aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/screen/APKBUILD14
-rw-r--r--main/screen/CVE-2015-6806.patch52
2 files changed, 61 insertions, 5 deletions
diff --git a/main/screen/APKBUILD b/main/screen/APKBUILD
index 7c69169d49..4ea63f503a 100644
--- a/main/screen/APKBUILD
+++ b/main/screen/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=screen
pkgver=4.3.1
-pkgrel=0
+pkgrel=1
pkgdesc="A window manager that multiplexes a physical terminal"
url="http://ftp.gnu.org/gnu/screen/"
arch="all"
@@ -11,7 +11,8 @@ depends=""
makedepends="ncurses-dev ncurses"
install=""
subpackages="$pkgname-doc"
-source="http://ftp.gnu.org/gnu/screen/$pkgname-$pkgver.tar.gz"
+source="http://ftp.gnu.org/gnu/screen/$pkgname-$pkgver.tar.gz
+ CVE-2015-6806.patch"
_builddir="$srcdir"/screen-$pkgver
prepare() {
@@ -47,6 +48,9 @@ package() {
install -Dm644 etc/screenrc "$pkgdir"/etc/skel/.screenrc || return 1
}
-md5sums="5bb3b0ff2674e29378c31ad3411170ad screen-4.3.1.tar.gz"
-sha256sums="fa4049f8aee283de62e283d427f2cfd35d6c369b40f7f45f947dbfd915699d63 screen-4.3.1.tar.gz"
-sha512sums="8e8a25b23330a7d8e00fc9e6cc430f0eb3937ccf4183efbd6fd24e4dc04cc09b3acae45bfc24892faee433b18fa79b1cfe0211fd75c0d74ecf908f916bf774aa screen-4.3.1.tar.gz"
+md5sums="5bb3b0ff2674e29378c31ad3411170ad screen-4.3.1.tar.gz
+5fb8b0a58ef4a2a75d7dddb453994cce CVE-2015-6806.patch"
+sha256sums="fa4049f8aee283de62e283d427f2cfd35d6c369b40f7f45f947dbfd915699d63 screen-4.3.1.tar.gz
+9383316bce6ce479dfd3eca238956e321b80885bd0e720d47f1f37693334b9cd CVE-2015-6806.patch"
+sha512sums="8e8a25b23330a7d8e00fc9e6cc430f0eb3937ccf4183efbd6fd24e4dc04cc09b3acae45bfc24892faee433b18fa79b1cfe0211fd75c0d74ecf908f916bf774aa screen-4.3.1.tar.gz
+7ee87aaf5e10a60b37558f5bea85718703b2b95a4a3c43c0cd4c6f48ddd7bf1c5c582017a41681d8f9243049009c9f43678f37b826c188add501168e289ce2f1 CVE-2015-6806.patch"
diff --git a/main/screen/CVE-2015-6806.patch b/main/screen/CVE-2015-6806.patch
new file mode 100644
index 0000000000..24a013b8eb
--- /dev/null
+++ b/main/screen/CVE-2015-6806.patch
@@ -0,0 +1,52 @@
+Origin: commit b7484c224738247b510ed0d268cd577076958f1b
+Author: Kuang-che Wu <kcwu@csie.org>
+Bug: https://savannah.gnu.org/bugs/?45713
+Bug-Debian: http://bugs.debian.org/797624
+Description: Fix stack overflow due to too deep recursion
+ How to reproduce:
+ Run this command inside screen
+ $ printf '\x1b[10000000T'
+ .
+ screen will recursively call MScrollV to depth n/256.
+ This is time consuming and will overflow stack if n is huge.
+
+diff --git a/ansi.c b/ansi.c
+index a342fb1..152d2ef 100644
+--- a/ansi.c
++++ b/ansi.c
+@@ -2502,13 +2502,13 @@ int n, ys, ye, bce;
+ return;
+ if (n > 0)
+ {
++ if (ye - ys + 1 < n)
++ n = ye - ys + 1;
+ if (n > 256)
+ {
+ MScrollV(p, n - 256, ys, ye, bce);
+ n = 256;
+ }
+- if (ye - ys + 1 < n)
+- n = ye - ys + 1;
+ #ifdef COPY_PASTE
+ if (compacthist)
+ {
+@@ -2562,14 +2562,14 @@ int n, ys, ye, bce;
+ }
+ else
+ {
+- if (n < -256)
+- {
+- MScrollV(p, n + 256, ys, ye, bce);
+- n = -256;
+- }
+ n = -n;
+ if (ye - ys + 1 < n)
+ n = ye - ys + 1;
++ if (n > 256)
++ {
++ MScrollV(p, - (n - 256), ys, ye, bce);
++ n = 256;
++ }
+
+ ml = p->w_mlines + ye;
+ /* Clear lines */