diff --git a/srcpkgs/yara/patches/0001-Fix-buffer-overflow-in-dotnet-module.patch b/srcpkgs/yara/patches/0001-Fix-buffer-overflow-in-dotnet-module.patch deleted file mode 100644 index 0054efe52af..00000000000 --- a/srcpkgs/yara/patches/0001-Fix-buffer-overflow-in-dotnet-module.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 7290feb9ee04c2e212b705dc2627a92382367595 Mon Sep 17 00:00:00 2001 -From: "Victor M. Alvarez" -Date: Wed, 19 Dec 2018 12:34:12 +0100 -Subject: [PATCH] Fix buffer overflow in dotnet module. - -Credit to OSS-Fuzz. ---- - libyarmodules/dotnet.c | 10 +++++++--- - ...case-minimized-dotnet_fuzzer-5725060321509376 | Bin 0 -> 1024 bytes - 2 files changed, 7 insertions(+), 3 deletions(-) - create mode 100644 tests/oss-fuzz/dotnet_fuzzer_corpus/clusterfuzz-testcase-minimized-dotnet_fuzzer-5725060321509376 - -diff --git libyara/modules/dotnet.c libyara/modules/dotnet.c -index 1fb1f0e..4a5f1a1 100644 ---- libyara/modules/dotnet.c -+++ libyarmodules/dotnet.c -@@ -208,9 +208,13 @@ void dotnet_parse_us( - const uint8_t* offset = pe->data + metadata_root + us_header->Offset; - const uint8_t* end_of_header = offset + us_header->Size; - -- // Make sure end of header is not past end of PE, and the first entry MUST be -- // a single NULL byte. -- if (!fits_in_pe(pe, offset, us_header->Size) || *offset != 0x00) -+ // Make sure the header size is larger than 0 and its end is not past the -+ // end of PE. -+ if (us_header->Size == 0 || !fits_in_pe(pe, offset, us_header->Size)) -+ return; -+ -+ // The first entry MUST be single NULL byte. -+ if (*offset != 0x00) - return; - - offset++; --- -2.20.1 - diff --git a/srcpkgs/yara/patches/CVE-2018-1997{4-6}.patch b/srcpkgs/yara/patches/CVE-2018-1997{4-6}.patch deleted file mode 100644 index 0de7ef9d5c9..00000000000 --- a/srcpkgs/yara/patches/CVE-2018-1997{4-6}.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 0a3ede0125c8b88a020fa4c98df78f6eea7eb9ab Mon Sep 17 00:00:00 2001 -From: "Victor M. Alvarez" -Date: Thu, 13 Dec 2018 12:23:09 +0100 -Subject: [PATCH] Fix issue #999 (#1001) - -* Add additional check in OP_COUNT for making sure that the string pointer is not a fake one. - -* Initialize scratch memory in order to avoid maliciously crafted YARA rules from reading values left in the stack. ---- - libyararena.c | 10 +++++----- - libyarexec.c | 11 +++++++++++ - libyarinclude/yara/arena.h | 5 +++++ - 3 files changed, 21 insertions(+), 5 deletions(-) - -diff --git libyara/arena.c libyara/arena.c -index 34a374ef..805f6d70 100644 ---- libyara/arena.c -+++ libyararena.c -@@ -109,7 +109,7 @@ static YR_ARENA_PAGE* _yr_arena_new_page( - - - // --// _yr_arena_page_for_address -+// yr_arena_page_for_address - // - // Returns the page within the arena where an address reside. - // -@@ -122,7 +122,7 @@ static YR_ARENA_PAGE* _yr_arena_new_page( - // resides. - // - --static YR_ARENA_PAGE* _yr_arena_page_for_address( -+YR_ARENA_PAGE* yr_arena_page_for_address( - YR_ARENA* arena, - void* address) - { -@@ -184,7 +184,7 @@ static int _yr_arena_make_ptr_relocatable( - // If the arena must be relocatable. - assert(arena->flags & ARENA_FLAGS_RELOCATABLE); - -- page = _yr_arena_page_for_address(arena, base); -+ page = yr_arena_page_for_address(arena, base); - - assert(page != NULL); - -@@ -361,7 +361,7 @@ void* yr_arena_next_address( - { - YR_ARENA_PAGE* page; - -- page = _yr_arena_page_for_address(arena, address); -+ page = yr_arena_page_for_address(arena, address); - - assert(page != NULL); - -@@ -482,7 +482,7 @@ int yr_arena_coalesce( - - if (reloc_target != NULL) - { -- page = _yr_arena_page_for_address(arena, reloc_target); -+ page = yr_arena_page_for_address(arena, reloc_target); - assert(page != NULL); - *reloc_address = page->new_address + (reloc_target - page->address); - } -diff --git libyara/exec.c libyara/exec.c -index a0cf138d..9f0ba8fa 100644 ---- libyara/exec.c -+++ libyarexec.c -@@ -246,6 +246,10 @@ int yr_execute_code( - start_time = yr_stopwatch_elapsed_us(&context->stopwatch); - #endif - -+ #if PARANOID_EXEC -+ memset(mem, 0, MEM_SIZE * sizeof(mem[0])); -+ #endif -+ - while(!stop) - { - opcode = *ip; -@@ -779,6 +783,13 @@ int yr_execute_code( - - case OP_COUNT: - pop(r1); -+ -+ #if PARANOID_EXEC -+ // Make sure that the string pointer is within the rules arena. -+ if (yr_arena_page_for_address(context->rules->arena, r1.p) == NULL) -+ return ERROR_INTERNAL_FATAL_ERROR; -+ #endif -+ - r1.i = r1.s->matches[tidx].count; - push(r1); - break; -diff --git libyara/include/yara/arena.h libyara/include/yara/arena.h -index 51f2d8cf..a42e594b 100644 ---- libyara/include/yara/arena.h -+++ libyarinclude/yara/arena.h -@@ -101,6 +101,11 @@ void* yr_arena_base_address( - YR_ARENA* arena); - - -+YR_ARENA_PAGE* yr_arena_page_for_address( -+ YR_ARENA* arena, -+ void* address); -+ -+ - void* yr_arena_next_address( - YR_ARENA* arena, - void* address, diff --git a/srcpkgs/yara/template b/srcpkgs/yara/template index 8882886efda..87d97bb8140 100644 --- a/srcpkgs/yara/template +++ b/srcpkgs/yara/template @@ -1,7 +1,7 @@ # Template file for 'yara' pkgname=yara -version=3.8.1 -revision=4 +version=3.9.0 +revision=1 build_style=gnu-configure configure_args="--enable-magic --enable-cuckoo" hostmakedepends="automake libtool" @@ -11,7 +11,7 @@ maintainer="Orphaned " license="BSD-3-Clause" homepage="https://virustotal.github.io/yara/" distfiles="https://github.com/VirusTotal/yara/archive/v${version}.tar.gz" -checksum=283527711269354d3c60e2705f7f74b1f769d2d35ddba8f7f9ce97d0fd5cb1ca +checksum=ebe7fab0abadb90449a62afbd24e196e18b177efe71ffd8bf22df95c5386f64d pre_configure() { autoreconf -fi