Fix segv issues with short content, per bug#426914

(Portage version: 2.2.0_alpha149/cvs/Linux x86_64, unsigned Manifest commit)

3 files changed, 83 insertions, 1 deletions

diff --git a/app-crypt/mcrypt/ChangeLog b/app-crypt/mcrypt/ChangeLog
index 8b2965ccc32f..79a59774c5f8 100644
--- a/app-crypt/mcrypt/ChangeLog
+++ b/app-crypt/mcrypt/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for app-crypt/mcrypt
 # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/mcrypt/ChangeLog,v 1.34 2012/02/18 08:34:38 radhermit Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/mcrypt/ChangeLog,v 1.35 2012/12/22 20:12:50 alonbl Exp $
+
+*mcrypt-2.6.8-r2 (22 Dec 2012)
+
+  22 Dec 2012; Alon Bar-Lev <alonbl@gentoo.org> +files/mcrypt-2.6.8-segv.patch,
+  +mcrypt-2.6.8-r2.ebuild:
+  Fix segv issues with short content, per bug#426914
 
   18 Feb 2012; Tim Harder <radhermit@gentoo.org> mcrypt-2.6.8-r1.ebuild,
   files/mcrypt-2.6.8-stdlib.h.patch:
diff --git a/app-crypt/mcrypt/files/mcrypt-2.6.8-segv.patch b/app-crypt/mcrypt/files/mcrypt-2.6.8-segv.patch
new file mode 100644
index 000000000000..478b3cbc0f6e
--- /dev/null
+++ b/app-crypt/mcrypt/files/mcrypt-2.6.8-segv.patch
@@ -0,0 +1,40 @@
+From 5bee29fae8f0e936ad4c957aef6035d09532a57a Mon Sep 17 00:00:00 2001
+From: Alon Bar-Lev <alon.barlev@gmail.com>
+Date: Sat, 22 Dec 2012 22:04:27 +0200
+Subject: [PATCH] cleanup: fixup segv on buffer access
+
+use exact buffer size instead of guess.
+
+do not copy out of source buffer.
+
+Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
+---
+ src/rfc2440.c |    5 +++--
+ 1 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/rfc2440.c b/src/rfc2440.c
+index 5a1f296..929b9ab 100644
+--- a/src/rfc2440.c
++++ b/src/rfc2440.c
+@@ -497,7 +497,7 @@ plaintext_encode(const USTRING dat)
+     time_t t;
+ 
+     assert(dat->len > 0);
+-    result = make_ustring( NULL,  2 * dat->len); /* xxx */
++    result = make_ustring( NULL,  dat->len + 12); /* xxx */
+     newdat = (USTRING)dat;
+     result->d[pos++] = (0x80 | 0x40 | PKT_PLAINTEXT);
+ 
+@@ -810,7 +810,8 @@ encrypted_encode(const USTRING pt, const DEK *dek)
+     _mcrypt_encrypt(dek->hd, rndpref, dek->blocklen + 2, NULL, 0);
+     _mcrypt_sync(dek->hd, rndpref, dek->blocklen);
+ 
+-    ct = make_ustring( rndpref,   2 * pt->len); /* xxx */
++    ct = make_ustring( NULL, dek->blocklen + 2 + pt->len + 12); /* xxx */
++    memcpy(ct->d, rndpref, dek->blocklen + 2);
+     pos = dek->blocklen + 2;
+     
+     _mcrypt_encrypt(dek->hd, ct->d + pos, pt->len, pt->d, pt->len);
+-- 
+1.7.8.6
+
diff --git a/app-crypt/mcrypt/mcrypt-2.6.8-r2.ebuild b/app-crypt/mcrypt/mcrypt-2.6.8-r2.ebuild
new file mode 100644
index 000000000000..532cfaf8781f
--- /dev/null
+++ b/app-crypt/mcrypt/mcrypt-2.6.8-r2.ebuild
@@ -0,0 +1,36 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/mcrypt/mcrypt-2.6.8-r2.ebuild,v 1.1 2012/12/22 20:12:50 alonbl Exp $
+
+EAPI="2"
+
+inherit eutils
+
+DESCRIPTION="replacement of the old unix crypt(1)"
+HOMEPAGE="http://mcrypt.sourceforge.net/"
+SRC_URI="mirror://sourceforge/mcrypt/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86 ~x86-macos"
+IUSE="nls"
+
+DEPEND=">=dev-libs/libmcrypt-2.5.8
+	>=app-crypt/mhash-0.9.9
+	sys-libs/zlib"
+RDEPEND="${DEPEND}"
+
+src_prepare() {
+	epatch "${FILESDIR}/${PN}-2.6.7-qa.patch"
+	epatch "${FILESDIR}/${P}-stdlib.h.patch"
+	epatch "${FILESDIR}/${P}-segv.patch"
+}
+
+src_configure() {
+	econf $(use_enable nls)
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed"
+	dodoc AUTHORS NEWS README THANKS TODO
+}