From: "Sebastian Pipping" <sping@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-libs/expat/, dev-libs/expat/files/
Date: Mon, 13 Jun 2016 14:34:54 +0000 (UTC) [thread overview]
Message-ID: <1465828480.04f12ff7fde845e4fc896786719fbd6a2e727666.sping@gentoo> (raw)
commit: 04f12ff7fde845e4fc896786719fbd6a2e727666
Author: Sebastian Pipping <sping <AT> gentoo <DOT> org>
AuthorDate: Mon Jun 13 14:32:09 2016 +0000
Commit: Sebastian Pipping <sping <AT> gentoo <DOT> org>
CommitDate: Mon Jun 13 14:34:40 2016 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=04f12ff7
dev-libs/expat: CVE-2012-6702 + CVE-2016-5300 (bug #577928)
Package-Manager: portage-2.2.28
dev-libs/expat/expat-2.1.1-r2.ebuild | 97 +++++++++++++++
...2.1.1-CVE-2012-6702-plus-CVE-2016-5300-v1.patch | 134 +++++++++++++++++++++
2 files changed, 231 insertions(+)
diff --git a/dev-libs/expat/expat-2.1.1-r2.ebuild b/dev-libs/expat/expat-2.1.1-r2.ebuild
new file mode 100644
index 0000000..93c6fa5
--- /dev/null
+++ b/dev-libs/expat/expat-2.1.1-r2.ebuild
@@ -0,0 +1,97 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+inherit eutils libtool multilib toolchain-funcs multilib-minimal
+
+DESCRIPTION="Stream-oriented XML parser library"
+HOMEPAGE="http://expat.sourceforge.net/"
+SRC_URI="mirror://sourceforge/expat/${P}.tar.bz2"
+
+LICENSE="MIT"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~arm-linux ~x86-linux"
+IUSE="elibc_FreeBSD examples static-libs unicode"
+RDEPEND="abi_x86_32? ( !<=app-emulation/emul-linux-x86-baselibs-20130224-r6
+ !app-emulation/emul-linux-x86-baselibs[-abi_x86_32(-)] )"
+
+src_prepare() {
+ # https://bugs.gentoo.org/show_bug.cgi?id=583268
+ epatch "${FILESDIR}"/${P}-CVE-2015-1283-refix.patch
+ epatch "${FILESDIR}"/${P}-CVE-2016-0718-v2-2-1.patch
+
+ # https://bugs.gentoo.org/show_bug.cgi?id=577928
+ epatch "${FILESDIR}"/${P}-CVE-2012-6702-plus-CVE-2016-5300-v1.patch
+}
+
+multilib_src_configure() {
+ local myconf="$(use_enable static-libs static)"
+
+ mkdir -p "${BUILD_DIR}"{u,w} || die
+
+ ECONF_SOURCE="${S}" econf ${myconf}
+
+ if use unicode; then
+ pushd "${BUILD_DIR}"u >/dev/null
+ CPPFLAGS="${CPPFLAGS} -DXML_UNICODE" ECONF_SOURCE="${S}" econf ${myconf}
+ popd >/dev/null
+
+ pushd "${BUILD_DIR}"w >/dev/null
+ CPPFLAGS="${CPPFLAGS} -DXML_UNICODE_WCHAR_T" ECONF_SOURCE="${S}" econf ${myconf}
+ popd >/dev/null
+ fi
+}
+
+multilib_src_compile() {
+ emake
+
+ if use unicode; then
+ pushd "${BUILD_DIR}"u >/dev/null
+ emake buildlib LIBRARY=libexpatu.la
+ popd >/dev/null
+
+ pushd "${BUILD_DIR}"w >/dev/null
