[Frugalware-darcs] frugalware-0.6: clamav-1terminus1

Janny janny at frugalware.org
Sun Aug 12 13:18:57 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20070810215913-ee5de-d6a991136d5abf12c53955e9f562bead016909ad.gz;

[clamav-1terminus1
Janny <janny at frugalware.org>**20070810215913
 	closes #2322
 	version bump with viruses and functionality
] {
hunk ./source/apps-extra/clamav/28_ole2_extract.c.CVE-2007-2650.dpatch.diff 1
-## 28_ole2_extract.c.CVE-2007-2650.dpatch by <sgran at debian.org>
-Index: libclamav/ole2_extract.c
-===================================================================
---- a/libclamav/ole2_extract.c	(revision 406)
-+++ b/libclamav/ole2_extract.c	(working copy)
-@@ -1,7 +1,7 @@
- /*
-  *  Extract component parts of OLE2 files (e.g. MS Office Documents)
-  *
-- *  Copyright (C) 2004 trog at uncon.org
-+ *  Copyright (C) 2004-2007 trog at uncon.org
-  *
-  *  This code is based on the OpenOffice and libgsf sources.
-  *                  
-@@ -585,6 +585,7 @@
- 	unsigned char *buff;
- 	int32_t current_block, ofd, len, offset;
- 	char *name, *newname;
-+	bitset_t *blk_bitset;
- 
- 	if (prop->type != 2) {
- 		/* Not a file */
-@@ -635,14 +636,33 @@
- 		close(ofd);
- 		return FALSE;
- 	}
--
-+	
-+	blk_bitset = cli_bitset_init();
-+	if (!blk_bitset) {
-+		cli_errmsg("ERROR [handler_writefile]: init bitset failed\n");
-+		close(ofd);
-+		return FALSE;
-+	}
- 	while((current_block >= 0) && (len > 0)) {
-+		/* Check we aren't in a loop */
-+		if (cli_bitset_test(blk_bitset, (unsigned long) current_block)) {
-+			/* Loop in block list */
-+			cli_dbgmsg("OLE2: Block list loop detected\n");
-+			close(ofd);
-+			free(buff);
-+			cli_bitset_free(blk_bitset);
-+			return FALSE;
-+		}
-+		if (!cli_bitset_set(blk_bitset, (unsigned long) current_block)) {
-+			return FALSE;
-+		}			
- 		if (prop->size < (int64_t)hdr->sbat_cutoff) {
- 			/* Small block file */
- 			if (!ole2_get_sbat_data_block(fd, hdr, buff, current_block)) {
- 				cli_dbgmsg("ole2_get_sbat_data_block failed\n");
- 				close(ofd);
- 				free(buff);
-+				cli_bitset_free(blk_bitset);
- 				return FALSE;
- 			}
- 			/* buff now contains the block with 8 small blocks in it */
-@@ -650,6 +670,7 @@
- 			if (cli_writen(ofd, &buff[offset], MIN(len,64)) != MIN(len,64)) {
- 				close(ofd);
- 				free(buff);
-+				cli_bitset_free(blk_bitset);
- 				return FALSE;
- 			}
- 
-@@ -660,12 +681,14 @@
- 			if (!ole2_read_block(fd, hdr, buff, current_block)) {
- 				close(ofd);
- 				free(buff);
-+				cli_bitset_free(blk_bitset);
- 				return FALSE;
- 			}
- 			if (cli_writen(ofd, buff, MIN(len,(1 << hdr->log2_big_block_size))) !=
- 							MIN(len,(1 << hdr->log2_big_block_size))) {
- 				close(ofd);
- 				free(buff);
-+				cli_bitset_free(blk_bitset);
- 				return FALSE;
- 			}
- 
-@@ -675,6 +698,7 @@
- 	}
- 	close(ofd);
- 	free(buff);
-+	cli_bitset_free(blk_bitset);
- 	return TRUE;
- }
- 
rmfile ./source/apps-extra/clamav/28_ole2_extract.c.CVE-2007-2650.dpatch.diff
hunk ./source/apps-extra/clamav/29_unsp.c.CVE-2007-3023.dpatch.diff 1
-## 29_unsp.c.CVE-XXXX-XXXX.dpatch by <sgran at debian.org>
-Index: libclamav/unsp.c
-===================================================================
---- a/libclamav/unsp.c	(revision 406)
