From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: [PATCH 1/1] gnu: ocaml: Fix CVE-2015-8869. Date: Sat, 30 Apr 2016 14:38:37 -0400 Message-ID: <129c1d78b943eb2de62db23a5b6aadd33fcf1d97.1462041341.git.leo@famulari.name> References: Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:44119) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1awZnJ-0001IB-Ki for guix-devel@gnu.org; Sat, 30 Apr 2016 14:39:16 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1awZn4-0007hw-1v for guix-devel@gnu.org; Sat, 30 Apr 2016 14:39:04 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:60496) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1awZn1-0007e3-Pb for guix-devel@gnu.org; Sat, 30 Apr 2016 14:38:53 -0400 Received: from jasmine.lan (c-50-191-78-78.hsd1.pa.comcast.net [50.191.78.78]) by mail.messagingengine.com (Postfix) with ESMTPA id AD372C00016 for ; Sat, 30 Apr 2016 14:38:39 -0400 (EDT) In-Reply-To: In-Reply-To: References: List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org * gnu/packages/patches/ocaml-CVE-2015-8869.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ocaml.scm (ocaml): Use it. --- gnu/local.mk | 1 + gnu/packages/ocaml.scm | 3 +- gnu/packages/patches/ocaml-CVE-2015-8869.patch | 70 ++++++++++++++++++++++++++ 3 files changed, 73 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/ocaml-CVE-2015-8869.patch diff --git a/gnu/local.mk b/gnu/local.mk index 9e31ef9..90899d4 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -642,6 +642,7 @@ dist_patch_DATA = \ gnu/packages/patches/nvi-assume-preserve-path.patch \ gnu/packages/patches/nvi-dbpagesize-binpower.patch \ gnu/packages/patches/nvi-db4.patch \ + gnu/packages/patches/ocaml-CVE-2015-8869.patch \ gnu/packages/patches/ocaml-findlib-make-install.patch \ gnu/packages/patches/openexr-missing-samples.patch \ gnu/packages/patches/openimageio-boost-1.60.patch \ diff --git a/gnu/packages/ocaml.scm b/gnu/packages/ocaml.scm index 5d48953..434fb13 100644 --- a/gnu/packages/ocaml.scm +++ b/gnu/packages/ocaml.scm @@ -60,7 +60,8 @@ "/ocaml-" version ".tar.xz")) (sha256 (base32 - "1qwwvy8nzd87hk8rd9sm667nppakiapnx4ypdwcrlnav2dz6kil3")))) + "1qwwvy8nzd87hk8rd9sm667nppakiapnx4ypdwcrlnav2dz6kil3")) + (patches (search-patches "ocaml-CVE-2015-8869.patch")))) (build-system gnu-build-system) (native-search-paths (list (search-path-specification diff --git a/gnu/packages/patches/ocaml-CVE-2015-8869.patch b/gnu/packages/patches/ocaml-CVE-2015-8869.patch new file mode 100644 index 0000000..23f7409 --- /dev/null +++ b/gnu/packages/patches/ocaml-CVE-2015-8869.patch @@ -0,0 +1,70 @@ +Adapted from upstream commit 659615c7b100a89eafe6253e7a5b9d84d0e8df74, +this patch omits the upstream changes to 'Changes' and 'VERSION'. + +https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74 +--- + byterun/alloc.c | 4 ++-- + byterun/intern.c | 2 +- + byterun/str.c | 4 ++-- + 3 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/byterun/alloc.c b/byterun/alloc.c +index 96a21bf..0db9947 100644 +--- a/byterun/alloc.c ++++ b/byterun/alloc.c +@@ -153,7 +153,7 @@ CAMLexport int caml_convert_flag_list(value list, int *flags) + /* [size] is a [value] representing number of words (fields) */ + CAMLprim value caml_alloc_dummy(value size) + { +- mlsize_t wosize = Int_val(size); ++ mlsize_t wosize = Long_val(size); + + if (wosize == 0) return Atom(0); + return caml_alloc (wosize, 0); +@@ -169,7 +169,7 @@ CAMLprim value caml_alloc_dummy_function(value size,value arity) + /* [size] is a [value] representing number of floats. */ + CAMLprim value caml_alloc_dummy_float (value size) + { +- mlsize_t wosize = Int_val(size) * Double_wosize; ++ mlsize_t wosize = Long_val(size) * Double_wosize; + + if (wosize == 0) return Atom(0); + return caml_alloc (wosize, 0); +diff --git a/byterun/intern.c b/byterun/intern.c +index 89d13d1..7b8d049 100644 +--- a/byterun/intern.c ++++ b/byterun/intern.c +@@ -291,7 +291,7 @@ static void intern_rec(value *dest) + case OFreshOID: + /* Refresh the object ID */ + /* but do not do it for predefined exception slots */ +- if (Int_val(Field((value)dest, 1)) >= 0) ++ if (Long_val(Field((value)dest, 1)) >= 0) + caml_set_oo_id((value)dest); + /* Pop item and iterate */ + sp--; +diff --git a/byterun/str.c b/byterun/str.c +index 5ad4e29..885772f 100644 +--- a/byterun/str.c ++++ b/byterun/str.c +@@ -266,7 +266,7 @@ CAMLprim value caml_string_greaterequal(value s1, value s2) + CAMLprim value caml_blit_string(value s1, value ofs1, value s2, value ofs2, + value n) + { +- memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Int_val(n)); ++ memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Long_val(n)); + return Val_unit; + } + +@@ -278,7 +278,7 @@ CAMLprim value caml_fill_string(value s, value offset, value len, value init) + + CAMLprim value caml_bitvect_test(value bv, value n) + { +- int pos = Int_val(n); ++ intnat pos = Long_val(n); + return Val_int(Byte_u(bv, pos >> 3) & (1 << (pos & 7))); + } + +-- +2.7.4 + -- 2.7.4