This patch originates from the Debian project, see https://www.debian.org/

18dbpagesize_binpower.dpatch by  <hesso@pool.math.tu-berlin.de>


Make sure that the pagesize passed to db__set_pagesize() is a power of two.

nvi stores the content of files in BDB database structures. When initiating a
file, it picks a page size for the database to fit the file within 15 pages,
with a minimal page size of 1K and maximal of 10K.

In vanilla nvi, this size is calculated as a multiple of 1024. Modern versions
of BDB, however, require the page size of a database to be a power of two, which
this patch addresses, ridding us of the following message:

  BDB0511 page sizes must be a power-of-2

--- nvi-1.81.6.orig/common/exf.c	2009-03-09 01:48:01.695862889 +0100
+++ nvi-1.81.6/common/exf.c	2009-03-09 10:42:41.147866272 +0100
@@ -249,11 +249,10 @@
 		 * (vi should have good locality) or smaller than 1K.
 		 */
 		psize = ((sb.st_size / 15) + 1023) / 1024;
-		if (psize > 10)
-			psize = 10;
-		if (psize == 0)
-			psize = 1;
-		psize *= 1024;
+		if (psize >= 8) psize=8<<10;
+		else if (psize >= 4) psize=4<<10;
+		else if (psize >= 2) psize=2<<10;
+		else psize=1<<10;
 
 		F_SET(ep, F_DEVSET);
 		ep->mdev = sb.st_dev;
f='/guix/tree/nix/libutil/util.hh?id=962c8191d91b9482ebed8f8e7cc25cce6def9cf5'>tree</a><a href='/guix/commit/nix/libutil/util.hh?id=962c8191d91b9482ebed8f8e7cc25cce6def9cf5'>commit</a><a href='/guix/diff/nix/libutil/util.hh?id=962c8191d91b9482ebed8f8e7cc25cce6def9cf5'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/nix/libutil/util.hh'>
<input type='hidden' name='id' value='962c8191d91b9482ebed8f8e7cc25cce6def9cf5'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=962c8191d91b9482ebed8f8e7cc25cce6def9cf5'>root</a>/<a href='/guix/log/nix?id=962c8191d91b9482ebed8f8e7cc25cce6def9cf5'>nix</a>/<a href='/guix/log/nix/libutil?id=962c8191d91b9482ebed8f8e7cc25cce6def9cf5'>libutil</a>/<a href='/guix/log/nix/libutil/util.hh?id=962c8191d91b9482ebed8f8e7cc25cce6def9cf5'>util.hh</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/nix/libutil/util.hh?id=962c8191d91b9482ebed8f8e7cc25cce6def9cf5&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2024-03-12 14:07:28 +0100'>2024-03-12</span></td><td><a href='/guix/commit/nix/libutil/util.hh?id=ff1251de0bc327ec478fc66a562430fbf35aef42'>daemon: Address shortcoming in previous security fix for CVE-2024-27297.</a><span class='msg-avail'>...<span class='msg-tooltip'>This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143.

Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two
ways: (1) it didn’t have any effet for fixed-output derivations
performed in a chroot, which is the case for all of them except those
using “builtin:download” and “builtin:git-download”, and (2) it did not
preserve ownership when copying, leading to “suspicious ownership or
permission […] rejecting this build output” errors.

* nix/libstore/build.cc (DerivationGoal::buildDone): Account for
‘chrootRootDir’ when copying ‘drv.outputs’.
* nix/libutil/util.cc (copyFileRecursively): Add ‘fchown’ and ‘fchownat’
calls to preserve file ownership; this is necessary for chrooted
fixed-output derivation builds.
* nix/libutil/util.hh: Update comment.