-+++ b/libclamav/unsp.c	(working copy)
-@@ -152,7 +151,11 @@
-   
-   dsize = cli_readint32(start_of_stuff+9);
-   ssize = cli_readint32(start_of_stuff+5);
--  
-+  if (ssize <= 13) {
-+  	free(table);
-+  	return 1;
-+  }
-+
-   tre = very_real_unpack(table,tablesz,tre,allocsz,firstbyte,src,ssize,dst,dsize);
-   free(table);
-   if (tre) return 1;
-@@ -195,7 +198,7 @@
-   read_struct.oldval = 0;
-   read_struct.src_curr = src;
-   read_struct.bitmap = 0xffffffff;
--  read_struct.src_end = src + ssize;
-+  read_struct.src_end = src + ssize - 13;
-   read_struct.table = (char *)table;
-   read_struct.tablesz = tablesz;
- 
rmfile ./source/apps-extra/clamav/29_unsp.c.CVE-2007-3023.dpatch.diff
hunk ./source/apps-extra/clamav/30_unrar.c.CVE-2007-3122_3123.dpatch.diff 1
-## 30_unrar.c.CVE-XXXX-XXXX.dpatch by <sgran at debian.org>
-Index: libclamav/unrar/unrar.c
-===================================================================
---- a/libclamav/unrar/unrar.c	(revision 406)
-+++ b/libclamav/unrar/unrar.c	(working copy)
-@@ -942,8 +942,8 @@
- 	}
- 	if (new_filter) {
- 		vm_codesize = rarvm_read_data(&rarvm_input);
--		if (vm_codesize >= 0x1000 || vm_codesize == 0) {
--			cli_dbgmsg("ERROR: vm_codesize=0x%x\n", vm_codesize);
-+		if (vm_codesize >= 0x1000 || vm_codesize == 0 || (vm_codesize > rarvm_input.buf_size)) {
-+			cli_dbgmsg("ERROR: vm_codesize=0x%x buf_size=0x%x\n", vm_codesize, rarvm_input.buf_size);
- 			return FALSE;
- 		}
- 		vm_code = (unsigned char *) cli_malloc(vm_codesize);
-@@ -1015,6 +1015,10 @@
- 		}
- 		global_data = &stack_filter->prg.global_data[VM_FIXEDGLOBALSIZE];
- 		for (i=0 ; i< data_size ; i++) {
-+			if ((rarvm_input.in_addr+2) > rarvm_input.buf_size) {
-+				cli_dbgmsg("Buffer truncated\n");
-+				return FALSE;
-+			}
- 			global_data[i] = rarvm_getbits(&rarvm_input) >> 8;
- 			rar_dbgmsg("global_data[%d] = %d\n", i, global_data[i]);
- 			rarvm_addbits(&rarvm_input, 8);
-@@ -1635,15 +1639,12 @@
- 						((state->main_hdr->flags&MHD_SOLID)!=0), state->unpack_data);
- 			} else {
- 				if ((state->file_count == 1) && (state->file_header->flags & LHD_SOLID)) {
--					cli_warnmsg("RAR: First file can't be SOLID.\n");
--					
--					free(state->file_header->filename);
--					free(state->file_header);
--					return CL_ERAR;
--				} else {
--					retval = rar_unpack(state->fd, state->file_header->unpack_ver,
-+					cli_warnmsg("RAR: Bad header. First file can't be SOLID.\n");
-+					cli_warnmsg("RAR: Clearing flag and continuing.\n");
-+					state->file_header->flags -= LHD_SOLID;
-+				}
-+				retval = rar_unpack(state->fd, state->file_header->unpack_ver,
- 							state->file_header->flags & LHD_SOLID,	state->unpack_data);
--				}
- 			}
- 			cli_dbgmsg("Expected File CRC: 0x%x\n", state->file_header->file_crc);
- 			cli_dbgmsg("Computed File CRC: 0x%x\n", state->unpack_data->unp_crc^0xffffffff);
rmfile ./source/apps-extra/clamav/30_unrar.c.CVE-2007-3122_3123.dpatch.diff
hunk ./source/apps-extra/clamav/31_others.c.CVE-2007-3024.dpatch.diff 1
-## 31_others.c.CVE-XXXX-XXXX.dpatch by <sgran at debian.org>
-Index: libclamav/others.c
-===================================================================
---- a/libclamav/others.c	(revision 406)