+ emake buildlib LIBRARY=libexpatw.la
+ popd >/dev/null
+ fi
+}
+
+multilib_src_install() {
+ emake install DESTDIR="${D}"
+
+ if use unicode; then
+ pushd "${BUILD_DIR}"u >/dev/null
+ emake installlib DESTDIR="${D}" LIBRARY=libexpatu.la
+ popd >/dev/null
+
+ pushd "${BUILD_DIR}"w >/dev/null
+ emake installlib DESTDIR="${D}" LIBRARY=libexpatw.la
+ popd >/dev/null
+
+ pushd "${ED}"/usr/$(get_libdir)/pkgconfig >/dev/null
+ cp expat.pc expatu.pc
+ sed -i -e '/^Libs/s:-lexpat:&u:' expatu.pc || die
+ cp expat.pc expatw.pc
+ sed -i -e '/^Libs/s:-lexpat:&w:' expatw.pc || die
+ popd >/dev/null
+ fi
+
+ if multilib_is_native_abi ; then
+ # libgeom in /lib and ifconfig in /sbin require libexpat on FreeBSD since
+ # we stripped the libbsdxml copy starting from freebsd-lib-8.2-r1
+ use elibc_FreeBSD && gen_usr_ldscript -a expat
+ fi
+}
+
+multilib_src_install_all() {
+ dodoc Changes README
+ dohtml doc/*
+
+ if use examples; then
+ insinto /usr/share/doc/${PF}/examples
+ doins examples/*.c
+ fi
+
+ prune_libtool_files
+}
diff --git a/dev-libs/expat/files/expat-2.1.1-CVE-2012-6702-plus-CVE-2016-5300-v1.patch b/dev-libs/expat/files/expat-2.1.1-CVE-2012-6702-plus-CVE-2016-5300-v1.patch
new file mode 100644
index 0000000..19966f4
--- /dev/null
+++ b/dev-libs/expat/files/expat-2.1.1-CVE-2012-6702-plus-CVE-2016-5300-v1.patch
@@ -0,0 +1,134 @@
+From cb31522769d11a375078a073cba94e7176cb48a4 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping <sebastian@pipping.org>
+Date: Wed, 16 Mar 2016 15:30:12 +0100
+Subject: [PATCH] Resolve call to srand, use more entropy (patch version 1.0)
+
+Squashed backport against vanilla Expat 2.1.1, addressing:
+* CVE-2012-6702 -- unanticipated internal calls to srand
+* CVE-2016-5300 -- use of too little entropy
+
+Since commit e3e81a6d9f0885ea02d3979151c358f314bf3d6d
+(released with Expat 2.1.0) Expat called srand by itself
+from inside generate_hash_secret_salt for an instance
+of XML_Parser if XML_SetHashSalt was either (a) not called
+for that instance or if (b) salt 0 was passed to XML_SetHashSalt
+prior to parsing. That call to srand passed (rather litle)
+entropy extracted from the current time as a seed for srand.
+
+That call to srand (1) broke repeatability for code calling
+srand with a non-random seed prior to parsing with Expat,
+and (2) resulted in a rather small set of hashing salts in
+Expat in total.
+
+For a short- to mid-term fix, the new approach avoids calling
+srand altogether, extracts more entropy out of the clock and
+other sources, too.
