summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthias Maier <tamiko@gentoo.org>2018-08-16 16:59:36 -0500
committerMatthias Maier <tamiko@gentoo.org>2018-08-16 19:07:48 -0500
commitdfd415b17224737493b36a801d929b382061d82d (patch)
treee4268c5e059a815fdfed9dbc326706ddb73bf424 /app-emulation
parentapp-emulation/spice: drop old (diff)
downloadgentoo-dfd415b17224737493b36a801d929b382061d82d.tar.gz
gentoo-dfd415b17224737493b36a801d929b382061d82d.tar.bz2
gentoo-dfd415b17224737493b36a801d929b382061d82d.zip
app-emulation/spice: patch integer overflow, bug #663330
Bug: https://bugs.gentoo.org/663330 Package-Manager: Portage-2.3.46, Repoman-2.3.10
Diffstat (limited to 'app-emulation')
-rw-r--r--app-emulation/spice/files/spice-0.14.0-fix-flexible-array-buffer-overflow.patch12
-rw-r--r--app-emulation/spice/spice-0.14.0-r2.ebuild102
2 files changed, 114 insertions, 0 deletions
diff --git a/app-emulation/spice/files/spice-0.14.0-fix-flexible-array-buffer-overflow.patch b/app-emulation/spice/files/spice-0.14.0-fix-flexible-array-buffer-overflow.patch
new file mode 100644
index 000000000000..a05bbb7545aa
--- /dev/null
+++ b/app-emulation/spice/files/spice-0.14.0-fix-flexible-array-buffer-overflow.patch
@@ -0,0 +1,12 @@
+diff --git a/spice-common/python_modules/demarshal.py b/spice-common/python_modules/demarshal.py
+index 1ea131d..7172762 100644
+--- a/spice-common/python_modules/demarshal.py
++++ b/spice-common/python_modules/demarshal.py
+@@ -318,6 +318,7 @@ def write_validate_array_item(writer, container, item, scope, parent_scope, star
+ writer.assign(nelements, array.size)
+ elif array.is_remaining_length():
+ if element_type.is_fixed_nw_size():
++ writer.error_check("%s > message_end" % item.get_position())
+ if element_type.get_fixed_nw_size() == 1:
+ writer.assign(nelements, "message_end - %s" % item.get_position())
+ else:
diff --git a/app-emulation/spice/spice-0.14.0-r2.ebuild b/app-emulation/spice/spice-0.14.0-r2.ebuild
new file mode 100644
index 000000000000..823669338c7b
--- /dev/null
+++ b/app-emulation/spice/spice-0.14.0-r2.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+PYTHON_COMPAT=( python{2_7,3_4,3_5,3_6} )
+
+inherit autotools ltprune python-any-r1 readme.gentoo-r1 xdg-utils
+
+DESCRIPTION="SPICE server"
+HOMEPAGE="https://www.spice-space.org/"
+SRC_URI="https://www.spice-space.org/download/releases/${P}.tar.bz2"
+
+LICENSE="LGPL-2.1"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~x86"
+IUSE="libressl lz4 sasl smartcard static-libs gstreamer"
+
+# the libspice-server only uses the headers of libcacard
+RDEPEND="
+ dev-lang/orc[static-libs(+)?]
+ >=dev-libs/glib-2.22:2[static-libs(+)?]
+ media-libs/opus[static-libs(+)?]
+ sys-libs/zlib[static-libs(+)?]
+ virtual/jpeg:0=[static-libs(+)?]
+ >=x11-libs/pixman-0.17.7[static-libs(+)?]
+ !libressl? ( dev-libs/openssl:0=[static-libs(+)?] )
+ libressl? ( dev-libs/libressl:0=[static-libs(+)?] )
+ lz4? ( app-arch/lz4:0=[static-libs(+)?] )
+ smartcard? ( >=app-emulation/libcacard-0.1.2 )
+ sasl? ( dev-libs/cyrus-sasl[static-libs(+)?] )
+ gstreamer? (
+ media-libs/gstreamer:1.0
+ media-libs/gst-plugins-base:1.0
+ )"
+DEPEND="${RDEPEND}
+ ${PYTHON_DEPS}
+ >=app-emulation/spice-protocol-0.12.13
+ virtual/pkgconfig
+ $(python_gen_any_dep '
+ >=dev-python/pyparsing-1.5.6-r2[${PYTHON_USEDEP}]
+ dev-python/six[${PYTHON_USEDEP}]
+ ')
+ smartcard? ( app-emulation/qemu[smartcard] )"
+
+PATCHES=(
+ "${FILESDIR}"/${P}-libressl_fix.patch
+ "${FILESDIR}"/${P}-openssl1.1_fix.patch
+ "${FILESDIR}"/${P}-fix-flexible-array-buffer-overflow.patch
+)
+
+python_check_deps() {
+ has_version ">=dev-python/pyparsing-1.5.6-r2[${PYTHON_USEDEP}]"
+ has_version "dev-python/six[${PYTHON_USEDEP}]"
+}
+
+pkg_setup() {
+ [[ ${MERGE_TYPE} != binary ]] && python-any-r1_pkg_setup
+}
+
+src_prepare() {
+ default
+
+ eautoreconf
+}
+
+src_configure() {
+ # Prevent sandbox violations, bug #586560
+ # https://bugzilla.gnome.org/show_bug.cgi?id=744134
+ # https://bugzilla.gnome.org/show_bug.cgi?id=744135
+ addpredict /dev
+
+ xdg_environment_reset
+
+ local myconf="
+ $(use_enable static-libs static)
+ $(use_enable lz4)
+ $(use_with sasl)
+ $(use_enable smartcard)
+ --enable-gstreamer=$(usex gstreamer "1.0" "no")
+ --disable-celt051
+ "
+ econf ${myconf}
+}
+
+src_compile() {
+ # Prevent sandbox violations, bug #586560
+ # https://bugzilla.gnome.org/show_bug.cgi?id=744134
+ # https://bugzilla.gnome.org/show_bug.cgi?id=744135
+ addpredict /dev
+
+ default
+}
+
+src_install() {
+ default
+ use static-libs || prune_libtool_files
+ readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ readme.gentoo_print_elog
+}