diff options
author | Thomas Deutschmann <whissi@gentoo.org> | 2018-02-23 20:00:09 +0100 |
---|---|---|
committer | Thomas Deutschmann <whissi@gentoo.org> | 2018-02-23 20:00:23 +0100 |
commit | 69c038dd6c5f79aa46eb92543bed649d50857b66 (patch) | |
tree | 851f05a3f54c1bc0d42622308f03fac46e953866 /app-antivirus/clamav | |
parent | app-crypt/hashcat: bump (diff) | |
download | gentoo-69c038dd6c5f79aa46eb92543bed649d50857b66.tar.gz gentoo-69c038dd6c5f79aa46eb92543bed649d50857b66.tar.bz2 gentoo-69c038dd6c5f79aa46eb92543bed649d50857b66.zip |
app-antivirus/clamav: Rev bump to add patch for CVE-2012-6706
...aka VMSF_DELTA Filter Signedness Error.
Bug: https://bugs.gentoo.org/623534
Package-Manager: Portage-2.3.24, Repoman-2.3.6
Diffstat (limited to 'app-antivirus/clamav')
-rw-r--r-- | app-antivirus/clamav/clamav-0.99.3-r2.ebuild | 160 | ||||
-rw-r--r-- | app-antivirus/clamav/files/clamav-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch | 186 |
2 files changed, 346 insertions, 0 deletions
diff --git a/app-antivirus/clamav/clamav-0.99.3-r2.ebuild b/app-antivirus/clamav/clamav-0.99.3-r2.ebuild new file mode 100644 index 000000000000..f0977dc5f0ff --- /dev/null +++ b/app-antivirus/clamav/clamav-0.99.3-r2.ebuild @@ -0,0 +1,160 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit autotools eutils flag-o-matic user systemd + +DESCRIPTION="Clam Anti-Virus Scanner" +HOMEPAGE="http://www.clamav.net/" +SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris" +IUSE="bzip2 clamdtop iconv ipv6 libressl milter metadata-analysis-api selinux static-libs uclibc" + +CDEPEND="bzip2? ( app-arch/bzip2 ) + clamdtop? ( sys-libs/ncurses:0 ) + iconv? ( virtual/libiconv ) + metadata-analysis-api? ( dev-libs/json-c:= ) + milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) ) + dev-libs/libtommath + >=sys-libs/zlib-1.2.2:= + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) + sys-devel/libtool + || ( dev-libs/libpcre2 >dev-libs/libpcre-6 ) + !!<app-antivirus/clamav-0.99" +# hard block clamav < 0.99 due to linking problems Bug #567680 +# openssl is now *required* see this link as to why +# http://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html +DEPEND="${CDEPEND} + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-clamav )" + +DOCS=( AUTHORS BUGS ChangeLog FAQ INSTALL NEWS README UPGRADE ) +PATCHES=( + "${FILESDIR}"/${PN}-0.99.2-gcc-6.patch + "${FILESDIR}"/${PN}-0.99.2-tinfo.patch + "${FILESDIR}"/${PN}-0.99.2-bytecode_api.patch + "${FILESDIR}"/${PN}-0.99.2-pcre2-compile-erroffset.patch + "${FILESDIR}"/${PN}-0.99.3-fix-fd-leaks-in-cli_scanscript.patch + "${FILESDIR}"/${PN}-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch +) + +pkg_setup() { + enewgroup clamav + enewuser clamav -1 -1 /dev/null clamav +} + +src_prepare() { + default + + eautoconf +} + +src_configure() { + use ppc64 && append-flags -mminimal-toc + use uclibc && export ac_cv_type_error_t=yes + + econf \ + $(use_enable bzip2) \ + $(use_enable clamdtop) \ + $(use_enable ipv6) \ + $(use_enable milter) \ + $(use_enable static-libs static) \ + $(use_with iconv) \ + $(use_with metadata-analysis-api libjson /usr) \ + --cache-file="${S}"/config.cache \ + --disable-experimental \ + --disable-gcc-vcheck \ + --disable-zlib-vcheck \ + --enable-id-check \ + --with-dbdir="${EPREFIX}"/var/lib/clamav \ + --with-system-tommath \ + --with-zlib="${EPREFIX}"/usr +} + +src_install() { + default + + rm -rf "${ED}"/var/lib/clamav + newinitd "${FILESDIR}"/clamd.initd-r6 clamd + newconfd "${FILESDIR}"/clamd.conf-r1 clamd + + systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf" + systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service" + systemd_dounit "${FILESDIR}/clamd.service" + systemd_dounit "${FILESDIR}/freshclamd.service" + + keepdir /var/lib/clamav + fowners clamav:clamav /var/lib/clamav + keepdir /var/log/clamav + fowners clamav:clamav /var/log/clamav + + dodir /etc/logrotate.d + insinto /etc/logrotate.d + newins "${FILESDIR}"/clamav.logrotate clamav + + # Modify /etc/{clamd,freshclam}.conf to be usable out of the box + sed -i -e "s:^\(Example\):\# \1:" \ + -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \ + -e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \ + -e "s:.*\(User\) .*:\1 clamav:" \ + -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \ + -e "s:^\#\(LogTime\).