From f78108598211053d41752a83e0345441bb9014ae Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 11 Feb 2018 16:09:52 +0000 Subject: gentoo resync : 11.02.2018 --- app-arch/p7zip/Manifest | 5 +- app-arch/p7zip/files/CVE-2017-17969.patch | 26 ++++ app-arch/p7zip/files/CVE-2018-5996.patch | 221 ++++++++++++++++++++++++++++++ app-arch/p7zip/metadata.xml | 1 - app-arch/p7zip/p7zip-16.02-r2.ebuild | 163 ++++++++++++++++++++++ 5 files changed, 414 insertions(+), 2 deletions(-) create mode 100644 app-arch/p7zip/files/CVE-2017-17969.patch create mode 100644 app-arch/p7zip/files/CVE-2018-5996.patch create mode 100644 app-arch/p7zip/p7zip-16.02-r2.ebuild (limited to 'app-arch/p7zip') diff --git a/app-arch/p7zip/Manifest b/app-arch/p7zip/Manifest index aa031b9ab305..f34ffc06b2c3 100644 --- a/app-arch/p7zip/Manifest +++ b/app-arch/p7zip/Manifest @@ -1,4 +1,7 @@ +AUX CVE-2017-17969.patch 804 BLAKE2B 1b3d12f6d81d3b3a934088020509435c07a8bfe5ab2003e7369aa9b775808711915b1a0ede48ab6b8b24f37b55f2b84eefff020c34ec171002d9d714bac96f57 SHA512 fb97f6cccedda5b53492afffd65e9933055ffb3dba1419799bb5bf069d066f1172424a7913e0661fbe5937d23c94c062499968ddd09b7310f5d2c8003274340a +AUX CVE-2018-5996.patch 6427 BLAKE2B a60d4c51470d9a1ee58afc4ced5190dc589c78604dfd8cefdb5f4caca74d73f175722f777c4c13839951178b394c44b69577c8b5125f45581890dfaf1325d47d SHA512 7962a03430b94aec7c93d6dabee340f4f5915d728ba4df0dcaae483ab9c29115818e5e944572a3fd910addad8799c6a1e3911f6a0a02b661f804eea11c3a0f40 AUX p7zip-16.02-darwin.patch 218 BLAKE2B 4e6b9f830ef9aff4d9db050163477a341353c4f16188ad2eeef3e248afabdc34d47d4c0708f174efa80e98906833b549b28d43af4585f2b1e34311e6f8c9944c SHA512 26ef30ce27fccdeae6388801e7a619225995c50394131ad5dd6fcf2236a40e92ad2d6dd2ea04c362fd660264decc6b616e5ee6ef83ff42c111e2b1a40f620c68 DIST p7zip_16.02_src_all.tar.bz2 4239909 BLAKE2B 075356fba5284cbb124e30c36364a910ae5a7ac6bee8a8fb682c5a7ce2f1870ef83d3160c84f8dabad1d616c13d642cba1f19fb9384160d21590cf678dd8f1a6 SHA512 d2c4d53817f96bb4c7683f42045198d4cd509cfc9c3e2cb85c8d9dc4ab6dfa7496449edeac4e300ecf986a9cbbc90bd8f8feef8156895d94617c04e507add55f EBUILD p7zip-16.02-r1.ebuild 4498 BLAKE2B e1376067188375ef82b1703531d7c673a54ce6901bc3af814d2928ca503b23484572781d27ef9ee66d388cfc3344d2e960c602ebd0e034ea6ab685a87c6ff773 SHA512 9a0ec08e5013933c43234e38574ac95d81b75b58992c021a2ba2679fc6d00d1ec4b79985d4555189c774f22def0125fa8a5e1e66a67de1daf84d1ef94720e3dc -MISC metadata.xml 435 BLAKE2B d5f4a262fb40714a31cb5bb1081103c0adac996ef2fbcb801d3d6bf06d2459c4b135ab036aa9fefb39cba8655c400e37fcc862dbc166ec71aeaa1fb2bbdff7b1 SHA512 3588bbc28ee0e54a059d88d35ce821596b0dd3b5c1f84490568a3f7d3f67f5ade02c301c699bdaaf4cb653df5d59441cb7383a18708cd15d64d97eb1f0847f1c +EBUILD p7zip-16.02-r2.ebuild 4574 BLAKE2B fca0eae0627cd048be81a8735b7cb2cb9631fa0a490d13b9a69b11c942de2b549536f83f8b4acb5d81ea3f30e2d1a6895ea6eedbf3ccaa6b5dedc8a30c7b8aa4 SHA512 6849e8f2806b1544987dd000ec4f5c77552655257c55c35a81f84c2788237488fc7e8a366076a1472c7faa2688527ccd2463a2b31d22a2e397d162e432b00a2c +MISC metadata.xml 393 BLAKE2B 6ab87f3e2f35dded47136efbf8f93c7a899a5918b4a8e3ab6658a427da8085e8eb0e6ce2aec09fd0ea5fb14909081600b79027878b7e5b8ef9d476def057e52f SHA512 50eb24c1e60e0be2c02d8054a5039c5e2b11ac82aea3f90c0a37c21e68b01135de88878b1079ec46eeb8d1f8ab52fb8c9f58f88a498feb38ae5743adb7519176 diff --git a/app-arch/p7zip/files/CVE-2017-17969.patch b/app-arch/p7zip/files/CVE-2017-17969.patch new file mode 100644 index 000000000000..9a820af73067 --- /dev/null +++ b/app-arch/p7zip/files/CVE-2017-17969.patch @@ -0,0 +1,26 @@ +From: =?utf-8?q?Antoine_Beaupr=C3=A9?