0-r1.ebuild 1933 BLAKE2B bf7f2c28ee5ddb79353eec7a1ae324b3cf51baa3ca1ebd7e0e989b278d78afbb8b3e3e44286bbe2b0053501497a6b830693e239d3089543ed9bf6f1b1503c050 SHA512 36c6c005a97dc816dee6ad8fa1dd2e44bedf1cf43c93e2f8cb2a9dc5c38632c7440ed447a9d6ea3fc9586915bd68ef6753530bd553d41e7de291c5c9692e11d3
EBUILD opensc-0.23.0.ebuild 1878 BLAKE2B fc0859070a61c2a07d8358525918e3775ba9b1e6b6917389e23e95ba7aafb8ddb24a6a89fded06f5c210623de6e8d843cbdb72b8501fd6c4986cbbbd7ecba7a6 SHA512 9496512a1b9565196de7202aa2294e0ff24ccea983c4d35622586c6e77ab0fd5a7c7c5e8eae0672ba0f872a90045007a7a7f88f624702a15f082bc1918f04fcf
EBUILD opensc-9999.ebuild 1881 BLAKE2B ae0acc8bcc7081ceea38b6a59ed04dd6acf37bf4e86f3979ac317e5bd8dffba6cfdb0480cfc574ca23d5ab5f491ea2b301ce4b2ae86835e8210af391cdfe11c6 SHA512 8ce8e223359c15a15159a006ecfa2b1c4f10063902450c4fa120902cc1193a0478e87cd0678241b0f4e96aa7cb870267d4d80e44e1e13c952a322412801dba26
MISC metadata.xml 1305 BLAKE2B 8560829a2784e38e10b41f5e083568a7fafd19e9fe185b1675c787b2514ea01a18b3fa6c7d0018b6e45638512d02e9bec12fbc5df4e50bf49db6558ef89a9af8 SHA512 8b477d96f6acb7a808e24af1d4b29e16e06b83eaf29799dbc6b74181ded74de47d7527712e21412bfb92a26e1d03974368a2c1790208785230280a18d21aff06
diff --git a/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch b/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch
new file mode 100644
index 000000000000..ad3bc1fadc93
--- /dev/null
+++ b/dev-libs/opensc/files/opensc-0.23.0-CVE-2023-2977.patch
@@ -0,0 +1,49 @@
+From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001
+From: fullwaywang <fullwaywang@tencent.com>
+Date: Mon, 29 May 2023 10:38:48 +0800
+Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer
+ overrun bug. Fixes #2785
+
+---
+ src/pkcs15init/pkcs15-cardos.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c
+index 9715cf390f..f41f73c349 100644
+--- a/src/pkcs15init/pkcs15-cardos.c
++++ b/src/pkcs15init/pkcs15-cardos.c
+@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ sc_apdu_t apdu;
+ u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
+ int r;
+- const u8 *p = rbuf, *q;
++ const u8 *p = rbuf, *q, *pp;
+ size_t len, tlen = 0, ilen = 0;
+
+ sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88);
+@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ return 0;
+
+ while (len != 0) {
+- p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
+- if (p == NULL)
++ pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
++ if (pp == NULL)
+ return 0;
+ if (card->type == SC_CARD_TYPE_CARDOS_M4_3) {
+ /* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01 */
+ /* and Package Number 0x07 */
+- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen);
++ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen);
+ if (q == NULL || ilen != 4)
+ return 0;
+ if (q[0] == 0x07)
+@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
+ } else if (card->type == SC_CARD_TYPE_CARDOS_M4_4) {
+ /* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03 */
+ /* and Package Number 0x02 */
+- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen);
++ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen);
+ if (q == NULL || ilen != 4)
+ return 0;
+ if (q[0] == 0x02)
diff --git a/dev-libs/opensc/opensc-0.23.0-r1.ebuild b/dev-libs/opensc/opensc-0.23.0-r1.ebuild
new file mode 100644
index 000000000000..9162e0939fc4
--- /dev/null
+++ b/dev-libs/opensc/opensc-0.23.0-r1.ebuild
@@ -0,0 +1,83 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit bash-completion-r1 libtool
+
+DESCRIPTION="Libraries and applications to access smartcards"
+HOMEPAGE="https://github.com/OpenSC/OpenSC/wiki"
+
+if [[ ${PV} == *9999 ]]; then
+ inherit autotools git-r3
+ EGIT_REPO_URI="https://github.com/OpenSC/OpenSC.git"
+else
+ SRC_URI="https://github.com/OpenSC/OpenSC/releases/download/${PV}/${P}.tar.gz"
+ KEYWORDS="~amd64 ~ppc64 ~x86"
+fi
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+IUSE="ctapi doc openct notify pace +pcsc-lite readline secure-messaging ssl test zlib"
+RESTRICT="!test? ( test )"
+
+RDEPEND="zlib? ( sys-libs/zlib )
+ readline? ( sys-libs/readline:0= )
+ ssl? ( dev-libs/openssl:0= )
+ openct? ( >=dev-libs/openct-0.5.0 )
+ pace? ( dev-libs/openpace:= )
+ pcsc-lite? ( >=sys-apps/pcsc-lite-1.3.0 )
+ notify? ( dev-libs/glib:2 )"
+DEPEND="${RDEPEND}
+ app-text/docbook-xsl-stylesheets
+ dev-libs/libxslt
+ test? ( dev-util/cmocka )"
+BDEPEND="virtual/pkgconfig"
+
+REQUIRED_USE="
+ pcsc-lite? ( !openct !ctapi )
+ openct? ( !pcsc-lite !ctapi )
+ ctapi? ( !pcsc-lite !openct )
+ || ( pcsc-lite openct ctapi )"
+
+PATCHES=( "${FILESDIR}"/${P}-CVE-2023-2977.patch )
+
+src_prepare() {
+ default
+
+ if [[ ${PV} == *9999 ]]; then
+ eautoreconf
+ else
+ elibtoolize
+ fi
+}
+
+src_configure() {
+ # don't want to run upstream's clang-tidy checks
+ export ac_cv_path_CLANGTIDY=""
+
+ econf \
+ --with-completiondir="$(get_bashcompdir)" \
+ --disable-strict \
+ --enable-man \
+ $(use_enable ctapi) \
+ $(use_enable doc) \
+ $(use_enable notify) \
+ $(use_enable openct) \
+ $(use_enable pace openpace) \
+ $(use_enable pcsc-lite pcsc) \
+ $(use_enable readline) \
+ $(use_enable secure-messaging sm) \
+ $(use_enable ssl openssl) \
+ $(use_enable test cmocka) \
+ $(use_enable zlib)
+}
+
+src_install() {
+ default
+
+ insinto /etc/pkcs11/modules/
+ doins "${FILESDIR}"/opensc.module
+
+ find "${ED}" -name '*.la' -delete || die
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-01 11:35:49 +0000