Accepting request 512649 from devel:tools:compiler

Updated with a different upstream patch. - memory_fixes.patch: Fix usage-after-free and buffer overflow bugs (bsc#1047925, bsc#1047936, CVE-2017-11111, CVE-2017-10686) - Restrict %fdupes to manpage directory - Enable unit tests in %check target OBS-URL: https://build.opensuse.org/request/show/512649 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nasm?expand=0&rev=35
2017-07-28 07:40:53 +00:00
parent cd7701a9c6 43ada84483
commit f8c9617181
3 changed files with 68 additions and 1 deletions
--- a/memory_fixes.patch
+++ b/memory_fixes.patch
@@ -0,0 +1,54 @@
+Author: Adam Majer <amajer@suse.de>
+Date: Tue Jul 25 13:03:57 CEST 2017
+Summary: Fix use after free and buffer overflow
+BSC: 1047925 1047936
+
+Submitted upstream in linked bug reports.
+
+https://bugzilla.nasm.us/show_bug.cgi?id=3392414
+https://bugzilla.nasm.us/show_bug.cgi?id=3392415
+
+Index: nasm-2.13.01/asm/preproc.c
+===================================================================
+--- nasm-2.13.01.orig/asm/preproc.c
+++ nasm-2.13.01/asm/preproc.c
+@@ -1280,8 +1280,8 @@ static char *detoken(Token * tlist, bool
+                     t->text = nasm_zalloc(2);
+                 } else
+                     t->text = nasm_strdup(p);
+                nasm_free(q);
+             }
+-            nasm_free(q);
+         }
+ 
+         /* Expand local macros here and not during preprocessing */
+@@ -3845,9 +3845,15 @@ static bool paste_tokens(Token **head, c
+                 len += strlen(tok->text);
+                 p = buf = nasm_malloc(len + 1);
+ 
+                strcpy(p, tok->text);
+                p = strchr(p, '\0');
+                tok = delete_Token(tok);
+
+                 while (tok != next) {
+-                    strcpy(p, tok->text);
+-                    p = strchr(p, '\0');
+                    if (PP_CONCAT_MATCH(tok, m[i].mask_tail)) {
+                        strcpy(p, tok->text);
+                        p = strchr(p, '\0');
+                    }
+                     tok = delete_Token(tok);
+                 }
+ 
+@@ -5095,8 +5101,9 @@ static char *pp_getline(void)
+                             nasm_free(m->paramlen);
+                             l->finishes->in_progress = 0;
+                         }
+-                    } else
+-                        free_mmacro(m);
+                    } else {
+                        // free_mmacro(m);
+                    }
+                 }
+                 istk->expansion = l->next;
+                 nasm_free(l);
--- a/nasm.changes
+++ b/nasm.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Jul 25 11:00:30 UTC 2017 - adam.majer@suse.de
+
+- memory_fixes.patch: Fix usage-after-free and buffer overflow
+  bugs (bsc#1047925, bsc#1047936, CVE-2017-11111, CVE-2017-10686)
+- Restrict %fdupes to manpage directory
+- Enable unit tests in %check target
+
 -------------------------------------------------------------------
 Tue May 23 11:14:56 UTC 2017 - mpluskal@suse.com

--- a/nasm.spec
+++ b/nasm.spec
@@ -24,6 +24,7 @@ License:        BSD-2-Clause
 Group:          Development/Languages/Other
 Url:            http://www.nasm.us/
 Source:         http://www.nasm.us/pub/nasm/releasebuilds/%{version}/nasm-%{version}.tar.xz
+Patch:          memory_fixes.patch
 BuildRequires:  fdupes

 %description
@@ -32,6 +33,7 @@ several binary formats, including ELF, a.out, Win32, and OS/2.

 %prep
 %setup -q
+%patch -p1

 %build
 touch -r ./version.h ./version.h.stamp
@@ -43,7 +45,10 @@ make %{?_smp_mflags} all

 %install
 make INSTALLROOT=%{buildroot} install rdf_install
-%fdupes -s %{buildroot}
+%fdupes %{buildroot}%{_mandir}
+
+%check
+make test

 %files
 %defattr(-,root,root)