Change-Id: Ib59f040e98fed59d1af81d724b874b592cbef156
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2024-03-11 22:12:34 +0100'>2024-03-11</span></td><td><a href='/guix/commit/nix/libutil/util.hh?id=8f4ffb3fae133bb21d7991e97c2f19a7108b1143'>daemon: Protect against FD escape when building fixed-output derivations (CVE...</a><span class='msg-avail'>...<span class='msg-tooltip'>This fixes a security issue (CVE-2024-27297) whereby a fixed-output
derivation build process could open a writable file descriptor to its
output, send it to some outside process for instance over an abstract
AF_UNIX socket, which would then allow said process to modify the file
in the store after it has been marked as “valid”.

Vulnerability discovered by puck &lt;https://github.com/puckipedia&gt;.

Nix security advisory:
https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37

Nix fix:
https://github.com/NixOS/nix/commit/244f3eee0bbc7f11e9b383a15ed7368e2c4becc9

* nix/libutil/util.cc (readDirectory): Add variants that take a DIR* and
a file descriptor.  Rewrite the ‘Path’ variant accordingly.
(copyFile, copyFileRecursively): New functions.
* nix/libutil/util.hh (copyFileRecursively): New declaration.
* nix/libstore/build.cc (DerivationGoal::buildDone): When ‘fixedOutput’
is true, call ‘copyFileRecursively’ followed by ‘rename’ on each output.

Change-Id: I7952d41093eed26e123e38c14a4c1424be1ce1c4

Reported-by: Picnoir &lt;picnoir@alternativebit.fr&gt;, Théophane Hufschmitt &lt;theophane.hufschmitt@tweag.io&gt;
Change-Id: Idb5f2757f35af86b032a9851cecb19b70227bd88
</span></span></td><td>Ludovic Courtès</td></tr>

Age	Commit message (Expand)	Author
2024-03-12	daemon: Address shortcoming in previous security fix for CVE-2024-27297....This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143. Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two ways: (1) it didn’t have any effet for fixed-output derivations performed in a chroot, which is the case for all of them except those using “builtin:download” and “builtin:git-download”, and (2) it did not preserve ownership when copying, leading to “suspicious ownership or permission […] rejecting this build output” errors. * nix/libstore/build.cc (DerivationGoal::buildDone): Account for ‘chrootRootDir’ when copying ‘drv.outputs’. * nix/libutil/util.cc (copyFileRecursively): Add ‘fchown’ and ‘fchownat’ calls to preserve file ownership; this is necessary for chrooted fixed-output derivation builds. * nix/libutil/util.hh: Update comment. Change-Id: Ib59f040e98fed59d1af81d724b874b592cbef156	Ludovic Courtès
2024-03-11	daemon: Protect against FD escape when building fixed-output derivations (CVE......This fixes a security issue (CVE-2024-27297) whereby a fixed-output derivation build process could open a writable file descriptor to its output, send it to some outside process for instance over an abstract AF_UNIX socket, which would then allow said process to modify the file in the store after it has been marked as “valid”. Vulnerability discovered by puck <https://github.com/puckipedia>. Nix security advisory: https://github.com/NixOS/nix/security/advisories/GHSA-2ffj-w4mj-pg37 Nix fix: https://github.com/NixOS/nix/commit/244f3eee0bbc7f11e9b383a15ed7368e2c4becc9 * nix/libutil/util.cc (readDirectory): Add variants that take a DIR* and a file descriptor. Rewrite the ‘Path’ variant accordingly. (copyFile, copyFileRecursively): New functions. * nix/libutil/util.hh (copyFileRecursively): New declaration. * nix/libstore/build.cc (DerivationGoal::buildDone): When ‘fixedOutput’ is true, call ‘copyFileRecursively’ followed by ‘rename’ on each output. Change-Id: I7952d41093eed26e123e38c14a4c1424be1ce1c4 Reported-by: Picnoir <picnoir@alternativebit.fr>, Théophane Hufschmitt <theophane.hufschmitt@tweag.io> Change-Id: Idb5f2757f35af86b032a9851cecb19b70227bd88	Ludovic Courtès