From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@redcorelinux.org>
Date: Mon, 9 Oct 2017 18:53:29 +0100
Subject: reinit the tree, so we can have metadata

---
 dev-libs/libmspack/Manifest                        |  5 +++
 .../files/libmspack-0.5_alpha-CVE-2017-6419.patch  | 41 ++++++++++++++++++
 dev-libs/libmspack/libmspack-0.5_alpha-r1.ebuild   | 50 ++++++++++++++++++++++
 dev-libs/libmspack/libmspack-0.5_alpha.ebuild      | 46 ++++++++++++++++++++
 dev-libs/libmspack/metadata.xml                    |  8 ++++
 5 files changed, 150 insertions(+)
 create mode 100644 dev-libs/libmspack/Manifest
 create mode 100644 dev-libs/libmspack/files/libmspack-0.5_alpha-CVE-2017-6419.patch
 create mode 100644 dev-libs/libmspack/libmspack-0.5_alpha-r1.ebuild
 create mode 100644 dev-libs/libmspack/libmspack-0.5_alpha.ebuild
 create mode 100644 dev-libs/libmspack/metadata.xml

(limited to 'dev-libs/libmspack')

diff --git a/dev-libs/libmspack/Manifest b/dev-libs/libmspack/Manifest
new file mode 100644
index 000000000000..1f3cc0a17de0
--- /dev/null
+++ b/dev-libs/libmspack/Manifest
@@ -0,0 +1,5 @@
+AUX libmspack-0.5_alpha-CVE-2017-6419.patch 1483 SHA256 4b3ba5b72796af2a442bb0a01a09d6f19a4cc1544c84f505b9c50d974262e9b4 SHA512 b6aafe82630d3bb1254fcce9a8bc528b0f375a2e7eec5f729e04c2d9816feb23ba12a0275efcf5ced6578789c4ef83b4364104b4cc35c2c146f4fb527c8dbf4a WHIRLPOOL f34e90557d6c01827c032ad9067b7d1d0072f9cd4b49d99c3d6968e30e0d2d64c5a4e405fa5ff93d483268a1ee2dd912ef4e8091ef4265ef90eed0447416646d
+DIST libmspack-0.5alpha.tar.gz 654193 SHA256 8967f275525f5067b364cee43b73e44d0433668c39f9376dfff19f653d1c8110 SHA512 6d4efa0f43c43185ef91c97c1518aa70f09109d7332cda7e12019e146ec9cb0f2065fb1b57683b48bae9a7eaf8e82eb94096644c6d25c56d45878f630b719231 WHIRLPOOL fcbbbdee1ce4c75222767ad7ce3e16d18c3fbf1c7cb60170a9cad51647e3500e11c458f7a65e8c2e0dccfb8a8e3981f13252ac26fd9edce6f633381b77410faf
+EBUILD libmspack-0.5_alpha-r1.ebuild 1056 SHA256 8a72b6596b49c1983142923a489d396737bf24f8fd8ec103311aa681889d7ded SHA512 df255a8f2895b667e46acb21586f7101cbb59d9dff1575a537ce31bbaac7c1d5316ca37ea58c953c1c7854929cea6e5314d5287b915b19cbd8bc943d3f1c2182 WHIRLPOOL c0ce9ca8a6e62e50574c14ae4b2cf4d56fe405d448ae9e6fcdb82bbb3df008aea0aa0763f23b2bdc9d0ae236b8995e26e3c964508956694c84b727134137765f
+EBUILD libmspack-0.5_alpha.ebuild 1001 SHA256 e3ba99982cb2b9704552a2805b912d6c6be5bb1a74c33770609bcd0bdaf30a73 SHA512 04e51296ad4a50665ad8df5d020337c75667f7525412b08356aede88c5b79bfd102613ba5f7a7fd26adbb918a4d78e280f4977949dfcc59a492613ceba1114ed WHIRLPOOL 55f3edd5aea6e803a8c3c70c310d905a8a76e314ad2ecbfce453d8438435512e2b5cdb04d9dcbdff54b9d59915b77e0018d46cc1a9e3fdd4a49f3ef902a8c9f0
+MISC metadata.xml 269 SHA256 b0e50e7006e04a696bc946ae45550e2bb2d59f449f22ca6a2eade72adb0a927f SHA512 753992cc0fe22a630515becd9f12d80c9929c104521232d87da5fb369c1e3d2a86080d1d54ed1483b54f368882a7a3854a151c7779c5a3ce2aabb06b6a840c2a WHIRLPOOL e9ced1f41b584ec2f6653cbc62c86391fd9306e5f79347bc9d6e82956a7d069177ff5c2e5fc471a4097984889b22fdad936210b3bcd0682327c6aaafb11877b3
diff --git a/dev-libs/libmspack/files/libmspack-0.5_alpha-CVE-2017-6419.patch b/dev-libs/libmspack/files/libmspack-0.5_alpha-CVE-2017-6419.patch
new file mode 100644
index 000000000000..1b81fdcbfcd4
--- /dev/null
+++ b/dev-libs/libmspack/files/libmspack-0.5_alpha-CVE-2017-6419.patch
@@ -0,0 +1,41 @@
+From a83773682e856ad6529ba6db8d1792e6d515d7f1 Mon Sep 17 00:00:00 2001
+From: Mickey Sola <msola@sourcefire.com>
+Date: Wed, 29 Mar 2017 14:55:26 -0400
+Subject: [PATCH] fixing potential OOB window write when unpacking chm files
+
+---
+ libclamav/libmspack-0.5alpha/mspack/lzxd.c | 11 +++++++++--
+ libclamav/libmspack.c                      |  6 +++++-
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/libclamav/libmspack-0.5alpha/mspack/lzxd.c b/libclamav/libmspack-0.5alpha/mspack/lzxd.c
+index 2281e7b9d..45105a583 100644
