mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-24 20:02:58 +03:00
spice: 0.12.8 -> 0.13.3
(we can use upstream security patches again)
This commit is contained in:
parent
a49df2a894
commit
632e81083c
@ -1,56 +0,0 @@
|
||||
From 75e8685740199537bfefcbd9996ec3ff9f6342e6 Mon Sep 17 00:00:00 2001
|
||||
From: Graham Christensen <graham@grahamc.com>
|
||||
Date: Wed, 8 Feb 2017 21:58:43 -0500
|
||||
Subject: [PATCH] Adapting the following patch, from
|
||||
http://pkgs.fedoraproject.org/cgit/rpms/spice.git/plain/0003-main-channel-Prevent-overflow-reading-messages-from-.patch?id=d919d639ae5f83a9735a04d843eed675f9357c0d
|
||||
|
||||
> From: Frediano Ziglio <fziglio@redhat.com>
|
||||
> Date: Tue, 29 Nov 2016 16:46:56 +0000
|
||||
> Subject: [spice-server 3/3] main-channel: Prevent overflow reading messages
|
||||
> from client
|
||||
>
|
||||
> Caller is supposed the function return a buffer able to store
|
||||
> size bytes.
|
||||
>
|
||||
> Signed-off-by: Frediano Ziglio <fziglio@redhat.com>
|
||||
> Acked-by: Christophe Fergeau <cfergeau@redhat.com>
|
||||
> ---
|
||||
> server/main-channel.c | 3 +++
|
||||
> 1 file changed, 3 insertions(+)
|
||||
>
|
||||
> diff --git a/server/main-channel.c b/server/main-channel.c
|
||||
> index 24dd448..1124506 100644
|
||||
> --- a/server/main-channel.c
|
||||
> +++ b/server/main-channel.c
|
||||
> @@ -258,6 +258,9 @@ static uint8_t *main_channel_alloc_msg_rcv_buf(RedChannelClient *rcc,
|
||||
>
|
||||
> if (type == SPICE_MSGC_MAIN_AGENT_DATA) {
|
||||
> return reds_get_agent_data_buffer(red_channel_get_server(channel), mcc, size);
|
||||
> + } else if (size > sizeof(main_chan->recv_buf)) {
|
||||
> + /* message too large, caller will log a message and close the connection */
|
||||
> + return NULL;
|
||||
> } else {
|
||||
> return main_chan->recv_buf;
|
||||
> }
|
||||
> --
|
||||
> 2.9.3
|
||||
> ---
|
||||
server/main_channel.c | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/server/main_channel.c b/server/main_channel.c
|
||||
index 0ecc9df..1fc3915 100644
|
||||
--- a/server/main_channel.c
|
||||
+++ b/server/main_channel.c
|
||||
@@ -1026,6 +1026,9 @@ static uint8_t *main_channel_alloc_msg_rcv_buf(RedChannelClient *rcc,
|
||||
|
||||
if (type == SPICE_MSGC_MAIN_AGENT_DATA) {
|
||||
return reds_get_agent_data_buffer(mcc, size);
|
||||
+ } else if (size > sizeof(main_chan->recv_buf)) {
|
||||
+ /* message too large, caller will log a message and close the connection */
|
||||
+ return NULL;
|
||||
} else {
|
||||
return main_chan->recv_buf;
|
||||
}
|
||||
--
|
||||
2.10.0
|
@ -6,14 +6,15 @@
|
||||
with stdenv.lib;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "spice-0.12.8";
|
||||
name = "spice-0.13.3";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://www.spice-space.org/download/releases/${name}.tar.bz2";
|
||||
sha256 = "0za03i77j8i3g5l2np2j7vy8cqsdbkm9wbv4hjnaqq9xhz2sa0gr";
|
||||
sha256 = "17mqgwamdhj8sx8vhahrjl5937x693kjnw6cp6v0akjrwz011xrh";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# the following three patches fix CVE-2016-9577 and CVE-2016-9578
|
||||
(fetchpatch {
|
||||
name = "0001-Prevent-possible-DoS-attempts-during-protocol-handsh.patch";
|
||||
url = "http://pkgs.fedoraproject.org/cgit/rpms/spice.git/plain/0001-Prevent-possible-DoS-attempts-during-protocol-handsh.patch?id=d919d639ae5f83a9735a04d843eed675f9357c0d";
|
||||
@ -24,9 +25,11 @@ stdenv.mkDerivation rec {
|
||||
url = "http://pkgs.fedoraproject.org/cgit/rpms/spice.git/plain/0002-Prevent-integer-overflows-in-capability-checks.patch?id=d919d639ae5f83a9735a04d843eed675f9357c0d";
|
||||
sha256 = "1r1bhq98w93cvvrlrz6jwdfsy261xl3xqs0ppchaa2igyxvxv5z5";
|
||||
})
|
||||
# Originally from http://pkgs.fedoraproject.org/cgit/rpms/spice.git/plain/0003-main-channel-Prevent-overflow-reading-messages-from-.patch?id=d919d639ae5f83a9735a04d843eed675f9357c0d
|
||||
# but main-channel.c was renamed to main_channel.c
|
||||
./0001-Adapting-the-following-patch-from-http-pkgs.fedorapr.patch
|
||||
(fetchpatch {
|
||||
name = "0003-main-channel-Prevent-overflow-reading-messages-from.patch";
|
||||
url = "https://cgit.freedesktop.org/spice/spice/patch/?id=1d3e26c0ee75712fa4bbbcfa09d8d5866b66c8af";
|
||||
sha256 = "030mm551aipck99rqiz39vsvk071pn8715zynr5j6chwzgpflwm3";
|
||||
})
|
||||
];
|
||||
|
||||
buildInputs = [ pixman celt alsaLib openssl libjpeg zlib
|
||||
|
Loading…
Reference in New Issue
Block a user