Version bump for the CAN-2004-0109 issue; bug #47881.

4 files changed, 154 insertions, 1 deletions

diff --git a/sys-kernel/gs-sources/ChangeLog b/sys-kernel/gs-sources/ChangeLog
index d66559a71245..47f74e8a43d0 100644
--- a/sys-kernel/gs-sources/ChangeLog
+++ b/sys-kernel/gs-sources/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-kernel/gs-sources
 # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gs-sources/ChangeLog,v 1.35 2004/04/12 16:36:22 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gs-sources/ChangeLog,v 1.36 2004/04/15 18:51:00 plasmaroo Exp $
+
+*gs-sources-2.4.25_pre7-r3 (15 Apr 2004)
+
+  15 Apr 2004; <plasmaroo@gentoo.org> +files/gs-sources.CAN-2004-0109.patch,
+  +gs-sources-2.4.25_pre7-r3.ebuild:
+  Version bump for the CAN-2004-0109 issue; bug #47881.
 
   12 Apr 2004; Daniel Ahlberg <aliz@gentoo.org>
   gs-sources-2.4.25_pre7-r2.ebuild:
diff --git a/sys-kernel/gs-sources/files/digest-gs-sources-2.4.25_pre7-r3 b/sys-kernel/gs-sources/files/digest-gs-sources-2.4.25_pre7-r3
new file mode 100644
index 000000000000..f55b28665921
--- /dev/null
+++ b/sys-kernel/gs-sources/files/digest-gs-sources-2.4.25_pre7-r3
@@ -0,0 +1,2 @@
+MD5 1e055c42921b2396a559d84df4c3d9aa linux-2.4.24.tar.bz2 29837818
+MD5 b495ed667a518227f82e76229b9f23e6 patches-2.4.25_pre7-gss-r1.tar.bz2 2475971
diff --git a/sys-kernel/gs-sources/files/gs-sources.CAN-2004-0109.patch b/sys-kernel/gs-sources/files/gs-sources.CAN-2004-0109.patch
new file mode 100644
index 000000000000..d02b51c57fc6
--- /dev/null
+++ b/sys-kernel/gs-sources/files/gs-sources.CAN-2004-0109.patch
@@ -0,0 +1,87 @@
+--- linux/fs/isofs/rock.c.orig
++++ linux/fs/isofs/rock.c
+@@ -14,6 +14,7 @@
+ #include <linux/slab.h>
+ #include <linux/pagemap.h>
+ #include <linux/smp_lock.h>
++#include <asm/page.h>
+ 
+ #include "rock.h"
+ 
+@@ -419,7 +420,7 @@
+   return 0;
+ }
+ 
+-static char *get_symlink_chunk(char *rpnt, struct rock_ridge *rr)
++static char *get_symlink_chunk(char *rpnt, struct rock_ridge *rr, char *plimit)
+ {
+ 	int slen;
+ 	int rootflag;
+@@ -431,16 +432,25 @@
+ 		rootflag = 0;
+ 		switch (slp->flags & ~1) {
+ 		case 0:
++			if (slp->len > plimit - rpnt)
++				return NULL;
+ 			memcpy(rpnt, slp->text, slp->len);
+ 			rpnt+=slp->len;
+ 			break;
++		case 2:
++			if (rpnt >= plimit)
++				return NULL;
++			*rpnt++='.';
++			break;
+ 		case 4:
++			if (2 > plimit - rpnt)
++				return NULL;
+ 			*rpnt++='.';
+-			/* fallthru */
+-		case 2:
+ 			*rpnt++='.';
+ 			break;
+ 		case 8:
++			if (rpnt >= plimit)
++				return NULL;
+ 			rootflag = 1;
+ 			*rpnt++='/';
+ 			break;
+@@ -457,17 +467,23 @@
+ 			 * If there is another SL record, and this component
+ 			 * record isn't continued, then add a slash.
+ 			 */
+-			if ((!rootflag) && (rr->u.SL.flags & 1) && !(oldslp->flags & 1))
++			if ((!rootflag) && (rr->u.SL.flags & 1) &&
++			    !(oldslp->flags & 1)) {
++				if (rpnt >= plimit)
++					return NULL;
+ 				*rpnt++='/';
++			}
+ 			break;
+ 		}
+ 
+ 		/*
