aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrancesco Colista <francesco.colista@gmail.com>2012-11-03 11:40:25 +0000
committerFrancesco Colista <francesco.colista@gmail.com>2012-11-03 11:40:25 +0000
commitaec65361be4ba73d1ac6d80c22b61a7171b63802 (patch)
treecc9c24ba884a5f3fdbb978b39841c88498688c70
parent7e8537a95aeb56c77567d2d0f27aa1b5c507b3e7 (diff)
parentb2f59ad10f25be0112e9f226a1725bc82c0e793f (diff)
downloadalpine_aports-aec65361be4ba73d1ac6d80c22b61a7171b63802.tar.bz2
alpine_aports-aec65361be4ba73d1ac6d80c22b61a7171b63802.tar.xz
alpine_aports-aec65361be4ba73d1ac6d80c22b61a7171b63802.zip
Merge git://dev.alpinelinux.org/aports
Diffstat
-rw-r--r--main/apache2/APKBUILD52
-rw-r--r--main/apache2/httpd.conf129
-rw-r--r--main/apache2/lua.conf1
-rw-r--r--main/apache2/proxy-html.conf1
-rw-r--r--main/apache2/proxy.conf15
-rw-r--r--main/freeradius/APKBUILD4
-rw-r--r--main/freeradius/freeradius.initd10
-rw-r--r--main/libc0.9.32/APKBUILD4
-rw-r--r--main/libc0.9.32/STATUS18
-rw-r--r--main/libc0.9.32/uclibc-rtld_next-fix.patch27
-rw-r--r--main/libvirt/APKBUILD12
-rw-r--r--main/libxml2/APKBUILD12
-rw-r--r--main/libxml2/libxml2-entities-local-buffers-size.patch97
-rw-r--r--main/libxml2/libxml2-entities-local-buffers-size2.patch21
-rw-r--r--main/libxml2/libxml2-parser-local-buffers-size.patch260
-rw-r--r--main/libxslt/APKBUILD6
-rw-r--r--main/xen/APKBUILD8
-rw-r--r--main/xen/xend.initd2
-rw-r--r--main/xen/xenstored.initd1
-rw-r--r--main/xen/xsa25-4.2.patch365
20 files changed, 581 insertions, 464 deletions
diff --git a/main/apache2/APKBUILD b/main/apache2/APKBUILD
index 988dace899..d5151f2585 100644
--- a/main/apache2/APKBUILD
+++ b/main/apache2/APKBUILD
@@ -1,7 +1,7 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=apache2 2pkgname=apache2
3pkgver=2.4.3 3pkgver=2.4.3
4pkgrel=1 4pkgrel=2
5pkgdesc="A high performance Unix-based HTTP server" 5pkgdesc="A high performance Unix-based HTTP server"
6url="http://httpd.apache.org/" 6url="http://httpd.apache.org/"
7arch="all" 7arch="all"
@@ -12,9 +12,10 @@ pkggroups="apache"
12makedepends="openssl-dev zlib-dev apr-util-dev apr-dev pcre-dev sed lua-dev 12makedepends="openssl-dev zlib-dev apr-util-dev apr-dev pcre-dev sed lua-dev
13 autoconf automake" 13 autoconf automake"
14subpackages="$pkgname-dev $pkgname-doc $pkgname-utils $pkgname-ssl 14subpackages="$pkgname-dev $pkgname-doc $pkgname-utils $pkgname-ssl
15 $pkgname-ldap $pkgname-webdav" 15 $pkgname-ldap $pkgname-webdav
16# see http://lists.err.no/pipermail/mpm-itk/2011-August/000432.html for 16 $pkgname-proxy-html:proxy_html
17# the 03-add-mpm-to-build-system.patch 17 $pkgname-proxy
18 $pkgname-lua:_lua"
18source="http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2 19source="http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2
19 apache2.confd 20 apache2.confd
20 apache2.logrotate 21 apache2.logrotate
@@ -22,6 +23,9 @@ source="http://archive.apache.org/dist/httpd/httpd-$pkgver.tar.bz2
22 httpd.conf 23 httpd.conf
23 ssl.conf 24 ssl.conf
24 ldap.conf 25 ldap.conf
26 proxy-html.conf
27 proxy.conf
28 lua.conf
25 alpine.layout 29 alpine.layout
26 " 30 "
27_builddir="$srcdir"/httpd-$pkgver 31_builddir="$srcdir"/httpd-$pkgver
@@ -153,19 +157,57 @@ ldap() {
153webdav() { 157webdav() {
154 pkgdesc="WebDAV support for the Apache HTTP Server" 158 pkgdesc="WebDAV support for the Apache HTTP Server"
155 depends="apache2" 159 depends="apache2"
160 replaces="apache2"
156 161
157 install -d "$subpkgdir"/usr/lib/apache2 || return 1 162 install -d "$subpkgdir"/usr/lib/apache2 || return 1
158 mv "$pkgdir"/usr/lib/apache2/mod_*dav.so \ 163 mv "$pkgdir"/usr/lib/apache2/mod_*dav.so \
164 "$pkgdir"/usr/lib/apache2/mod_dav_*.so \
159 "$subpkgdir"/usr/lib/apache2/ || return 1 165 "$subpkgdir"/usr/lib/apache2/ || return 1
160 install -D -m644 "$_builddir"/docs/conf/extra/httpd-dav.conf \ 166 install -D -m644 "$_builddir"/docs/conf/extra/httpd-dav.conf \
161 "$subpkgdir"/etc/apache2/conf.d/http-dav.conf || return 1 167 "$subpkgdir"/etc/apache2/conf.d/http-dav.conf || return 1
162} 168}
163 169
170proxy_html() {
171 pkgdesc="HTML and XML content filters for the Apache HTTP Server"
172 depends="apache2"
173 install -d "$subpkgdir"/usr/lib/apache2 || return 1
174 mv "$pkgdir"/usr/lib/apache2/*_proxy_html.so \
175 "$pkgdir"/usr/lib/apache2/*xml2enc*.so \
176 "$subpkgdir"/usr/lib/apache2/ || return 1
177 install -D -m644 "$srcdir"/proxy-html.conf \
178 "$subpkgdir"/etc/apache2/conf.d/proxy-html.conf || return 1
179}
180
181proxy() {
182 pkgdesc="Proxy modules for the Apache HTTP Server"
183 depends="apache2"
184 install -d "$subpkgdir"/usr/lib/apache2 || return 1
185 mv "$pkgdir"/usr/lib/apache2/*_proxy*.so \
186 "$pkgdir"/usr/lib/apache2/*_lbmethod*.so \
187 "$subpkgdir"/usr/lib/apache2/ || return 1
188 install -D -m644 "$srcdir"/proxy.conf \
189 "$subpkgdir"/etc/apache2/conf.d/proxy.conf || return 1
190}
191
192_lua() {
193 pkgdesc="Lua support for the Apache HTTP server"
194 depends="apache2"
195 install -d "$subpkgdir"/usr/lib/apache2 || return 1
196 mv "$pkgdir"/usr/lib/apache2/*_lua.so \
197 "$subpkgdir"/usr/lib/apache2/ || return 1
198 install -D -m644 "$srcdir"/lua.conf \
199 "$subpkgdir"/etc/apache2/conf.d/lua.conf || return 1
200}
201
202
164md5sums="87aaf7bc7e8715f0455997bb8c6791aa httpd-2.4.3.tar.bz2 203md5sums="87aaf7bc7e8715f0455997bb8c6791aa httpd-2.4.3.tar.bz2
165e322b5211e49511cac6e40c86af1b1da apache2.confd 204e322b5211e49511cac6e40c86af1b1da apache2.confd
16675fe4138b98fcffd01b8c8c077b944f3 apache2.logrotate 20575fe4138b98fcffd01b8c8c077b944f3 apache2.logrotate
1677105fc70298b24bfca6dba517f7486d7 apache2.initd 2067105fc70298b24bfca6dba517f7486d7 apache2.initd
168749faf0b2916d85d1240bc34f700e5d9 httpd.conf 207cceb6f5c3949326b48e0fcf196a2495d httpd.conf
1695d0d024ca43571b863874ab871b2c109 ssl.conf 2085d0d024ca43571b863874ab871b2c109 ssl.conf
170b70fe826486043e3953cfe21f9e6fa16 ldap.conf 209b70fe826486043e3953cfe21f9e6fa16 ldap.conf
210fe26a0a70f572eb256a3c6c183a62223 proxy-html.conf
21196eddccfca1ec0349f844e2460cf655b proxy.conf
212449a4aea60473ac4a16f025fca4463e3 lua.conf
171c66ff5f70260d5266e6803a59b39bd7f alpine.layout" 213c66ff5f70260d5266e6803a59b39bd7f alpine.layout"
diff --git a/main/apache2/httpd.conf b/main/apache2/httpd.conf
index 087f3fb8c2..dd1258808d 100644
--- a/main/apache2/httpd.conf
+++ b/main/apache2/httpd.conf
@@ -1,9 +1,9 @@
1# 1#
2# This is the main Apache server configuration file. It contains the 2# This is the main Apache server configuration file. It contains the
3# configuration directives that give the server its instructions. 3# configuration directives that give the server its instructions.
4# See <URL:http://httpd.apache.org/docs/2.2/> for detailed information. 4# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
5# In particular, see 5# In particular, see
6# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html> 6# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
7# for a discussion of each configuration directive. 7# for a discussion of each configuration directive.
8# 8#
9# 9#
@@ -49,7 +49,7 @@ ServerTokens OS
49# 49#
50# NOTE! If you intend to place this on an NFS (or otherwise network) 50# NOTE! If you intend to place this on an NFS (or otherwise network)
51# mounted filesystem then please read the LockFile documentation 51# mounted filesystem then please read the LockFile documentation
52# (available at <URL:http://httpd.apache.org/docs/2.2/mod/mpm_common.html#lockfile>); 52# (available at <URL:http://httpd.apache.org/docs/2.4/mod/mpm_common.html#lockfile>);
53# you will save yourself a lot of trouble. 53# you will save yourself a lot of trouble.
