Accepting request 569247 from home:adamm:branches:devel:tools:compiler

- New upstream version 2.13.02: * Fix generation of PEXTRW instruction. * Fix smartalign package which could trigger an error during optimization if the alignment code expanded too much due to optimization of the previous code. * Fix a case where negative value in TIMES directive causes panic instead of an error. * Fix the incorrect generation of VEX-encoded instruction when static mode decorators are specified on scalar instructions, losing the decorators as they require EVEX encoding. * Fix generation of dependency lists. * Fixes macro calls that have the wrong number of arguments (bsc#1073796, CVE-2017-17810) * Fixes Heap-based buffer overflow allows related to a strcpy in paste_tokens (bsc#1073798, CVE-2017-17811) * Fixes Heap-based buffer over-read in the function detoken() (bsc#1073799, CVE-2017-17812) * Fixes Use-after-free in the pp_list_one_macro function (bsc#1073803, CVE-2017-17813) * Fixes Use-after-free in do_directive (bsc#1073808, CVE-2017-17814) * Fixes Illegal address access in is_mmacro() (bsc#1073818, CVE-2017-17815) * Fixes Use-after-free in pp_getline (bsc#1073823, CVE-2017-17816) * Fixes Use-after-free in pp_verror (bsc#1073829, CVE-2017-17817) * Fixes Heap-based buffer over-read related to a while loop in paste_tokens (bsc#1073830, CVE-2017-17818) * Fixes Illegal address access in the function find_cc (bsc#1073832, CVE-2017-17819) * Fixes Use-after-free in pp_list_one_macro (bsc#1073846, CVE-2017-17820) * Fixes illegal address access in thefunction paste_tokens() (bsc#1058013, CVE-2017-14228) - memory_fixes.patch: changes upstreamed and removed. OBS-URL: https://build.opensuse.org/request/show/569247 OBS-URL: https://build.opensuse.org/package/show/devel:tools:compiler/nasm?expand=0&rev=34
2018-01-24 16:35:18 +00:00 · 2018-01-24 16:35:18 +00:00 · 0059ea0f8b
commit 0059ea0f8b
parent 43ada84483
5 changed files with 45 additions and 61 deletions
--- a/memory_fixes.patch
+++ b/memory_fixes.patch
@ -1,54 +0,0 @@
-Author: Adam Majer <amajer@suse.de>
-Date: Tue Jul 25 13:03:57 CEST 2017
-Summary: Fix use after free and buffer overflow
-BSC: 1047925 1047936
-
-Submitted upstream in linked bug reports.
-
-https://bugzilla.nasm.us/show_bug.cgi?id=3392414
-https://bugzilla.nasm.us/show_bug.cgi?id=3392415
-
-Index: nasm-2.13.01/asm/preproc.c
-===================================================================
--- nasm-2.13.01.orig/asm/preproc.c
-+++ nasm-2.13.01/asm/preproc.c
-@@ -1280,8 +1280,8 @@ static char *detoken(Token * tlist, bool
-                     t->text = nasm_zalloc(2);
-                 } else
-                     t->text = nasm_strdup(p);
-+                nasm_free(q);
-             }
-            nasm_free(q);
-         }
- 
-         /* Expand local macros here and not during preprocessing */
-@@ -3845,9 +3845,15 @@ static bool paste_tokens(Token **head, c
-                 len += strlen(tok->text);
-                 p = buf = nasm_malloc(len + 1);
- 
-+                strcpy(p, tok->text);
-+                p = strchr(p, '\0');
-+                tok = delete_Token(tok);
-+
-                 while (tok != next) {
-                    strcpy(p, tok->text);
-                    p = strchr(p, '\0');
-+                    if (PP_CONCAT_MATCH(tok, m[i].mask_tail)) {
-+                        strcpy(p, tok->text);
-+                        p = strchr(p, '\0');
-+                    }
-                     tok = delete_Token(tok);
-                 }
- 
-@@ -5095,8 +5101,9 @@ static char *pp_getline(void)
