From be676d2f8e823db29b4f0c8e4d2950f108c8cd9d5544e94559128d9def163874 Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Wed, 30 Sep 2020 10:50:09 +0000 Subject: [PATCH] Hardening and adding three commits OBS-URL: https://build.opensuse.org/package/show/Publishing/transfig?expand=0&rev=65 --- 100e27.patch | 32 ++++++++++++++++++++++++ 3065eb.patch | 63 ++++++++++++++++++++++++++++++++++++++++++++++++ ca48cc.patch | 35 +++++++++++++++++++++++++++ transfig.changes | 13 ++++++++++ transfig.spec | 48 ++++++++++++++++++++++++++++++++++++ 5 files changed, 191 insertions(+) create mode 100644 100e27.patch create mode 100644 3065eb.patch create mode 100644 ca48cc.patch diff --git a/100e27.patch b/100e27.patch new file mode 100644 index 0000000..d63620b --- /dev/null +++ b/100e27.patch @@ -0,0 +1,32 @@ +From 100e2789f8106f9cc0f7e4319c4ee7bda076c3ac Mon Sep 17 00:00:00 2001 +From: Thomas Loimer +Date: Sun, 16 Feb 2020 13:25:03 +0100 +Subject: [PATCH] Modify commit [3165d8]: Use tangent, not secant + +Use the tangent, not a secant, for short arrows on arcs. +--- + fig2dev/bound.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git fig2dev/bound.c fig2dev/bound.c +index d305ab9..ea97461 100644 +--- fig2dev/bound.c ++++ fig2dev/bound.c +@@ -1102,12 +1102,10 @@ compute_arcarrow_angle(double x1, double y1, double x2, double y2, + /* add this to the length */ + h += lpt; + +- /* radius too small for this method, use normal method */ +- if (h > 2.0*r) { ++ /* secant would be too large or too small */ ++ if (h > 2.0*r || h < 0.01*r) { + arc_tangent_int(x1,y1,x2,y2,direction,x,y); + return; +- } else if (h < thick) { +- h = thick; + } + + beta=atan2(dy,dx); +-- +2.16.4 + diff --git a/3065eb.patch b/3065eb.patch new file mode 100644 index 0000000..ba16acf --- /dev/null +++ b/3065eb.patch @@ -0,0 +1,63 @@ +From 3065ebc14bb96506429b4ebde3aeb3793c72a66d Mon Sep 17 00:00:00 2001 +From: Thomas Loimer +Date: Sun, 16 Feb 2020 18:54:01 +0100 +Subject: [PATCH] Allow last line of file lacking eol char, #83, #84 + +If the last line of a fig file does not end with a newline, the code parsing +the input could read beyond the allocated buffer. This commit fixes the parsing +at two locations in the code, one in string parsing, the second where sequences +of a backslash and octal digits are converted to characters. +--- + fig2dev/read.c | 6 ++++-- + fig2dev/tests/read.at | 11 +++++++++++ + 2 files changed, 15 insertions(+), 2 deletions(-) + +--- fig2dev/read.c ++++ fig2dev/read.c 2020-09-30 10:46:34.214234522 +0000 +@@ -1483,6 +1483,8 @@ read_textobject(FILE *fp, char **restric + + len = strlen(start); + start[len++] = '\n'; /* put back the newline */ ++ start[len] = '\0'; /* and terminate the string, ++ in case nothing else is found */ + + /* allocate plenty of space */ + next = malloc(len + BUFSIZ); +@@ -1491,7 +1493,7 @@ read_textobject(FILE *fp, char **restric + free(t); + return NULL; + } +- memcpy(next, start, len); ++ memcpy(next, start, len + 1); + + while ((chars = getline(line, line_len, fp)) != -1) { + ++(*line_no); +@@ -1525,7 +1527,7 @@ read_textobject(FILE *fp, char **restric + len = end - start; + l = len; + while (c[l] != '\0') { +- if (c[l] == '\\') { ++ if (c[l] == '\\' && c[l+1] != '\0') { + /* convert 3 digit octal value */ + if (isdigit(c[l+1]) && c[l+2] != '\0' && + c[l+3] != '\0') { +--- fig2dev/tests/read.at ++++ fig2dev/tests/read.at 2020-09-30 10:46:34.262233620 +0000 +@@ -416,6 +416,17 @@ AT_CHECK([fig2dev -L tikz text.fig + ], 0, ignore) + AT_CLEANUP + ++AT_SETUP([allow files end without eol, tickets #83, #84]) ++AT_KEYWORDS([read.c]) ++AT_CHECK([AS_ECHO_N(["FIG_FILE_TOP ++4 0 0 50 0 -1 12 0 0 150 405 0 0 No end-of-line here -->"]) | \ ++ fig2dev -L box], 0, ignore) ++AT_CHECK([AS_ECHO_N(["FIG_FILE_TOP ++4 0 0 50 0 -1 12 0 0 150 405 0 0 Start string ++No end-of-line after one backslash --> \\"]) | \ ++ fig2dev -L box], 0, ignore) ++AT_CLEANUP ++ + AT_BANNER([Dynamically allocate picture file name.]) + + AT_SETUP([prepend fig file path to picture file name]) diff --git a/ca48cc.patch b/ca48cc.patch new file mode 100644 index 0000000..ee59f20 --- /dev/null +++ b/ca48cc.patch @@ -0,0 +1,35 @@ +From ca48ccc90bd3e7801a63cf9a541f292b28ed1260 Mon Sep 17 00:00:00 2001 +From: Thomas Loimer +Date: Mon, 17 Feb 2020 12:18:12 +0100 +Subject: [PATCH] Amend previous commit - avoid buffer overflow + +Regards to Dr. Werner Fink, see discussion to ticket #83. +--- + fig2dev/read.