54# 54#
55# Do NOT add a slash at the end of the directory path. 55# Do NOT add a slash at the end of the directory path.
@@ -167,36 +167,58 @@ Listen 80
167# Example: 167# Example:
168# LoadModule foo_module modules/mod_foo.so 168# LoadModule foo_module modules/mod_foo.so
169# 169#
170LoadModule auth_basic_module modules/mod_auth_basic.so
171LoadModule auth_digest_module modules/mod_auth_digest.so
172LoadModule authn_file_module modules/mod_authn_file.so 170LoadModule authn_file_module modules/mod_authn_file.so
173LoadModule authn_alias_module modules/mod_authn_alias.so
174LoadModule authn_anon_module modules/mod_authn_anon.so 171LoadModule authn_anon_module modules/mod_authn_anon.so
175LoadModule authn_dbm_module modules/mod_authn_dbm.so 172LoadModule authn_socache_module modules/mod_authn_socache.so
176LoadModule authn_default_module modules/mod_authn_default.so 173LoadModule authn_core_module modules/mod_authn_core.so
177LoadModule authz_host_module modules/mod_authz_host.so 174LoadModule authz_host_module modules/mod_authz_host.so
175LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
178LoadModule authz_user_module modules/mod_authz_user.so 176LoadModule authz_user_module modules/mod_authz_user.so
179LoadModule authz_owner_module modules/mod_authz_owner.so 177LoadModule authz_owner_module modules/mod_authz_owner.so
180LoadModule authz_groupfile_module modules/mod_authz_groupfile.so 178LoadModule authz_core_module modules/mod_authz_core.so
181LoadModule authz_dbm_module modules/mod_authz_dbm.so 179LoadModule access_compat_module modules/mod_access_compat.so
182LoadModule authz_default_module modules/mod_authz_default.so 180LoadModule auth_basic_module modules/mod_auth_basic.so
181LoadModule auth_form_module modules/mod_auth_form.so
182LoadModule auth_digest_module modules/mod_auth_digest.so
183LoadModule asis_module modules/mod_asis.so
184LoadModule allowmethods_module modules/mod_allowmethods.so
185LoadModule file_cache_module modules/mod_file_cache.so
186LoadModule cache_module modules/mod_cache.so
187LoadModule cache_disk_module modules/mod_cache_disk.so
188LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
189LoadModule socache_memcache_module modules/mod_socache_memcache.so
190LoadModule echo_module modules/mod_echo.so
191LoadModule buffer_module modules/mod_buffer.so
192LoadModule ratelimit_module modules/mod_ratelimit.so
193LoadModule reqtimeout_module modules/mod_reqtimeout.so
194LoadModule ext_filter_module modules/mod_ext_filter.so
195LoadModule request_module modules/mod_request.so
183LoadModule include_module modules/mod_include.so 196LoadModule include_module modules/mod_include.so
197LoadModule substitute_module modules/mod_substitute.so
198LoadModule sed_module modules/mod_sed.so
199LoadModule charset_lite_module modules/mod_charset_lite.so
200LoadModule deflate_module modules/mod_deflate.so
201LoadModule mime_module modules/mod_mime.so
184LoadModule log_config_module modules/mod_log_config.so 202LoadModule log_config_module modules/mod_log_config.so
203LoadModule log_debug_module modules/mod_log_debug.so
185LoadModule logio_module modules/mod_logio.so 204LoadModule logio_module modules/mod_logio.so
186LoadModule env_module modules/mod_env.so 205LoadModule env_module modules/mod_env.so
187LoadModule ext_filter_module modules/mod_ext_filter.so
188LoadModule mime_magic_module modules/mod_mime_magic.so 206LoadModule mime_magic_module modules/mod_mime_magic.so
189LoadModule expires_module modules/mod_expires.so 207LoadModule expires_module modules/mod_expires.so
190LoadModule deflate_module modules/mod_deflate.so
191LoadModule headers_module modules/mod_headers.so 208LoadModule headers_module modules/mod_headers.so
192LoadModule usertrack_module modules/mod_usertrack.so 209LoadModule usertrack_module modules/mod_usertrack.so
193LoadModule setenvif_module modules/mod_setenvif.so 210LoadModule setenvif_module modules/mod_setenvif.so
194LoadModule mime_module modules/mod_mime.so 211LoadModule version_module modules/mod_version.so
195LoadModule dav_module modules/mod_dav.so 212LoadModule remoteip_module modules/mod_remoteip.so
213LoadModule session_module modules/mod_session.so
214LoadModule session_cookie_module modules/mod_session_cookie.so
215LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
216LoadModule unixd_module modules/mod_unixd.so
196LoadModule status_module modules/mod_status.so 217LoadModule status_module modules/mod_status.so
197LoadModule autoindex_module modules/mod_autoindex.so 218LoadModule autoindex_module modules/mod_autoindex.so
198LoadModule info_module modules/mod_info.so 219LoadModule info_module modules/mod_info.so
199LoadModule dav_fs_module modules/mod_dav_fs.so 220LoadModule suexec_module modules/mod_suexec.so
221LoadModule cgi_module modules/mod_cgi.so
200LoadModule vhost_alias_module modules/mod_vhost_alias.so 222LoadModule vhost_alias_module modules/mod_vhost_alias.so
201LoadModule negotiation_module modules/mod_negotiation.so 223LoadModule negotiation_module modules/mod_negotiation.so
202LoadModule dir_module modules/mod_dir.so 224LoadModule dir_module modules/mod_dir.so
@@ -204,33 +226,44 @@ LoadModule actions_module modules/mod_actions.so
204LoadModule speling_module modules/mod_speling.so 226LoadModule speling_module modules/mod_speling.so
205LoadModule userdir_module modules/mod_userdir.so 227LoadModule userdir_module modules/mod_userdir.so
206LoadModule alias_module modules/mod_alias.so 228LoadModule alias_module modules/mod_alias.so
207LoadModule substitute_module modules/mod_substitute.so
208LoadModule rewrite_module modules/mod_rewrite.so 229LoadModule rewrite_module modules/mod_rewrite.so
209LoadModule proxy_module modules/mod_proxy.so 230
210LoadModule proxy_balancer_module modules/mod_proxy_balancer.so 231LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
211LoadModule proxy_ftp_module modules/mod_proxy_ftp.so 232#LoadModule dav_module modules/mod_dav.so
212LoadModule proxy_http_module modules/mod_proxy_http.so 233#LoadModule dav_fs_module modules/mod_dav_fs.so
213LoadModule proxy_ajp_module modules/mod_proxy_ajp.so 234#LoadModule dav_lock_module modules/mod_dav_lock.so
214LoadModule proxy_connect_module modules/mod_proxy_connect.so
215LoadModule cache_module modules/mod_cache.so
216LoadModule suexec_module modules/mod_suexec.so
217LoadModule disk_cache_module modules/mod_disk_cache.so
218LoadModule cgi_module modules/mod_cgi.so
219LoadModule version_module modules/mod_version.so
220 235
221# 236#
222# The following modules are not loaded by default: 237# The following modules are not loaded by default:
223# 238#
224#LoadModule asis_module modules/mod_asis.so
225#LoadModule authn_dbd_module modules/mod_authn_dbd.so 239#LoadModule authn_dbd_module modules/mod_authn_dbd.so
226#LoadModule cern_meta_module modules/mod_cern_meta.so 240#LoadModule authn_dbm_module modules/mod_authn_dbm.so
241#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
242#LoadModule authz_dbd_module modules/mod_authz_dbd.so
243#LoadModule authz_dbm_module modules/mod_authz_dbm.so
227#LoadModule cgid_module modules/mod_cgid.so 244#LoadModule cgid_module modules/mod_cgid.so
245#LoadModule data_module modules/mod_data.so
228#LoadModule dbd_module modules/mod_dbd.so 246#LoadModule dbd_module modules/mod_dbd.so
247#LoadModule dialup_module modules/mod_dialup.so
229#LoadModule dumpio_module modules/mod_dumpio.so 248#LoadModule dumpio_module modules/mod_dumpio.so
230#LoadModule filter_module modules/mod_filter.so 249#LoadModule filter_module modules/mod_filter.so
231#LoadModule ident_module modules/mod_ident.so 250#LoadModule heartbeat_module modules/mod_heartbeat.so
251#LoadModule heartmonitor_module modules/mod_heartmonitor.so
252#LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
253#LoadModule ldap_module modules/mod_ldap.so
232#LoadModule log_forensic_module modules/mod_log_forensic.so 254#LoadModule log_forensic_module modules/mod_log_forensic.so
255#LoadModule mpm_event_module modules/mod_mpm_event.so
256#LoadModule mpm_worker_module modules/mod_mpm_worker.so
257#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
258#LoadModule proxy_html_module modules/mod_proxy_html.so
259#LoadModule reflector_module modules/mod_reflector.so
260#LoadModule session_dbd_module modules/mod_session_dbd.so
261#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
262#LoadModule socache_dbm_module modules/mod_socache_dbm.so
263#LoadModule ssl_module modules/mod_ssl.so
233#LoadModule unique_id_module modules/mod_unique_id.so 264#LoadModule unique_id_module modules/mod_unique_id.so
265#LoadModule watchdog_module modules/mod_watchdog.so
266#LoadModule xml2enc_module modules/mod_xml2enc.so
234# 267#
235 268
236# 269#
@@ -245,6 +278,7 @@ Include /etc/apache2/conf.d/*.conf
245# 278#
246#ExtendedStatus On 279#ExtendedStatus On
247 280
281<IfModule unixd_module>
248# 282#
249# If you wish httpd to run as a different user or group, you must run 283# If you wish httpd to run as a different user or group, you must run
250# httpd as root initially and it will switch. 284# httpd as root initially and it will switch.
