diff options
Diffstat (limited to 'dev-util/rizin')
| -rw-r--r-- | dev-util/rizin/Manifest | 2 | ||||
| -rw-r--r-- | dev-util/rizin/files/rizin-0.3.1-CVE-2021-43814.patch | 90 | ||||
| -rw-r--r-- | dev-util/rizin/rizin-0.3.1-r2.ebuild | 103 |
3 files changed, 195 insertions, 0 deletions
diff --git a/dev-util/rizin/Manifest b/dev-util/rizin/Manifest index 6ccfab52d29b..99305f2b8d7e 100644 --- a/dev-util/rizin/Manifest +++ b/dev-util/rizin/Manifest @@ -1,7 +1,9 @@ AUX rizin-0.3.0-md4-openssl.patch 3410 BLAKE2B 06f5f270abd2351b044c3d2178fe74a43a320d5fef1ee672762cb2ca31729786364953d412274b4064927f63f92e32202487ba523ea16160721fa4c1306f25a7 SHA512 d079f6ab1c1e4e4b0d50fb04cda3fecc64bddd14ae775a1b2e818d42b1199bed7ebae78e81a550608d1f976cc03e4b6262ffa08c145a27b7db4e2d8ff3f798eb AUX rizin-0.3.0-typedb-prefix.patch 5175 BLAKE2B 08fea1ba6297f17d42f518c1739875c0964f6f00c1bcd01cba51a56e6626fe50c6ad2c36bece4db326f7b128d6ea5786970eb454832e32f9d837458f92f2a596 SHA512 241a72a7f1c3ec8ba831ca696faf0cfc09a58207c6d3db7005b09b9016a71ed9238bcb9441a389116083557538a0ff1a6adf55e78e1aa35d67aa206f30774391 +AUX rizin-0.3.1-CVE-2021-43814.patch 3292 BLAKE2B 4d9e9f43296dc906839fee4b97794141157dea5e3af7b0f96f5c35369b44f2d04a1f4363366d0e495112d29b658927953b3c19a1375c7ad2377bb3504be3e9ef SHA512 0bcfe32bab666d99fa68e825f4d7406024d2d1f76abc7b3fdbd7803be3f3c27205bbe7d91a671e2679094bedc944a59980a798e07adf20e6bf6d2c46e884b297 DIST rizin-src-v0.3.0.tar.xz 64097204 BLAKE2B 308037ce60ec6523f337580221ea265c912ff92032fc5e1c2ab37430eae5a16cc2e8efa74447a79735c7814a35d3b08e5fc2f548612a1553c5edc2f314d22df5 SHA512 68f71e612bd4df90c79ebd4cb26c3e09bb370ccd9e51f574f2687f940b3934d9bf417108f3f7e678cabc6ddba7402e0420aab569c24316e07b2b56ed33153ed3 DIST rizin-src-v0.3.1.tar.xz 64089580 BLAKE2B 04f7e3cfa20a787f47af90c78405f295b346cc0c7d81164ff01bc6a69df526f3f9112ab4cb62092297ae2dda1fa738a2e7feff35e0f1b7f3e7467a8c6e4d1a1e SHA512 743f8f2c9ddb045f39147de9ad971d47f1a26bfcc233f41c12c64ade5e31c992104cf3f93c44c5035142b554779e895224b68f839cd87a59aaf344b4ec88d5fe EBUILD rizin-0.3.0.ebuild 2908 BLAKE2B ef7f12a5ca9813776c1ee6acae4cab4c36d7a9608cd2dedec81d09d5eabc5c9fd7c3603606380d1ea5fca51bdbb01c869abf0e8fbeeb34f04f48e650c91b03aa SHA512 ad810f425164ee8c82585a790154653e8f89a3c6aa5a38152e953ed079d0d299f1a715e45b80a570a3513ac2de7d58ac85bca9e4e1df9e03a248d6dcafb609fc EBUILD rizin-0.3.1-r1.ebuild 2869 BLAKE2B 598fd72e84742dc1ebe313aa4fc9dfd90ab8c408a21bf0e2523d3752c8399b5b8e285464e48d274295c7d45a9692b0042351864611dd4b0a5205e634026de830 SHA512 2755d321d2a97c8c5c03dc397fe1576e4f7fc77e06190f5df571b0dc0641cb2088dac121db4bf00a3a5c1c78f21a008f867ca8e04506708c9e6a487de4021077 +EBUILD rizin-0.3.1-r2.ebuild 2910 BLAKE2B 3b1817a02c425f703168c5b5c78c7df0106f64df1d2420f59f2d4b66581b1439d18f9e22cb9db3ef08b4580f6e37ace6797113a0a461e5ef7c657b527193c5bb SHA512 4540a23f9a6ca9586a45fb8fbac22762886e54bba5d3863d098bf40a291c09fb5a49f24107352f7a9230749de0aafaec002c91ff3ba6d8b2cd38c281cbcd9b85 MISC metadata.xml 348 BLAKE2B eea14d9f2e713f2f272a46bd754e500b28ec3958f0f4295e6fe6e73c9dcfa1e180fa62901bdb591fdb43ec8ead23a63f20416e52605e6ae186532e651e0eb1a3 SHA512 db41ccd0ce1493387c47eb707dd303c556ad784ffab2ffe03509a4ff7b0c1b650b0f0999edb5e4e040f95f1f550e9a11ead273ec74ebedb97e645e40c6ad37d5 diff --git a/dev-util/rizin/files/rizin-0.3.1-CVE-2021-43814.patch b/dev-util/rizin/files/rizin-0.3.1-CVE-2021-43814.patch new file mode 100644 index 000000000000..f7c511b5a0cf --- /dev/null +++ b/dev-util/rizin/files/rizin-0.3.1-CVE-2021-43814.patch @@ -0,0 +1,90 @@ +From aa6917772d2f32e5a7daab25a46c72df0b5ea406 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Florian=20M=C3=A4rkl?