diff options
author | Joshua Brindle <method@gentoo.org> | 2004-11-13 20:39:38 +0000 |
---|---|---|
committer | Joshua Brindle <method@gentoo.org> | 2004-11-13 20:39:38 +0000 |
commit | 52a6523fd21654d926cbc3300ccb8b25e7018a0f (patch) | |
tree | e44f633e8db29bd285e462430253c8496c7293fd /sys-kernel | |
parent | name_bind needed for all ports above 1024 (Manifest recommit) (diff) | |
download | gentoo-2-52a6523fd21654d926cbc3300ccb8b25e7018a0f.tar.gz gentoo-2-52a6523fd21654d926cbc3300ccb8b25e7018a0f.tar.bz2 gentoo-2-52a6523fd21654d926cbc3300ccb8b25e7018a0f.zip |
fixes for 2 binfmt vulnerabilities
Diffstat (limited to 'sys-kernel')
-rw-r--r-- | sys-kernel/hardened-dev-sources/Manifest | 17 | ||||
-rw-r--r-- | sys-kernel/hardened-dev-sources/files/digest-hardened-dev-sources-2.6.7-r12 (renamed from sys-kernel/hardened-dev-sources/files/digest-hardened-dev-sources-2.6.7-r11) | 0 | ||||
-rw-r--r-- | sys-kernel/hardened-dev-sources/files/hardened-2.6.7-binfmt_aout.patch | 38 | ||||
-rw-r--r-- | sys-kernel/hardened-dev-sources/files/hardened-2.6.7-binfmt_elf.patch | 72 | ||||
-rw-r--r-- | sys-kernel/hardened-dev-sources/hardened-dev-sources-2.6.7-r12.ebuild (renamed from sys-kernel/hardened-dev-sources/hardened-dev-sources-2.6.7-r11.ebuild) | 6 |
5 files changed, 124 insertions, 9 deletions
diff --git a/sys-kernel/hardened-dev-sources/Manifest b/sys-kernel/hardened-dev-sources/Manifest index fad1794c0fe8..11a8d7b720c1 100644 --- a/sys-kernel/hardened-dev-sources/Manifest +++ b/sys-kernel/hardened-dev-sources/Manifest @@ -1,13 +1,16 @@ -MD5 6ceac5877bbf8ffb6523d3d671031b73 hardened-dev-sources-2.6.7-r7.ebuild 1089 +MD5 bdfee2c0b8e7e28ca4edf1a0f5fb68ba hardened-dev-sources-2.6.7-r12.ebuild 1325 MD5 82fb2e488cf74ed7bdb51f1f521c1fe4 hardened-dev-sources-2.6.7-r8.ebuild 1092 -MD5 73174f8e07b82c5df563b7196f87611c metadata.xml 299 MD5 0b8ab20736a2b68476718b12a797d7ff hardened-dev-sources-2.6.7-r10.ebuild 1163 -MD5 9b11b010b20cf817ea3c7d946d5af5f6 hardened-dev-sources-2.6.7-r11.ebuild 1224 MD5 0af7a831541e6c25410ddabf057001e6 ChangeLog 7756 -MD5 efbbfbed471c50333a8c2fd2f2b0b061 files/digest-hardened-dev-sources-2.6.7-r7 219 -MD5 0f763833ebbcbf0f2a8ac151454c3b29 files/digest-hardened-dev-sources-2.6.7-r8 219 -MD5 8204afea1d572b49a4a80d8da4eef0c9 files/hardened-dev-sources-2.6.7.CAN-2004-0596.patch 1033 +MD5 73174f8e07b82c5df563b7196f87611c metadata.xml 299 +MD5 6ceac5877bbf8ffb6523d3d671031b73 hardened-dev-sources-2.6.7-r7.ebuild 1089 MD5 8add7d7ef69d9ff384b7d4f5a0356cc3 files/digest-hardened-dev-sources-2.6.7-r10 219 +MD5 8add7d7ef69d9ff384b7d4f5a0356cc3 files/digest-hardened-dev-sources-2.6.7-r11 219 +MD5 8add7d7ef69d9ff384b7d4f5a0356cc3 files/digest-hardened-dev-sources-2.6.7-r12 219 MD5 bc48c226344f94535c3ba2e0ce55bf24 files/hardened-dev-sources-2.6.7.CAN-2004-0816.patch 1694 +MD5 8204afea1d572b49a4a80d8da4eef0c9 