@@ -259,6 +293,7 @@ Include /etc/apache2/conf.d/*.conf
259# 293#
260User apache 294User apache
261Group apache 295Group apache
296</IfModule>
262 297
263### Section 2: 'Main' server configuration 298### Section 2: 'Main' server configuration
264# 299#
@@ -319,7 +354,10 @@ DocumentRoot "/var/www/localhost/htdocs"
319# 354#
320<Directory /> 355<Directory />
321 Options FollowSymLinks 356 Options FollowSymLinks
322 AllowOverride None 357 AllowOverride none
358# Require all denied
359# Order allow,deny
360# Deny from all
323</Directory> 361</Directory>
324 362
325# 363#
@@ -343,7 +381,7 @@ DocumentRoot "/var/www/localhost/htdocs"
343# doesn't give it to you. 381# doesn't give it to you.
344# 382#
345# The Options directive is both complicated and important. Please see 383# The Options directive is both complicated and important. Please see
346# http://httpd.apache.org/docs/2.2/mod/core.html#options 384# http://httpd.apache.org/docs/2.4/mod/core.html#options
347# for more information. 385# for more information.
348# 386#
349 Options Indexes FollowSymLinks 387 Options Indexes FollowSymLinks
@@ -353,11 +391,12 @@ DocumentRoot "/var/www/localhost/htdocs"
353# It can be "All", "None", or any combination of the keywords: 391# It can be "All", "None", or any combination of the keywords:
354# Options FileInfo AuthConfig Limit 392# Options FileInfo AuthConfig Limit
355# 393#
356 AllowOverride None 394 AllowOverride All
357 395
358# 396#
359# Controls who can get stuff from this server. 397# Controls who can get stuff from this server.
360# 398#
399# Require all granted
361 Order allow,deny 400 Order allow,deny
362 Allow from all 401 Allow from all
363 402
@@ -443,17 +482,6 @@ AccessFileName .htaccess
443TypesConfig /etc/apache2/mime.types 482TypesConfig /etc/apache2/mime.types
444 483
445# 484#
446# DefaultType is the default MIME type the server will use for a document
447# if it cannot otherwise determine one, such as from filename extensions.
448# If your server contains mostly text or HTML documents, "text/plain" is
449# a good value. If most of your content is binary, such as applications
450# or images, you may want to use "application/octet-stream" instead to
451# keep browsers from trying to display binary files as though they are
452# text.
453#
454DefaultType text/plain
455
456#
457# The mod_mime_magic module allows the server to use various hints from the 485# The mod_mime_magic module allows the server to use various hints from the
458# contents of the file itself to determine its type. The MIMEMagicFile 486# contents of the file itself to determine its type. The MIMEMagicFile
459# directive tells the module where the hint definitions are located. 487# directive tells the module where the hint definitions are located.
@@ -478,7 +506,7 @@ HostnameLookups Off
478# The default is on; turn this off if you serve from NFS-mounted 506# The default is on; turn this off if you serve from NFS-mounted
479# filesystems. On some systems, turning it off (regardless of 507# filesystems. On some systems, turning it off (regardless of
480# filesystem) can improve performance; for details, please see 508# filesystem) can improve performance; for details, please see
481# http://httpd.apache.org/docs/2.2/mod/core.html#enablemmap 509# http://httpd.apache.org/docs/2.4/mod/core.html#enablemmap
482# 510#
483#EnableMMAP off 511#EnableMMAP off
484 512
@@ -487,7 +515,7 @@ HostnameLookups Off
487# used to deliver files (assuming that the OS supports it). 515# used to deliver files (assuming that the OS supports it).
488# The default is on; turn this off if you serve from NFS-mounted 516# The default is on; turn this off if you serve from NFS-mounted
489# filesystems. Please see 517# filesystems. Please see
490# http://httpd.apache.org/docs/2.2/mod/core.html#enablesendfile 518# http://httpd.apache.org/docs/2.4/mod/core.html#enablesendfile
491# 519#
492#EnableSendfile off 520#EnableSendfile off
493 521
@@ -570,6 +598,7 @@ Alias /icons/ "/usr/share/apache2/icons/"
570<Directory "/usr/share/apache2/icons"> 598<Directory "/usr/share/apache2/icons">
571 Options Indexes MultiViews FollowSymLinks 599 Options Indexes MultiViews FollowSymLinks
572 AllowOverride None 600 AllowOverride None
601# Require all granted
573 Order allow,deny 602 Order allow,deny
574 Allow from all 603 Allow from all
575</Directory> 604</Directory>
@@ -599,6 +628,7 @@ ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
599<Directory "/var/www/cgi-bin"> 628<Directory "/var/www/cgi-bin">
600 AllowOverride None 629 AllowOverride None
601 Options None 630 Options None
631# Require all granted
602 Order allow,deny 632 Order allow,deny
603 Allow from all 633 Allow from all
604</Directory> 634</Directory>
@@ -878,6 +908,7 @@ Alias /error/ "/usr/share/apache2/error/"
878 Options IncludesNoExec 908 Options IncludesNoExec
879 AddOutputFilter Includes html 909 AddOutputFilter Includes html
880 AddHandler type-map var 910 AddHandler type-map var
911 #Require all granted
881 Order allow,deny 912 Order allow,deny
882 Allow from all 913 Allow from all
883 LanguagePriority en es de fr 914 LanguagePriority en es de fr
@@ -976,7 +1007,7 @@ BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
976 1007
977# 1008#
978# To enable a cache of proxied content, uncomment the following lines. 1009# To enable a cache of proxied content, uncomment the following lines.
979# See http://httpd.apache.org/docs/2.2/mod/mod_cache.html for more details. 1010# See http://httpd.apache.org/docs/2.4/mod/mod_cache.html for more details.
980# 1011#
981#<IfModule mod_disk_cache.c> 1012#<IfModule mod_disk_cache.c>
982# CacheEnable disk / 1013# CacheEnable disk /
@@ -995,7 +1026,7 @@ BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
995# IP addresses. This is indicated by the asterisks in the directives below. 1026# IP addresses. This is indicated by the asterisks in the directives below.
996# 1027#
997# Please see the documentation at 1028# Please see the documentation at
998# <URL:http://httpd.apache.org/docs/2.2/vhosts/> 1029# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
999# for further details before you try to setup virtual hosts. 1030# for further details before you try to setup virtual hosts.
1000# 1031#
1001# You may use the command line option '-S' to verify your virtual host 1032# You may use the command line option '-S' to verify your virtual host
diff --git a/main/apache2/lua.conf b/main/apache2/lua.conf
new file mode 100644
index 0000000000..9e0d0db6e1
--- /dev/null
+++ b/main/apache2/lua.conf
@@ -0,0 +1 @@
LoadModule lua_module modules/mod_lua.so
diff --git a/main/apache2/proxy-html.conf b/main/apache2/proxy-html.conf
new file mode 100644
index 0000000000..90cbf71e66
--- /dev/null
+++ b/main/apache2/proxy-html.conf
@@ -0,0 +1 @@
LoadModule proxy_module modules/mod_proxy.so
diff --git a/main/apache2/proxy.conf b/main/apache2/proxy.conf
new file mode 100644
index 0000000000..a446822916
--- /dev/null
+++ b/main/apache2/proxy.conf
@@ -0,0 +1,15 @@
1# This file configures all the proxy modules:
2LoadModule proxy_module modules/mod_proxy.so
3LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
4LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
5LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
6LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
7LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
8LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
9LoadModule proxy_connect_module modules/mod_proxy_connect.so
10LoadModule proxy_express_module modules/mod_proxy_express.so
11LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
12LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
13LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
14LoadModule proxy_http_module modules/mod_proxy_http.so
15LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
diff --git a/main/freeradius/APKBUILD b/main/freeradius/APKBUILD
index f5cee1245f..360b01cd9b 100644
--- a/main/freeradius/APKBUILD
+++ b/main/freeradius/APKBUILD
@@ -2,7 +2,7 @@
2# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> 2# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
3pkgname=freeradius 3pkgname=freeradius
4pkgver=2.2.0 4pkgver=2.2.0
5pkgrel=2 5pkgrel=4
6pkgdesc="RADIUS (Remote Authentication Dial-In User Service) server" 6pkgdesc="RADIUS (Remote Authentication Dial-In User Service) server"
7url="http://freeradius.org/" 7url="http://freeradius.org/"
8arch="all" 8arch="all"
@@ -174,4 +174,4 @@ pam() {
174} 174}
175md5sums="2e45d3c0d22ab14c560c7c3029893a8a freeradius-server-2.2.0.tar.gz 175md5sums="2e45d3c0d22ab14c560c7c3029893a8a freeradius-server-2.2.0.tar.gz
176fc6693f3df5a0694610110287a28568a freeradius.confd 176fc6693f3df5a0694610110287a28568a freeradius.confd
177c46f34d7ddf695dfe53e5fb7f60afa59 freeradius.initd" 1775d83f40bd5c3a5d4e4a5f43c29e7f0da freeradius.initd"
diff --git a/main/freeradius/freeradius.initd b/main/freeradius/freeradius.initd
index fe44715179..8f9bbaa33b 100644
--- a/main/freeradius/freeradius.initd
+++ b/main/freeradius/freeradius.initd
@@ -15,8 +15,8 @@ checkconfig() {
15 return 1 15 return 1
16 fi 16 fi
17 17
18 if [ ! -d /var/run/radiusd ] && ! mkdir /var/run/radiusd ; then 18 if [ ! -d /var/run/radius ] && ! mkdir /var/run/radius ; then
19 eerror "Failed to create /var/run/radiusd" 19 eerror "Failed to create /var/run/radius"
20 return 1 20 return 1
21 fi 21 fi
22 22
@@ -45,7 +45,7 @@ checkconfig() {
45 [ -f radius.log ] || touch radius.log || return 1 45 [ -f radius.log ] || touch radius.log || return 1
46 46
47 chown -R "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" . /var/run/radiusd && \ 47 chown -R "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" . /var/run/radiusd && \
48 chmod -R u+rwX,g+rX . /var/run/radiusd || return 1 48 chmod -R u+rwX,g+rX . /var/run/radius || return 1
49} 49}
50 50
51start() { 51start() {
@@ -58,13 +58,13 @@ start() {
58 58
59stop () { 59stop () {
60 ebegin "Stopping radiusd" 60 ebegin "Stopping radiusd"
61 start-stop-daemon --stop --quiet --pidfile /var/run/radiusd/radiusd.pid 61 start-stop-daemon --stop --quiet --pidfile /var/run/radius/radiusd.pid
62 eend $? 62 eend $?