-+++ b/libclamav/others.c	(working copy)
-@@ -531,16 +531,22 @@
- char *cli_gentempstream(const char *dir, FILE **fs)
- {
- 	char *name;
-+	mode_t omask;
- 
-+
-     name = cli_gentempname(dir);
-+    if(!name)
-+	return NULL;
- 
--    if(name && ((*fs = fopen(name, "wb+")) == NULL)) {
-+    omask = umask(077);
-+    if((*fs = fopen(name, "wb+")) == NULL) {
- 	cli_dbgmsg("cli_gentempstream(): can't create temp file: %s\n", name);
-         free(name);
-         name = NULL;
-     }
-+    umask(omask);
- 
--    return(name);
-+    return name;
- }
- 
- #ifdef	C_WINDOWS
rmfile ./source/apps-extra/clamav/31_others.c.CVE-2007-3024.dpatch.diff
hunk ./source/apps-extra/clamav/CVE-2007-3725.diff 1
-Index: unrar.c
-===================================================================
---- clamav/libclamav/unrar/unrar.c	(revision 3126)
-+++ unrar.c	(working copy)
-@@ -1650,7 +1650,7 @@
- 			cli_dbgmsg("Computed File CRC: 0x%x\n", state->unpack_data->unp_crc^0xffffffff);
- 			if (state->unpack_data->unp_crc != 0xffffffff) {
- 				if (state->file_header->file_crc != (state->unpack_data->unp_crc^0xffffffff)) {
--					cli_warnmsg("RAR CRC error. Please report the bug at http://bugs.clamav.net/\n");
-+					cli_warnmsg("RAR CRC error. If the file is not corrupted, please report at http://bugs.clamav.net/\n");
- 				}
- 			}
- 			if (!retval) {
-Index: unrarvm.c
-===================================================================
---- clamav/libclamav/unrar/unrarvm.c	(revision 3126)
-+++ unrarvm.c	(working copy)
-@@ -347,18 +347,18 @@
- 	unsigned int file_offset, cur_pos, predicted;
- 	int32_t offset, addr;
- 	const int file_size=0x1000000;
--	
-+
- 	switch(filter_type) {
- 	case VMSF_E8:
- 	case VMSF_E8E9:
- 		data=rarvm_data->mem;
- 		data_size = rarvm_data->R[4];
- 		file_offset = rarvm_data->R[6];
--		
--		if (data_size >= VM_GLOBALMEMADDR) {
-+
-+		if ((data_size >= VM_GLOBALMEMADDR) || (data_size < 4)) {
- 			break;
- 		}
--		
-+
- 		cmp_byte2 = filter_type==VMSF_E8E9 ? 0xe9:0xe8;
- 		for (cur_pos = 0 ; cur_pos < data_size-4 ; ) {
- 			cur_byte = *(data++);
rmfile ./source/apps-extra/clamav/CVE-2007-3725.diff
hunk ./source/apps-extra/clamav/FrugalBuild 5
-pkgver=0.90.2
-pkgrel=1terminus3
+pkgver=0.91.1
+pkgrel=1terminus1
hunk ./source/apps-extra/clamav/FrugalBuild 14
-source=($source rc.clamav rc.clamav-hu.po \
-	28_ole2_extract.c.CVE-2007-2650.dpatch.diff \
-	29_unsp.c.CVE-2007-3023.dpatch.diff \
-	30_unrar.c.CVE-2007-3122_3123.dpatch.diff \
-	31_others.c.CVE-2007-3024.dpatch.diff \
-	CVE-2007-3725.diff)
+source=($source rc.clamav rc.clamav-hu.po)
+sha1sums=('51ff98325b5ffd49dfc0f0cbf92134c0d872cd21' \
+          '699ab0197b39df250582ec488e51bf173c9ce32f')
hunk ./source/apps-extra/clamav/FrugalBuild 33
-sha1sums=('ecc72d212a27eef1aa40e61a0b2705e4e42996ce' \
-          '90b22c99927b56992ac05042029d2702db79a8b0' \
-          '57d36966c45adfd6b3ebd10b91874194924ab2c3' \
-          '7f0c1be227dbec90bf4da99506e9c296788e7dd8' \
-          '94e7ebf648f14f822f8ac540998fa48651b27f81' \
-          'd1256bcf5d753cd267a33334486d5bc24b663e71' \
-          '766cd15c0856b328520f603dfe1fd75f84f78621' \
-          '699ab0197b39df250582ec488e51bf173c9ce32f')
-
}


More information about the Frugalware-darcs mailing list