diff options
author | Pacho Ramos <pacho@gentoo.org> | 2022-12-04 15:47:55 +0100 |
---|---|---|
committer | Pacho Ramos <pacho@gentoo.org> | 2022-12-04 15:49:22 +0100 |
commit | 866ce00a7cae59ca2c77650addabc3128127ecb8 (patch) | |
tree | 1e41fae41a09765ead8018c116910d2d36bd7367 /games-arcade | |
parent | net-libs/gnome-online-accounts: Fix typo (diff) | |
download | gentoo-866ce00a7cae59ca2c77650addabc3128127ecb8.tar.gz gentoo-866ce00a7cae59ca2c77650addabc3128127ecb8.tar.bz2 gentoo-866ce00a7cae59ca2c77650addabc3128127ecb8.zip |
games-arcade/supertux: Fix CVE-2022-30292
For 0.6.3 we need to patch the bundled squirrel copy, in next upstream
versions it should be possible to finally build it against system copy.
Bug: https://bugs.gentoo.org/843008
Signed-off-by: Pacho Ramos <pacho@gentoo.org>
Diffstat (limited to 'games-arcade')
-rw-r--r-- | games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2022-30292.patch | 21 | ||||
-rw-r--r-- | games-arcade/supertux/supertux-0.6.3-r1.ebuild | 63 |
2 files changed, 84 insertions, 0 deletions
diff --git a/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2022-30292.patch b/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2022-30292.patch new file mode 100644 index 000000000000..0a605616d606 --- /dev/null +++ b/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2022-30292.patch @@ -0,0 +1,21 @@ +From a6413aa690e0bdfef648c68693349a7b878fe60d Mon Sep 17 00:00:00 2001 +From: Alberto Demichelis <albertodemichelis@hotmail.com> +Date: Mon, 2 May 2022 12:04:58 +0200 +Subject: [PATCH] fix in thread.call + +--- + squirrel/sqbaselib.cpp | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/external/squirrel/squirrel/sqbaselib.cpp b/external/squirrel/squirrel/sqbaselib.cpp +index 8eff97c..5055f18 100644 +--- a/external/squirrel/squirrel/sqbaselib.cpp ++++ b/external/squirrel/squirrel/sqbaselib.cpp +@@ -1149,6 +1149,7 @@ static SQInteger thread_call(HSQUIRRELVM v) + SQObjectPtr o = stack_get(v,1); + if(sq_type(o) == OT_THREAD) { + SQInteger nparams = sq_gettop(v); ++ sq_reservestack(_thread(o), nparams + 3); + _thread(o)->Push(_thread(o)->_roottable); + for(SQInteger i = 2; i<(nparams+1); i++) + sq_move(_thread(o),v,i); diff --git a/games-arcade/supertux/supertux-0.6.3-r1.ebuild b/games-arcade/supertux/supertux-0.6.3-r1.ebuild new file mode 100644 index 000000000000..e670bfd6f25a --- /dev/null +++ b/games-arcade/supertux/supertux-0.6.3-r1.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +#: ${CMAKE_MAKEFILE_GENERATOR:=emake} +inherit cmake + +MY_PV="${PV/_rc/-rc.}" +MY_P="SuperTux-v${MY_PV}-Source" + +DESCRIPTION="A game similar to Super Mario Bros" +HOMEPAGE="https://www.supertux.org" +SRC_URI="https://github.com/SuperTux/${PN}/releases/download/v${MY_PV}/${MY_P}.tar.gz" +S="${WORKDIR}/${MY_P}" + +LICENSE="GPL-2+ GPL-3+ ZLIB MIT CC-BY-SA-2.0 CC-BY-SA-3.0" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="debug" + +# =media-libs/libsdl2-2.0.14-r0 can cause supertux binary to move entire +# content of ${HOME} to ${HOME}/.local/share/supertux2/ +# DO NOT REMOVE THIS BLOCKER!!! See bug #764959 +RDEPEND=" + !=media-libs/libsdl2-2.0.14-r0 + >=dev-games/physfs-3.0 + dev-libs/boost:=[nls] + media-libs/freetype + media-libs/glew:= + media-libs/libpng:0= + >=media-libs/libsdl2-2.0.1[joystick,video] + media-libs/libvorbis + media-libs/openal + >=media-libs/sdl2-image-2.0.0[png,jpeg] + >=net-misc/curl-7.21.7 + virtual/opengl +" +DEPEND="${RDEPEND} + media-libs/glm" +BDEPEND=" + virtual/pkgconfig +" + +PATCHES=( + "${FILESDIR}"/${PN}-0.5.0-tinygettext.patch + "${FILESDIR}"/${PN}-0.6.0-{license,icon,obstack}.patch + "${FILESDIR}"/${PN}-0.6.3-missing-include.patch + "${FILESDIR}"/${PN}-0.6.3-squirrel-CVE-2022-30292.patch +) + +src_configure() { + local mycmakeargs=( + -DWERROR=OFF + -DINSTALL_SUBDIR_BIN=bin + -DINSTALL_SUBDIR_DOC=share/doc/${PF} + -DINSTALL_SUBDIR_SHARE=share/${PN}2 + -DENABLE_SQDBG="$(usex debug)" + -DUSE_SYSTEM_PHYSFS=ON + -DIS_SUPERTUX_RELEASE=ON + ) + cmake_src_configure +} |