+--- a/mspack/lzxd.c
++++ b/mspack/lzxd.c
+@@ -766,8 +766,13 @@ int lzxd_decompress(struct lzxd_stream *lzx, off_t out_bytes) {
+       case LZX_BLOCKTYPE_UNCOMPRESSED:
+ 	/* as this_run is limited not to wrap a frame, this also means it
+ 	 * won't wrap the window (as the window is a multiple of 32k) */
++        if (window_posn + this_run > lzx->window_size) {
++                D(("match ran over window boundary"))
++                return lzx->error = MSPACK_ERR_DECRUNCH;
++        }
+ 	rundest = &window[window_posn];
+ 	window_posn += this_run;
++
+ 	while (this_run > 0) {
+ 	  if ((i = i_end - i_ptr) == 0) {
+ 	    READ_IF_NEEDED;
+@@ -888,8 +893,10 @@ void lzxd_free(struct lzxd_stream *lzx) {
+   struct mspack_system *sys;
+   if (lzx) {
+     sys = lzx->sys;
+-    sys->free(lzx->inbuf);
+-    sys->free(lzx->window);
++    if(lzx->inbuf)
++        sys->free(lzx->inbuf);
++    if(lzx->window)
++        sys->free(lzx->window);
+     sys->free(lzx);
+   }
+ }
diff --git a/dev-libs/libmspack/libmspack-0.5_alpha-r1.ebuild b/dev-libs/libmspack/libmspack-0.5_alpha-r1.ebuild
new file mode 100644
index 000000000000..f8c7bd3ce1d1
--- /dev/null
+++ b/dev-libs/libmspack/libmspack-0.5_alpha-r1.ebuild
@@ -0,0 +1,50 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit eutils multilib-minimal
+
+MY_PV="${PV/_alpha/alpha}"
+MY_P="${PN}-${MY_PV}"
+
+DESCRIPTION="A library for Microsoft compression formats"
+HOMEPAGE="https://www.cabextract.org.uk/libmspack/"
+SRC_URI="https://www.cabextract.org.uk/libmspack/libmspack-${MY_PV}.tar.gz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="debug doc static-libs"
+
+DEPEND=""
+RDEPEND=""
+
+PATCHES=(
+	"${FILESDIR}/${P}-CVE-2017-6419.patch"
+)
+
+S="${WORKDIR}/${MY_P}"
+
+multilib_src_configure() {
+	ECONF_SOURCE="${S}" econf \
+		$(use_enable debug) \
+		$(use_enable static-libs static)
+}
+
+multilib_src_test() {
+	if multilib_is_native_abi; then
+		default
+		cd "${S}"/test && "${BUILD_DIR}"/test/cabd_test || die
+	fi
+}
+
+multilib_src_install_all() {
+	DOCS=(AUTHORS ChangeLog NEWS README TODO)
+	prune_libtool_files --all
+	use doc && HTML_DOCS=(doc/*)
+	default_src_install
+	if use doc; then
+		rm "${ED}"/usr/share/doc/"${PF}"/html/{Makefile*,Doxyfile*} || die
+	fi
+}
diff --git a/dev-libs/libmspack/libmspack-0.5_alpha.ebuild b/dev-libs/libmspack/libmspack-0.5_alpha.ebuild
new file mode 100644
index 000000000000..9a9a803628ee
--- /dev/null
+++ b/dev-libs/libmspack/libmspack-0.5_alpha.ebuild
@@ -0,0 +1,46 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit eutils multilib-minimal
+
+MY_PV="${PV/_alpha/alpha}"
+MY_P="${PN}-${MY_PV}"
+
+DESCRIPTION="A library for Microsoft compression formats"
+HOMEPAGE="https://www.cabextract.org.uk/libmspack/"
+SRC_URI="https://www.cabextract.org.uk/libmspack/libmspack-${MY_PV}.tar.gz"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="amd64 x86"
+IUSE="debug doc static-libs"
+
+DEPEND=""
+RDEPEND=""
+
+S="${WORKDIR}/${MY_P}"
+
+multilib_src_configure() {
+	ECONF_SOURCE="${S}" econf \
+		$(use_enable debug) \
+		$(use_enable static-libs static)
+}
+
+multilib_src_test() {
+	if multilib_is_native_abi; then
+		default
+		cd "${S}"/test && "${BUILD_DIR}"/test/cabd_test || die
+	fi
+}
+
+multilib_src_install_all() {
+	DOCS=(AUTHORS ChangeLog NEWS README TODO)
+	prune_libtool_files --all
+	use doc && HTML_DOCS=(doc/*)
+	default_src_install
+	if use doc; then
+		rm "${ED}"/usr/share/doc/"${PF}"/html/{Makefile*,Doxyfile*} || die
+	fi
+}
diff --git a/dev-libs/libmspack/metadata.xml b/dev-libs/libmspack/metadata.xml
new file mode 100644
index 000000000000..ea4e7c21a844
--- /dev/null
+++ b/dev-libs/libmspack/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+    <maintainer type="person">
+        <email>reavertm@gentoo.org</email>
+        <name>Maciej Mrozowski</name>
+    </maintainer>
+</pkgmetadata>
-- 
cgit v1.2.3