*:\1 yes:" \ + -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ + "${ED}"/etc/clamd.conf.sample || die + sed -i -e "s:^\(Example\):\# \1:" \ + -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \ + -e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \ + -e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \ + -e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \ + -e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \ + -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ + "${ED}"/etc/freshclam.conf.sample || die + + if use milter ; then + # MilterSocket one to include ' /' because there is a 2nd line for + # inet: which we want to leave + dodoc "${FILESDIR}"/clamav-milter.README.gentoo + sed -i -e "s:^\(Example\):\# \1:" \ + -e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \ + -e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \ + -e "s:.*\(User\) .*:\1 clamav:" \ + -e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \ + -e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \ + -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \ + "${ED}"/etc/clamav-milter.conf.sample || die + cat >> "${ED}"/etc/conf.d/clamd <<-EOF + MILTER_NICELEVEL=19 + START_MILTER=no + EOF + + systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service + fi + + for i in clamd freshclam clamav-milter + do + [[ -f "${D}"/etc/"${i}".conf.sample ]] && mv "${D}"/etc/"${i}".conf{.sample,} + done + + prune_libtool_files --all +} + +src_test() { + emake quick-check +} + +pkg_postinst() { + if use milter ; then + elog "For simple instructions how to setup the clamav-milter read the" + elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}" + fi + if test -z $(find "${ROOT}"var/lib/clamav -maxdepth 1 -name 'main.c*' -print -quit) ; then + ewarn "You must run freshclam manually to populate the virus database files" + ewarn "before starting clamav for the first time.\n" + fi +} diff --git a/app-antivirus/clamav/files/clamav-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch b/app-antivirus/clamav/files/clamav-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch new file mode 100644 index 000000000000..90facf6eae06 --- /dev/null +++ b/app-antivirus/clamav/files/clamav-0.99.3-VMSF_DELTA-fix-CVE-2012-6706.patch @@ -0,0 +1,186 @@ +Apply proposed changes to fix RAR VMSF_DELTA Filter Signedness error (CVE-2012-6706) + +Cherry picked from commit a7d8447bd9a4d5ae1fa970c1849c8caeb5f1a805 [Link 1] and +d4699442bce76574573dc564e7f2177d679b88bd [Link 2]. + +Link 1: https://github.com/Cisco-Talos/clamav-devel/commit/a7d8447bd9a4d5ae1fa970c1849c8caeb5f1a805 +Link 2: https://github.com/Cisco-Talos/clamav-devel/commit/d4699442bce76574573dc564e7f2177d679b88bd + +--- a/libclamunrar/unrarvm.c ++++ b/libclamunrar/unrarvm.c +@@ -213,17 +213,20 @@ void rarvm_addbits(rarvm_input_t *rarvm_input, int bits) + + unsigned int rarvm_getbits(rarvm_input_t *rarvm_input) + { +- unsigned int bit_field; ++ unsigned int bit_field = 0; + +- if (rarvm_input->in_addr+2 < rarvm_input->buf_size) { ++ if (rarvm_input->in_addr < rarvm_input->buf_size) { + bit_field = (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr] << 16; +- bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+1] << 8; +- bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+2]; +- bit_field >>= (8-rarvm_input->in_bit); +- +- return (bit_field & 0xffff); ++ if (rarvm_input->in_addr+1 < rarvm_input->buf_size) { ++ bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+1] << 8; ++ if (rarvm_input->in_addr+2 < rarvm_input->buf_size) { ++ bit_field |= (unsigned int) rarvm_input->in_buf[rarvm_input->in_addr+2]; ++ } ++ } + } +- return 0; ++ bit_field >>= (8-rarvm_input->in_bit); ++ ++ return (bit_field & 0xffff); + } + + unsigned int rarvm_read_data(rarvm_input_t *rarvm_input) +@@ -311,10 +314,10 @@ static unsigned int *rarvm_get_operand(rarvm_data_t *rarvm_data, + } + } + +-static unsigned int filter_itanium_getbits(unsigned char *data, int bit_pos, int bit_count) ++static unsigned int filter_itanium_getbits(unsigned char *data, unsigned int bit_pos, unsigned int bit_count) + { +- int in_addr=bit_pos/8; +- int in_bit=bit_pos&7; ++ unsigned int in_addr=bit_pos/8; ++ unsigned int in_bit=bit_pos&7; + unsigned int bit_field=(unsigned int)data[in_addr++]; + bit_field|=(unsigned int)data[in_addr++] << 8; + bit_field|=(unsigned int)data[in_addr++] << 16; +@@ -323,10 +326,10 @@ static unsigned int filter_itanium_getbits(unsigned char *data, int bit_pos, int + return(bit_field & (0xffffffff>>(32-bit_count))); + } + +-static void filter_itanium_setbits(unsigned char *data, unsigned int bit_field, int bit_pos, int bit_count) ++static void filter_itanium_setbits(unsigned char *data, unsigned int bit_field, unsigned int bit_pos, unsigned int bit_count) + { +- int i, in_addr=bit_pos/8; +- int