diff options
Diffstat (limited to 'user')
-rw-r--r-- | user/distcc/APKBUILD | 11 | ||||
-rw-r--r-- | user/distcc/heap.patch | 67 |
2 files changed, 74 insertions, 4 deletions
diff --git a/user/distcc/APKBUILD b/user/distcc/APKBUILD index f26510162..75d839c0d 100644 --- a/user/distcc/APKBUILD +++ b/user/distcc/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Brandon Bergren <git@bdragon.rtk0.net> -# Maintainer: +# Maintainer: Zach van Rijn <me@zv.io> pkgname=distcc -pkgver=3.3.3 +pkgver=3.4 pkgrel=0 pkgdesc="Distributed builds for C, C++ and Objective C" url="https://distcc.github.io/" @@ -20,7 +20,9 @@ subpackages="$pkgname-doc" #pkgusers="distcc" # distccd privdrop, see src/setuid.c #pkggroups="distcc" install="$pkgname.pre-install" -source="https://github.com/distcc/$pkgname/releases/download/v$pkgver/$pkgname-$pkgver.tar.gz" +source="https://github.com/distcc/$pkgname/releases/download/v$pkgver/$pkgname-$pkgver.tar.gz + heap.patch + " build() { ./configure \ @@ -49,4 +51,5 @@ package() { make install DESTDIR="$pkgdir" } -sha512sums="d5e7fc67f49ee640cef753038b5c0ebcbbac61c6ac29f20ee4736b045a89979ced765717c46383a4fadc50a4fe34e94e58e307509144414a9ca19eb4cc68a135 distcc-3.3.3.tar.gz" +sha512sums="de09329fdfa25e08a9b9529190ddaa9ceccb34c8655692edb86f367a8db4a71b750c6e928cb8e5a670f51fbbc02fd1c8524f72e01b3ebaacc1106dc676d18eef distcc-3.4.tar.gz +897429ec358ee36faf7dd19329978d9ba3ac83008158a1df9df8e7c6bc55843b5a681884b67006c526875b26993b64de6fb33e2f7dfac8a2066eabde1f13c348 heap.patch" diff --git a/user/distcc/heap.patch b/user/distcc/heap.patch new file mode 100644 index 000000000..f1d75caa0 --- /dev/null +++ b/user/distcc/heap.patch @@ -0,0 +1,67 @@ +From 879b71d6e95673e58d33f6c3c341a893ee307161 Mon Sep 17 00:00:00 2001 +From: Alexey Sheplyakov <asheplyakov@yandex.ru> +Date: Sat, 10 Jul 2021 22:18:14 +0400 +Subject: [PATCH] dcc_gcc_rewrite_fqn: avoid heap corruption + +On ALT Linux I've run into the following bug: + +distcc gcc -Wall -std=gnu89 -I. -O2 -o hello.o -c hello.c +free(): invalid next size (fast) +Aborted (core dumped) + +Apparently dcc_gcc_rewrite writes beyond the allocated memory: + +valgrind --leak-check=full -v ./distcc gcc -Wall -std=gnu89 -I. -O2 -o hello.o -c hello.c + +==11382== ERROR SUMMARY: 53 errors from 5 contexts (suppressed: 0 from 0) +==11382== +==11382== 1 errors in context 1 of 5: +==11382== Invalid write of size 1 +==11382== at 0x4C349D8: strcat (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) +==11382== by 0x10D165: dcc_gcc_rewrite_fqn (compile.c:611) +==11382== by 0x10D4B4: dcc_build_somewhere (compile.c:725) +==11382== by 0x10DC01: dcc_build_somewhere_timed (compile.c:1014) +==11382== by 0x10E380: main (distcc.c:352) +==11382== Address 0x544e828 is 1 bytes after a block of size 23 alloc'd +==11382== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) +==11382== by 0x10D087: dcc_gcc_rewrite_fqn (compile.c:588) +==11382== by 0x10D4B4: dcc_build_somewhere (compile.c:725) +==11382== by 0x10DC01: dcc_build_somewhere_timed (compile.c:1014) +==11382== by 0x10E380: main (distcc.c:352) +==11382== +==11382== +==11382== 1 errors in context 2 of 5: +==11382== Invalid write of size 1 +==11382== at 0x4C349C8: strcat (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) +==11382== by 0x10D165: dcc_gcc_rewrite_fqn (compile.c:611) +==11382== by 0x10D4B4: dcc_build_somewhere (compile.c:725) +==11382== by 0x10DC01: dcc_build_somewhere_timed (compile.c:1014) +==11382== by 0x10E380: main (distcc.c:352) +==11382== Address 0x544e827 is 0 bytes after a block of size 23 alloc'd +==11382== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) +==11382== by 0x10D087: dcc_gcc_rewrite_fqn (compile.c:588) +==11382== by 0x10D4B4: dcc_build_somewhere (compile.c:725) +==11382== by 0x10DC01: dcc_build_somewhere_timed (compile.c:1014) +==11382== by 0x10E380: main (distcc.c:352) + +and ALT Linux' hardened glibc does not quite like that. +Correctly compute the `newcmd_len` to avoid the problem. + +ALTBUG: #40425 +--- + src/compile.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/compile.c b/src/compile.c +index 34964566..26d7d182 100644 +--- a/src/compile.c ++++ b/src/compile.c +@@ -584,7 +584,7 @@ static int dcc_gcc_rewrite_fqn(char **argv) + return -ENOENT; + + +- newcmd_len = strlen(target_with_vendor) + 1 + strlen(argv[0] + 1); ++ newcmd_len = strlen(target_with_vendor) + 1 + strlen(argv[0]) + 1; + newcmd = malloc(newcmd_len); + if (!newcmd) + return -ENOMEM; |