= +Date: Sun, 28 Jan 2018 21:19:50 +0100 +Subject: backport of the CVE-2017-17969 fix from 7zip 18.00-beta + +--- + CPP/7zip/Compress/ShrinkDecoder.cpp | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/CPP/7zip/Compress/ShrinkDecoder.cpp b/CPP/7zip/Compress/ShrinkDecoder.cpp +index 80b7e67..4acdce5 100644 +--- a/CPP/7zip/Compress/ShrinkDecoder.cpp ++++ b/CPP/7zip/Compress/ShrinkDecoder.cpp +@@ -121,7 +121,12 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * + { + _stack[i++] = _suffixes[cur]; + cur = _parents[cur]; +- } ++ if (i >= kNumItems) ++ break; ++ } ++ ++ if (i >= kNumItems) ++ break; + + _stack[i++] = (Byte)cur; + lastChar2 = (Byte)cur; diff --git a/app-arch/p7zip/files/CVE-2018-5996.patch b/app-arch/p7zip/files/CVE-2018-5996.patch new file mode 100644 index 000000000000..6733bff91895 --- /dev/null +++ b/app-arch/p7zip/files/CVE-2018-5996.patch @@ -0,0 +1,221 @@ +From: Robert Luberda +Date: Sun, 28 Jan 2018 23:47:40 +0100 +Subject: CVE-2018-5996 + +Hopefully fix Memory Corruptions via RAR PPMd (CVE-2018-5996) by +applying a few changes from 7Zip 18.00-beta. + +Bug-Debian: https://bugs.debian.org/#888314 +--- + CPP/7zip/Compress/Rar1Decoder.cpp | 13 +++++++++---- + CPP/7zip/Compress/Rar1Decoder.h | 1 + + CPP/7zip/Compress/Rar2Decoder.cpp | 10 +++++++++- + CPP/7zip/Compress/Rar2Decoder.h | 1 + + CPP/7zip/Compress/Rar3Decoder.cpp | 23 ++++++++++++++++++++--- + CPP/7zip/Compress/Rar3Decoder.h | 2 ++ + 6 files changed, 42 insertions(+), 8 deletions(-) + +diff --git a/CPP/7zip/Compress/Rar1Decoder.cpp b/CPP/7zip/Compress/Rar1Decoder.cpp +index 1aaedcc..68030c7 100644 +--- a/CPP/7zip/Compress/Rar1Decoder.cpp ++++ b/CPP/7zip/Compress/Rar1Decoder.cpp +@@ -29,7 +29,7 @@ public: + }; + */ + +-CDecoder::CDecoder(): m_IsSolid(false) { } ++CDecoder::CDecoder(): m_IsSolid(false), _errorMode(false) { } + + void CDecoder::InitStructures() + { +@@ -406,9 +406,14 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * + InitData(); + if (!m_IsSolid) + { ++ _errorMode = false; + InitStructures(); + InitHuff(); + } ++ ++ if (_errorMode) ++ return S_FALSE; ++ + if (m_UnpackSize > 0) + { + GetFlagsBuf(); +@@ -477,9 +482,9 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream + const UInt64 *inSize, const UInt64 *outSize, ICompressProgressInfo *progress) + { + try { return CodeReal(inStream, outStream, inSize, outSize, progress); } +- catch(const CInBufferException &e) { return e.ErrorCode; } +- catch(const CLzOutWindowException &e) { return e.ErrorCode; } +- catch(...) { return S_FALSE; } ++ catch(const CInBufferException &e) { _errorMode = true; return e.ErrorCode; } ++ catch(const CLzOutWindowException &e) { _errorMode = true; return e.ErrorCode; } ++ catch(...) { _errorMode = true; return S_FALSE; } + } + + STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size) +diff --git a/CPP/7zip/Compress/Rar1Decoder.h b/CPP/7zip/Compress/Rar1Decoder.h +index 630f089..01b606b 100644 +--- a/CPP/7zip/Compress/Rar1Decoder.h ++++ b/CPP/7zip/Compress/Rar1Decoder.h +@@ -39,6 +39,7 @@ public: + + Int64 m_UnpackSize; + bool m_IsSolid; ++ bool _errorMode; + + UInt32 ReadBits(int numBits); + HRESULT CopyBlock(UInt32 distance, UInt32 len); +diff --git a/CPP/7zip/Compress/Rar2Decoder.cpp b/CPP/7zip/Compress/Rar2Decoder.cpp +index b3f2b4b..0580c8d 100644 +--- a/CPP/7zip/Compress/Rar2Decoder.cpp ++++ b/CPP/7zip/Compress/Rar2Decoder.cpp +@@ -80,7 +80,8 @@ static const UInt32 kHistorySize = 1 << 20; + static const UInt32 kWindowReservSize = (1 << 22) + 256; + + CDecoder::CDecoder(): +- m_IsSolid(false) ++ m_IsSolid(false), ++ m_TablesOK(false) + { + } + +@@ -100,6 +101,8 @@ UInt32 CDecoder::ReadBits(unsigned numBits) { return m_InBitStream.ReadBits(numB + + bool CDecoder::ReadTables(void) + { ++ m_TablesOK = false; ++ + Byte levelLevels[kLevelTableSize]; + Byte newLevels[kMaxTableSize]; + m_AudioMode = (ReadBits(1) == 1); +@@ -170,6 +173,8 @@ bool CDecoder::ReadTables(void) + } + + memcpy(m_LastLevels, newLevels, kMaxTableSize); ++ m_TablesOK = true; ++ + return true; + } + +@@ -344,6 +349,9 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * + return S_FALSE; + } + ++ if (!m_TablesOK) ++ return S_FALSE; ++ + UInt64 startPos = m_OutWindowStream.GetProcessedSize(); + while (pos < unPackSize) + { +diff --git a/CPP/7zip/Compress/Rar2Decoder.h b/CPP/7zip/Compress/Rar2Decoder.h +index 3a0535c..0e9005f 100644 +--- a/CPP/7zip/Compress/Rar2Decoder.h ++++ b/CPP/7zip/Compress/Rar2Decoder.h +@@ -139,6 +139,7 @@ class CDecoder : + + UInt64 m_PackSize; + bool m_IsSolid; ++ bool m_TablesOK; + + void InitStructures(); + UInt32 ReadBits(unsigned numBits); +diff --git a/CPP/7zip/Compress/Rar3Decoder.cpp b/CPP/7zip/Compress/Rar3Decoder.cpp +index 3bf2513..6cb8a6a 100644 +--- a/CPP/7zip/Compress/Rar3Decoder.cpp ++++ b/CPP/7zip/Compress/Rar3Decoder.cpp +@@ -92,7 +92,8 @@ CDecoder::CDecoder(): + _writtenFileSize(0), + _vmData(0), + _vmCode(0), +- m_IsSolid(false) ++ m_IsSolid(false), ++ _errorMode(false) + { + Ppmd7_Construct(&_ppmd); + } +@@ -545,6 +546,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) + return InitPPM(); + } + ++ TablesRead = false; ++ TablesOK = false; ++ + _lzMode = true; + PrevAlignBits = 0; + PrevAlignCount = 0; +@@ -606,6 +610,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) + } + } + } ++ if (InputEofError()) ++ return S_FALSE; ++ + TablesRead = true; + + // original code has check here: +@@ -623,6 +630,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) + RIF(m_LenDecoder.Build(&newLevels[kMainTableSize + kDistTableSize + kAlignTableSize])); + + memcpy(m_LastLevels, newLevels, kTablesSizesSum); ++ ++ TablesOK = true; ++ + return S_OK; + } + +@@ -824,7 +834,12 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress) + PpmEscChar = 2; + PpmError = true; + InitFilters(); ++ _errorMode = false; + } ++ ++ if (_errorMode) ++ return S_FALSE; ++ + if (!m_IsSolid || !TablesRead) + { + bool keepDecompressing; +@@ -838,6 +853,8 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress) + bool keepDecompressing; + if (_lzMode) + { ++ if (!TablesOK) ++ return S_FALSE; + RINOK(DecodeLZ(keepDecompressing)) + } + else +@@ -901,8 +918,8 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream + _unpackSize = outSize ? *outSize : (UInt64)(Int64)-1; + return CodeReal(progress); + } +- catch(const CInBufferException &e) { return e.ErrorCode; } +- catch(...) { return S_FALSE; } ++ catch(const CInBufferException &e) { _errorMode = true; return e.ErrorCode; } ++ catch(...) { _errorMode = true; return S_FALSE; } + // CNewException is possible here. But probably CNewException is caused + // by error in data stream. + } +diff --git a/CPP/7zip/Compress/Rar3Decoder.h b/CPP/7zip/Compress/Rar3Decoder.h +index c130cec..2f72d7d 100644 +--- a/CPP/7zip/Compress/Rar3Decoder.h ++++ b/CPP/7zip/Compress/Rar3Decoder.h +@@ -192,6 +192,7 @@ class CDecoder: + UInt32 _lastFilter; + + bool m_IsSolid; ++ bool _errorMode; + + bool _lzMode; + bool _unsupportedFilter; +@@ -200,6 +201,7 @@ class CDecoder: + UInt32 PrevAlignCount; + + bool TablesRead; ++ bool TablesOK; + + CPpmd7 _ppmd; + int PpmEscChar; diff --git a/app-arch/p7zip/metadata.xml b/app-arch/p7zip/metadata.xml index 686e0639c24c..17c1bda0021e 100644 --- a/app-arch/p7zip/metadata.xml +++ b/app-arch/p7zip/metadata.xml @@ -3,7 +3,6 @@ prometheanfire@gentoo.org - maintainer Enable support for non-free rar decoder diff --git a/app-arch/p7zip/p7zip-16.02-r2.ebuild b/app-arch/p7zip/p7zip-16.02-r2.ebuild new file mode 100644 index 000000000000..e6a89fe7a155 --- /dev/null +++ b/app-arch/p7zip/p7zip-16.02-r2.ebuild @@ -0,0 +1,163 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +WX_GTK_VER="3.0" + +inherit toolchain-funcs wxwidgets + +DESCRIPTION="Port of 7-Zip archiver for Unix" +HOMEPAGE="http://p7zip.sourceforge.net/" +SRC_URI="mirror://sourceforge/${PN}/${PN}_${PV}_src_all.tar.bz2" + +LICENSE="LGPL-2.1 rar? ( unRAR )" +SLOT="0" +KEYWORDS="~alpha amd64 ~arm ~arm64 hppa ia64 ~ppc ~ppc64 ~s390 ~sparc x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris" +IUSE="abi_x86_x32 doc kde +pch rar static wxwidgets" + +REQUIRED_USE="kde? ( wxwidgets )" + +RDEPEND="wxwidgets? ( x11-libs/wxGTK:${WX_GTK_VER}[X] )" +DEPEND="${RDEPEND} + abi_x86_x32? ( >=dev-lang/yasm-1.2.0-r1 ) + amd64? ( dev-lang/yasm ) + x86? ( dev-lang/nasm )" + +S=${WORKDIR}/${PN}_${PV} + +DOCS=( ChangeLog README TODO ) + +PATCHES=( + "${FILESDIR}"/${P}-darwin.patch + "${FILESDIR}"/CVE-2017-17969.patch + "${FILESDIR}"/CVE-2018-5996.patch +) + +src_prepare() { + default + + if ! use pch; then + sed "s:PRE_COMPILED_HEADER=StdAfx.h.gch:PRE_COMPILED_HEADER=:g" -i makefile.* || die + fi + + sed \ + -e 's:-m32 ::g' \ + -e 's:-m64 ::g' \ + -e 's:-pipe::g' \ + -e '/ALLFLAGS/s:-s ::' \ + -e "/OPTFLAGS=/s:=.*:=${CXXFLAGS}:" \ + -i makefile* || die + + # remove non-free RAR codec + if use rar; then + ewarn "Enabling nonfree RAR decompressor" + else + sed \ + -e '/Rar/d' \ + -e '/RAR/d' \ + -i makefile* CPP/7zip/Bundles/Format7zFree/makefile || die + rm -rf CPP/7zip/Compress/Rar || die + fi + + if use abi_x86_x32; then + sed -i -e "/^ASM=/s:amd64:x32:" makefile* || die + cp -f makefile.linux_amd64_asm makefile.machine || die + elif use amd64; then + cp -f makefile.linux_amd64_asm makefile.machine || die + elif use x86; then + cp -f makefile.linux_x86_asm_gcc_4.X makefile.machine || die + elif [[ ${CHOST} == *-darwin* ]] ; then + # Mac OS X needs this special makefile, because it has a non-GNU + # linker, it doesn't matter so much for bitwidth, for it doesn't + # do anything with it + cp -f makefile.macosx_llvm_64bits makefile.machine + # bundles have extension .bundle but don't die because USE=-rar + # removes the Rar directory + sed -i -e '/strcpy(name/s/\.so/.bundle/' \ + CPP/Windows/DLL.cpp || die + sed -i -e '/^PROG=/s/\.so/.bundle/' \ + CPP/7zip/Bundles/Format7zFree/makefile.list \ + $(use rar && echo CPP/7zip/Compress/Rar/makefile.list) || die + elif use x86-fbsd; then + # FreeBSD needs this special makefile, because it hasn't -ldl + sed -e 's/-lc_r/-pthread/' makefile.freebsd > makefile.machine + fi + + if use static; then + sed -i -e '/^LOCAL_LIBS=/s/LOCAL_LIBS=/&-static /' makefile.machine || die + fi + + if use kde || use wxwidgets; then + need-wxwidgets unicode + einfo "Preparing dependency list" + emake depend + fi +} + +src_compile() { + emake CC=$(tc-getCC) CXX=$(tc-getCXX) all3 + if use kde || use wxwidgets; then + emake CC=$(tc-getCC) CXX=$(tc-getCXX) -- 7zG +# emake -- 7zFM + fi +} + +src_test() { + emake test test_7z test_7zr +} + +src_install() { + # this wrappers can not be symlinks, p7zip should be called with full path + make_wrapper 7zr "/usr/$(get_libdir)/${PN}/7zr" + make_wrapper 7za "/usr/$(get_libdir)/${PN}/7za" + make_wrapper 7z "/usr/$(get_libdir)/${PN}/7z" + + if use kde || use wxwidgets; then + make_wrapper 7zG "/usr/$(get_libdir)/${PN}/7zG" +# make_wrapper 7zFM "/usr/$(get_libdir)/${PN}/7zFM" + +# make_desktop_entry 7zFM "${PN} FM" ${PN} "GTK;Utility;Archiving;Compression" + + dobin GUI/p7zipForFilemanager + exeinto /usr/$(get_libdir)/${PN} +# doexe bin/7z{G,FM} + doexe bin/7zG + + insinto /usr/$(get_libdir)/${PN} + doins -r GUI/Lang + doins -r DOC/MANUAL + + insinto /usr/share/icons/hicolor/16x16/apps/ + newins GUI/p7zip_16_ok.png p7zip.png + + if use kde; then + rm GUI/kde4/p7zip_compress.desktop || die + insinto /usr/share/kservices5/ServiceMenus + doins GUI/kde4/*.desktop + dodir /usr/share/kde4/services/ServiceMenus # drop these lines after konqueror:4/krusader:4 are gone + for item in "${ED}"usr/share/kservices5/ServiceMenus/*.desktop; do + item="$(basename ${item})" + dosym "/usr/share/kservices5/ServiceMenus/${item}" "/usr/share/kde4/services/ServiceMenus/${item}" + done + fi + fi + + dobin contrib/gzip-like_CLI_wrapper_for_7z/p7zip + doman contrib/gzip-like_CLI_wrapper_for_7z/man1/p7zip.1 + + exeinto /usr/$(get_libdir)/${PN} + doexe bin/7z bin/7za bin/7zr bin/7zCon.sfx + doexe bin/*$(get_modname) + if use rar; then + exeinto /usr/$(get_libdir)/${PN}/Codecs/ + doexe bin/Codecs/*$(get_modname) + fi + + doman man1/7z.1 man1/7za.1 man1/7zr.1 + + if use doc; then + dodoc DOC/*.txt + dohtml -r DOC/MANUAL/* + fi +} -- cgit v1.2.3