files/hardened-dev-sources-2.6.7.CAN-2004-0596.patch 1033 MD5 7e3d1d44b244b238ff3e36bfe1f05c80 files/h-d-s-2.6.7-amd64-kill-vm_force_exec32.patch 871 -MD5 8add7d7ef69d9ff384b7d4f5a0356cc3 files/digest-hardened-dev-sources-2.6.7-r11 219 +MD5 d7ed23c76699efe407ec668eeba30b1e files/hardened-2.6.7-binfmt_aout.patch 983 +MD5 efbbfbed471c50333a8c2fd2f2b0b061 files/digest-hardened-dev-sources-2.6.7-r7 219 +MD5 0f763833ebbcbf0f2a8ac151454c3b29 files/digest-hardened-dev-sources-2.6.7-r8 219 +MD5 8c8057d653a02bface4475a62e2debe0 files/hardened-2.6.7-binfmt_elf.patch 1917 diff --git a/sys-kernel/hardened-dev-sources/files/digest-hardened-dev-sources-2.6.7-r11 b/sys-kernel/hardened-dev-sources/files/digest-hardened-dev-sources-2.6.7-r12 index 3ac31c5a42bf..3ac31c5a42bf 100644 --- a/sys-kernel/hardened-dev-sources/files/digest-hardened-dev-sources-2.6.7-r11 +++ b/sys-kernel/hardened-dev-sources/files/digest-hardened-dev-sources-2.6.7-r12 diff --git a/sys-kernel/hardened-dev-sources/files/hardened-2.6.7-binfmt_aout.patch b/sys-kernel/hardened-dev-sources/files/hardened-2.6.7-binfmt_aout.patch new file mode 100644 index 000000000000..10d60f6295da --- /dev/null +++ b/sys-kernel/hardened-dev-sources/files/hardened-2.6.7-binfmt_aout.patch @@ -0,0 +1,38 @@ +--- linux-2.6.7-hardened-r10/fs/binfmt_aout.c 2004-11-13 13:44:36.000000000 -0500 ++++ linux-2.6.7-hardened-r11/fs/binfmt_aout.c 2004-11-13 14:36:45.551223616 -0500 +@@ -45,13 +45,18 @@ + .min_coredump = PAGE_SIZE + }; + +-static void set_brk(unsigned long start, unsigned long end) ++#define BAD_ADDR(x) ((unsigned long)(x) >= TASK_SIZE) ++ ++static int set_brk(unsigned long start, unsigned long end) + { + start = PAGE_ALIGN(start); + end = PAGE_ALIGN(end); +- if (end <= start) +- return; +- do_brk(start, end - start); ++ if (end > start) { ++ unsigned long addr = do_brk(start, end - start); ++ if (BAD_ADDR(addr)) ++ return addr; ++ } ++ return 0; + } + + /* +@@ -441,7 +446,11 @@ + beyond_if: + set_binfmt(&aout_format); + +- set_brk(current->mm->start_brk, current->mm->brk); ++ retval = set_brk(current->mm->start_brk, current->mm->brk); ++ if (retval < 0) { ++ send_sig(SIGKILL, current, 0); ++ return retval; ++ } + + retval = setup_arg_pages(bprm, EXSTACK_DEFAULT); + if (retval < 0) { diff --git a/sys-kernel/hardened-dev-sources/files/hardened-2.6.7-binfmt_elf.patch b/sys-kernel/hardened-dev-sources/files/hardened-2.6.7-binfmt_elf.patch new file mode 100644 index 000000000000..224f7c010538 --- /dev/null +++ b/sys-kernel/hardened-dev-sources/files/hardened-2.6.7-binfmt_elf.patch @@ -0,0 +1,72 @@ +--- linux-2.6.7-hardened-r10/fs/binfmt_elf.c 2004-11-13 13:44:36.000000000 -0500 ++++ linux-2.6.7-hardened-r11/fs/binfmt_elf.c 2004-11-13 13:58:33.000000000 -0500 +@@ -347,9 +347,12 @@ + goto out; + + retval = kernel_read(interpreter,interp_elf_ex->e_phoff,(char *)elf_phdata,size); +- error = retval; +- if (retval < 0) ++ error = -EIO; ++ if (retval != size) { ++ if (retval < 0) ++ error = retval; + goto out_close; ++ } + + #ifdef CONFIG_PAX_SEGMEXEC + if (current->flags & PF_PAX_SEGMEXEC) +@@ -767,8 +770,11 @@ + goto out; + + retval = kernel_read(bprm->file, elf_ex.e_phoff, (char *) elf_phdata, size); +- if (retval < 0) ++ if (retval != size) { ++ if (retval >= 0) ++ retval = -EIO; + goto out_free_ph; ++ } + + files = current->files; /* Refcounted so ok */ + retval = unshare_files(); +@@ -815,8 +821,14 @@ + retval = kernel_read(bprm->file, elf_ppnt->p_offset, + elf_interpreter, + elf_ppnt->p_filesz); +- if (retval < 0) ++ if (retval != elf_ppnt->p_filesz) { ++ if (retval >= 0) ++ retval = -EIO; + goto out_free_interp; ++ } ++ /* make sure path is NULL terminated */ ++ elf_interpreter[elf_ppnt->p_filesz - 1] = '\0'; ++ + /* If the program interpreter is one of these two, + * then assume an iBCS2 image. Otherwise assume + * a native linux image. +@@ -851,8 +863,11 @@ + if (IS_ERR(interpreter)) + goto out_free_interp; + retval = kernel_read(interpreter, 0, bprm->buf, BINPRM_BUF_SIZE); +- if (retval < 0) ++ if (retval != BINPRM_BUF_SIZE) { ++ if (retval >= 0) ++ retval = -EIO; + goto out_free_dentry; ++ } + + /* Get the exec headers */ + interp_ex = *((struct exec *) bprm->buf); +@@ -1105,8 +1120,10 @@ + } + #endif + +- if (BAD_ADDR(error)) +- continue; ++ if (BAD_ADDR(error)) { ++ send_sig(SIGKILL, current, 0); ++ goto out_free_dentry; ++ } + + /* PaX: mirror at a randomized base */ + down_write(¤t->mm->mmap_sem); diff --git a/sys-kernel/hardened-dev-sources/hardened-dev-sources-2.6.7-r11.ebuild b/sys-kernel/hardened-dev-sources/hardened-dev-sources-2.6.7-r12.ebuild index 7ffe3eecacac..e0250a2540a6 100644 --- a/sys-kernel/hardened-dev-sources/hardened-dev-sources-2.6.7-r11.ebuild +++ b/sys-kernel/hardened-dev-sources/hardened-dev-sources-2.6.7-r12.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-dev-sources/hardened-dev-sources-2.6.7-r11.ebuild,v 1.1 2004/11/11 00:18:19 lv Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-kernel/hardened-dev-sources/hardened-dev-sources-2.6.7-r12.ebuild,v 1.1 2004/11/13 20:39:38 method Exp $ IUSE="" ETYPE="sources" @@ -19,7 +19,9 @@ UNIPATCH_EXCLUDE="1315_alpha" UNIPATCH_LIST="${DISTDIR}/hardened-patches-${KV_MAJOR}.${KV_MINOR}-${HGPV}.tar.bz2 ${DISTDIR}/genpatches-${KV_MAJOR}.${KV_MINOR}-${GPV}-base.tar.bz2 ${FILESDIR}/hardened-dev-sources-2.6.7.CAN-2004-0816.patch - ${FILESDIR}/h-d-s-2.6.7-amd64-kill-vm_force_exec32.patch" + ${FILESDIR}/h-d-s-2.6.7-amd64-kill-vm_force_exec32.patch + ${FILESDIR}/hardened-2.6.7-binfmt_elf.patch + ${FILESDIR}/hardened-2.6.7-binfmt_aout.patch" UNIPATCH_DOCS="${WORKDIR}/patches/hardened-patches-${KV_MAJOR}.${KV_MINOR}-${HGPV}/0000_README" DESCRIPTION="Hardened sources for the ${KV_MAJOR}.${KV_MINOR} kernel tree" |