libevent: add patches for recent CVEs

- CVE-2016-10195 - CVE-2016-10196 - CVE-2016-10197 Fixes #5825
2025-06-15 11:33:49 +02:00 · 2017-02-25 19:51:01 +01:00 · 2017-02-25 19:51:01 +01:00 · 15feb9e144
commit 15feb9e144
parent 7566aa08ee
4 changed files with 68 additions and 1 deletions
--- a/srcpkgs/libevent/patches/CVE-2016-10195.patch
+++ b/srcpkgs/libevent/patches/CVE-2016-10195.patch
@ -0,0 +1,23 @@
+From 96f64a022014a208105ead6c8a7066018449d86d Mon Sep 17 00:00:00 2001
+From: Azat Khuzhin <a3at.mail@gmail.com>
+Date: Mon, 1 Feb 2016 17:32:09 +0300
+Subject: [PATCH] evdns: name_parse(): fix remote stack overread
+
+--- evdns.c
+++ evdns.c
+@@ -976,7 +976,6 @@ name_parse(u8 *packet, int length, int *idx, char *name_out, int name_out_len) {
+
+ 	for (;;) {
+ 		u8 label_len;
+-		if (j >= length) return -1;
+ 		GET8(label_len);
+ 		if (!label_len) break;
+ 		if (label_len & 0xc0) {
+@@ -997,6 +996,7 @@ name_parse(u8 *packet, int length, int *idx, char *name_out, int name_out_len) {
+ 			*cp++ = '.';
+ 		}
+ 		if (cp + label_len >= end) return -1;
+		if (j + label_len > length) return -1;
+ 		memcpy(cp, packet + j, label_len);
+ 		cp += label_len;
+ 		j += label_len;
--- a/srcpkgs/libevent/patches/CVE-2016-10196.patch
+++ b/srcpkgs/libevent/patches/CVE-2016-10196.patch
@ -0,0 +1,23 @@
+From 329acc18a0768c21ba22522f01a5c7f46cacc4d5 Mon Sep 17 00:00:00 2001
+From: Azat Khuzhin <a3at.mail@gmail.com>
+Date: Sun, 31 Jan 2016 00:57:16 +0300
+Subject: [PATCH] evutil_parse_sockaddr_port(): fix buffer overflow
+
+--- evutil.c
+++ evutil.c
+@@ -2058,12 +2058,12 @@ evutil_parse_sockaddr_port(const char *ip_as_string, struct sockaddr *out, int *
+
+ 	cp = strchr(ip_as_string, ':');
+ 	if (*ip_as_string == '[') {
+-		int len;
+		size_t len;
+ 		if (!(cp = strchr(ip_as_string, ']'))) {
+ 			return -1;
+ 		}
+-		len = (int) ( cp-(ip_as_string + 1) );
+-		if (len > (int)sizeof(buf)-1) {
+		len = ( cp-(ip_as_string + 1) );
+		if (len > sizeof(buf)-1) {
+ 			return -1;
+ 		}
+ 		memcpy(buf, ip_as_string+1, len);
--- a/srcpkgs/libevent/patches/CVE-2016-10197.patch
+++ b/srcpkgs/libevent/patches/CVE-2016-10197.patch
@ -0,0 +1,21 @@
+From ec65c42052d95d2c23d1d837136d1cf1d9ecef9e Mon Sep 17 00:00:00 2001
+From: Azat Khuzhin <a3at.mail@gmail.com>
+Date: Fri, 25 Mar 2016 00:33:47 +0300
+Subject: [PATCH] evdns: fix searching empty hostnames
+
+--- evdns.c
+++ evdns.c
+@@ -3175,9 +3175,12 @@ search_set_from_hostname(struct evdns_base *base) {
+ static char *
+ search_make_new(const struct search_state *const state, int n, const char *const base_name) {
+ 	const size_t base_len = strlen(base_name);
+-	const char need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1;
+	char need_to_append_dot;
+ 	struct search_domain *dom;
+
+	if (!base_len) return NULL;
+	need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1;
+
+ 	for (dom = state->head; dom; dom = dom->next) {
+ 		if (!n--) {
+ 			/* this is the postfix we want */
--- a/srcpkgs/libevent/template
+++ b/srcpkgs/libevent/template
@ -1,7 +1,7 @@
 # Template file for 'libevent'
 pkgname=libevent
 version=2.0.22
-revision=7
+revision=8
 wrksrc="$pkgname-$version-stable"
 build_style=gnu-configure
 makedepends="libressl-devel"