summaryrefslogtreecommitdiff
path: root/user
diff options
context:
space:
mode:
Diffstat (limited to 'user')
-rw-r--r--user/distcc/APKBUILD11
-rw-r--r--user/distcc/heap.patch67
2 files changed, 74 insertions, 4 deletions
diff --git a/user/distcc/APKBUILD b/user/distcc/APKBUILD
index f26510162..75d839c0d 100644
--- a/user/distcc/APKBUILD
+++ b/user/distcc/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Brandon Bergren <git@bdragon.rtk0.net>
-# Maintainer:
+# Maintainer: Zach van Rijn <me@zv.io>
pkgname=distcc
-pkgver=3.3.3
+pkgver=3.4
pkgrel=0
pkgdesc="Distributed builds for C, C++ and Objective C"
url="https://distcc.github.io/"
@@ -20,7 +20,9 @@ subpackages="$pkgname-doc"
#pkgusers="distcc" # distccd privdrop, see src/setuid.c
#pkggroups="distcc"
install="$pkgname.pre-install"
-source="https://github.com/distcc/$pkgname/releases/download/v$pkgver/$pkgname-$pkgver.tar.gz"
+source="https://github.com/distcc/$pkgname/releases/download/v$pkgver/$pkgname-$pkgver.tar.gz
+ heap.patch
+ "
build() {
./configure \
@@ -49,4 +51,5 @@ package() {
make install DESTDIR="$pkgdir"
}
-sha512sums="d5e7fc67f49ee640cef753038b5c0ebcbbac61c6ac29f20ee4736b045a89979ced765717c46383a4fadc50a4fe34e94e58e307509144414a9ca19eb4cc68a135 distcc-3.3.3.tar.gz"
+sha512sums="de09329fdfa25e08a9b9529190ddaa9ceccb34c8655692edb86f367a8db4a71b750c6e928cb8e5a670f51fbbc02fd1c8524f72e01b3ebaacc1106dc676d18eef distcc-3.4.tar.gz
+897429ec358ee36faf7dd19329978d9ba3ac83008158a1df9df8e7c6bc55843b5a681884b67006c526875b26993b64de6fb33e2f7dfac8a2066eabde1f13c348 heap.patch"
diff --git a/user/distcc/heap.patch b/user/distcc/heap.patch
new file mode 100644
index 000000000..f1d75caa0
--- /dev/null
+++ b/user/distcc/heap.patch
@@ -0,0 +1,67 @@
+From 879b71d6e95673e58d33f6c3c341a893ee307161 Mon Sep 17 00:00:00 2001
+From: Alexey Sheplyakov <asheplyakov@yandex.ru>
+Date: Sat, 10 Jul 2021 22:18:14 +0400
+Subject: [PATCH] dcc_gcc_rewrite_fqn: avoid heap corruption
+
+On ALT Linux I've run into the following bug:
+
+distcc gcc -Wall -std=gnu89 -I. -O2 -o hello.o -c hello.c
+free(): invalid next size (fast)
+Aborted (core dumped)
+
+Apparently dcc_gcc_rewrite writes beyond the allocated memory:
+
+valgrind --leak-check=full -v ./distcc gcc -Wall -std=gnu89 -I. -O2 -o hello.o -c hello.c
+
+==11382== ERROR SUMMARY: 53 errors from 5 contexts (suppressed: 0 from 0)
+==11382==
+==11382== 1 errors in context 1 of 5:
+==11382== Invalid write of size 1
+==11382== at 0x4C349D8: strcat (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
+==11382== by 0x10D165: dcc_gcc_rewrite_fqn (compile.c:611)
+==11382== by 0x10D4B4: dcc_build_somewhere (compile.c:725)
+==11382== by 0x10DC01: dcc_build_somewhere_timed (compile.c:1014)
+==11382== by 0x10E380: main (distcc.c:352)
+==11382== Address 0x544e828 is 1 bytes after a block of size 23 alloc'd
+==11382== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
+==11382== by 0x10D087: dcc_gcc_rewrite_fqn (compile.c:588)
+==11382== by 0x10D4B4: dcc_build_somewhere (compile.c:725)
+==11382== by 0x10DC01: dcc_build_somewhere_timed (compile.c:1014)
+==11382== by 0x10E380: main (distcc.c:352)
+==11382==
+==11382==
+==11382== 1 errors in context 2 of 5:
+==11382== Invalid write of size 1
+==11382== at 0x4C349C8: strcat (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
+==11382== by 0x10D165: dcc_gcc_rewrite_fqn (compile.c:611)
+==11382== by 0x10D4B4: dcc_build_somewhere (compile.c:725)
+==11382== by 0x10DC01: dcc_build_somewhere_timed (compile.c:1014)
+==11382== by 0x10E380: main (distcc.c:352)
+==11382== Address 0x544e827 is 0 bytes after a block of size 23 alloc'd
+==11382== at 0x4C31B0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
+==11382== by 0x10D087: dcc_gcc_rewrite_fqn (compile.c:588)
+==11382== by 0x10D4B4: dcc_build_somewhere (compile.c:725)
+==11382== by 0x10DC01: dcc_build_somewhere_timed (compile.c:1014)
+==11382== by 0x10E380: main (distcc.c:352)
+
+and ALT Linux' hardened glibc does not quite like that.
+Correctly compute the `newcmd_len` to avoid the problem.
+
+ALTBUG: #40425
+---
+ src/compile.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/compile.c b/src/compile.c
+index 34964566..26d7d182 100644
+--- a/src/compile.c
++++ b/src/compile.c
+@@ -584,7 +584,7 @@ static int dcc_gcc_rewrite_fqn(char **argv)
+ return -ENOENT;
+
+
+- newcmd_len = strlen(target_with_vendor) + 1 + strlen(argv[0] + 1);
++ newcmd_len = strlen(target_with_vendor) + 1 + strlen(argv[0]) + 1;
+ newcmd = malloc(newcmd_len);
+ if (!newcmd)
+ return -ENOMEM;