guix - Wojtek's customized Guix

about summary refs log tree commit diff

From: sms
Subject: Fix CVE-2014-8139: CRC32 verification heap-based overflow
Bug-Debian: http://bugs.debian.org/773722

--- a/extract.c
+++ b/extract.c
@@ -1,5 +1,5 @@
 /*
-  Copyright (c) 1990-2009 Info-ZIP.  All rights reserved.
+  Copyright (c) 1990-2014 Info-ZIP.  All rights reserved.
 
   See the accompanying file LICENSE, version 2009-Jan-02 or later
   (the contents of which are also included in unzip.h) for terms of use.
@@ -298,6 +298,8 @@
 #ifndef SFX
    static ZCONST char Far InconsistEFlength[] = "bad extra-field entry:\n \
      EF block length (%u bytes) exceeds remaining EF data (%u bytes)\n";
+   static ZCONST char Far TooSmallEFlength[] = "bad extra-field entry:\n \
+     EF block length (%u bytes) invalid (< %d)\n";
    static ZCONST char Far InvalidComprDataEAs[] =
      " invalid compressed data for EAs\n";
 #  if (defined(WIN32) && defined(NTSD_EAS))
@@ -2023,7 +2025,8 @@
         ebID = makeword(ef);
         ebLen = (unsigned)makeword(ef+EB_LEN);
 
-        if (ebLen > (ef_len - EB_HEADSIZE)) {
+        if (ebLen > (ef_len - EB_HEADSIZE))
+        {
            /* Discovered some extra field inconsistency! */
             if (uO.qflag)
                 Info(slide, 1, ((char *)slide, "%-22s ",
@@ -2032,6 +2035,16 @@
               ebLen, (ef_len - EB_HEADSIZE)));
             return PK_ERR;
         }
+        else if (ebLen < EB_HEADSIZE)
+        {
+            /* Extra block length smaller than header length. */
+            if (uO.qflag)
+                Info(slide, 1, ((char *)slide, "%-22s ",
+                  FnFilter1(G.filename)));
+            Info(slide, 1, ((char *)slide, LoadFarString(TooSmallEFlength),
+              ebLen, EB_HEADSIZE));
+            return PK_ERR;
+        }
 
         switch (ebID) {
             case EF_OS2:

