aland/nixpkgs-odroid-hc4
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

uboot: (firmwareOdroidC2/C4) don't invoke patch tool, use patches = [] instead

Browse source 
https://github.com/NixOS/nixpkgs/blob/master/pkgs/stdenv/generic/setup.sh#L948
this can do it nicely.

Signed-off-by: Anton Arapov <anton@deadbeef.mx>
This commit is contained in:
Anton Arapov 2021-04-03 12:58:10 +02:00 committed by Alan Daniels
commit 56de2bcd43
30691 changed files with 3076956 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
pkgs/development/libraries/openslp/CVE-2016-4912.patch Normal file
View file

@ -0,0 +1,11 @@
--- a/common/slp_xmalloc.c
+++ b/common/slp_xmalloc.c
@@ -206,7 +206,7 @@ void * _xrealloc(const char * file, int line, void * ptr, size_t size)
if (newptr == 0)
return 0;
memcpy(newptr, ptr, x->size);
- _xfree(file, line, x);
+ _xfree(file, line, ptr);
}
return newptr;
}

165
pkgs/development/libraries/openslp/CVE-2019-5544.patch Normal file
View file

@ -0,0 +1,165 @@
diff -ur openslp-2.0.0.orig/common/slp_buffer.c openslp-2.0.0/common/slp_buffer.c
--- openslp-2.0.0.orig/common/slp_buffer.c 2012-12-10 15:31:53.000000000 -0800
+++ openslp-2.0.0/common/slp_buffer.c 2019-11-26 21:54:20.000000000 -0800
@@ -30,6 +30,13 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*-------------------------------------------------------------------------*/
+/* Copyright (c) 2019 VMware, Inc.
+ * SPDX-License-Identifier: BSD-3-Clause
+ * This file is provided under the BSD-3-Clause license.
+ * See COPYING file for more details and other copyrights
+ * that may apply.
+ */
+
/** Functions for managing SLP message buffers.
*
* This file provides a higher level abstraction over malloc and free that
@@ -153,4 +160,20 @@
xfree(buf);
}
+/** Report remaining free buffer size in bytes.
+ *
+ * Check if buffer is allocated and if so return bytes left in a
+ * @c SLPBuffer object.
+ *
+ * @param[in] buf The SLPBuffer to be freed.
+ */
+size_t
+RemainingBufferSpace(SLPBuffer buf)
+{
+ if (buf->allocated == 0) {
+ return 0;
+ }
+ return buf->end - buf->curpos;
+}
+
/*=========================================================================*/
diff -ur openslp-2.0.0.orig/common/slp_buffer.h openslp-2.0.0/common/slp_buffer.h
--- openslp-2.0.0.orig/common/slp_buffer.h 2012-11-28 09:07:04.000000000 -0800
+++ openslp-2.0.0/common/slp_buffer.h 2019-11-26 21:54:32.000000000 -0800
@@ -30,6 +30,13 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*-------------------------------------------------------------------------*/
+/* Copyright (c) 2019 VMware, Inc.
+ * SPDX-License-Identifier: BSD-3-Clause
+ * This file is provided under the BSD-3-Clause license.
+ * See COPYING file for more details and other copyrights
+ * that may apply.
+ */
+
/** Header file that defines SLP message buffer management routines.
*
* Includes structures, constants and functions that used to handle memory
@@ -78,6 +85,8 @@
SLPBuffer SLPBufferListAdd(SLPBuffer * list, SLPBuffer buf);
+size_t RemainingBufferSpace(SLPBuffer buf);
+
/*! @} */
#endif /* SLP_BUFFER_H_INCLUDED */
diff -ur openslp-2.0.0.orig/slpd/slpd_process.c openslp-2.0.0/slpd/slpd_process.c
--- openslp-2.0.0.orig/slpd/slpd_process.c 2012-12-12 09:38:54.000000000 -0800
+++ openslp-2.0.0/slpd/slpd_process.c 2019-11-26 21:55:10.000000000 -0800
@@ -30,6 +30,13 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*-------------------------------------------------------------------------*/
+/* Copyright (c) 2019 VMware, Inc.
+ * SPDX-License-Identifier: BSD-3-Clause
+ * This file is provided under the BSD-3-Clause license.
+ * See COPYING file for more details and other copyrights
+ * that may apply.
+ */
+
/** Processes incoming SLP messages.
*
* @file slpd_process.c
@@ -514,13 +521,27 @@
{
for (i = 0; i < db->urlcount; i++)
{
- /* urlentry is the url from the db result */
urlentry = db->urlarray[i];
+ if (urlentry->opaque != NULL) {
+ const int64_t newsize = size + urlentry->opaquelen;
+ if (urlentry->opaquelen <= 0 || newsize > INT_MAX)
+ {
+ SLPDLog("Invalid opaquelen %d or sizeo of opaque url is too big, size=%d\n",
+ urlentry->opaquelen, size);
+ errorcode = SLP_ERROR_PARSE_ERROR;
+ goto FINISHED;
+ }
+ size += urlentry->opaquelen;
+ }
+ else
+ {
+ /* urlentry is the url from the db result */
+ size += urlentry->urllen + 6; /* 1 byte for reserved */
+ /* 2 bytes for lifetime */
+ /* 2 bytes for urllen */
+ /* 1 byte for authcount */
+ }
- size += urlentry->urllen + 6; /* 1 byte for reserved */
- /* 2 bytes for lifetime */
- /* 2 bytes for urllen */
- /* 1 byte for authcount */
#ifdef ENABLE_SLPv2_SECURITY
/* make room to include the authblock that was asked for */
if (G_SlpdProperty.securityEnabled
@@ -594,7 +615,7 @@
urlentry = db->urlarray[i];
#ifdef ENABLE_SLPv1
- if (urlentry->opaque == 0)
+ if (urlentry->opaque == NULL)
{
/* url-entry reserved */
*result->curpos++ = 0;
@@ -606,8 +627,18 @@
PutUINT16(&result->curpos, urlentry->urllen);
/* url-entry url */
- memcpy(result->curpos, urlentry->url, urlentry->urllen);
- result->curpos += urlentry->urllen;
+ if (RemainingBufferSpace(result) >= urlentry->urllen)
+ {
+ memcpy(result->curpos, urlentry->url, urlentry->urllen);
+ result->curpos = result->curpos + urlentry->urllen;
+ }
+ else
+ {
+ SLPDLog("Url too big (ask: %d have %" PRId64 "), failing request\n",
+ urlentry->opaquelen, (int64_t) RemainingBufferSpace(result));
+ errorcode = SLP_ERROR_PARSE_ERROR;
+ goto FINISHED;
+ }
/* url-entry auths */
*result->curpos++ = 0;
@@ -621,8 +652,18 @@
/* TRICKY: Fix up the lifetime. */
TO_UINT16(urlentry->opaque + 1, urlentry->lifetime);
- memcpy(result->curpos, urlentry->opaque, urlentry->opaquelen);
- result->curpos += urlentry->opaquelen;
+ if (RemainingBufferSpace(result) >= urlentry->opaquelen)
+ {
+ memcpy(result->curpos, urlentry->opaque, urlentry->opaquelen);
+ result->curpos = result->curpos + urlentry->opaquelen;
+ }
+ else
+ {
+ SLPDLog("Opaque Url too big (ask: %d have %" PRId64 "), failing request\n",
+ urlentry->opaquelen, (int64_t) RemainingBufferSpace(result));
+ errorcode = SLP_ERROR_PARSE_ERROR;
+ goto FINISHED;
+ }
}
}
}

