diff options
| author |   Luca Barbato <lu_zero@gentoo.org> | 2008-05-14 14:39:32 +0000 |
|---|---|---|
| committer | Luca Barbato <lu_zero@gentoo.org> | 2008-05-14 14:39:32 +0000 |
| commit | 415187cb96cac801b52bdfb10b89123b0e4dafde (patch) | |
| tree | b63c52ff5ba2943739e802ad020689df8057dcd4 /app-emulation/qemu-softmmu | |
| parent | Stable for HPPA too. (diff) | |
| download | gentoo-2-415187cb96cac801b52bdfb10b89123b0e4dafde.tar.gz gentoo-2-415187cb96cac801b52bdfb10b89123b0e4dafde.tar.bz2 gentoo-2-415187cb96cac801b52bdfb10b89123b0e4dafde.zip | |
Address CVE-2008-2004, fix bug #221943, thanks to Celso Fernandes (icezimm) <celso.fernandes@gmail.com>
(Portage version: 2.1.5_rc10)
Diffstat (limited to 'app-emulation/qemu-softmmu')
3 files changed, 193 insertions, 1 deletions
diff --git a/app-emulation/qemu-softmmu/ChangeLog b/app-emulation/qemu-softmmu/ChangeLog index d09d3da851fc..6f88a7d4e568 100644 --- a/app-emulation/qemu-softmmu/ChangeLog +++ b/app-emulation/qemu-softmmu/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-emulation/qemu-softmmu # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu-softmmu/ChangeLog,v 1.50 2008/05/12 23:59:20 pva Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu-softmmu/ChangeLog,v 1.51 2008/05/14 14:39:31 lu_zero Exp $ + +*qemu-softmmu-0.9.1-r3 (14 May 2008) + + 14 May 2008; Luca Barbato <lu_zero@gentoo.org> + +files/qemu-softmmu-0.9.1-CVE-2008-2004.patch, + +qemu-softmmu-0.9.1-r3.ebuild: + Address CVE-2008-2004, fix bug #221943, thanks to Celso Fernandes + (icezimm) <celso.fernandes@gmail.com> *qemu-softmmu-0.9.1-r2 (12 May 2008) diff --git a/app-emulation/qemu-softmmu/files/qemu-softmmu-0.9.1-CVE-2008-2004.patch b/app-emulation/qemu-softmmu/files/qemu-softmmu-0.9.1-CVE-2008-2004.patch new file mode 100644 index 000000000000..c30a54dee74b --- /dev/null +++ b/app-emulation/qemu-softmmu/files/qemu-softmmu-0.9.1-CVE-2008-2004.patch @@ -0,0 +1,55 @@ +--- vl.c 2008-01-06 14:38:42.000000000 -0500 ++++ vl.c 2008-05-13 09:56:45.000000000 -0400 +@@ -4877,13 +4877,14 @@ + int bus_id, unit_id; + int cyls, heads, secs, translation; + BlockDriverState *bdrv; ++ BlockDriver *drv = NULL; + int max_devs; + int index; + int cache; + int bdrv_flags; + char *params[] = { "bus", "unit", "if", "index", "cyls", "heads", + "secs", "trans", "media", "snapshot", "file", +- "cache", NULL }; ++ "cache", "format", NULL }; + + if (check_params(buf, sizeof(buf), params, str) < 0) { + fprintf(stderr, "qemu: unknowm parameter '%s' in '%s'\n", +@@ -5051,6 +5052,14 @@ + } + } + ++ if (get_param_value(buf, sizeof(buf), "format", str)) { ++ drv = bdrv_find_format(buf); ++ if (!drv) { ++ fprintf(stderr, "qemu: '%s' invalid format\n", buf); ++ return -1; ++ } ++ } ++ + get_param_value(file, sizeof(file), "file", str); + + /* compute bus and unit according index */ +@@ -5150,7 +5159,7 @@ + bdrv_flags |= BDRV_O_SNAPSHOT; + if (!cache) + bdrv_flags |= BDRV_O_DIRECT; +- if (bdrv_open(bdrv, file, bdrv_flags) < 0 || qemu_key_check(bdrv, file)) { ++ if (bdrv_open2(bdrv, file, bdrv_flags, drv) < 0 || qemu_key_check(bdrv, file)) { + fprintf(stderr, "qemu: could not open disk image %s\n", + file); + return -1; +--- qemu-doc.texi 2008-01-06 14:38:42.000000000 -0500 ++++ qemu-doc.texi 2008-05-13 09:57:57.000000000 -0400 +@@ -252,6 +252,10 @@ + @var{snapshot} is "on" or "off" and allows to enable snapshot for given drive (see @option{-snapshot}). + @item cache=@var{cache} + @var{cache} is "on" or "off" and allows to disable host cache to access data. ++@item format=@var{format} ++Specify which disk @var{format} will be used rather than detecting ++the format. Can be used to specifiy format=raw to avoid interpreting ++an untrusted format header. + @end table + + Instead of @option{-cdrom} you