diff options
| author |   Andrew Savchenko <bircoph@gentoo.org> | 2021-08-11 17:47:20 +0300 |
|---|---|---|
| committer | Andrew Savchenko <bircoph@gentoo.org> | 2021-08-11 17:54:51 +0300 |
| commit | a6d841717c0d8a3cd1c56a88f0bd067551762384 (patch) | |
| tree | ad9dbbdf6c6e59294190a3b8f19b26ac2a542800 /net-proxy | |
| parent | app-crypt/certbot-nginx: 1.17.0 stable amd64 x86 (diff) | |
| download | gentoo-a6d841717c0d8a3cd1c56a88f0bd067551762384.tar.gz gentoo-a6d841717c0d8a3cd1c56a88f0bd067551762384.tar.bz2 gentoo-a6d841717c0d8a3cd1c56a88f0bd067551762384.zip | |
net-proxy/polipo: fix CVE-2020-36420
Discard packet with invalid range field instead of raising assert, this
conforms to RFC7233. Return appropriate error message.
Bug: https://bugs.gentoo.org/755896
Package-Manager: Portage-3.0.20, Repoman-3.0.3
Signed-off-by: Andrew Savchenko <bircoph@gentoo.org>
Diffstat (limited to 'net-proxy')
| -rw-r--r-- | net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch | 26 | ||||
| -rw-r--r-- | net-proxy/polipo/polipo-1.1.1-r5.ebuild | 61 | ||||
| -rw-r--r-- | net-proxy/polipo/polipo-9999.ebuild | 7 |
3 files changed, 91 insertions, 3 deletions
diff --git a/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch b/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch new file mode 100644 index 000000000000..20fca8cf30a5 --- /dev/null +++ b/net-proxy/polipo/files/polipo-1.1.1-cve-2020-36420.patch @@ -0,0 +1,26 @@ +Reject packet with malformed range field instead of raising assert. +This fixes CVE-2020-36420 and makes polipo conformant to RFC7233. +--- a/server.c 2014-05-15 02:19:43.000000000 +0400 ++++ b/server.c 2021-08-11 13:42:55.156568391 +0300 +@@ -1468,7 +1468,6 @@ + int port; + int x, y, z; + +- assert(from >= 0 && (to < 0 || to > from)); + assert(closure == NULL); + assert(!(object->flags & OBJECT_LOCAL)); + assert(object->type == OBJECT_HTTP); +@@ -1499,6 +1498,13 @@ + notifyObject(object); + return 1; + } ++ ++ if(!(from >= 0 && (to < 0 || to > from))) { ++ do_log(L_ERROR, "Invalid Range field in the header: from=%d, to=%d.\n", from, to); ++ abortObject(object, 400, internAtom("Invalid range header field")); ++ notifyObject(object); ++ return 1; ++ } + + memcpy(name, ((char*)object->key) + x, y - x); + name[y - x] = '\0'; diff --git a/net-proxy/polipo/polipo-1.1.1-r5.ebuild b/net-proxy/polipo/polipo-1.1.1-r5.ebuild new file mode 100644 index 000000000000..78b405073393 --- /dev/null +++ b/net-proxy/polipo/polipo-1.1.1-r5.ebuild @@ -0,0 +1,61 @@ +# Copyright 1999-2021 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +if [[ ${PV} == "9999" ]] ; then + _GIT=git-r3 + EGIT_REPO_URI="https://github.com/jech/${PN}.git" + SRC_URI="" +else + SRC_URI="http://www.pps.jussieu.fr/~jch/software/files/${PN}/${P}.tar.gz" + KEYWORDS="~amd64 ~x86" +fi + +inherit ${_GIT} toolchain-funcs user systemd + +DESCRIPTION="A caching web proxy" +HOMEPAGE="http://www.pps.jussieu.fr/~jch/software/polipo/" +LICENSE="MIT GPL-2" +SLOT="0" +IUSE="systemd" + +DEPEND="sys-apps/texinfo" +RDEPEND="" + +PATCHES=( "${FILESDIR}/${P}-cve-2020-36420.patch" ) + +pkg_setup() { + enewgroup ${PN} + enewuser ${PN} -1 -1 /var/cache/${PN} ${PN} +} + +src_compile() { + tc-export CC + emake PREFIX=/usr "CDEBUGFLAGS=${CFLAGS}" all +} + +src_install() { + emake install PREFIX=/usr MANDIR=/usr/share/man INFODIR=/usr/share/info "TARGET=${D}" + + newinitd "${FILESDIR}/${PN}.initd-5" ${PN} + insinto /etc/${PN} ; doins "${FILESDIR}/config" + systemd_newunit "${FILESDIR}/${PN}_at.service" "${PN}@.service" + if ! use systemd; then + exeinto /etc/cron.weekly ; newexe "${FILESDIR}/${PN}.crond-2" ${PN} + fi + + dodoc -r CHANGES README html +} + +pkg_postinst() { + elog "Do not forget to read the manual." + elog "Change the config file in /etc/${PN} to suit your needs." + elog "" + elog "Polipo init scripts can now be multiplexed:" + elog "1. create /etc/${PN}/config.foo" + elog "2. symlink /etc/init.d/{${PN}.foo -> ${PN}}" + elog " a. if you are using OpenRC, symlink /etc/init.d/{${PN}.foo -> ${PN}}" + elog " b. if you are using systemd, execute \"systemctl enable polipo@config.foo\"" + elog "3. make sure all instances use unique ip:port pair and cachedir, if any" +} diff --git a/net-proxy/polipo/polipo-9999.ebuild b/net-proxy/polipo/polipo-9999.ebuild index 873d40f12a32..927a75f9be2f 100644 --- a/net-proxy/polipo/polipo-9999.ebuild +++ b/net-proxy/polipo/polipo-9999.ebuild @@ -1,7 +1,7 @@ # Copyright 1999-2021 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI="5" +EAPI=7 if [[ ${PV} == "9999" ]] ; then _GIT=git-r3 @@ -23,6 +23,8 @@ IUSE="systemd" DEPEND="sys-apps/texinfo" RDEPEND="" +PATCHES=( "${FILESDIR}/${P}-cve-2020-36420.patch" ) + pkg_setup() { enewgroup ${PN} enewuser ${PN} -1 -1 /var/cache/${PN} ${PN} @@ -43,8 +45,7 @@ src_install() { exeinto /etc/cron.weekly ; newexe "${FILESDIR}/${PN}.crond-2" ${PN} fi - dodoc CHANGES README - dohtml html/* + dodoc -r CHANGES README html } pkg_postinst() { |