diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2014-02-05 08:27:13 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-02-05 08:27:13 +0000 |
commit | 0881bdc909bd6034308671867df3728563753c05 (patch) | |
tree | ccc193001d84499ec0cb1f3910b393a76c365c3f | |
parent | ec7617bdc408c12343bead5f91ffdf746950d156 (diff) | |
download | aports-0881bdc909bd6034308671867df3728563753c05.tar.bz2 aports-0881bdc909bd6034308671867df3728563753c05.tar.xz |
fixes #2610
-rw-r--r-- | main/graphviz/APKBUILD | 23 | ||||
-rw-r--r-- | main/graphviz/CVE-2014-0978.patch | 53 | ||||
-rw-r--r-- | main/graphviz/CVE-2014-1235.patch | 26 | ||||
-rw-r--r-- | main/graphviz/CVE-2014-1236.patch | 58 |
4 files changed, 155 insertions, 5 deletions
diff --git a/main/graphviz/APKBUILD b/main/graphviz/APKBUILD index c6a123ed3a..ad89ce8260 100644 --- a/main/graphviz/APKBUILD +++ b/main/graphviz/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=graphviz pkgver=2.34.0 -pkgrel=1 +pkgrel=2 pkgdesc="Graph Visualization Tools" url="http://www.graphviz.org/" arch="all" @@ -16,7 +16,11 @@ install="" subpackages="$pkgname-dev $pkgname-doc py-$pkgname:py lua-$pkgname:_lua $pkgname-gtk $pkgname-graphs" source="http://www.graphviz.org/pub/graphviz/stable/SOURCES/graphviz-$pkgver.tar.gz - 0001-clone-nameclash.patch" + 0001-clone-nameclash.patch + CVE-2014-0978.patch + CVE-2014-1235.patch + CVE-2014-1236.patch + " _builddir="$srcdir"/graphviz-$pkgver prepare() { @@ -107,8 +111,17 @@ graphs() { "$subpkgdir"/usr/share/graphviz/ } md5sums="a8a54f8abac5bcdafd9a568e85a086d6 graphviz-2.34.0.tar.gz -bce8a9ae4c3a8c52c1bcf0e03d5ce364 0001-clone-nameclash.patch" +bce8a9ae4c3a8c52c1bcf0e03d5ce364 0001-clone-nameclash.patch +f30088b180fd736be279f985b9949feb CVE-2014-0978.patch +cd1c4cd0b0f459add16e3dffa448d1eb CVE-2014-1235.patch +f94705247b1afe760c5e63352467b65f CVE-2014-1236.patch" sha256sums="d94abca5745aa4c5808ab56cd3d0ec9ed14fb76a5a88d39e1f234fa84d22d764 graphviz-2.34.0.tar.gz -2b6c8186bf2799658494428d68597f63b91799f37809cbe59d8adcab60c27363 0001-clone-nameclash.patch" +2b6c8186bf2799658494428d68597f63b91799f37809cbe59d8adcab60c27363 0001-clone-nameclash.patch +df061d73d19437930316bb347b3508f411e4499171552dc45be100e13524d0ca CVE-2014-0978.patch +78b0545dd0d42e689dffac8ce27f20bc6589eb97017e850da0e3615b049158d3 CVE-2014-1235.patch +33b929b284a3eed68313755c570b868971ef81e154f895735993f4a80082be2b CVE-2014-1236.patch" sha512sums="73dc8c25bc5747fda717d6d2162a8b37bf883544a13b487354a6000d528816a69a021f33cbeec0f6e718a7e9905ab2a04ee63f787ca7f79226055b2da21f4832 graphviz-2.34.0.tar.gz -aa4cbc341906a949a6bf78cadd96c437d6bcc90369941fe03519aa4447731ecbf6063a0dd0366d3e7aaadf22b69e4bcab3f8632a7da7a01f8e08a3be05c2bc5d 0001-clone-nameclash.patch" +aa4cbc341906a949a6bf78cadd96c437d6bcc90369941fe03519aa4447731ecbf6063a0dd0366d3e7aaadf22b69e4bcab3f8632a7da7a01f8e08a3be05c2bc5d 0001-clone-nameclash.patch +a6dde91b11e277b9df717ea61cea9772ec9a0bcb23c530803869a641b3827f3fc889a37c33c47c9df90bd584810225daf518d7f19cc2b9a72d038ec03b2adfab CVE-2014-0978.patch +1bb4f6dd214a48251fcdd05d71ea2bb5f1086837eaca35efcd638669d04e7a6c0de0d519db65145deee5ed9faa099b28a4417b7a3cc92502ae333151c3fcc251 CVE-2014-1235.patch +8f3e5a2f97ac4255fdb830c9351225967d5f946b40ef8dd061554aaeea0bb39a5d9498baa2d36539cb06906e04cdbe1db2a1ceee093efe718ebde87d6de0fbd0 CVE-2014-1236.patch" diff --git a/main/graphviz/CVE-2014-0978.patch b/main/graphviz/CVE-2014-0978.patch new file mode 100644 index 0000000000..f8bb983738 --- /dev/null +++ b/main/graphviz/CVE-2014-0978.patch @@ -0,0 +1,53 @@ +From 7aaddf52cd98589fb0c3ab72a393f8411838438a Mon Sep 17 00:00:00 2001 +From: "Emden R. Gansner" <erg@alum.mit.edu> +Date: Fri, 4 Oct 2013 09:06:39 -0400 +Subject: [PATCH] Fix buffer overflow problem when reporting a syntax error + with a very long input line + +--- + lib/cgraph/scan.l | 21 +++++++++++++++------ + 1 file changed, 15 insertions(+), 6 deletions(-) + +diff --git