-                             nasm_free(m->paramlen);
-                             l->finishes->in_progress = 0;
-                         }
-                    } else
-                        free_mmacro(m);
-+                    } else {
-+                        // free_mmacro(m);
-+                    }
-                 }
-                 istk->expansion = l->next;
-                 nasm_free(l);
--- a/nasm-2.13.01.tar.xz
+++ b/nasm-2.13.01.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:aa0213008f0433ecbe07bb628506a5c4be8079be20fc3532a5031fd639db9a5e
-size 800244
--- a/nasm-2.13.02.tar.xz
+++ b/nasm-2.13.02.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8ac3235f49a6838ff7a8d7ef7c19a4430d0deecc0c2d3e3e237b5e9f53291757
+size 805744
--- a/nasm.changes
+++ b/nasm.changes
@ -1,3 +1,43 @@
+-------------------------------------------------------------------
+Wed Jan 24 13:09:39 UTC 2018 - adam.majer@suse.de
+
+- New upstream version 2.13.02:
+  * Fix generation of PEXTRW instruction.
+  * Fix smartalign package which could trigger an error during
+  optimization if the alignment code expanded too much due to
+  optimization of the previous code.
+  * Fix a case where negative value in TIMES directive causes
+  panic instead of an error.
+  * Fix the incorrect generation of VEX-encoded instruction
+  when static mode decorators are specified on scalar instructions,
+  losing the decorators as they require EVEX encoding.
+  * Fix generation of dependency lists.
+  * Fixes macro calls that have the wrong number of arguments
+    (bsc#1073796, CVE-2017-17810)
+  * Fixes Heap-based buffer overflow allows related to a strcpy
+    in paste_tokens (bsc#1073798, CVE-2017-17811)
+  * Fixes Heap-based buffer over-read in the function detoken()
+    (bsc#1073799, CVE-2017-17812)
+  * Fixes Use-after-free in the pp_list_one_macro function
+    (bsc#1073803, CVE-2017-17813)
+  * Fixes Use-after-free in do_directive
+    (bsc#1073808, CVE-2017-17814)
+  * Fixes Illegal address access in is_mmacro()
+    (bsc#1073818, CVE-2017-17815)
+  * Fixes Use-after-free in pp_getline
+    (bsc#1073823, CVE-2017-17816)
+  * Fixes Use-after-free in pp_verror
+    (bsc#1073829, CVE-2017-17817)
+  * Fixes Heap-based buffer over-read related to a while loop in
+    paste_tokens (bsc#1073830, CVE-2017-17818)
+  * Fixes Illegal address access in the function find_cc
+    (bsc#1073832, CVE-2017-17819)
+  * Fixes Use-after-free in pp_list_one_macro
+    (bsc#1073846, CVE-2017-17820)
+  * Fixes illegal address access in thefunction paste_tokens()
+    (bsc#1058013, CVE-2017-14228)
+- memory_fixes.patch: changes upstreamed and removed.
+
 -------------------------------------------------------------------
 Tue Jul 25 11:00:30 UTC 2017 - adam.majer@suse.de

--- a/nasm.spec
+++ b/nasm.spec
@ -1,7 +1,7 @@
 #
 # spec file for package nasm
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -17,14 +17,13 @@


 Name:           nasm
-Version:        2.13.01
+Version:        2.13.02
 Release:        0
 Summary:        Netwide Assembler (An x86 Assembler)
 License:        BSD-2-Clause
 Group:          Development/Languages/Other
 Url:            http://www.nasm.us/
 Source:         http://www.nasm.us/pub/nasm/releasebuilds/%{version}/nasm-%{version}.tar.xz
-Patch:          memory_fixes.patch
 BuildRequires:  fdupes

 %description
@ -33,7 +32,6 @@ several binary formats, including ELF, a.out, Win32, and OS/2.

 %prep
 %setup -q
-%patch -p1

 %build
 touch -r ./version.h ./version.h.stamp