35
pkgs/development/libraries/openslp/default.nix Normal file
View file

@ -0,0 +1,35 @@
{ lib, stdenv, fetchurl, fetchpatch }:
stdenv.mkDerivation rec {
pname = "openslp";
version = "2.0.0";
src = fetchurl {
url = "mirror://sourceforge/openslp/${version}/${version}/openslp-${version}.tar.gz";
sha256 = "16splwmqp0400w56297fkipaq9vlbhv7hapap8z09gp5m2i3fhwj";
};
patches = [
(fetchpatch {
name = "openslp-2.0.0-null-pointer-deref.patch";
url = "https://src.fedoraproject.org/cgit/rpms/openslp.git/plain/openslp-2.0.0-null-pointer-deref.patch";
sha256 = "186f3rj3z2lf5h1lpbhqk0szj2a9far1p3mjqg6422f29yjfnz6a";
})
(fetchpatch {
name = "openslp-2.0.0-CVE-2016-7567.patch";
url = "https://src.fedoraproject.org/cgit/rpms/openslp.git/plain/openslp-2.0.0-cve-2016-7567.patch";
sha256 = "0zp61axx93b7nrbsyhn2x4dnw7n9y6g4rys21hyqxk4khrnc2yr9";
})
./CVE-2016-4912.patch
./CVE-2019-5544.patch
];
meta = with lib; {
homepage = "http://www.openslp.org/";
description = "An open-source implementation of the IETF Service Location Protocol";
maintainers = with maintainers; [ ttuegel ];
license = licenses.bsd3;
platforms = platforms.all;
};
}