From 2eb7c97b5c6e84778b9a569795dc326994848ecb Mon Sep 17 00:00:00 2001 From: Sam James Date: Sun, 11 Feb 2024 11:00:21 +0000 Subject: net-mail/fdm: backport misc fixes * Backport fallout fix for libpcre2 port * Backport fix for use-after-free * Backport fix for POP3 servers w/ UTF8 Signed-off-by: Sam James --- net-mail/fdm/fdm-2.2-r2.ebuild | 57 +++++++++++++++++++++ net-mail/fdm/files/fdm-2.2-pcre2.patch | 79 ++++++++++++++++++++++++++++++ net-mail/fdm/files/fdm-2.2-pop3-utf8.patch | 50 +++++++++++++++++++ net-mail/fdm/files/fdm-2.2-uaf.patch | 26 ++++++++++ 4 files changed, 212 insertions(+) create mode 100644 net-mail/fdm/fdm-2.2-r2.ebuild create mode 100644 net-mail/fdm/files/fdm-2.2-pcre2.patch create mode 100644 net-mail/fdm/files/fdm-2.2-pop3-utf8.patch create mode 100644 net-mail/fdm/files/fdm-2.2-uaf.patch (limited to 'net-mail') diff --git a/net-mail/fdm/fdm-2.2-r2.ebuild b/net-mail/fdm/fdm-2.2-r2.ebuild new file mode 100644 index 000000000000..9acc390b1144 --- /dev/null +++ b/net-mail/fdm/fdm-2.2-r2.ebuild @@ -0,0 +1,57 @@ +# Copyright 1999-2024 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit autotools + +DESCRIPTION="Fetch, filter and deliver mail" +HOMEPAGE="https://github.com/nicm/fdm" +SRC_URI="https://github.com/nicm/fdm/releases/download/${PV}/${P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~amd64 ~arm64 ~x86" +IUSE="examples pcre" + +DEPEND=" + dev-libs/openssl:= + sys-libs/tdb + pcre? ( dev-libs/libpcre2 ) +" +RDEPEND=" + ${DEPEND} + acct-group/fdm + acct-user/fdm +" + +DOCS=( CHANGES README TODO MANUAL ) + +PATCHES=( + "${FILESDIR}"/${PN}-2.2-configure-strlcpy.patch + "${FILESDIR}"/${P}-pcre2.patch + "${FILESDIR}"/${P}-uaf.patch + "${FILESDIR}"/${P}-pop3-utf8.patch +) + +src_prepare() { + default + + # Change user '_fdm' to 'fdm' + sed -e 's/_fdm/fdm/g' -i fdm.h || die + + eautoreconf +} + +src_configure() { + econf $(use_enable pcre pcre2) +} + +src_install() { + default + + if use examples ; then + docinto examples + dodoc examples/* + fi +} diff --git a/net-mail/fdm/files/fdm-2.2-pcre2.patch b/net-mail/fdm/files/fdm-2.2-pcre2.patch new file mode 100644 index 000000000000..b4d9c0623f71 --- /dev/null +++ b/net-mail/fdm/files/fdm-2.2-pcre2.patch @@ -0,0 +1,79 @@ +https://github.com/nicm/fdm/commit/f1ec1982725d60045c0d871f3e613f2880046c22 + +From f1ec1982725d60045c0d871f3e613f2880046c22 Mon Sep 17 00:00:00 2001 +From: Nicholas Marriott +Date: Wed, 1 Feb 2023 15:31:30 +0000 +Subject: [PATCH] Fix bugs in PCRE2 code - don't walk off the end of the match + list if NOMATCH is returned, and don't stop on empty matches. From Thomas + Hurst. + +--- + pcre.c | 45 ++++++++++++++++++++++++++------------------- + 1 file changed, 26 insertions(+), 19 deletions(-) + +diff --git a/pcre.c b/pcre.c +index e9a7f84..8d53532 100644 +--- a/pcre.c ++++ b/pcre.c +@@ -66,7 +66,7 @@ int + re_block(struct re *re, const void *buf, size_t len, struct rmlist *rml, + char **cause) + { +- int res; ++ int res, ret; + pcre2_match_data *pmd; + PCRE2_SIZE *ovector; + u_int i, j; +@@ -85,27 +85,34 @@ re_block(struct re *re, const void *buf, size_t len, struct rmlist *rml, + } + + pmd = pcre2_match_data_create_from_pattern(re->pcre2, NULL); +- res = pcre2_match(re->pcre2, buf, len, 0, 0, pmd, NULL); +- if (res < 0 && res != PCRE2_ERROR_NOMATCH) { +- xasprintf(cause, "%s: regexec failed", re->str); +- pcre2_match_data_free(pmd); +- return (-1); +- } ++ if (pmd == NULL) ++ fatalx("pcre2_match_data_create_from_pattern failed"); + +- if (rml != NULL) { +- ovector = pcre2_get_ovector_pointer(pmd); +- for (i = 0; i < res; i++) { +- j = i * 2; +- if (ovector[j + 1] <= ovector[j]) +- break; +- rml->list[i].valid = 1; +- rml->list[i].so = ovector[j]; +- rml->list[i].eo = ovector[j + 1]; ++ res = pcre2_match(re->pcre2, buf, len, 0, 0, pmd, NULL); ++ if (res > 0) { ++ if (rml != NULL) { ++ if (res > NPMATCH) ++ res = NPMATCH; ++ ovector = pcre2_get_ovector_pointer(pmd); ++ for (i = 0; i < res; i++) { ++ j = i * 2; ++ if (ovector[j + 1] < ovector[j]) ++ break; ++ rml->list[i].valid = 1; ++ rml->list[i].so = ovector[j]; ++ rml->list[i].eo = ovector[j + 1]; ++ } ++ rml->valid = 1; + } +- rml->valid = 1; ++ ret = 1; ++ } else if (res == PCRE2_ERROR_NOMATCH) ++ ret = 0; ++ else { ++ xasprintf(cause, "%s: regexec failed", re->str); ++ ret = -1; + } +- +- return (res != PCRE2_ERROR_NOMATCH); ++ pcre2_match_data_free(pmd); ++ return (ret); + } + + void diff --git a/net-mail/fdm/files/fdm-2.2-pop3-utf8.patch b/net-mail/fdm/files/fdm-2.2-pop3-utf8.patch new file mode 100644 index 000000000000..71cc08197ad7 --- /dev/null +++ b/net-mail/fdm/files/fdm-2.2-pop3-utf8.patch @@ -0,0 +1,50 @@ +https://github.com/nicm/fdm/commit/0918b78a82a789d63cebe44b7662f0a8dc603000 + +From 0918b78a82a789d63cebe44b7662f0a8dc603000 Mon Sep 17 00:00:00 2001 +From: Nicholas Marriott +Date: Mon, 4 Sep 2023 09:03:47 +0100 +Subject: [PATCH] Send UTF8 command to POP3 server (ignore the response), + because some servers don't like UTF-8 without it. + +--- + pop3-common.c | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/pop3-common.c b/pop3-common.c +index 0724887..e038172 100644 +--- a/pop3-common.c ++++ b/pop3-common.c +@@ -54,6 +54,7 @@ int pop3_invalid(struct account *, const char *); + int pop3_state_connect(struct account *, struct fetch_ctx *); + int pop3_state_starttls(struct account *, struct fetch_ctx *); + int pop3_state_connected(struct account *, struct fetch_ctx *); ++int pop3_state_utf8(struct account *, struct fetch_ctx *); + int pop3_state_user(struct account *, struct fetch_ctx *); + int pop3_state_cache1(struct account *, struct fetch_ctx *); + int pop3_state_cache2(struct account *, struct fetch_ctx *); +@@ -436,6 +437,24 @@ pop3_state_connected(struct account *a, struct fetch_ctx *fctx) + } + } + ++ if (pop3_putln(a, "UTF8") != 0) ++ return (FETCH_ERROR); ++ fctx->state = pop3_state_utf8; ++ return (FETCH_BLOCK); ++} ++ ++/* UTF8 state. */ ++int ++pop3_state_utf8(struct account *a, struct fetch_ctx *fctx) ++{ ++ struct fetch_pop3_data *data = a->data; ++ char *line; ++ ++ if (pop3_getln(a, fctx, &line) != 0) ++ return (FETCH_ERROR); ++ if (line == NULL) ++ return (FETCH_BLOCK); ++ + if (pop3_putln(a, "USER %s", data->user) != 0) + return (FETCH_ERROR); + fctx->state = pop3_state_user; + diff --git a/net-mail/fdm/files/fdm-2.2-uaf.patch b/net-mail/fdm/files/fdm-2.2-uaf.patch new file mode 100644 index 000000000000..a07865dfd047 --- /dev/null +++ b/net-mail/fdm/files/fdm-2.2-uaf.patch @@ -0,0 +1,26 @@ +https://github.com/nicm/fdm/commit/028f59bef0ea9435fb8fbe095b2939652ce63479 + +From 028f59bef0ea9435fb8fbe095b2939652ce63479 Mon Sep 17 00:00:00 2001 +From: Nicholas Marriott +Date: Mon, 3 Apr 2023 08:54:28 +0100 +Subject: [PATCH] Fix use-after-free, GitHub issue 126. + +--- + connect.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/connect.c b/connect.c +index 1dc5db9..da8013e 100644 +--- a/connect.c ++++ b/connect.c +@@ -550,8 +550,8 @@ httpproxy(struct server *srv, + if (strlen(line) < 12 || + strncmp(line, "HTTP/", 5) != 0 || + strncmp(line + 8, " 200", 4) != 0) { +- xfree(line); + xasprintf(cause, "unexpected data: %s", line); ++ xfree(line); + return (-1); + } + header = 1; + -- cgit v1.2.3-65-gdbad