= <info@florianmaerkl.de> +Date: Fri, 10 Dec 2021 15:43:12 +0100 +Subject: [PATCH] Fix oob write for dwarf with abbrev with count 0 (Fix #2083) + (#2086) + +--- + librz/bin/dwarf.c | 40 ++++++++++++++++++++++----------------- + test/db/formats/elf/crash | 8 ++++++++ + 2 files changed, 31 insertions(+), 17 deletions(-) + +diff --git a/librz/bin/dwarf.c b/librz/bin/dwarf.c +index 1ed1d3517c2..23dd1f9f0b1 100644 +--- a/librz/bin/dwarf.c ++++ b/librz/bin/dwarf.c +@@ -1220,9 +1220,13 @@ static int init_die(RzBinDwarfDie *die, ut64 abbr_code, ut64 attr_count) { + if (!die) { + return -1; + } +- die->attr_values = calloc(sizeof(RzBinDwarfAttrValue), attr_count); +- if (!die->attr_values) { +- return -1; ++ if (attr_count) { ++ die->attr_values = calloc(sizeof(RzBinDwarfAttrValue), attr_count); ++ if (!die->attr_values) { ++ return -1; ++ } ++ } else { ++ die->attr_values = NULL; + } + die->abbrev_code = abbr_code; + die->capacity = attr_count; +@@ -1726,25 +1730,27 @@ static const ut8 *parse_die(const ut8 *buf, const ut8 *buf_end, RzBinDwarfDebugI + size_t i; + const char *comp_dir = NULL; + ut64 line_info_offset = UT64_MAX; +- for (i = 0; i < abbrev->count - 1; i++) { +- memset(&die->attr_values[i], 0, sizeof(die->attr_values[i])); ++ if (abbrev->count) { ++ for (i = 0; i < abbrev->count - 1; i++) { ++ memset(&die->attr_values[i], 0, sizeof(die->attr_values[i])); + +- buf = parse_attr_value(buf, buf_end - buf, &abbrev->defs[i], +- &die->attr_values[i], hdr, debug_str, debug_str_len, big_endian); ++ buf = parse_attr_value(buf, buf_end - buf, &abbrev->defs[i], ++ &die->attr_values[i], hdr, debug_str, debug_str_len, big_endian); + +- RzBinDwarfAttrValue *attribute = &die->attr_values[i]; ++ RzBinDwarfAttrValue *attribute = &die->attr_values[i]; + +- if (attribute->attr_name == DW_AT_comp_dir && (attribute->attr_form == DW_FORM_strp || attribute->attr_form == DW_FORM_string) && attribute->string.content) { +- comp_dir = attribute->string.content; +- } +- if (attribute->attr_name == DW_AT_stmt_list) { +- if (attribute->kind == DW_AT_KIND_CONSTANT) { +- line_info_offset = attribute->uconstant; +- } else if (attribute->kind == DW_AT_KIND_REFERENCE) { +- line_info_offset = attribute->reference; ++ if (attribute->attr_name == DW_AT_comp_dir && (attribute->attr_form == DW_FORM_strp || attribute->attr_form == DW_FORM_string) && attribute->string.content) { ++ comp_dir = attribute->string.content; ++ } ++ if (attribute->attr_name == DW_AT_stmt_list) { ++ if (attribute->kind == DW_AT_KIND_CONSTANT) { ++ line_info_offset = attribute->uconstant; ++ } else if (attribute->kind == DW_AT_KIND_REFERENCE) { ++ line_info_offset = attribute->reference; ++ } + } ++ die->count++; + } +- die->count++; + } + + // If this is a compilation unit dir attribute, we want to cache it so the line info parsing +diff --git a/test/db/formats/elf/crash b/test/db/formats/elf/crash +index ea6c2c214bb..fb8a572bd56 100644 +--- a/test/db/formats/elf/crash ++++ b/test/db/formats/elf/crash +@@ -25,3 +25,11 @@ nth vaddr bind type lib name + [] + EOF + RUN ++ ++NAME=ELF/Dwarf: abbrev empty ++FILE=bins/elf/dwarf_fuzzed_abbrev_empty ++CMDS=<<EOF ++aaa ++EOF ++EXPECT= ++RUN diff --git a/dev-util/rizin/rizin-0.3.1-r2.ebuild b/dev-util/rizin/rizin-0.3.1-r2.ebuild new file mode 100644 index 000000000000..5148796711c6 --- /dev/null +++ b/dev-util/rizin/rizin-0.3.1-r2.ebuild @@ -0,0 +1,103 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=(python3_{8,9,10}) + +# This is the commit that the CI for the release commit used +BINS_COMMIT="74b6e4511112b1a6abc571091efc32ec2a7d98a6" + +inherit meson python-any-r1 + +DESCRIPTION="reverse engineering framework for binary analysis" +HOMEPAGE="https://rizin.re/" + +SRC_URI="https://github.com/rizinorg/rizin/releases/download/v${PV}/rizin-src-v${PV}.tar.xz" + #test? ( https://github.com/rizinorg/rizin-testbins/archive/${BINS_COMMIT}.tar.gz -> rizin-testbins-${BINS_COMMIT}.tar.gz )" +KEYWORDS="~amd64 ~arm64 ~x86" + +LICENSE="Apache-2.0 BSD LGPL-3 MIT" +SLOT="0/${PV}" +IUSE="test" + +# Need to audit licenses of the binaries used for testing +RESTRICT="test" + +RDEPEND=" + sys-apps/file + app-arch/lz4:0= + dev-libs/capstone:0= + dev-libs/libuv:0= + dev-libs/libzip:0= + dev-libs/openssl:0= + >=dev-libs/tree-sitter-0.19.0 + dev-libs/xxhash + sys-libs/zlib:0= +" +DEPEND="${RDEPEND}" +BDEPEND="${PYTHON_DEPS}" + +PATCHES=( + "${FILESDIR}/${PN}-0.3.0-typedb-prefix.patch" + "${FILESDIR}/${P}-CVE-2021-43814.patch" +) + +S="${WORKDIR}/${PN}-v${PV}" + +src_prepare() { + default + + local py_to_mangle=( + librz/core/cmd_descs/cmd_descs_generate.py + subprojects/lz4-1.9.3/contrib/meson/meson/GetLz4LibraryVersion.py + subprojects/lz4-1.9.3/contrib/meson/meson/InstallSymlink.py + subprojects/lz4-1.9.3/tests/test-lz4-list.py + subprojects/lz4-1.9.3/tests/test-lz4-speed.py + subprojects/lz4-1.9.3/tests/test-lz4-versions.py + sys/clang-format.py + test/fuzz/scripts/fuzz_rz_asm.py + test/scripts/gdbserver.py + ) + + python_fix_shebang "${py_to_mangle[@]}" + + if use test; then + cp -r "${WORKDIR}/rizin-testbins-${BINS_COMMIT}" "${S}/test/bins" || die + cp -r "${WORKDIR}/rizin-testbins-${BINS_COMMIT}" "${S}" || die + fi +} + +src_configure() { + local emesonargs=( + -Dcli=enabled + -Duse_sys_capstone=enabled + -Duse_sys_magic=enabled + -Duse_sys_libzip=enabled + -Duse_sys_zlib=enabled + -Duse_sys_lz4=enabled + -Duse_sys_xxhash=enabled + -Duse_sys_openssl=enabled + -Duse_sys_tree_sitter=enabled + + $(meson_use test enable_tests) + $(meson_use test enable_rz_test) + ) + meson_src_configure +} + +src_test() { + # Rizin uses data files that it expects to be installed on the + # system. To hack around this, we create a tree of what it expects + # in ${T}, and patch the tests to support a prefix from the + # environment. https://github.com/rizinorg/rizin/issues/1789 + mkdir -p "${T}/usr/share/${PN}/${PV}" || die + ln -sf "${BUILD_DIR}/librz/analysis/d" "${T}/usr/share/${PN}/${PV}/types" || die + ln -sf "${BUILD_DIR}/librz/syscall/d" "${T}/usr/share/${PN}/${PV}/syscall" || die + ln -sf "${BUILD_DIR}/librz/asm/d" "${T}/usr/share/${PN}/${PV}/opcodes" || die + # https://github.com/rizinorg/rizin/issues/1797 + ln -sf "${BUILD_DIR}/librz/flag/d" "${T}/usr/share/${PN}/${PV}/flag" || die + export RZ_PREFIX="${T}/usr" + + meson_src_test +} |