63} 63}
64 64
65reload () { 65reload () {
66 ebegin "Reloading radiusd" 66 ebegin "Reloading radiusd"
67 kill -HUP `</var/run/radiusd/radiusd.pid` 67 kill -HUP `cat /var/run/radius/radiusd.pid`
68 eend $? 68 eend $?
69} 69}
70 70
diff --git a/main/libc0.9.32/APKBUILD b/main/libc0.9.32/APKBUILD
index 88fa0bf64f..714e795983 100644
--- a/main/libc0.9.32/APKBUILD
+++ b/main/libc0.9.32/APKBUILD
@@ -4,7 +4,7 @@ pkgname=libc$_abiver
4_gitver= 4_gitver=
5pkgver=0.9.33.2 5pkgver=0.9.33.2
6_ver=${pkgver/_/-} 6_ver=${pkgver/_/-}
7pkgrel=13 7pkgrel=14
8pkgdesc="C library for developing embedded Linux systems" 8pkgdesc="C library for developing embedded Linux systems"
9url=http://uclibc.org 9url=http://uclibc.org
10license="LGPL-2" 10license="LGPL-2"
@@ -55,6 +55,7 @@ librt-re-add-SIGCANCEL-to-the-list-of-blocked-signal-in-helper-thread.patch
55 0001-libc-sysdeps-get-make-set-swap-context-for-i386.patch 55 0001-libc-sysdeps-get-make-set-swap-context-for-i386.patch
56 0002-libc-sysdeps-add-get-make-set-swap-context-for-x86_6.patch 56 0002-libc-sysdeps-add-get-make-set-swap-context-for-x86_6.patch
57 uclibc-dlclose-fix.patch 57 uclibc-dlclose-fix.patch
58 uclibc-rtld_next-fix.patch
58 59
59 uclibcconfig.x86 60 uclibcconfig.x86
60 uclibcconfig.x86_64 61 uclibcconfig.x86_64
@@ -193,6 +194,7 @@ f41ab6cf22545d2e629d4c7107ac6f85 0009-sys-quota.h-sync-with-glibc.patch
193e5aceb82bf4ffd5328113af5380fcdb6 0001-libc-sysdeps-get-make-set-swap-context-for-i386.patch 194e5aceb82bf4ffd5328113af5380fcdb6 0001-libc-sysdeps-get-make-set-swap-context-for-i386.patch
194da043a65003ac29ca8b96f416e7752ee 0002-libc-sysdeps-add-get-make-set-swap-context-for-x86_6.patch 195da043a65003ac29ca8b96f416e7752ee 0002-libc-sysdeps-add-get-make-set-swap-context-for-x86_6.patch
1958374c98e769e603af4adad12e01cf358 uclibc-dlclose-fix.patch 1968374c98e769e603af4adad12e01cf358 uclibc-dlclose-fix.patch
197ffe7564afe846026a278dd8c0251ace9 uclibc-rtld_next-fix.patch
196ce8a33a31f5a53031fbad8b1d1b66d44 uclibcconfig.x86 198ce8a33a31f5a53031fbad8b1d1b66d44 uclibcconfig.x86
197e861a17baa541accf4d4d39a98d74c32 uclibcconfig.x86_64 199e861a17baa541accf4d4d39a98d74c32 uclibcconfig.x86_64
198ce8a33a31f5a53031fbad8b1d1b66d44 uclibcconfig.i486 200ce8a33a31f5a53031fbad8b1d1b66d44 uclibcconfig.i486
diff --git a/main/libc0.9.32/STATUS b/main/libc0.9.32/STATUS
index c457f2fef0..155df167fb 100644
--- a/main/libc0.9.32/STATUS
+++ b/main/libc0.9.32/STATUS
@@ -49,4 +49,22 @@
49 49
50 Needs to be upstreamed 50 Needs to be upstreamed
51 51
52uclibc-dlclose-fix.patch
53 Origin: Alpine
54 Author: Timo Teräs
55
56 Fix dlclose() to not try to free static TLS symbols. This seems
57 to happen on x86_64 with certain .so's. They probably link against
58 TLS symbol defined in the main binary (or the loader has additional
59 bug on this).
60
61 Needs to be upstreamed
52 62
63uclibc-rtld_next-fix.patch
64 Origin: Alpine
65 Author: Timo Teräs
66
67 Fix dlsym(RTLD_NEXT) lookups to search all linked-in modules
68 instead of just the first one of them.
69
70 Needs to be upstreamed
diff --git a/main/libc0.9.32/uclibc-rtld_next-fix.patch b/main/libc0.9.32/uclibc-rtld_next-fix.patch
new file mode 100644
index 0000000000..f952641f47
--- /dev/null
+++ b/main/libc0.9.32/uclibc-rtld_next-fix.patch
@@ -0,0 +1,27 @@
1--- a/ldso/libdl/libdl.c
2+++ b/ldso/libdl/libdl.c
3@@ -671,7 +671,7 @@
4 {
5 struct elf_resolve *tpnt, *tfrom;
6 struct dyn_elf *handle;
7- ElfW(Addr) from;
8+ ElfW(Addr) from = 0;
9 struct dyn_elf *rpnt;
10 void *ret;
11 struct symbol_ref sym_ref = { NULL, NULL };
12@@ -729,7 +729,13 @@
13 tpnt = NULL;
14 if (handle == _dl_symbol_tables)
15 tpnt = handle->dyn; /* Only search RTLD_GLOBAL objs if global object */
16- ret = _dl_find_hash(name2, &handle->dyn->symbol_scope, tpnt, ELF_RTYPE_CLASS_DLSYM, &sym_ref);
17+
18+ do {
19+ ret = _dl_find_hash(name2, &handle->dyn->symbol_scope, tpnt, ELF_RTYPE_CLASS_DLSYM, &sym_ref);
20+ if (ret != NULL)
21+ break;
22+ handle = handle->next;
23+ } while (from && handle);
24
25 #if defined(USE_TLS) && USE_TLS && defined SHARED
26 if (sym_ref.sym && (ELF_ST_TYPE(sym_ref.sym->st_info) == STT_TLS) && (sym_ref.tpnt)) {
27
diff --git a/main/libvirt/APKBUILD b/main/libvirt/APKBUILD
index ca4937306e..d4778aaf9d 100644
--- a/main/libvirt/APKBUILD
+++ b/main/libvirt/APKBUILD
@@ -1,8 +1,8 @@
1# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org> 1# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
2pkgname=libvirt 2pkgname=libvirt
3vmajor="1.0.0" 3vmajor="1.0.0"
4vminor="rc3" 4vminor=""
5pkgver="${vmajor}_${vminor}" 5pkgver="${vmajor}"
6_ver="${pkgver/_rc/-rc}" 6_ver="${pkgver/_rc/-rc}"
7pkgrel=0 7pkgrel=0
8pkgdesc="A virtualization API for several hypervisor and container systems" 8pkgdesc="A virtualization API for several hypervisor and container systems"
@@ -18,11 +18,10 @@ makedepends="augeas-dev bridge-utils cyrus-sasl-dev device-mapper
18install= 18install=
19subpackages="$pkgname-client $pkgname-daemon $pkgname-dev $pkgname-doc $pkgname-lang 19subpackages="$pkgname-client $pkgname-daemon $pkgname-dev $pkgname-doc $pkgname-lang
20 $pkgname-lxc $pkgname-qemu $pkgname-xen $pkgname-uml" 20 $pkgname-lxc $pkgname-qemu $pkgname-xen $pkgname-uml"
21source="http://libvirt.org/sources/$pkgname-$_ver.tar.gz 21source="http://libvirt.org/sources/$pkgname-$pkgver.tar.gz
22 libvirt.confd 22 libvirt.confd
23 libvirt.initd 23 libvirt.initd
24 uclibc-physmem.patch 24 uclibc-physmem.patch
25 libvirt-1.0.0-uclibc-mkostemp.patch
26 " 25 "
27 26
28_builddir="$srcdir"/$pkgname-$vmajor 27_builddir="$srcdir"/$pkgname-$vmajor
@@ -125,8 +124,7 @@ uml() {
125 _mv_driver uml 124 _mv_driver uml
126} 125}
127 126
128md5sums="f2d89d0d13c3704887134a51a09b85e8 libvirt-1.0.0-rc3.tar.gz 127md5sums="7c8b006de7338e30866bb56738803b21 libvirt-1.0.0.tar.gz
1291c84a7baeafe0a7f4e9d7ae5180311b7 libvirt.confd 1281c84a7baeafe0a7f4e9d7ae5180311b7 libvirt.confd
130d897df38c7e7fa1a297aa551108633c9 libvirt.initd 129d897df38c7e7fa1a297aa551108633c9 libvirt.initd
131df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch 130df9cbfaf8a6e520a4822914a300add4d uclibc-physmem.patch"
13239d0534c4e24baace260ceb6d8271ab7 libvirt-1.0.0-uclibc-mkostemp.patch"
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD
index 7c31766c11..0da46a37d6 100644
--- a/main/libxml2/APKBUILD
+++ b/main/libxml2/APKBUILD
@@ -1,8 +1,8 @@
1# Contributor: Carlo Landmeter <clandmeter@gmail.com> 1# Contributor: Carlo Landmeter <clandmeter@gmail.com>
2# Maintainer: Carlo Landmeter <clandmeter@gmail.com> 2# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
3pkgname=libxml2 3pkgname=libxml2