in_bit=bit_pos&7; ++ unsigned int i, in_addr=bit_pos/8; ++ unsigned int in_bit=bit_pos&7; + unsigned int and_mask=0xffffffff>>(32-bit_count); + and_mask=~(and_mask<<in_bit); + +@@ -343,11 +346,12 @@ static void filter_itanium_setbits(unsigned char *data, unsigned int bit_field, + static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_filters_t filter_type) + { + unsigned char *data, cmp_byte2, cur_byte, *src_data, *dest_data; +- int i, j, data_size, channels, src_pos, dest_pos, border, width, PosR; +- int op_type, cur_channel, byte_count, start_pos, pa, pb, pc; ++ unsigned int i, j, data_size, channels, src_pos, dest_pos, border, width, PosR; ++ unsigned int op_type, cur_channel, byte_count, start_pos; ++ int pa, pb, pc; + unsigned int file_offset, cur_pos, predicted; +- int32_t offset, addr; +- const int file_size=0x1000000; ++ uint32_t offset, addr; ++ const unsigned int file_size=0x1000000; + + switch(filter_type) { + case VMSF_E8: +@@ -356,7 +360,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil + data_size = rarvm_data->R[4]; + file_offset = rarvm_data->R[6]; + +- if (((unsigned int)data_size >= VM_GLOBALMEMADDR) || (data_size < 4)) { ++ if ((data_size > VM_GLOBALMEMADDR) || (data_size < 4)) { + break; + } + +@@ -367,12 +371,14 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil + if (cur_byte==0xe8 || cur_byte==cmp_byte2) { + offset = cur_pos+file_offset; + addr = GET_VALUE(FALSE, data); +- if (addr < 0) { +- if (addr+offset >=0 ) { ++ // We check 0x80000000 bit instead of '< 0' comparison ++ // not assuming int32 presence or uint size and endianness. ++ if ((addr & 0x80000000)!=0) { // addr<0 ++ if (((addr+offset) & 0x80000000)==0) { // addr+offset>=0 + SET_VALUE(FALSE, data, addr+file_size); + } + } else { +- if (addr<file_size) { ++ if (((addr-file_size) & 0x80000000)!=0) { // addr<file_size + SET_VALUE(FALSE, data, addr-offset); + } + } +@@ -386,7 +392,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil + data_size = rarvm_data->R[4]; + file_offset = rarvm_data->R[6]; + +- if (((unsigned int)data_size >= VM_GLOBALMEMADDR) || (data_size < 21)) { ++ if ((data_size > VM_GLOBALMEMADDR) || (data_size < 21)) { + break; + } + +@@ -429,7 +435,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil + border = data_size*2; + + SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size); +- if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) { ++ if (data_size > VM_GLOBALMEMADDR/2 || channels > 1024 || channels == 0) { + break; + } + for (cur_channel=0 ; cur_channel < channels ; cur_channel++) { +@@ -440,7 +446,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil + } + break; + case VMSF_RGB: { +- const int channels=3; ++ const unsigned int channels=3; + data_size = rarvm_data->R[4]; + width = rarvm_data->R[0] - 3; + PosR = rarvm_data->R[1]; +@@ -448,15 +454,14 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil + dest_data = src_data + data_size; + + SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size); +- if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) { ++ if (data_size > VM_GLOBALMEMADDR/2 || data_size < 3 || width > data_size || PosR > 2) { + break; + } + for (cur_channel=0 ; cur_channel < channels; cur_channel++) { + unsigned int prev_byte = 0; + for (i=cur_channel ; i<data_size ; i+=channels) { +- int upper_pos=i-width; +- if (upper_pos >= 3) { +- unsigned char *upper_data = dest_data+upper_pos; ++ if (i >= width+3) { ++ unsigned char *upper_data = dest_data+i-width; + unsigned int upper_byte = *upper_data; + unsigned int upper_left_byte = *(upper_data-3); + predicted = prev_byte+upper_byte-upper_left_byte; +@@ -486,13 +491,14 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil + break; + } + case VMSF_AUDIO: { +- int channels=rarvm_data->R[0]; ++ unsigned int channels=rarvm_data->R[0]; + data_size = rarvm_data->R[4]; + src_data = rarvm_data->mem; + dest_data = src_data + data_size; + + SET_VALUE(FALSE, &rarvm_data->mem[VM_GLOBALMEMADDR+0x20], data_size); +- if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) { ++ // In fact, audio channels never exceed 4. ++ if (data_size > VM_GLOBALMEMADDR/2 || channels > 128 || channels == 0) { + break; + } + for (cur_channel=0 ; cur_channel < channels ; cur_channel++) { +@@ -553,7 +559,7 @@ static void execute_standard_filter(rarvm_data_t *rarvm_data, rarvm_standard_fil + data_size = rarvm_data->R[4]; + src_pos = 0; + dest_pos = data_size; +- if ((unsigned int)data_size >= VM_GLOBALMEMADDR/2) { ++ if (data_size > VM_GLOBALMEMADDR/2) { + break; + } + while (src_pos < data_size) { +-- +2.16.2 + |