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git fig2dev/read.c fig2dev/read.c +index 0bdcd3d..d1ae463 100644 +--- fig2dev/read.c ++++ fig2dev/read.c +@@ -1489,8 +1489,6 @@ read_textobject(FILE *fp, char **restrict line, size_t *line_len, int *line_no) + + len = strlen(start); + start[len++] = '\n'; /* put back the newline */ +- start[len] = '\0'; /* and terminate the string, +- in case nothing else is found */ + + /* allocate plenty of space */ + next = malloc(len + BUFSIZ); +@@ -1500,6 +1498,8 @@ read_textobject(FILE *fp, char **restrict line, size_t *line_len, int *line_no) + return NULL; + } + memcpy(next, start, len + 1); ++ next[len] = '\0'; /* terminate the initial string, ++ in case nothing else is found */ + + while ((chars = getline(line, line_len, fp)) != -1) { + ++(*line_no); +-- +2.16.4 + diff --git a/transfig.changes b/transfig.changes index 16c3c23..a2141c8 100644 --- a/transfig.changes +++ b/transfig.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Wed Sep 30 10:48:31 UTC 2020 - Dr. Werner Fink + +- Add upstream security patches/commits + * 100e27.patch + * 3065eb.patch + * ca48cc.patch + +------------------------------------------------------------------- +Tue Sep 29 09:24:16 UTC 2020 - Dr. Werner Fink + +- Do hardening via compile and linker flags + ------------------------------------------------------------------- Tue Feb 11 11:38:01 UTC 2020 - Dr. Werner Fink diff --git a/transfig.spec b/transfig.spec index bb3427e..9abc300 100644 --- a/transfig.spec +++ b/transfig.spec @@ -70,6 +70,9 @@ Patch14: 2f8d1a.patch Patch15: 4d4e1f.patch Patch16: 3165d8.patch Patch17: 639c36.patch +Patch18: 100e27.patch +Patch19: 3065eb.patch +Patch20: ca48cc.patch Patch43: fig2dev-3.2.6-fig2mpdf.patch Patch44: fig2dev-3.2.6-fig2mpdf-doc.patch Patch45: fig2dev-3.2.6a-RGBFILE.patch @@ -127,14 +130,59 @@ find -type f | xargs -r chmod a-x,go-w %patch15 -p0 -b .sec12 %patch16 -p0 -b .sec13 %patch17 -p0 -b .sec14 +%patch18 -p0 -b .sec15 +%patch19 -p0 -b .sec16 +%patch20 -p0 -b .sec17 %patch43 -p2 -b .mpdf %patch44 -p1 -b .mpdfdoc %patch45 -p1 -b .p45 %build ulimit -v unlimited || : + # + # Used for detection of hardening options of gcc and linker + # + cflags () + { + local flag=$1; shift + local var=$1; shift + test -n "${flag}" -a -n "${var}" || return + case "${!var}" in + *${flag}*) return + esac + case "$flag" in + -Wl,*) + set -o noclobber + echo 'int main () { return 0; }' > ldtest.c + if ${CC:-gcc} -Werror $flag -o /dev/null -xc ldtest.c > /dev/null 2>&1 ; then + eval $var=\${$var:+\$$var\ }$flag + fi + set +o noclobber + rm -f ldtest.c + ;; + *) + if ${CC:-gcc} -Werror $flag -S -o /dev/null -xc /dev/null > /dev/null 2>&1 ; then + eval $var=\${$var:+\$$var\ }$flag + fi + if ${CXX:-g++} -Werror $flag -S -o /dev/null -xc++ /dev/null > /dev/null 2>&1 ; then + eval $var=\${$var:+\$$var\ }$flag + fi + esac + } + CC=gcc CFLAGS="%{optflags} -fno-strict-aliasing -w -D_GNU_SOURCE -std=gnu99 $(getconf LFS_CFLAGS)" +cflags -D_FORTIFY_SOURCE=2 CFLAGS +cflags -fstack-protector CFLAGS +cflags -fstack-protector-strong CFLAGS +cflags -fstack-protector-all CFLAGS +cflags -Wformat CFLAGS +cflags -Wformat-security CFLAGS +cflags -Werror=format-security CFLAGS +cflags -fPIE CFLAGS +cflags -pie LDFLAGS +cflags -Wl,-z,relro LDFLAGS +cflags -Wl,-z,now LDFLAGS export CC CFLAGS LDFLAGS chmod 755 configure %configure \