4pkgver=2.8.0 4pkgver=2.9.0
5pkgrel=1 5pkgrel=0
6pkgdesc="XML parsing library, version 2" 6pkgdesc="XML parsing library, version 2"
7url="http://www.xmlsoft.org/" 7url="http://www.xmlsoft.org/"
8arch="all" 8arch="all"
@@ -12,9 +12,6 @@ depends_dev="zlib-dev python-dev"
12makedepends="zlib-dev python-dev" 12makedepends="zlib-dev python-dev"
13subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils" 13subpackages="$pkgname-doc $pkgname-dev py-$pkgname:py $pkgname-utils"
14source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz 14source="ftp://ftp.xmlsoft.org/${pkgname}/${pkgname}-${pkgver}.tar.gz
15 libxml2-entities-local-buffers-size.patch
16 libxml2-entities-local-buffers-size2.patch
17 libxml2-parser-local-buffers-size.patch
18 " 15 "
19 16
20options="!strip" 17options="!strip"
@@ -62,7 +59,4 @@ utils() {
62 mv "$pkgdir"/usr/bin "$subpkgdir"/usr/ 59 mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
63} 60}
64 61
65md5sums="c62106f02ee00b6437f0fb9d370c1093 libxml2-2.8.0.tar.gz 62md5sums="5b9bebf4f5d2200ae2c4efe8fa6103f7 libxml2-2.9.0.tar.gz"
66c8c789a4fbdae599a47ecbfa32b889d7 libxml2-entities-local-buffers-size.patch
67cba1201e77dc0f3e337d9ff146a2666e libxml2-entities-local-buffers-size2.patch
686c5c7a125dddb616feb1b2f4254bf467 libxml2-parser-local-buffers-size.patch"
diff --git a/main/libxml2/libxml2-entities-local-buffers-size.patch b/main/libxml2/libxml2-entities-local-buffers-size.patch
deleted file mode 100644
index 89817d8168..0000000000
--- a/main/libxml2/libxml2-entities-local-buffers-size.patch
+++ /dev/null
@@ -1,97 +0,0 @@
1From 4f9fdc709c4861c390cd84e2ed1fd878b3442e28 Mon Sep 17 00:00:00 2001
2From: Daniel Veillard <veillard@redhat.com>
3Date: Wed, 18 Jul 2012 03:38:17 +0000
4Subject: Fix entities local buffers size problems
5
6---
7diff --git a/entities.c b/entities.c
8index 6aef49f..859ec3b 100644
9--- a/entities.c
10+++ b/entities.c
11@@ -528,13 +528,13 @@ xmlGetDocEntity(xmlDocPtr doc, const xmlChar *name) {
12 * Macro used to grow the current buffer.
13 */
14 #define growBufferReentrant() { \
15- buffer_size *= 2; \
16- buffer = (xmlChar *) \
17- xmlRealloc(buffer, buffer_size * sizeof(xmlChar)); \
18- if (buffer == NULL) { \
19- xmlEntitiesErrMemory("xmlEncodeEntitiesReentrant: realloc failed");\
20- return(NULL); \
21- } \
22+ xmlChar *tmp; \
23+ size_t new_size = buffer_size *= 2; \
24+ if (new_size < buffer_size) goto mem_error; \
25+ tmp = (xmlChar *) xmlRealloc(buffer, new_size); \
26+ if (tmp == NULL) goto mem_error; \
27+ buffer = tmp; \
28+ buffer_size = new_size; \
29 }
30
31
32@@ -555,7 +555,7 @@ xmlEncodeEntitiesReentrant(xmlDocPtr doc, const xmlChar *input) {
33 const xmlChar *cur = input;
34 xmlChar *buffer = NULL;
35 xmlChar *out = NULL;
36- int buffer_size = 0;
37+ size_t buffer_size = 0;
38 int html = 0;
39
40 if (input == NULL) return(NULL);
41@@ -574,8 +574,8 @@ xmlEncodeEntitiesReentrant(xmlDocPtr doc, const xmlChar *input) {
42 out = buffer;
43
44 while (*cur != '\0') {
45- if (out - buffer > buffer_size - 100) {
46- int indx = out - buffer;
47+ size_t indx = out - buffer;
48+ if (indx + 100 > buffer_size) {
49
50 growBufferReentrant();
51 out = &buffer[indx];
52@@ -692,6 +692,11 @@ xmlEncodeEntitiesReentrant(xmlDocPtr doc, const xmlChar *input) {
53 }
54 *out = 0;
55 return(buffer);
56+
57+mem_error:
58+ xmlEntitiesErrMemory("xmlEncodeEntitiesReentrant: realloc failed");
59+ xmlFree(buffer);
60+ return(NULL);
61 }
62
63 /**
64@@ -709,7 +714,7 @@ xmlEncodeSpecialChars(xmlDocPtr doc ATTRIBUTE_UNUSED, const xmlChar *input) {
65 const xmlChar *cur = input;
66 xmlChar *buffer = NULL;
67 xmlChar *out = NULL;
68- int buffer_size = 0;
69+ size_t buffer_size = 0;
70 if (input == NULL) return(NULL);
71
72 /*
73@@ -724,8 +729,8 @@ xmlEncodeSpecialChars(xmlDocPtr doc ATTRIBUTE_UNUSED, const xmlChar *input) {
74 out = buffer;
75
76 while (*cur != '\0') {
77- if (out - buffer > buffer_size - 10) {
78- int indx = out - buffer;
79+ size_t indx = out - buffer;
80+ if (indx + 10 > buffer_size) {
81
82 growBufferReentrant();
83 out = &buffer[indx];
84@@ -774,6 +779,11 @@ xmlEncodeSpecialChars(xmlDocPtr doc ATTRIBUTE_UNUSED, const xmlChar *input) {
85 }
86 *out = 0;
87 return(buffer);
88+
89+mem_error:
90+ xmlEntitiesErrMemory("xmlEncodeSpecialChars: realloc failed");
91+ xmlFree(buffer);
92+ return(NULL);
93 }
94
95 /**
96--
97cgit v0.9.0.2
diff --git a/main/libxml2/libxml2-entities-local-buffers-size2.patch b/main/libxml2/libxml2-entities-local-buffers-size2.patch
deleted file mode 100644
index f3cc8b65e4..0000000000
--- a/main/libxml2/libxml2-entities-local-buffers-size2.patch
+++ /dev/null
@@ -1,21 +0,0 @@
1From baaf03f80f817bb34c421421e6cb4d68c353ac9a Mon Sep 17 00:00:00 2001
2From: Aron Xu <happyaron.xu@gmail.com>
3Date: Fri, 20 Jul 2012 07:41:34 +0000
4Subject: Fix an error in previous commit
5
6---
7diff --git a/entities.c b/entities.c
8index 859ec3b..7d06820 100644
9--- a/entities.c
10+++ b/entities.c
11@@ -529,7 +529,7 @@ xmlGetDocEntity(xmlDocPtr doc, const xmlChar *name) {
12 */
13 #define growBufferReentrant() { \
14 xmlChar *tmp; \
15- size_t new_size = buffer_size *= 2; \
16+ size_t new_size = buffer_size * 2; \
17 if (new_size < buffer_size) goto mem_error; \
18 tmp = (xmlChar *) xmlRealloc(buffer, new_size); \
19 if (tmp == NULL) goto mem_error; \
20--
21cgit v0.9.0.2
diff --git a/main/libxml2/libxml2-parser-local-buffers-size.patch b/main/libxml2/libxml2-parser-local-buffers-size.patch
deleted file mode 100644
index 5b9adabac7..0000000000
--- a/main/libxml2/libxml2-parser-local-buffers-size.patch
+++ /dev/null
@@ -1,260 +0,0 @@
1From 459eeb9dc752d5185f57ff6b135027f11981a626 Mon Sep 17 00:00:00 2001
2From: Daniel Veillard <veillard@redhat.com>
3Date: Tue, 17 Jul 2012 08:19:17 +0000
4Subject: Fix parser local buffers size problems
5
6---
7diff --git a/parser.c b/parser.c
8index 2c38fae..9863275 100644
9--- a/parser.c
10+++ b/parser.c
11@@ -40,6 +40,7 @@
12 #endif
13
14 #include <stdlib.h>
15+#include <limits.h>
16 #include <string.h>
17 #include <stdarg.h>
18 #include <libxml/xmlmemory.h>
19@@ -117,10 +118,10 @@ xmlCreateEntityParserCtxtInternal(const xmlChar *URL, const xmlChar *ID,
20 * parser option.
21 */
22 static int
23-xmlParserEntityCheck(xmlParserCtxtPtr ctxt, unsigned long size,
24+xmlParserEntityCheck(xmlParserCtxtPtr ctxt, size_t size,
25 xmlEntityPtr ent)
26 {
27- unsigned long consumed = 0;
28+ size_t consumed = 0;
29
30 if ((ctxt == NULL) || (ctxt->options & XML_PARSE_HUGE))
31 return (0);
32@@ -2589,15 +2590,17 @@ xmlParserHandlePEReference(xmlParserCtxtPtr ctxt) {
33
34 /*
35 * Macro used to grow the current buffer.