+ 		 * If this component record isn't continued, then append a '/'.
+ 		 */
+-		if (!rootflag && !(oldslp->flags & 1))
++		if (!rootflag && !(oldslp->flags & 1)) {
++			if (rpnt >= plimit)
++				return NULL;
+ 			*rpnt++='/';
+-
++		}
+ 	}
+ return rpnt;
+ }
+@@ -548,7 +564,10 @@
+ 			CHECK_SP(goto out);
+ 			break;
+ 		case SIG('S', 'L'):
+-			rpnt = get_symlink_chunk(rpnt, rr);
++			rpnt = get_symlink_chunk(rpnt, rr,
++						 link + (PAGE_SIZE - 1));
++			if (rpnt == NULL)
++				goto out;
+ 			break;
+ 		case SIG('C', 'E'):
+ 			/* This tells is if there is a continuation record */
+
diff --git a/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r3.ebuild b/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r3.ebuild
new file mode 100644
index 000000000000..ac073963f878
--- /dev/null
+++ b/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r3.ebuild
@@ -0,0 +1,58 @@
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gs-sources/gs-sources-2.4.25_pre7-r3.ebuild,v 1.1 2004/04/15 18:51:00 plasmaroo Exp $
+
+IUSE="build crypt"
+
+# OKV=original kernel version, KV=patched kernel version.  They can be the same.
+
+# Kernel ebuilds using the kernel.eclass can remove any patch that you
+# do not want to apply by simply setting the KERNEL_EXCLUDE shell
+# variable to the string you want to exclude (for instance
+# KERNEL_EXCLUDE="evms" would not patch any patches whose names match
+# *evms*).  Kernels are only tested in the default configuration, but
+# this may be useful if you know that a particular patch is causing a
+# conflict with a patch you personally want to apply, or some other
+# similar situation.
+
+ETYPE="sources"
+
+inherit kernel eutils
+PROVIDE="virtual/linux-sources virtual/winkernel"
+OKV=2.4.24
+EXTRAVERSION=_pre7-gss-r3
+KV=2.4.25_pre7-gss-r3
+S=${WORKDIR}/linux-${KV}
+
+# Documentation on the patches contained in this kernel will be installed
+# to /usr/share/doc/gs-sources-${PV}/patches.txt.gz
+
+DESCRIPTION="This kernel stays up to date with current kernel -pres,
+	with recent acpi,evms,win4lin,futexes,aic79xx,
+	superfreeswan,preempt, and various hw fixes."
+SRC_URI="mirror://kernel/linux/kernel/v2.4/linux-${OKV}.tar.bz2
+	 mirror://gentoo/patches-${KV/r3/r1}.tar.bz2"
+KEYWORDS="x86 -ppc -sparc"
+SLOT="${KV}"
+
+src_unpack() {
+	unpack ${A}
+	mv linux-${OKV} linux-${KV} || die
+	cd ${KV/r3/r1} || die
+	# Kill patches we aren't suppposed to use, don't worry about
+	# failures, if they aren't there that is a good thing!
+	# This is the ratified crypt USE flag, enables IPSEC and patch-int
+	if [ -z "`use crypt`" ]; then
+		einfo "No Cryptographic support, dropping patches..."
+		for file in 8*;do
+			einfo "Dropping ${file}..."
+			rm -f ${file}
+		done
+	else
+		einfo "Cryptographic support enabled..."
+	fi
+
+	kernel_src_unpack
+	epatch ${FILESDIR}/${PN}.munmap.patch || die "Failed to apply munmap patch!"
+	epatch ${FILESDIR}/${PN}.CAN-2004-0109.patch || die "Failed to patch CAN-2004-0109 vulnerability!"
+}