diff options
author | Ariadne Conill <ariadne@dereferenced.org> | 2021-05-04 08:17:38 -0600 |
---|---|---|
committer | Ariadne Conill <ariadne@dereferenced.org> | 2021-05-04 08:17:38 -0600 |
commit | 40a51211d9870aa0f5536ba59cdc844f904eadb9 (patch) | |
tree | 2e374b317856899de5d36fe507d753086849d669 | |
parent | 157669a821002b990196ac465a61c0673f45d285 (diff) |
main/samurai: add mitigations for CVE-2021-30218 and CVE-2021-30219
-rw-r--r-- | main/samurai/APKBUILD | 17 | ||||
-rw-r--r-- | main/samurai/CVE-2021-30218.patch | 29 | ||||
-rw-r--r-- | main/samurai/CVE-2021-30219.patch | 26 |
3 files changed, 69 insertions, 3 deletions
diff --git a/main/samurai/APKBUILD b/main/samurai/APKBUILD index 0162ee16e09..e8e395d22b2 100644 --- a/main/samurai/APKBUILD +++ b/main/samurai/APKBUILD @@ -2,17 +2,24 @@ # Maintainer: Drew DeVault <sir@cmpwn.com> pkgname=samurai pkgver=1.2 -pkgrel=0 +pkgrel=1 pkgdesc="ninja-compatible build tool written in C" url="https://github.com/michaelforney/samurai" arch="all" license="Apache-2.0" options="!check" # No test suite. subpackages="$pkgname-doc" -source="https://github.com/michaelforney/samurai/releases/download/$pkgver/samurai-$pkgver.tar.gz" +source="https://github.com/michaelforney/samurai/releases/download/$pkgver/samurai-$pkgver.tar.gz + CVE-2021-30218.patch + CVE-2021-30219.patch" provides="ninja" replaces="ninja" +# secfixes: +# 1.2-r1: +# - CVE-2021-30218 +# - CVE-2021-30219 + build() { make } @@ -22,4 +29,8 @@ package() { ln -s samu "$pkgdir"/usr/bin/ninja } -sha512sums="bbe6a582c34b04f1df53b76c1647aa3e03c4698ebf7591a203935f11ffa05971bbcb86dc1a8c06aeb904cdc741abb08918122810fc47216fed0a6d9f87fd1225 samurai-1.2.tar.gz" +sha512sums=" +bbe6a582c34b04f1df53b76c1647aa3e03c4698ebf7591a203935f11ffa05971bbcb86dc1a8c06aeb904cdc741abb08918122810fc47216fed0a6d9f87fd1225 samurai-1.2.tar.gz +6e1c3a0bd92e006f364a81e9e51394f1bc583efa96120306fe33dc0a48cb4babaa8e8c97d754d3c37cda4b4936e77f64e4c138ccb8cfedfdce43adb09c393edb CVE-2021-30218.patch +0504b137fc9ac113453075a22bdfac4ab7616f668e640b7125041400729aaecad1173c528934223246035f68a95d92c6a85e62d1ea5fea996d85647cb33483eb CVE-2021-30219.patch +" diff --git a/main/samurai/CVE-2021-30218.patch b/main/samurai/CVE-2021-30218.patch new file mode 100644 index 00000000000..1d66638651f --- /dev/null +++ b/main/samurai/CVE-2021-30218.patch @@ -0,0 +1,29 @@ +From e84b6d99c85043fa1ba54851ee500540ec206918 Mon Sep 17 00:00:00 2001 +From: Michael Forney <mforney@mforney.org> +Date: Fri, 2 Apr 2021 17:27:48 -0700 +Subject: [PATCH] util: Check for NULL string in writefile + +This check was there previously, but was removed in f549b757 with +the addition of a check during parse that every rule has rspfile +if and only if it has rspfile_content. However, this fails to +consider the possibility of those variables coming from the edge +or global environment. So, re-add the check. + +Fixes #67. +--- + util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/util.c b/util.c +index ea5c3ce..2a59881 100644 +--- a/util.c ++++ b/util.c +@@ -258,7 +258,7 @@ writefile(const char *name, struct string *s) + return -1; + } + ret = 0; +- if (fwrite(s->s, 1, s->n, f) != s->n || fflush(f) != 0) { ++ if (s && (fwrite(s->s, 1, s->n, f) != s->n || fflush(f) != 0)) { + warn("write %s:", name); + ret = -1; + } diff --git a/main/samurai/CVE-2021-30219.patch b/main/samurai/CVE-2021-30219.patch new file mode 100644 index 00000000000..fbc97b03d47 --- /dev/null +++ b/main/samurai/CVE-2021-30219.patch @@ -0,0 +1,26 @@ +From d2af3bc375e2a77139c3a28d6128c60cd8d08655 Mon Sep 17 00:00:00 2001 +From: Michael Forney <mforney@mforney.org> +Date: Sun, 4 Apr 2021 03:50:09 -0700 +Subject: [PATCH] parse: Check for non-empty command/rspfile/rspfile_content + +This matches ninja behavior and prevents the possibility of a rule +with an empty (NULL) command string. + +Fixes #68. +--- + parse.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/parse.c b/parse.c +index f79a5ee..b4b98a1 100644 +--- a/parse.c ++++ b/parse.c +@@ -42,6 +42,8 @@ parserule(struct scanner *s, struct environment *env) + var = scanname(s); + parselet(s, &val); + ruleaddvar(r, var, val); ++ if (!val) ++ continue; + if (strcmp(var, "command") == 0) + hascommand = true; + else if (strcmp(var, "rspfile") == 0) |