can use: diff --git a/app-emulation/qemu-softmmu/qemu-softmmu-0.9.1-r3.ebuild b/app-emulation/qemu-softmmu/qemu-softmmu-0.9.1-r3.ebuild new file mode 100644 index 000000000000..4ead12102d74 --- /dev/null +++ b/app-emulation/qemu-softmmu/qemu-softmmu-0.9.1-r3.ebuild @@ -0,0 +1,129 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-emulation/qemu-softmmu/qemu-softmmu-0.9.1-r3.ebuild,v 1.1 2008/05/14 14:39:31 lu_zero Exp $ + +inherit eutils flag-o-matic toolchain-funcs + +DESCRIPTION="Multi-platform & multi-targets cpu emulator and dynamic translator" +HOMEPAGE="http://fabrice.bellard.free.fr/qemu/" +SRC_URI="${HOMEPAGE}${P/-softmmu/}.tar.gz" + +LICENSE="GPL-2 LGPL-2.1" +SLOT="0" +KEYWORDS="-alpha ~amd64 ~ppc -sparc ~x86" +IUSE="sdl kqemu gnutls alsa" +RESTRICT="binchecks test" + +DEPEND="virtual/libc + sys-libs/zlib + sdl? ( media-libs/libsdl ) + !<=app-emulation/qemu-0.7.0 + kqemu? ( >=app-emulation/kqemu-1.3.0_pre10 ) + gnutls? ( + dev-util/pkgconfig + net-libs/gnutls + ) + app-text/texi2html" +RDEPEND="sys-libs/zlib + sdl? ( media-libs/libsdl ) + gnutls? ( net-libs/gnutls ) + alsa? ( media-libs/alsa-lib )" + +S=${WORKDIR}/${P/-softmmu/} + +pkg_setup() { + if [ "$(gcc-major-version)" == "4" ]; then + eerror "qemu requires gcc-3 in order to build and work correctly" + eerror "please compile it switching to gcc-3." + eerror "We are aware that qemu can guess a gcc-3 but this feature" + eerror "could be harmful." + die "gcc 4 cannot build qemu" + fi +} + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}/${P}-CVE-2008-0928.patch" #212351 + epatch "${FILESDIR}/${P}-CVE-2008-2004.patch" #221943 + # Alter target makefiles to accept CFLAGS set via flag-o. + sed -i 's/^\(C\|OP_C\|HELPER_C\)FLAGS=/\1FLAGS+=/' \ + Makefile Makefile.target tests/Makefile + # Ensure mprotect restrictions are relaxed for emulator binaries + [[ -x /sbin/paxctl ]] && \ + sed -i 's/^VL_LDFLAGS=$/VL_LDFLAGS=-Wl,-z,execheap/' \ + Makefile.target + # Prevent install of kernel module by qemu's makefile + sed -i 's/\(.\/install.sh\)/#\1/' Makefile + # avoid strip + sed -i 's:$(INSTALL) -m 755 -s:$(INSTALL) -m 755:' Makefile Makefile.target +} + +src_compile() { + if use x86 ; then + # Force -march=pentium-mmx or lower. Fixes bug #212351. + local march + march=$(echo "${CFLAGS}" | sed 's:^.*-march=\([[:alnum:]-]\+\)\([[:blank:]].*\)\?$:\1:p;d') + case ${march} in + i386|i486|i586|pentium) ;; + *) # Either march is not enough low or not exists at all + case ${CHOST} in + i486-*-*) march=i486 ;; + i586-*-*) march=i586 ;; + *) march=pentium-mmx ;; + esac ;; + esac + #Let the application set its cflags + unset CFLAGS + append-flags -march=${march} + else + #Let the application set its cflags + unset CFLAGS + fi + + # Switch off hardened tech + filter-flags -fpie -fstack-protector + + myconf="--disable-gcc-check" + if use alsa; then + myconf="$myconf --enable-alsa" + fi + if ! use gnutls; then + myconf="$myconf --disable-vnc-tls" + fi + if ! use kqemu; then + myconf="$myconf --disable-kqemu" + fi + if ! use sdl ; then + myconf="$myconf --disable-sdl --disable-gfx-check" + fi + # econf does not work + ./configure \ + --prefix=/usr \ + --enable-adlib \ + --cc=$(tc-getCC) \ + --host-cc=$(tc-getCC) \ + --disable-linux-user \ + --enable-system \ + ${myconf} \ + || die "could not configure" + + emake OS_CFLAGS="${CFLAGS}" || die "make failed" +} + +src_install() { + emake install \ + prefix="${D}/usr" \ + bindir="${D}/usr/bin" \ + datadir="${D}/usr/share/qemu" \ + docdir="${D}/usr/share/doc/${P}" \ + mandir="${D}/usr/share/man" || die + + chmod -x "${D}/usr/share/man/*/*" +} + +pkg_postinst() { + einfo "You will need the Universal TUN/TAP driver compiled into" + einfo "kernel or as a module to use the virtual network device." +} |