a/lib/cgraph/scan.l b/lib/cgraph/scan.l +index 3cfde0f..2efd203 100644 +--- a/lib/cgraph/scan.l ++++ b/lib/cgraph/scan.l +@@ -16,6 +16,7 @@ + %{ + #include <grammar.h> + #include <cghdr.h> ++#include <agxbuf.h> + #include <ctype.h> + #define GRAPH_EOF_TOKEN '@' /* lex class must be defined below */ + /* this is a workaround for linux flex */ +@@ -191,13 +192,21 @@ ID ({NAME}|{NUMBER}) + %% + void yyerror(char *str) + { ++ unsigned char xbuf[BUFSIZ]; + char buf[BUFSIZ]; +- if (InputFile) +- sprintf(buf,"%s:%d: %s in line %d near '%s'\n",InputFile, line_num, +- str,line_num,yytext); +- else +- sprintf(buf," %s in line %d near '%s'\n", str,line_num,yytext); +- agerr(AGWARN,buf); ++ agxbuf xb; ++ ++ agxbinit(&xb, BUFSIZ, xbuf); ++ if (InputFile) { ++ agxbput (&xb, InputFile); ++ agxbput (&xb, ": "); ++ } ++ sprintf(buf," %s in line %d near '", str,line_num); ++ agxbput (&xb, buf); ++ agxbput (&xb, yytext); ++ agxbput (&xb,"'\n"); ++ agerr(AGWARN,agxbuse(&xb)); ++ agxbfree(&xb); + } + /* must be here to see flex's macro defns */ + void aglexeof() { unput(GRAPH_EOF_TOKEN); } +-- +1.8.5.1 + diff --git a/main/graphviz/CVE-2014-1235.patch b/main/graphviz/CVE-2014-1235.patch new file mode 100644 index 0000000000..4f1faf4df4 --- /dev/null +++ b/main/graphviz/CVE-2014-1235.patch @@ -0,0 +1,26 @@ +From d266bb2b4154d11c27252b56d86963aef4434750 Mon Sep 17 00:00:00 2001 +From: "Emden R. Gansner" <erg@alum.mit.edu> +Date: Tue, 7 Jan 2014 10:45:36 -0500 +Subject: [PATCH] Prevent possible buffer overflow in yyerror() + +--- + lib/cgraph/scan.l | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/cgraph/scan.l b/lib/cgraph/scan.l +index 3efe1d5..212967c 100644 +--- a/lib/cgraph/scan.l ++++ b/lib/cgraph/scan.l +@@ -201,7 +201,8 @@ void yyerror(char *str) + agxbput (&xb, InputFile); + agxbput (&xb, ": "); + } +- sprintf(buf," %s in line %d near '", str,line_num); ++ agxbput (&xb, str); ++ sprintf(buf," in line %d near '", line_num); + agxbput (&xb, buf); + agxbput (&xb, yytext); + agxbput (&xb,"'\n"); +-- +1.8.5.1 + diff --git a/main/graphviz/CVE-2014-1236.patch b/main/graphviz/CVE-2014-1236.patch new file mode 100644 index 0000000000..ad58569a9b --- /dev/null +++ b/main/graphviz/CVE-2014-1236.patch @@ -0,0 +1,58 @@ +From 1d1bdec6318746f6f19f245db589eddc887ae8ff Mon Sep 17 00:00:00 2001 +From: "Emden R. Gansner" <erg@alum.mit.edu> +Date: Wed, 8 Jan 2014 11:31:04 -0500 +Subject: [PATCH] Fix possible buffer overflow problem in chkNum of scanner. + +--- + lib/cgraph/scan.l | 35 ++++++++++++++++++++++++++--------- + 1 file changed, 26 insertions(+), 9 deletions(-) + +diff --git a/lib/cgraph/scan.l b/lib/cgraph/scan.l +index 212967c..d065b61 100644 +--- a/lib/cgraph/scan.l ++++ b/lib/cgraph/scan.l +@@ -129,15 +129,32 @@ static void ppDirective (void) + * and report this to the user. + */ + static int chkNum(void) { +- unsigned char c = (unsigned char)yytext[yyleng-1]; /* last character */ +- if (!isdigit(c) && (c != '.')) { /* c is letter */ +- char buf[BUFSIZ]; +- sprintf(buf,"syntax error - badly formed number '%s' in line %d of %s\n",yytext,line_num, InputFile); +- strcat (buf, "splits into two name tokens\n"); +- agerr(AGWARN,buf); +- return 1; +- } +- else return 0; ++ unsigned char c = (unsigned char)yytext[yyleng-1]; /* last character */ ++ if (!isdigit(c) && (c != '.')) { /* c is letter */ ++ unsigned char xbuf[BUFSIZ]; ++ char buf[BUFSIZ]; ++ agxbuf xb; ++ char* fname; ++ ++ if (InputFile) ++ fname = InputFile; ++ else ++ fname = "input"; ++ ++ agxbinit(&xb, BUFSIZ, xbuf); ++ ++ agxbput(&xb,"syntax ambiguity - badly delimited number '"); ++ agxbput(&xb,yytext); ++ sprintf(buf,"' in line %d of ", line_num); ++ agxbput(&xb,buf); ++ agxbput(&xb,fname); ++ agxbput(&xb, " splits into two tokens\n"); ++ agerr(AGWARN,agxbuse(&xb)); ++ ++ agxbfree(&xb); ++ return 1; ++ } ++ else return 0; + } + + /* The LETTER class below consists of ascii letters, underscore, all non-ascii +-- +1.8.5.1 + |