36+ * buffer##_size is expected to be a size_t
37+ * mem_error: is expected to handle memory allocation failures
38 */
39 #define growBuffer(buffer, n) { \
40 xmlChar *tmp; \
41- buffer##_size *= 2; \
42- buffer##_size += n; \
43- tmp = (xmlChar *) \
44- xmlRealloc(buffer, buffer##_size * sizeof(xmlChar)); \
45+ size_t new_size = buffer##_size * 2 + n; \
46+ if (new_size < buffer##_size) goto mem_error; \
47+ tmp = (xmlChar *) xmlRealloc(buffer, new_size); \
48 if (tmp == NULL) goto mem_error; \
49 buffer = tmp; \
50+ buffer##_size = new_size; \
51 }
52
53 /**
54@@ -2623,14 +2626,14 @@ xmlChar *
55 xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
56 int what, xmlChar end, xmlChar end2, xmlChar end3) {
57 xmlChar *buffer = NULL;
58- int buffer_size = 0;
59+ size_t buffer_size = 0;
60+ size_t nbchars = 0;
61
62 xmlChar *current = NULL;
63 xmlChar *rep = NULL;
64 const xmlChar *last;
65 xmlEntityPtr ent;
66 int c,l;
67- int nbchars = 0;
68
69 if ((ctxt == NULL) || (str == NULL) || (len < 0))
70 return(NULL);
71@@ -2647,7 +2650,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
72 * allocate a translation buffer.
73 */
74 buffer_size = XML_PARSER_BIG_BUFFER_SIZE;
75- buffer = (xmlChar *) xmlMallocAtomic(buffer_size * sizeof(xmlChar));
76+ buffer = (xmlChar *) xmlMallocAtomic(buffer_size);
77 if (buffer == NULL) goto mem_error;
78
79 /*
80@@ -2667,7 +2670,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
81 if (val != 0) {
82 COPY_BUF(0,buffer,nbchars,val);
83 }
84- if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) {
85+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
86 growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
87 }
88 } else if ((c == '&') && (what & XML_SUBSTITUTE_REF)) {
89@@ -2685,7 +2688,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
90 (ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) {
91 if (ent->content != NULL) {
92 COPY_BUF(0,buffer,nbchars,ent->content[0]);
93- if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) {
94+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
95 growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
96 }
97 } else {
98@@ -2702,8 +2705,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
99 current = rep;
100 while (*current != 0) { /* non input consuming loop */
101 buffer[nbchars++] = *current++;
102- if (nbchars >
103- buffer_size - XML_PARSER_BUFFER_SIZE) {
104+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
105 if (xmlParserEntityCheck(ctxt, nbchars, ent))
106 goto int_error;
107 growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
108@@ -2717,7 +2719,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
109 const xmlChar *cur = ent->name;
110
111 buffer[nbchars++] = '&';
112- if (nbchars > buffer_size - i - XML_PARSER_BUFFER_SIZE) {
113+ if (nbchars + i + XML_PARSER_BUFFER_SIZE > buffer_size) {
114 growBuffer(buffer, i + XML_PARSER_BUFFER_SIZE);
115 }
116 for (;i > 0;i--)
117@@ -2745,8 +2747,7 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
118 current = rep;
119 while (*current != 0) { /* non input consuming loop */
120 buffer[nbchars++] = *current++;
121- if (nbchars >
122- buffer_size - XML_PARSER_BUFFER_SIZE) {
123+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
124 if (xmlParserEntityCheck(ctxt, nbchars, ent))
125 goto int_error;
126 growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
127@@ -2759,8 +2760,8 @@ xmlStringLenDecodeEntities(xmlParserCtxtPtr ctxt, const xmlChar *str, int len,
128 } else {
129 COPY_BUF(l,buffer,nbchars,c);
130 str += l;
131- if (nbchars > buffer_size - XML_PARSER_BUFFER_SIZE) {
132- growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
133+ if (nbchars + XML_PARSER_BUFFER_SIZE > buffer_size) {
134+ growBuffer(buffer, XML_PARSER_BUFFER_SIZE);
135 }
136 }
137 if (str < last)
138@@ -3764,8 +3765,8 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
139 xmlChar limit = 0;
140 xmlChar *buf = NULL;
141 xmlChar *rep = NULL;
142- int len = 0;
143- int buf_size = 0;
144+ size_t len = 0;
145+ size_t buf_size = 0;
146 int c, l, in_space = 0;
147 xmlChar *current = NULL;
148 xmlEntityPtr ent;
149@@ -3787,7 +3788,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
150 * allocate a translation buffer.
151 */
152 buf_size = XML_PARSER_BUFFER_SIZE;
153- buf = (xmlChar *) xmlMallocAtomic(buf_size * sizeof(xmlChar));
154+ buf = (xmlChar *) xmlMallocAtomic(buf_size);
155 if (buf == NULL) goto mem_error;
156
157 /*
158@@ -3804,7 +3805,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
159
160 if (val == '&') {
161 if (ctxt->replaceEntities) {
162- if (len > buf_size - 10) {
163+ if (len + 10 > buf_size) {
164 growBuffer(buf, 10);
165 }
166 buf[len++] = '&';
167@@ -3813,7 +3814,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
168 * The reparsing will be done in xmlStringGetNodeList()
169 * called by the attribute() function in SAX.c
170 */
171- if (len > buf_size - 10) {
172+ if (len + 10 > buf_size) {
173 growBuffer(buf, 10);
174 }
175 buf[len++] = '&';
176@@ -3823,7 +3824,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
177 buf[len++] = ';';
178 }
179 } else if (val != 0) {
180- if (len > buf_size - 10) {
181+ if (len + 10 > buf_size) {
182 growBuffer(buf, 10);
183 }
184 len += xmlCopyChar(0, &buf[len], val);
185@@ -3835,7 +3836,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
186 ctxt->nbentities += ent->owner;
187 if ((ent != NULL) &&
188 (ent->etype == XML_INTERNAL_PREDEFINED_ENTITY)) {
189- if (len > buf_size - 10) {
190+ if (len + 10 > buf_size) {
191 growBuffer(buf, 10);
192 }
193 if ((ctxt->replaceEntities == 0) &&
194@@ -3863,7 +3864,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
195 current++;
196 } else
197 buf[len++] = *current++;
198- if (len > buf_size - 10) {
199+ if (len + 10 > buf_size) {
200 growBuffer(buf, 10);
201 }
202 }
203@@ -3871,7 +3872,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
204 rep = NULL;
205 }
206 } else {
207- if (len > buf_size - 10) {
208+ if (len + 10 > buf_size) {
209 growBuffer(buf, 10);
210 }
211 if (ent->content != NULL)
212@@ -3899,7 +3900,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
213 * Just output the reference
214 */
215 buf[len++] = '&';
216- while (len > buf_size - i - 10) {
217+ while (len + i + 10 > buf_size) {
218 growBuffer(buf, i + 10);
219 }
220 for (;i > 0;i--)
221@@ -3912,7 +3913,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
222 if ((len != 0) || (!normalize)) {
223 if ((!normalize) || (!in_space)) {
224 COPY_BUF(l,buf,len,0x20);
225- while (len > buf_size - 10) {
226+ while (len + 10 > buf_size) {
227 growBuffer(buf, 10);
228 }
229 }
230@@ -3921,7 +3922,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
231 } else {
232 in_space = 0;
233 COPY_BUF(l,buf,len,c);
234- if (len > buf_size - 10) {
235+ if (len + 10 > buf_size) {
236 growBuffer(buf, 10);
237 }
238 }
239@@ -3946,7 +3947,18 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) {
240 }
241 } else
242 NEXT;
243- if (attlen != NULL) *attlen = len;
244+
245+ /*
246+ * There we potentially risk an overflow, don't allow attribute value of
247+ * lenght more than INT_MAX it is a very reasonnable assumption !
