From b283b2cf8ffbeea1ab19237ca82db95a45efbb47 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Wed, 6 Aug 2014 09:30:13 +0200 Subject: [PATCH] lzo: Downgrade to 2.0.6 (CVE-2014-4607 patched). openvpn fails at lzo_init with lzo-2.07 and 2.08 on armv5tel. --- lfs/lzo | 5 +- src/patches/lzo-2.06-CVE-2014-4607.patch | 245 +++++++++++++++++++++++ 2 files changed, 248 insertions(+), 2 deletions(-) create mode 100755 src/patches/lzo-2.06-CVE-2014-4607.patch diff --git a/lfs/lzo b/lfs/lzo index 1745f4cca..19ad0909c 100644 --- a/lfs/lzo +++ b/lfs/lzo @@ -24,7 +24,7 @@ include Config -VER = 2.08 +VER = 2.06 THISAPP = lzo-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = fcec64c26a0f4f4901468f360029678f +$(DL_FILE)_MD5 = 95380bd4081f85ef08c5209f4107e9f8 install : $(TARGET) @@ -70,6 +70,7 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/lzo-2.06-CVE-2014-4607.patch cd $(DIR_APP) && ./configure --prefix=/usr --enable-shared cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install diff --git a/src/patches/lzo-2.06-CVE-2014-4607.patch b/src/patches/lzo-2.06-CVE-2014-4607.patch new file mode 100755 index 000000000..d22c406e0 --- /dev/null +++ b/src/patches/lzo-2.06-CVE-2014-4607.patch @@ -0,0 +1,245 @@ +diff --git a/minilzo/minilzo.c b/minilzo/minilzo.c +index 34ce0f0..ecfdf66 100644 +--- a/minilzo/minilzo.c ++++ b/minilzo/minilzo.c +@@ -3547,6 +3547,8 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len, + #undef TEST_LBO + #undef NEED_IP + #undef NEED_OP ++#undef TEST_IV ++#undef TEST_OV + #undef HAVE_TEST_IP + #undef HAVE_TEST_OP + #undef HAVE_NEED_IP +@@ -3561,6 +3563,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len, + # if (LZO_TEST_OVERRUN_INPUT >= 2) + # define NEED_IP(x) \ + if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun ++# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun + # endif + #endif + +@@ -3572,6 +3575,7 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len, + # undef TEST_OP + # define NEED_OP(x) \ + if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun ++# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun + # endif + #endif + +@@ -3602,11 +3606,13 @@ DO_COMPRESS ( const lzo_bytep in , lzo_uint in_len, + # define HAVE_NEED_IP 1 + #else + # define NEED_IP(x) ((void) 0) ++# define TEST_IV(x) ((void) 0) + #endif + #if defined(NEED_OP) + # define HAVE_NEED_OP 1 + #else + # define NEED_OP(x) ((void) 0) ++# define TEST_OV(x) ((void) 0) + #endif + + #if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP) +@@ -3687,6 +3693,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, + { + t += 255; + ip++; ++ TEST_IV(t); + NEED_IP(1); + } + t += 15 + *ip++; +@@ -3835,6 +3842,7 @@ match: + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += 31 + *ip++; +@@ -3879,6 +3887,7 @@ match: + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += 7 + *ip++; +@@ -4073,6 +4082,8 @@ lookbehind_overrun: + #undef TEST_LBO + #undef NEED_IP + #undef NEED_OP ++#undef TEST_IV ++#undef TEST_OV + #undef HAVE_TEST_IP + #undef HAVE_TEST_OP + #undef HAVE_NEED_IP +@@ -4087,6 +4098,7 @@ lookbehind_overrun: + # if (LZO_TEST_OVERRUN_INPUT >= 2) + # define NEED_IP(x) \ + if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun ++# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun + # endif + #endif + +@@ -4098,6 +4110,7 @@ lookbehind_overrun: + # undef TEST_OP + # define NEED_OP(x) \ + if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun ++# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun + # endif + #endif + +@@ -4128,11 +4141,13 @@ lookbehind_overrun: + # define HAVE_NEED_IP 1 + #else + # define NEED_IP(x) ((void) 0) ++# define TEST_IV(x) ((void) 0) + #endif + #if defined(NEED_OP) + # define HAVE_NEED_OP 1 + #else + # define NEED_OP(x) ((void) 0) ++# define TEST_OV(x) ((void) 0) + #endif + + #if defined(HAVE_TEST_IP) || defined(HAVE_NEED_IP) +@@ -4213,6 +4228,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, + { + t += 255; + ip++; ++ TEST_IV(t); + NEED_IP(1); + } + t += 15 + *ip++; +@@ -4361,6 +4377,7 @@ match: + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += 31 + *ip++; +@@ -4405,6 +4422,7 @@ match: + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += 7 + *ip++; +diff --git a/src/lzo1_d.ch b/src/lzo1_d.ch +index 40a5bfd..c442d9c 100644 +--- a/src/lzo1_d.ch ++++ b/src/lzo1_d.ch +@@ -76,6 +76,8 @@ + #undef TEST_LBO + #undef NEED_IP + #undef NEED_OP ++#undef TEST_IV ++#undef TEST_OV + #undef HAVE_TEST_IP + #undef HAVE_TEST_OP + #undef HAVE_NEED_IP +@@ -91,6 +93,7 @@ + # if (LZO_TEST_OVERRUN_INPUT >= 2) + # define NEED_IP(x) \ + if ((lzo_uint)(ip_end - ip) < (lzo_uint)(x)) goto input_overrun ++# define TEST_IV(x) if ((x) > (lzo_uint)0 - (511)) goto input_overrun + # endif + #endif + +@@ -102,6 +105,7 @@ + # undef TEST_OP /* don't need both of the tests here */ + # define NEED_OP(x) \ + if ((lzo_uint)(op_end - op) < (lzo_uint)(x)) goto output_overrun ++# define TEST_OV(x) if ((x) > (lzo_uint)0 - (511)) goto output_overrun + # endif + #endif + +@@ -135,11 +139,13 @@ + # define HAVE_NEED_IP 1 + #else + # define NEED_IP(x) ((void) 0) ++# define TEST_IV(x) ((void) 0) + #endif + #if defined(NEED_OP) + # define HAVE_NEED_OP 1 + #else + # define NEED_OP(x) ((void) 0) ++# define TEST_OV(x) ((void) 0) + #endif + + +diff --git a/src/lzo1b_d.ch b/src/lzo1b_d.ch +index fe5f361..36b4b6b 100644 +--- a/src/lzo1b_d.ch ++++ b/src/lzo1b_d.ch +@@ -187,6 +187,7 @@ match: + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += (M4_MIN_LEN - M3_MIN_LEN) + *ip++; +diff --git a/src/lzo1f_d.ch b/src/lzo1f_d.ch +index 9e942f5..0c2199e 100644 +--- a/src/lzo1f_d.ch ++++ b/src/lzo1f_d.ch +@@ -84,6 +84,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, + { + t += 255; + ip++; ++ TEST_IV(t); + NEED_IP(1); + } + t += 31 + *ip++; +@@ -138,6 +139,7 @@ match: + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += 31 + *ip++; +diff --git a/src/lzo1x_d.ch b/src/lzo1x_d.ch +index 49cf326..c804cc7 100644 +--- a/src/lzo1x_d.ch ++++ b/src/lzo1x_d.ch +@@ -120,6 +120,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, + { + t += 255; + ip++; ++ TEST_IV(t); + NEED_IP(1); + } + t += 15 + *ip++; +@@ -273,6 +274,7 @@ match: + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += 31 + *ip++; +@@ -317,6 +319,7 @@ match: + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += 7 + *ip++; +diff --git a/src/lzo2a_d.ch b/src/lzo2a_d.ch +index 48e51ca..954f07e 100644 +--- a/src/lzo2a_d.ch ++++ b/src/lzo2a_d.ch +@@ -131,6 +131,7 @@ DO_DECOMPRESS ( const lzo_bytep in , lzo_uint in_len, + { + t += 255; + ip++; ++ TEST_OV(t); + NEED_IP(1); + } + t += *ip++; -- 2.39.2