summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'dev-lang/ocaml')
-rw-r--r--dev-lang/ocaml/files/ocaml-4.05.0-CVE-2018-9838.patch70
-rw-r--r--dev-lang/ocaml/ocaml-4.05.0-r4.ebuild143
2 files changed, 213 insertions, 0 deletions
diff --git a/dev-lang/ocaml/files/ocaml-4.05.0-CVE-2018-9838.patch b/dev-lang/ocaml/files/ocaml-4.05.0-CVE-2018-9838.patch
new file mode 100644
index 000000000000..cfe3ff636c25
--- /dev/null
+++ b/dev-lang/ocaml/files/ocaml-4.05.0-CVE-2018-9838.patch
@@ -0,0 +1,70 @@
+https://bugs.gentoo.org/755257
+
+Needed for both fixing the CVE + compatibility with Debian for e.g.
+Unison.
+
+From c6ca3afc78b75d7748e4e09e56c6b020418be06e Mon Sep 17 00:00:00 2001
+From: Stephane Glondu <steph@glondu.net>
+Date: Fri, 25 Jan 2019 14:34:23 +0100
+Subject: [PATCH] Fix integer overflows when unmarshaling a bigarray
+
+Malicious or corrupted marshaled data can result in a bigarray
+with impossibly large dimensions that cause overflow when computing
+the in-memory size of the bigarray. Disaster ensues when the data
+is read in a too small memory area. This commit checks for overflows
+when computing the in-memory size of the bigarray.
+
+This patch is based on one by Xavier Leroy and has been modified to
+use caml_ba_multov instead of caml_umul_overflow which is unavailable
+in OCaml 4.05.0.
+
+The original commit hash is 85162eee9d4072fa9c2f498f03cd94e357033eec.
+
+Origin: https://github.com/ocaml/ocaml/pull/1718
+Bug: https://github.com/ocaml/ocaml/issues/7765
+Bug-Debian: https://bugs.debian.org/895472
+Bug-CVE: CVE-2018-9838
+--- a/otherlibs/bigarray/bigarray_stubs.c
++++ b/otherlibs/bigarray/bigarray_stubs.c
+@@ -966,22 +966,34 @@ static void caml_ba_deserialize_longarray(void * dest, intnat num_elts)
+ uintnat caml_ba_deserialize(void * dst)
+ {
+ struct caml_ba_array * b = dst;
+- int i, elt_size;
+- uintnat num_elts;
++ int i;
++ uintnat num_elts, size;
++ int overflow;
+
+ /* Read back header information */
+ b->num_dims = caml_deserialize_uint_4();
++ if (b->num_dims < 0 || b->num_dims > CAML_BA_MAX_NUM_DIMS)
++ caml_deserialize_error("input_value: wrong number of bigarray dimensions");
+ b->flags = caml_deserialize_uint_4() | CAML_BA_MANAGED;
+ b->proxy = NULL;
+ for (i = 0; i < b->num_dims; i++) b->dim[i] = caml_deserialize_uint_4();
+- /* Compute total number of elements */
+- num_elts = caml_ba_num_elts(b);
+- /* Determine element size in bytes */
++ /* Compute total number of elements. Watch out for overflows (MPR#7765). */
++ num_elts = 1;
++ for (i = 0; i < b->num_dims; i++) {
++ overflow = 0;
++ num_elts = caml_ba_multov(num_elts, b->dim[i], &overflow);
++ if (overflow)
++ caml_deserialize_error("input_value: size overflow for bigarray");
++ }
++ /* Determine array size in bytes. Watch out for overflows (MPR#7765). */
+ if ((b->flags & CAML_BA_KIND_MASK) > CAML_BA_CHAR)
+ caml_deserialize_error("input_value: bad bigarray kind");
+- elt_size = caml_ba_element_size[b->flags & CAML_BA_KIND_MASK];
++ overflow = 0;
++ size = caml_ba_multov(num_elts, caml_ba_element_size[b->flags & CAML_BA_KIND_MASK], &overflow);
++ if (overflow)
++ caml_deserialize_error("input_value: size overflow for bigarray");
+ /* Allocate room for data */
+- b->data = malloc(elt_size * num_elts);
++ b->data = malloc(size);
+ if (b->data == NULL)
+ caml_deserialize_error("input_value: out of memory for bigarray");
+ /* Read data */
diff --git a/dev-lang/ocaml/ocaml-4.05.0-r4.ebuild b/dev-lang/ocaml/ocaml-4.05.0-r4.ebuild
new file mode 100644
index 000000000000..1fd3049eff5e
--- /dev/null
+++ b/dev-lang/ocaml/ocaml-4.05.0-r4.ebuild
@@ -0,0 +1,143 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit flag-o-matic multilib toolchain-funcs
+
+PATCHLEVEL="9"
+MY_P="${P/_/-}"
+DESCRIPTION="Type-inferring functional programming language descended from the ML family"
+HOMEPAGE="https://ocaml.org"
+SRC_URI="https://github.com/ocaml/ocaml/archive/${PV/_/+}.tar.gz -> ${MY_P}.tar.gz
+ mirror://gentoo/${PN}-patches-${PATCHLEVEL}.tar.bz2"
+
+LICENSE="QPL-1.0 LGPL-2"
+# Everytime ocaml is updated to a new version, everything ocaml must be rebuilt,
+# so here we go with the subslot.
+SLOT="0/${PV}"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
+IUSE="emacs flambda latex ncurses +ocamlopt spacetime X xemacs"
+
+RDEPEND="
+ sys-libs/binutils-libs:=
+ ncurses? ( sys-libs/ncurses:0= )
+ spacetime? ( sys-libs/libunwind:= )
+ X? ( x11-libs/libX11 )
+ !dev-ml/num"
+BDEPEND="${RDEPEND}
+ virtual/pkgconfig"
+PDEPEND="emacs? ( app-emacs/ocaml-mode )
+ xemacs? ( app-xemacs/ocaml )"
+
+S="${WORKDIR}/${MY_P}"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-4.04.2-tinfo.patch #459512
+ "${FILESDIR}"/${P}-gcc10.patch
+ "${FILESDIR}"/${P}-CVE-2018-9838.patch
+)
+
+pkg_setup() {
+ # dev-lang/ocaml creates its own objects but calls gcc for linking, which will
+ # results in relocations if gcc wants to create a PIE executable
+ if gcc-specs-pie ; then
+ append-ldflags -nopie
+ ewarn "Ocaml generates its own native asm, you're using a PIE compiler"
+ ewarn "We have appended -nopie to ocaml build options"
+ ewarn "because linking an executable with pie while the objects are not pic will not work"
+ fi
+}
+
+src_prepare() {
+ EPATCH_SUFFIX="patch" eapply "${WORKDIR}/patches"
+ default
+}
+
+src_configure() {
+ export LC_ALL=C
+ local myconf=""
+
+ # Causes build failures because it builds some programs with -pg,
+ # bug #270920
+ filter-flags -fomit-frame-pointer
+ # Bug #285993
+ filter-mfpmath sse
+
+ # -ggdb3 & co makes it behave weirdly, breaks sexplib
+ replace-flags -ggdb* -ggdb
+
+ # OCaml generates textrels on 32-bit arches
+ # We can't do anything about it, but disabling it means that tests
+ # for OCaml-based packages won't fail on unexpected output
+ # bug #773226
+ if use arm || use ppc || use x86 ; then
+ append-ldflags "-Wl,-z,notext"
+ fi
+
+ # It doesn't compile on alpha without this LDFLAGS
+ use alpha && append-ldflags "-Wl,--no-relax"
+
+ use ncurses || myconf="${myconf} -no-curses"
+ use X || myconf="${myconf} -no-graph"
+ use flambda && myconf="${myconf} -flambda"
+ use spacetime && myconf="${myconf} -spacetime"
+
+ # ocaml uses a home-brewn configure script, preventing it to use econf.
+ RAW_LDFLAGS="$(raw-ldflags)" ./configure \
+ --prefix "${EPREFIX}"/usr \
+ --bindir "${EPREFIX}"/usr/bin \
+ --target-bindir "${EPREFIX}"/usr/bin \
+ --libdir "${EPREFIX}"/usr/$(get_libdir)/ocaml \
+ --mandir "${EPREFIX}"/usr/share/man \
+ -target "${CHOST}" \
+ -host "${CBUILD}" \
+ -cc "$(tc-getCC)" \
+ -as "$(tc-getAS)" \
+ -aspp "$(tc-getCC) -c" \
+ -partialld "$(tc-getLD) -r" \
+ --with-pthread ${myconf} || die "configure failed!"
+
+ # http://caml.inria.fr/mantis/view.php?id=4698
+ export CCLINKFLAGS="${LDFLAGS}"
+}
+
+src_compile() {
+ emake world
+
+ # Native code generation can be disabled now
+ if use ocamlopt ; then
+ # bug #279968
+ emake opt
+ emake -j1 opt.opt
+ fi
+}
+
+src_test() {
+ if use ocamlopt ; then
+ emake -j1 tests
+ else
+ ewarn "${PN} was built without 'ocamlopt' USE flag; skipping tests."
+ fi
+}
+
+src_install() {
+ emake BINDIR="${ED}"/usr/bin \
+ LIBDIR="${ED}"/usr/$(get_libdir)/ocaml \
+ MANDIR="${ED}"/usr/share/man \
+ install
+
+ # Symlink the headers to the right place
+ dodir /usr/include
+ # Create symlink for header files
+ dosym "../$(get_libdir)/ocaml/caml" /usr/include/caml
+ dodoc Changes README.adoc
+ # Create envd entry for latex input files
+ if use latex ; then
+ echo "TEXINPUTS=\"${EPREFIX}/usr/$(get_libdir)/ocaml/ocamldoc:\"" > "${T}/99ocamldoc"
+ doenvd "${T}/99ocamldoc"
+ fi
+ # Install ocaml-rebuild portage set
+ insinto /usr/share/portage/config/sets
+ doins "${FILESDIR}/ocaml.conf"
+}