248+ */
249+ if (len >= INT_MAX) {
250+ xmlFatalErrMsg(ctxt, XML_ERR_ATTRIBUTE_NOT_FINISHED,
251+ "AttValue lenght too long\n");
252+ goto mem_error;
253+ }
254+
255+ if (attlen != NULL) *attlen = (int) len;
256 return(buf);
257
258 mem_error:
259--
260cgit v0.9.0.2
diff --git a/main/libxslt/APKBUILD b/main/libxslt/APKBUILD
index 01e9cc4549..b5a615dbdf 100644
--- a/main/libxslt/APKBUILD
+++ b/main/libxslt/APKBUILD
@@ -1,7 +1,7 @@
1# Maintainer: Natanael Copa <ncopa@alpinelinux.org> 1# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2pkgname=libxslt 2pkgname=libxslt
3pkgver=1.1.26 3pkgver=1.1.27
4pkgrel=9 4pkgrel=0
5pkgdesc="XML stylesheet transformation library" 5pkgdesc="XML stylesheet transformation library"
6url="http://xmlsoft.org/XSLT/" 6url="http://xmlsoft.org/XSLT/"
7arch="all" 7arch="all"
@@ -30,4 +30,4 @@ py() {
30 install -d "$subpkgdir"/usr/lib 30 install -d "$subpkgdir"/usr/lib
31 mv "$pkgdir"/usr/lib/python* "$subpkgdir"/usr/lib/ 31 mv "$pkgdir"/usr/lib/python* "$subpkgdir"/usr/lib/
32} 32}
33md5sums="e61d0364a30146aaa3001296f853b2b9 libxslt-1.1.26.tar.gz" 33md5sums="4d01ff464b9ea7236925a1adf147c7f8 libxslt-1.1.27.tar.gz"
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD
index 9a70a260c1..94a7c10ed3 100644
--- a/main/xen/APKBUILD
+++ b/main/xen/APKBUILD
@@ -3,7 +3,7 @@
3# Maintainer: William Pitcock <nenolod@dereferenced.org> 3# Maintainer: William Pitcock <nenolod@dereferenced.org>
4pkgname=xen 4pkgname=xen
5pkgver=4.2.0 5pkgver=4.2.0
6pkgrel=2 6pkgrel=3
7pkgdesc="Xen hypervisor" 7pkgdesc="Xen hypervisor"
8url="http://www.xen.org/" 8url="http://www.xen.org/"
9arch="x86 x86_64" 9arch="x86 x86_64"
@@ -19,6 +19,7 @@ source="http://bits.xensource.com/oss-xen/release/$pkgver/$pkgname-$pkgver.tar.g
19 librt.patch 19 librt.patch
20 make_stubdoms.patch 20 make_stubdoms.patch
21 qemu-xen_paths.patch 21 qemu-xen_paths.patch
22 xsa25-4.2.patch
22 23
23 xenstored.initd 24 xenstored.initd
24 xenstored.confd 25 xenstored.confd
@@ -133,11 +134,12 @@ md5sums="f4f217969afc38f09251039966d91a87 xen-4.2.0.tar.gz
1332dc5ddf47c53ea168729975046c3c1f9 librt.patch 1342dc5ddf47c53ea168729975046c3c1f9 librt.patch
13441ad48fdc269749776fa6aa04f6778c2 make_stubdoms.patch 13541ad48fdc269749776fa6aa04f6778c2 make_stubdoms.patch
1351ccde6b36a6f9542a16d998204dc9a22 qemu-xen_paths.patch 1361ccde6b36a6f9542a16d998204dc9a22 qemu-xen_paths.patch
1366e5739dad7e2bd1b625e55ddc6c782b7 xenstored.initd 1379fc7097ed2e5e756c4ae91145c143433 xsa25-4.2.patch
1384ee9bf0c09269995569c9f05d4e8c779 xenstored.initd
137b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd 139b017ccdd5e1c27bbf1513e3569d4ff07 xenstored.confd
138ed262f15fb880badb53575539468646c xenconsoled.initd 140ed262f15fb880badb53575539468646c xenconsoled.initd
139ec2252c72050d7d5870a3a629b873ba6 xenconsoled.confd 141ec2252c72050d7d5870a3a629b873ba6 xenconsoled.confd
14089c936ddf327a3a78eaee33835880517 xend.initd 1421803ddf6877bdf254082365389a4efa9 xend.initd
1419261ad0f285836c1b0ea07f306e4586e xend.confd 1439261ad0f285836c1b0ea07f306e4586e xend.confd
14235448ff063f8123ec4bba2e001f39c6c xendomains.initd 14435448ff063f8123ec4bba2e001f39c6c xendomains.initd
1439b20e056d475b50586cf9e1fc94e13c4 xendomains.confd 1459b20e056d475b50586cf9e1fc94e13c4 xendomains.confd
diff --git a/main/xen/xend.initd b/main/xen/xend.initd
index 1c667e8312..bd5550bd14 100644
--- a/main/xen/xend.initd
+++ b/main/xen/xend.initd
@@ -4,7 +4,7 @@
4# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/xend.initd-r2,v 1.2 2011/09/10 17:22:46 alexxy Exp $ 4# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/xend.initd-r2,v 1.2 2011/09/10 17:22:46 alexxy Exp $
5 5
6depend() { 6depend() {
7 need net xenconsoled xenstored 7 need xenconsoled xenstored
8 after firewall 8 after firewall
9 before xendomains sshd 9 before xendomains sshd
10} 10}
diff --git a/main/xen/xenstored.initd b/main/xen/xenstored.initd
index f2c22cc705..6187c02cc2 100644
--- a/main/xen/xenstored.initd
+++ b/main/xen/xenstored.initd
@@ -4,7 +4,6 @@
4# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/xenstored.initd,v 1.2 2011/04/05 21:25:03 alexxy Exp $ 4# $Header: /var/cvsroot/gentoo-x86/app-emulation/xen-tools/files/xenstored.initd,v 1.2 2011/04/05 21:25:03 alexxy Exp $
5 5
6depend() { 6depend() {
7 need net
8 before xendomains xend sshd ntp-client ntpd nfs nfsmount rsyncd portmap dhcp 7 before xendomains xend sshd ntp-client ntpd nfs nfsmount rsyncd portmap dhcp
9} 8}
10 9
diff --git a/main/xen/xsa25-4.2.patch b/main/xen/xsa25-4.2.patch
new file mode 100644
index 0000000000..088d787e59
--- /dev/null
+++ b/main/xen/xsa25-4.2.patch
@@ -0,0 +1,365 @@
1libxc: builder: limit maximum size of kernel/ramdisk.
2
3Allowing user supplied kernels of arbitrary sizes, especially during
4decompression, can swallow up dom0 memory leading to either virtual
5address space exhaustion in the builder process or allocation
6failures/OOM killing of both toolstack and unrelated processes.
7
8We disable these checks when building in a stub domain for pvgrub
9since this uses the guest's own memory and is isolated.
10
11Decompression of gzip compressed kernels and ramdisks has been safe
12since 14954:58205257517d (Xen 3.1.0 onwards).
13
14This is XSA-25 / CVE-2012-4544.
15
16Also make explicit checks for buffer overflows in various
17decompression routines. These were already ruled out due to other
18properties of the code but check them as a belt-and-braces measure.
19
20Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
21Acked-by: Ian Jackson <ian.jackson@eu.citrix.com>
22
23diff --git a/stubdom/grub/kexec.c b/stubdom/grub/kexec.c
24index 06bef52..b21c91a 100644
25--- a/stubdom/grub/kexec.c
26+++ b/stubdom/grub/kexec.c
27@@ -137,6 +137,10 @@ void kexec(void *kernel, long kernel_size, void *module, long module_size, char
28 dom = xc_dom_allocate(xc_handle, cmdline, features);
29 dom->allocate = kexec_allocate;
30
31+ /* We are using guest owned memory, therefore no limits. */
32+ xc_dom_kernel_max_size(dom, 0);
33+ xc_dom_ramdisk_max_size(dom, 0);
34+
35 dom->kernel_blob = kernel;
36 dom->kernel_size = kernel_size;
37
38diff --git a/tools/libxc/xc_dom.h b/tools/libxc/xc_dom.h
39index 2aef64a..6a72aa9 100644
40--- a/tools/libxc/xc_dom.h
41+++ b/tools/libxc/xc_dom.h
42@@ -55,6 +55,9 @@ struct xc_dom_image {
43 void *ramdisk_blob;
44 size_t ramdisk_size;
45
46+ size_t max_kernel_size;
47+ size_t max_ramdisk_size;
48+
49 /* arguments and parameters */
50 char *cmdline;
51 uint32_t f_requested[XENFEAT_NR_SUBMAPS];
52@@ -180,6 +183,23 @@ void xc_dom_release_phys(struct xc_dom_image *dom);
53 void xc_dom_release(struct xc_dom_image *dom);
54 int xc_dom_mem_init(struct xc_dom_image *dom, unsigned int mem_mb);
55
56+/* Set this larger if you have enormous ramdisks/kernels. Note that
57+ * you should trust all kernels not to be maliciously large (e.g. to
58+ * exhaust all dom0 memory) if you do this (see CVE-2012-4544 /
59+ * XSA-25). You can also set the default independently for
60+ * ramdisks/kernels in xc_dom_allocate() or call
61+ * xc_dom_{kernel,ramdisk}_max_size.
62+ */
63+#ifndef XC_DOM_DECOMPRESS_MAX
64+#define XC_DOM_DECOMPRESS_MAX (1024*1024*1024) /* 1GB */
65+#endif
66+
67+int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz);
68+int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz);
69+
70+int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz);
71+int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz);
72+
73 size_t xc_dom_check_gzip(xc_interface *xch,
74 void *blob, size_t ziplen);
75 int xc_dom_do_gunzip(xc_interface *xch,
76@@ -240,7 +260,8 @@ void xc_dom_log_memory_footprint(struct xc_dom_image *dom);
77 void *xc_dom_malloc(struct xc_dom_image *dom, size_t size);
78 void *xc_dom_malloc_page_aligned(struct xc_dom_image *dom, size_t size);
79 void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
80- const char *filename, size_t * size);
81+ const char *filename, size_t * size,
82+ const size_t max_size);
83 char *xc_dom_strdup(struct xc_dom_image *dom, const char *str);
84
85 /* --- alloc memory pool ------------------------------------------- */
86diff --git a/tools/libxc/xc_dom_bzimageloader.c b/tools/libxc/xc_dom_bzimageloader.c
87index 113d40f..b1b2eb0 100644
88--- a/tools/libxc/xc_dom_bzimageloader.c
89+++ b/tools/libxc/xc_dom_bzimageloader.c
90@@ -47,13 +47,19 @@ static int xc_try_bzip2_decode(
91 char *out_buf;
92 char *tmp_buf;
93 int retval = -1;
94- int outsize;
95+ unsigned int outsize;
96 uint64_t total;
97
98 stream.bzalloc = NULL;
99 stream.bzfree = NULL;
100 stream.opaque = NULL;
101
102+ if ( dom->kernel_size == 0)
103+ {
104+ DOMPRINTF("BZIP2: Input is 0 size");
105+ return -1;
106+ }
107+
108 ret = BZ2_bzDecompressInit(&stream, 0, 0);
109 if ( ret != BZ_OK )
110 {
111@@ -66,6 +72,17 @@ static int xc_try_bzip2_decode(
112 * the input buffer to start, and we'll realloc as needed.
113 */
114 outsize = dom->kernel_size;
115+
116+ /*
117+ * stream.avail_in and outsize are unsigned int, while kernel_size
118+ * is a size_t. Check we aren't overflowing.
