From 01bb8c32471a29081be7d77f52e0f95da371b1cf Mon Sep 17 00:00:00 2001 From: Andrew Savchenko Date: Sun, 12 Feb 2017 03:05:33 +0300 Subject: sys-fs/e4rat: fix memory corruption It is unsafe to use Config::get(arg)c_str() pointer directly, since it may be overwritten by later get calls. Package-Manager: Portage-2.3.3, Repoman-2.3.1 Signed-off-by: Andrew Savchenko --- sys-fs/e4rat/e4rat-0.2.4_pre20141201-r1.ebuild | 64 ++++++++++++++++++++++++++ sys-fs/e4rat/files/e4rat-0.2.4-strdup.patch | 41 +++++++++++++++++ 2 files changed, 105 insertions(+) create mode 100644 sys-fs/e4rat/e4rat-0.2.4_pre20141201-r1.ebuild create mode 100644 sys-fs/e4rat/files/e4rat-0.2.4-strdup.patch (limited to 'sys-fs/e4rat') diff --git a/sys-fs/e4rat/e4rat-0.2.4_pre20141201-r1.ebuild b/sys-fs/e4rat/e4rat-0.2.4_pre20141201-r1.ebuild new file mode 100644 index 000000000000..6792b38e4eb6 --- /dev/null +++ b/sys-fs/e4rat/e4rat-0.2.4_pre20141201-r1.ebuild @@ -0,0 +1,64 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 +inherit cmake-utils linux-info readme.gentoo-r1 + +DESCRIPTION="Toolset to accelerate the boot process and application startup" +HOMEPAGE="http://e4rat.sourceforge.net/" +#SRC_URI="mirror://sourceforge/${PN}/${P/-/_}_src.tar.gz" +SRC_URI="https://dev.gentoo.org/~pacho/${PN}/${PN}-0.2.4_pre20141201.tar.xz" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="" + +RDEPEND=" + dev-lang/perl:= + >=dev-libs/boost-1.42:= + sys-fs/e2fsprogs + sys-process/audit[static-libs(+)] + sys-process/lsof +" +DEPEND="${DEPEND}" + +CONFIG_CHECK="~AUDITSYSCALL" + +PATCHES=( + "${FILESDIR}"/${PN}-0.2.2-shared-build.patch + "${FILESDIR}"/${PN}-0.2.2-libdir.patch + "${FILESDIR}"/${PN}-0.2.4-sysmacros.patch #580534 + "${FILESDIR}"/${PN}-0.2.4-gcc6.patch #594046 + "${FILESDIR}"/${PN}-0.2.4-strdup.patch +) + +pkg_setup() { + check_extra_config + DOC_CONTENTS=" + To launch systemd from e4rat you simply need to edit /etc/e4rat.conf + and set:\n + ; path to init process binary (DEFAULT: /sbin/init)\n + init /usr/lib/systemd/systemd" +} + +src_install() { + cmake-utils_src_install + # relocate binaries to /sbin. If someone knows of a better way to do it + # please do tell me + dodir sbin + find "${D}"/usr/sbin -type f -exec mv {} "${D}"/sbin/. \; \ + || die + + readme.gentoo_create_doc +} + +pkg_postinst() { + readme.gentoo_print_elog + if has_version sys-apps/preload; then + elog "It appears you have sys-apps/preload installed. This may" + elog "has negative effects on ${PN}. You may want to disable preload" + elog "when using ${PN}." + fi +} diff --git a/sys-fs/e4rat/files/e4rat-0.2.4-strdup.patch b/sys-fs/e4rat/files/e4rat-0.2.4-strdup.patch new file mode 100644 index 000000000000..c3a9cd0e8ca0 --- /dev/null +++ b/sys-fs/e4rat/files/e4rat-0.2.4-strdup.patch @@ -0,0 +1,41 @@ +--- e4rat-0.2.4_pre20141201/src/e4rat-collect.cc.orig 2014-11-24 12:12:12.000000000 +0300 ++++ e4rat-0.2.4_pre20141201/src/e4rat-collect.cc 2017-02-12 02:16:25.151757182 +0300 +@@ -32,6 +32,7 @@ + #include + #include + #include ++#include + + /* EXT2_SUPER_MAGIC */ + #include +@@ -361,7 +362,9 @@ + { + create_pid_late = true; + +- outPath = Config::get("startup_log_file").c_str(); ++ // It is unsafe to use Config::get(arg)c_str() pointer ++ // directly, since it may be overwritten by later get calls. ++ outPath = strdup(Config::get("startup_log_file").c_str()); + verbose = 0; + } + else +--- e4rat-0.2.4_pre20141201/src/e4rat-preload.cc.orig 2014-11-24 12:12:12.000000000 +0300 ++++ e4rat-0.2.4_pre20141201/src/e4rat-preload.cc 2017-02-12 02:16:38.425552630 +0300 +@@ -25,6 +25,7 @@ + + #include + #include ++#include + + #include + #include +@@ -227,7 +228,8 @@ + try { + if(getpid() == 1) + { +- const char* logfile = Config::get("startup_log_file").c_str(); ++ // pointer may change, string must be copied ++ const char* logfile = strdup(Config::get("startup_log_file").c_str()); + notice("Open %s ... ", logfile); + FILE* infile = fopen(logfile, "r"); + if(!infile) -- cgit v1.2.3-65-gdbad