sddm-configuration-numlock (default "on")) (halt-command sddm-configuration-halt-command (default (file-append shepherd "/sbin/halt"))) (reboot-command sddm-configuration-reboot-command (default (file-append shepherd "/sbin/reboot"))) ;; [Theme] ;; valid values are elarun, maldives or maya (theme sddm-configuration-theme (default "maldives")) (themes-directory sddm-configuration-themes-directory (default "/run/current-system/profile/share/sddm/themes")) (faces-directory sddm-configuration-faces-directory (default "/run/current-system/profile/share/sddm/faces")) ;; [Users] (default-path sddm-configuration-default-path (default "/run/current-system/profile/bin")) (minimum-uid sddm-configuration-minimum-uid (default 1000)) (maximum-uid sddm-configuration-maximum-uid (default 2000)) (remember-last-user? sddm-configuration-remember-last-user? (default #t)) (remember-last-session? sddm-configuration-remember-last-session? (default #t)) (hide-users sddm-configuration-hide-users (default "")) (hide-shells sddm-configuration-hide-shells (default (file-append shadow "/sbin/nologin"))) ;; [Wayland] (session-command sddm-configuration-session-command (default (file-append sddm "/share/sddm/scripts/wayland-session"))) (sessions-directory sddm-configuration-sessions-directory (default "/run/current-system/profile/share/wayland-sessions")) ;; [X11] (xorg-configuration sddm-configuration-xorg (default (xorg-configuration))) (xauth-path sddm-configuration-xauth-path (default (file-append xauth "/bin/xauth"))) (xephyr-path sddm-configuration-xephyr-path (default (file-append xorg-server "/bin/Xephyr"))) (xdisplay-start sddm-configuration-xdisplay-start (default (file-append sddm "/share/sddm/scripts/Xsetup"))) (xdisplay-stop sddm-configuration-xdisplay-stop (default (file-append sddm "/share/sddm/scripts/Xstop"))) (xsession-command sddm-configuration-xsession-command (default (xinitrc))) (xsessions-directory sddm-configuration-xsessions-directory (default "/run/current-system/profile/share/xsessions")) (minimum-vt sddm-configuration-minimum-vt (default 7)) ;; [Autologin] (auto-login-user sddm-configuration-auto-login-user (default "")) ;; valid values are xfce.desktop gnome.desktop weston.desktop hawaii.desktop (auto-login-session sddm-configuration-auto-login-session (default "")) (relogin? sddm-configuration-relogin? (default #f))) (define (sddm-configuration-file config) (mixed-text-file "sddm.conf" " [General] DisplayServer=" (sddm-configuration-display-server config) " Numlock=" (sddm-configuration-numlock config) " HaltCommand=" (sddm-configuration-halt-command config) " RebootCommand=" (sddm-configuration-reboot-command config) " [Users] DefaultPath=" (sddm-configuration-default-path config) " MinimumUid=" (number->string (sddm-configuration-minimum-uid config))" MaximumUid=" (number->string (sddm-configuration-maximum-uid config))" RememberLastUser=" (if (sddm-configuration-remember-last-user? config) "true" "false") " RememberLastSession=" (if (sddm-configuration-remember-last-session? config) "true" "false") " HideUsers=" (sddm-configuration-hide-users config) " Hideshells=" (sddm-configuration-hide-shells config) " [Theme] Current=" (sddm-configuration-theme config) " ThemeDir=" (sddm-configuration-themes-directory config) " FacesDir=" (sddm-configuration-faces-directory config) " [Wayland] SessionCommand=" (sddm-configuration-session-command config) " SessionDir=" (sddm-configuration-sessions-directory config) " [X11] ServerPath=" (xorg-start-command (sddm-configuration-xorg config)) " XauthPath=" (sddm-configuration-xauth-path config) " XephyrPath=" (sddm-configuration-xephyr-path config) " DisplayCommand=" (sddm-configuration-xdisplay-start config) " DisplayStopCommand=" (sddm-configuration-xdisplay-stop config) " SessionCommand=" (sddm-configuration-xsession-command config) " SessionDir=" (sddm-configuration-xsessions-directory config) " MinimumVT=" (number->string (sddm-configuration-minimum-vt config)) " ServerArguments=" (string-join (xorg-configuration-server-arguments (sddm-configuration-xorg config))) " [Autologin] User=" (sddm-configuration-auto-login-user config) " Session=" (sddm-configuration-auto-login-session config) " Relogin=" (if (sddm-configuration-relogin? config) "true" "false") " ")) (define (sddm-shepherd-service config) "Return a <shepherd-service> for sddm with CONFIG." (define sddm (sddm-configuration-sddm config)) (define qt6? (version-prefix? "6" (package-version (lookup-package-input sddm "qtbase")))) (define sddm-command #~(list (string-append #$sddm "/bin/sddm"))) (list (shepherd-service (documentation "SDDM display manager.") (requirement '(user-processes elogind pam)) (provision '(xorg-server display-manager)) (start #~(make-forkexec-constructor #$sddm-command ;; some theme need icon,qml,data so add path to env. #:environment-variables (cons* "XDG_DATA_DIRS=/run/current-system/profile/share" "XDG_CONFIG_DIRS=/run/current-system/profile/etc/xdg" #$(string-append "QT_PLUGIN_PATH=/run/current-system/profile/lib/qt" (if qt6? "6" "5") "/plugins") #$(string-append "QML" (if qt6? "" "2") "_IMPORT_PATH=/run/current-system/profile/lib/qt" (if qt6? "6" "5") "/qml") (default-environment-variables)))) (stop #~(make-kill-destructor))))) (define (sddm-etc-service config) (list `("sddm.conf" ,(sddm-configuration-file config)))) (define (sddm-pam-service config) "Return a PAM service for @command{sddm}." (pam-service (name "sddm") (auth (list (pam-entry (control "requisite") (module "pam_nologin.so")) (pam-entry (control "required") (module "pam_env.so")) (pam-entry (control "required") (module "pam_succeed_if.so") (arguments (list (string-append "uid >= " (number->string (sddm-configuration-minimum-uid config))) "quiet"))) ;; should be factored out into system-auth (pam-entry (control "required") (module "pam_unix.so")))) (account (list ;; should be factored out into system-account (pam-entry (control "required") (module "pam_unix.so")))) (password (list ;; should be factored out into system-password (pam-entry (control "required") (module "pam_unix.so") (arguments (list "sha512" "shadow" "try_first_pass"))))) (session (list ;; lfs has a required pam_limits.so ;; should be factored out into system-session (pam-entry (control "required") (module "pam_unix.so")))))) (define (sddm-greeter-pam-service) "Return a PAM service for @command{sddm-greeter}." (pam-service (name "sddm-greeter") (auth (list ;; Load environment from /etc/environment and ~/.pam_environment (pam-entry (control "required") (module "pam_env.so")) ;; Always let the greeter start without authentication (pam-entry (control "required") (module "pam_permit.so")))) (account (list ;; No action required for account management (pam-entry (control "required") (module "pam_permit.so")))) (password (list ;; Can't change password (pam-entry (control "required") (module "pam_deny.so")))) (session (list ;; Setup session (pam-entry (control "required") (module "pam_unix.so")))))) (define (sddm-autologin-pam-service config) "Return a PAM service for @command{sddm-autologin}" (pam-service (name "sddm-autologin") (auth (list (pam-entry (control "requisite") (module "pam_nologin.so")) (pam-entry (control "required") (module "pam_succeed_if.so") (arguments (list (string-append "uid >= " (number->string (sddm-configuration-minimum-uid config))) "quiet"))) (pam-entry (control "required") (module "pam_permit.so")))) (account (list (pam-entry (control "include") (module "sddm")))) (password (list (pam-entry (control "required") (module "pam_deny.so")))) (session (list (pam-entry (control "include") (module "sddm")))))) (define (sddm-pam-services config) (list (sddm-pam-service config) (sddm-greeter-pam-service) (sddm-autologin-pam-service config))) (define %sddm-accounts (list (user-group (name "sddm") (system? #t)) (user-account (name "sddm") (group "sddm") (system? #t) (comment "SDDM user") (home-directory "/var/lib/sddm") (shell (file-append shadow "/sbin/nologin"))))) ;; Add default themes to profile (define sddm-profile-service (compose list sddm-configuration-sddm)) (define sddm-service-type (handle-xorg-configuration sddm-configuration (service-type (name 'sddm) (extensions (list (service-extension shepherd-root-service-type sddm-shepherd-service) (service-extension etc-service-type sddm-etc-service) (service-extension pam-root-service-type sddm-pam-services) (service-extension account-service-type (const %sddm-accounts)) (service-extension profile-service-type sddm-profile-service) (service-extension localed-service-type (compose xorg-configuration-keyboard-layout sddm-configuration-xorg)))) (default-value (sddm-configuration)) (description "Run SDDM, a display and log-in manager for X11 and Wayland."))))