119+ */
120+ if ( outsize != dom->kernel_size )
121+ {
122+ DOMPRINTF("BZIP2: Input too large");
123+ goto bzip2_cleanup;
124+ }
125+
126 out_buf = malloc(outsize);
127 if ( out_buf == NULL )
128 {
129@@ -98,13 +115,20 @@ static int xc_try_bzip2_decode(
130 if ( stream.avail_out == 0 )
131 {
132 /* Protect against output buffer overflow */
133- if ( outsize > INT_MAX / 2 )
134+ if ( outsize > UINT_MAX / 2 )
135 {
136 DOMPRINTF("BZIP2: output buffer overflow");
137 free(out_buf);
138 goto bzip2_cleanup;
139 }
140
141+ if ( xc_dom_kernel_check_size(dom, outsize * 2) )
142+ {
143+ DOMPRINTF("BZIP2: output too large");
144+ free(out_buf);
145+ goto bzip2_cleanup;
146+ }
147+
148 tmp_buf = realloc(out_buf, outsize * 2);
149 if ( tmp_buf == NULL )
150 {
151@@ -172,9 +196,15 @@ static int _xc_try_lzma_decode(
152 unsigned char *out_buf;
153 unsigned char *tmp_buf;
154 int retval = -1;
155- int outsize;
156+ size_t outsize;
157 const char *msg;
158
159+ if ( dom->kernel_size == 0)
160+ {
161+ DOMPRINTF("%s: Input is 0 size", what);
162+ return -1;
163+ }
164+
165 /* sigh. We don't know up-front how much memory we are going to need
166 * for the output buffer. Allocate the output buffer to be equal
167 * the input buffer to start, and we'll realloc as needed.
168@@ -244,13 +274,20 @@ static int _xc_try_lzma_decode(
169 if ( stream->avail_out == 0 )
170 {
171 /* Protect against output buffer overflow */
172- if ( outsize > INT_MAX / 2 )
173+ if ( outsize > SIZE_MAX / 2 )
174 {
175 DOMPRINTF("%s: output buffer overflow", what);
176 free(out_buf);
177 goto lzma_cleanup;
178 }
179
180+ if ( xc_dom_kernel_check_size(dom, outsize * 2) )
181+ {
182+ DOMPRINTF("%s: output too large", what);
183+ free(out_buf);
184+ goto lzma_cleanup;
185+ }
186+
187 tmp_buf = realloc(out_buf, outsize * 2);
188 if ( tmp_buf == NULL )
189 {
190@@ -359,6 +396,12 @@ static int xc_try_lzo1x_decode(
191 0x89, 0x4c, 0x5a, 0x4f, 0x00, 0x0d, 0x0a, 0x1a, 0x0a
192 };
193
194+ /*
195+ * lzo_uint should match size_t. Check that this is the case to be
196+ * sure we won't overflow various lzo_uint fields.
197+ */
198+ XC_BUILD_BUG_ON(sizeof(lzo_uint) != sizeof(size_t));
199+
200 ret = lzo_init();
201 if ( ret != LZO_E_OK )
202 {
203@@ -438,6 +481,14 @@ static int xc_try_lzo1x_decode(
204 if ( src_len <= 0 || src_len > dst_len || src_len > left )
205 break;
206
207+ msg = "Output buffer overflow";
208+ if ( *size > SIZE_MAX - dst_len )
209+ break;
210+
211+ msg = "Decompressed image too large";
212+ if ( xc_dom_kernel_check_size(dom, *size + dst_len) )
213+ break;
214+
215 msg = "Failed to (re)alloc memory";
216 tmp_buf = realloc(out_buf, *size + dst_len);
217 if ( tmp_buf == NULL )
218diff --git a/tools/libxc/xc_dom_core.c b/tools/libxc/xc_dom_core.c
219index fea9de5..2a01d7c 100644
220--- a/tools/libxc/xc_dom_core.c
221+++ b/tools/libxc/xc_dom_core.c
222@@ -159,7 +159,8 @@ void *xc_dom_malloc_page_aligned(struct xc_dom_image *dom, size_t size)
223 }
224
225 void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
226- const char *filename, size_t * size)
227+ const char *filename, size_t * size,
228+ const size_t max_size)
229 {
230 struct xc_dom_mem *block = NULL;
231 int fd = -1;
232@@ -171,6 +172,13 @@ void *xc_dom_malloc_filemap(struct xc_dom_image *dom,
233 lseek(fd, 0, SEEK_SET);
234 *size = lseek(fd, 0, SEEK_END);
235
236+ if ( max_size && *size > max_size )
237+ {
238+ xc_dom_panic(dom->xch, XC_OUT_OF_MEMORY,
239+ "tried to map file which is too large");
240+ goto err;
241+ }
242+
243 block = malloc(sizeof(*block));
244 if ( block == NULL )
245 goto err;
246@@ -222,6 +230,40 @@ char *xc_dom_strdup(struct xc_dom_image *dom, const char *str)
247 }
248
249 /* ------------------------------------------------------------------------ */
250+/* decompression buffer sizing */
251+int xc_dom_kernel_check_size(struct xc_dom_image *dom, size_t sz)
252+{
253+ /* No limit */
254+ if ( !dom->max_kernel_size )
255+ return 0;
256+
257+ if ( sz > dom->max_kernel_size )
258+ {
259+ xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
260+ "kernel image too large");
261+ return 1;
262+ }
263+
264+ return 0;
265+}
266+
267+int xc_dom_ramdisk_check_size(struct xc_dom_image *dom, size_t sz)
268+{
269+ /* No limit */
270+ if ( !dom->max_ramdisk_size )
271+ return 0;
272+
273+ if ( sz > dom->max_ramdisk_size )
274+ {
275+ xc_dom_panic(dom->xch, XC_INVALID_KERNEL,
276+ "ramdisk image too large");
277+ return 1;
278+ }
279+
280+ return 0;
281+}
282+
283+/* ------------------------------------------------------------------------ */
284 /* read files, copy memory blocks, with transparent gunzip */
285
286 size_t xc_dom_check_gzip(xc_interface *xch, void *blob, size_t ziplen)
287@@ -235,7 +277,7 @@ size_t xc_dom_check_gzip(xc_interface *xch, void *blob, size_t ziplen)
288
289 gzlen = blob + ziplen - 4;
290 unziplen = gzlen[3] << 24 | gzlen[2] << 16 | gzlen[1] << 8 | gzlen[0];
291- if ( (unziplen < 0) || (unziplen > (1024*1024*1024)) ) /* 1GB limit */
292+ if ( (unziplen < 0) || (unziplen > XC_DOM_DECOMPRESS_MAX) )
293 {
294 xc_dom_printf
295 (xch,
296@@ -288,6 +330,9 @@ int xc_dom_try_gunzip(struct xc_dom_image *dom, void **blob, size_t * size)
297 if ( unziplen == 0 )
298 return 0;
299
300+ if ( xc_dom_kernel_check_size(dom, unziplen) )
301+ return 0;
302+
303 unzip = xc_dom_malloc(dom, unziplen);
304 if ( unzip == NULL )
305 return -1;
306@@ -588,6 +633,9 @@ struct xc_dom_image *xc_dom_allocate(xc_interface *xch,
307 memset(dom, 0, sizeof(*dom));
308 dom->xch = xch;
309
310+ dom->max_kernel_size = XC_DOM_DECOMPRESS_MAX;
311+ dom->max_ramdisk_size = XC_DOM_DECOMPRESS_MAX;
312+
313 if ( cmdline )
314 dom->cmdline = xc_dom_strdup(dom, cmdline);
315 if ( features )
316@@ -608,10 +656,25 @@ struct xc_dom_image *xc_dom_allocate(xc_interface *xch,
317 return NULL;
318 }
319
320+int xc_dom_kernel_max_size(struct xc_dom_image *dom, size_t sz)
321+{
322+ DOMPRINTF("%s: kernel_max_size=%zx", __FUNCTION__, sz);
323+ dom->max_kernel_size = sz;
324+ return 0;
325+}
326+
327+int xc_dom_ramdisk_max_size(struct xc_dom_image *dom, size_t sz)
328+{
329+ DOMPRINTF("%s: ramdisk_max_size=%zx", __FUNCTION__, sz);
330+ dom->max_ramdisk_size = sz;
331+ return 0;
332+}
333+
334 int xc_dom_kernel_file(struct xc_dom_image *dom, const char *filename)
335 {
336 DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
337- dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size);
338+ dom->kernel_blob = xc_dom_malloc_filemap(dom, filename, &dom->kernel_size,
339+ dom->max_kernel_size);
340 if ( dom->kernel_blob == NULL )
341 return -1;
342 return xc_dom_try_gunzip(dom, &dom->kernel_blob, &dom->kernel_size);
343@@ -621,7 +684,9 @@ int xc_dom_ramdisk_file(struct xc_dom_image *dom, const char *filename)
344 {
345 DOMPRINTF("%s: filename=\"%s\"", __FUNCTION__, filename);
346 dom->ramdisk_blob =
347- xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size);
348+ xc_dom_malloc_filemap(dom, filename, &dom->ramdisk_size,
349+ dom->max_ramdisk_size);
350+
351 if ( dom->ramdisk_blob == NULL )
352 return -1;
353 // return xc_dom_try_gunzip(dom, &dom->ramdisk_blob, &dom->ramdisk_size);
354@@ -781,7 +846,11 @@ int xc_dom_build_image(struct xc_dom_image *dom)
355 void *ramdiskmap;
356
357 unziplen = xc_dom_check_gzip(dom->xch, dom->ramdisk_blob, dom->ramdisk_size);
358+ if ( xc_dom_ramdisk_check_size(dom, unziplen) != 0 )
359+ unziplen = 0;
360+
361 ramdisklen = unziplen ? unziplen : dom->ramdisk_size;
362+
363 if ( xc_dom_alloc_segment(dom, &dom->ramdisk_seg, "ramdisk", 0,
364 ramdisklen) != 0 )
365 goto err;
© 2015 Mike Crute