+
+For a long term fix, we may want to read sizeof(long) bytes
+from a source like getrandom(..) on Linux, and from similar
+sources on other supported architectures.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=1197087
+---
+ expat/CMakeLists.txt | 3 +++
+ expat/lib/xmlparse.c | 48 +++++++++++++++++++++++++++++++++++++++++-------
+ 2 files changed, 44 insertions(+), 7 deletions(-)
+
+diff --git a/expat/CMakeLists.txt b/expat/CMakeLists.txt
+index 353627e..524d514 100755
+--- a/expat/CMakeLists.txt
++++ b/expat/CMakeLists.txt
+@@ -41,6 +41,9 @@ include_directories(${CMAKE_BINARY_DIR} ${CMAKE_SOURCE_DIR}/lib)
+ if(MSVC)
+ add_definitions(-D_CRT_SECURE_NO_WARNINGS -wd4996)
+ endif(MSVC)
++if(WIN32)
++ add_definitions(-DCOMPILED_FROM_DSP)
++endif(WIN32)
+
+ set(expat_SRCS
+ lib/xmlparse.c
+diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c
+index e308c79..c5f942f 100644
+--- a/expat/lib/xmlparse.c
++++ b/expat/lib/xmlparse.c
+@@ -6,7 +6,14 @@
+ #include <string.h> /* memset(), memcpy() */
+ #include <assert.h>
+ #include <limits.h> /* UINT_MAX */
+-#include <time.h> /* time() */
++
++#ifdef COMPILED_FROM_DSP
++#define getpid GetCurrentProcessId
++#else
++#include <sys/time.h> /* gettimeofday() */
++#include <sys/types.h> /* getpid() */
++#include <unistd.h> /* getpid() */
++#endif
+
+ #define XML_BUILDING_EXPAT 1
+
+@@ -432,7 +439,7 @@ static ELEMENT_TYPE *
+ getElementType(XML_Parser parser, const ENCODING *enc,
+ const char *ptr, const char *end);
+
+-static unsigned long generate_hash_secret_salt(void);
++static unsigned long generate_hash_secret_salt(XML_Parser parser);
+ static XML_Bool startParsing(XML_Parser parser);
+
+ static XML_Parser
+@@ -691,11 +698,38 @@ static const XML_Char implicitContext[] = {
+ };
+
+ static unsigned long
+-generate_hash_secret_salt(void)
++gather_time_entropy(void)
+ {
+- unsigned int seed = time(NULL) % UINT_MAX;
+- srand(seed);
+- return rand();
++#ifdef COMPILED_FROM_DSP
++ FILETIME ft;
++ GetSystemTimeAsFileTime(&ft); /* never fails */
++ return ft.dwHighDateTime ^ ft.dwLowDateTime;
++#else
++ struct timeval tv;
++ int gettimeofday_res;
++
++ gettimeofday_res = gettimeofday(&tv, NULL);
++ assert (gettimeofday_res == 0);
++
++ /* Microseconds time is <20 bits entropy */
++ return tv.tv_usec;
++#endif
++}
++
++static unsigned long
++generate_hash_secret_salt(XML_Parser parser)
++{
++ /* Process ID is 0 bits entropy if attacker has local access
++ * XML_Parser address is few bits of entropy if attacker has local access */
++ const unsigned long entropy =
++ gather_time_entropy() ^ getpid() ^ (unsigned long)parser;
++
++ /* Factors are 2^31-1 and 2^61-1 (Mersenne primes M31 and M61) */
++ if (sizeof(unsigned long) == 4) {
++ return entropy * 2147483647;
++ } else {
++ return entropy * 2305843009213693951;
++ }
+ }
+
+ static XML_Bool /* only valid for root parser */
+@@ -703,7 +737,7 @@ startParsing(XML_Parser parser)
+ {
+ /* hash functions must be initialized before setContext() is called */
+ if (hash_secret_salt == 0)
+- hash_secret_salt = generate_hash_secret_salt();
++ hash_secret_salt = generate_hash_secret_salt(parser);
+ if (ns) {
+ /* implicit context only set for root parser, since child
+ parsers (i.e. external entity parsers) will inherit it
+--
+2.8.2
+
next reply other threads:[~2016-06-13 14:35 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-13 14:34 Sebastian Pipping [this message]
-- strict thread matches above, loose matches on Subject: below --
2017-01-10 20:16 [gentoo-commits] repo/gentoo:master commit in: dev-libs/expat/, dev-libs/expat/files/ Pacho Ramos
2017-07-01 11:23 Sebastian Pipping
2017-09-12 13:14 Sebastian Pipping
2018-04-21 20:56 Sebastian Pipping
2019-02-16 8:55 Pacho Ramos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1465828480.04f12ff7fde845e4fc896786719fbd6a2e727666.sping@gentoo \
--to=sping@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox