* [PATCH] beep 1.3: Fixes for CVE-2018-0492
@ 2018-04-06 11:48 Matthias Fischer
0 siblings, 0 replies; only message in thread
From: Matthias Fischer @ 2018-04-06 11:48 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 17651 bytes --]
For details see:
https://src.fedoraproject.org/cgit/rpms/beep.git
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-0492
Best,
Matthias
Signed-off-by: Matthias Fischer <matthias.fischer(a)ipfire.org>
---
lfs/beep | 11 +-
src/patches/beep/0001-Fixed-Makefile.patch | 44 ++++++++
.../beep/0002-Add-more-error-detection.patch | 44 ++++++++
...-also-catch-SIGTERM-for-stopping-the-beep.patch | 32 ++++++
...-install-more-user-and-packaging-friendly.patch | 85 +++++++++++++++
...reserve-file-modification-time-on-install.patch | 32 ++++++
.../beep/0007-Fix-identation-if-brace-error.patch | 41 ++++++++
...8-Apply-CVE-2018-0492-from-Debian-package.patch | 117 +++++++++++++++++++++
8 files changed, 405 insertions(+), 1 deletion(-)
create mode 100644 src/patches/beep/0001-Fixed-Makefile.patch
create mode 100644 src/patches/beep/0002-Add-more-error-detection.patch
create mode 100644 src/patches/beep/0004-also-catch-SIGTERM-for-stopping-the-beep.patch
create mode 100644 src/patches/beep/0005-Make-build-install-more-user-and-packaging-friendly.patch
create mode 100644 src/patches/beep/0006-Preserve-file-modification-time-on-install.patch
create mode 100644 src/patches/beep/0007-Fix-identation-if-brace-error.patch
create mode 100644 src/patches/beep/0008-Apply-CVE-2018-0492-from-Debian-package.patch
diff --git a/lfs/beep b/lfs/beep
index 437677b73..c7d63134c 100644
--- a/lfs/beep
+++ b/lfs/beep
@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
+# Copyright (C) 2007-2018 IPFire Team <info(a)ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -70,6 +70,15 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
+
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0001-Fixed-Makefile.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0002-Add-more-error-detection.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0004-also-catch-SIGTERM-for-stopping-the-beep.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0005-Make-build-install-more-user-and-packaging-friendly.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0006-Preserve-file-modification-time-on-install.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0007-Fix-identation-if-brace-error.patch
+ cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0008-Apply-CVE-2018-0492-from-Debian-package.patch
+
cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
cd $(DIR_APP) && install -m 0755 beep /usr/bin
@rm -rf $(DIR_APP)
diff --git a/src/patches/beep/0001-Fixed-Makefile.patch b/src/patches/beep/0001-Fixed-Makefile.patch
new file mode 100644
index 000000000..6b35ab0a9
--- /dev/null
+++ b/src/patches/beep/0001-Fixed-Makefile.patch
@@ -0,0 +1,44 @@
+From 8b32b8b088be1f29e8bfea57a97b9bfaa76ec8ee Mon Sep 17 00:00:00 2001
+From: Chris Wong <chrisyco(a)gmail.com>
+Date: Wed, 23 Nov 2011 10:39:53 +1300
+Subject: [PATCH] Fixed Makefile
+
+* Use /usr/share/man (see http://www.pathname.com/fhs/2.2/fhs-4.11.html#4.11.5)
+
+* Removed trailing spaces
+
+* Added optimization flag (must beep FAST!!!)
+---
+ Makefile | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index cc359c4..0f4f810 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1,19 +1,19 @@
+ CC=gcc
+-FLAGS=-Wall
++FLAGS=-Wall -O2
+ EXEC_NAME=beep
+ INSTALL_DIR=/usr/bin
+ MAN_FILE=beep.1.gz
+-MAN_DIR=/usr/man/man1
++MAN_DIR=/usr/share/man/man1
+
+ default : beep
+
+-clean :
++clean :
+ rm ${EXEC_NAME}
+
+ beep : beep.c
+ ${CC} ${FLAGS} -o ${EXEC_NAME} beep.c
+
+-install :
++install :
+ cp ${EXEC_NAME} ${INSTALL_DIR}
+ # rm -f /usr/man/man1/beep.1.bz2
+ cp ${MAN_FILE} ${MAN_DIR}
+--
+2.7.5
diff --git a/src/patches/beep/0002-Add-more-error-detection.patch b/src/patches/beep/0002-Add-more-error-detection.patch
new file mode 100644
index 000000000..733af9b15
--- /dev/null
+++ b/src/patches/beep/0002-Add-more-error-detection.patch
@@ -0,0 +1,44 @@
+From d3aee6c489852108c91dc22abcacff364e9429f2 Mon Sep 17 00:00:00 2001
+From: Chris Wong <chrisyco(a)gmail.com>
+Date: Wed, 23 Nov 2011 11:34:55 +1300
+Subject: [PATCH] Add more error detection
+
+---
+ beep.c | 15 +++++++++------
+ 1 file changed, 9 insertions(+), 6 deletions(-)
+
+diff --git a/beep.c b/beep.c
+index 452fc08..14fac3e 100644
+--- a/beep.c
++++ b/beep.c
+@@ -98,11 +98,11 @@ char *console_device = NULL;
+
+
+ void do_beep(int freq) {
+- if (console_type == BEEP_TYPE_CONSOLE) {
+- if(ioctl(console_fd, KIOCSOUND, freq != 0
+- ? (int)(CLOCK_TICK_RATE/freq)
+- : freq) < 0) {
+- printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */
++ int period = (freq != 0 ? (int)(CLOCK_TICK_RATE/freq) : freq);
++
++ if(console_type == BEEP_TYPE_CONSOLE) {
++ if(ioctl(console_fd, KIOCSOUND, period) < 0) {
++ putchar('\a'); /* Output the only beep we can, in an effort to fall back on usefulness */
+ perror("ioctl");
+ }
+ } else {
+@@ -113,7 +113,10 @@ void do_beep(int freq) {
+ e.code = SND_TONE;
+ e.value = freq;
+
+- write(console_fd, &e, sizeof(struct input_event));
++ if(write(console_fd, &e, sizeof(struct input_event)) < 0) {
++ putchar('\a'); /* See above */
++ perror("write");
++ }
+ }
+ }
+
+--
+2.7.5
diff --git a/src/patches/beep/0004-also-catch-SIGTERM-for-stopping-the-beep.patch b/src/patches/beep/0004-also-catch-SIGTERM-for-stopping-the-beep.patch
new file mode 100644
index 000000000..c11061e6a
--- /dev/null
+++ b/src/patches/beep/0004-also-catch-SIGTERM-for-stopping-the-beep.patch
@@ -0,0 +1,32 @@
+From e1320c1da52ca92aa68b4224f9532982184fbe00 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A9r=C3=B4me?= <jerome(a)jolimont.fr>
+Date: Thu, 7 Feb 2013 12:54:53 +0100
+Subject: [PATCH] also catch SIGTERM for stopping the beep
+
+Signed-off-by: Gerfried Fuchs <rhonda(a)deb.at>
+---
+ beep.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/beep.c b/beep.c
+index 452fc08..9cb63bf 100644
+--- a/beep.c
++++ b/beep.c
+@@ -130,6 +130,7 @@ void handle_signal(int signum) {
+
+ switch(signum) {
+ case SIGINT:
++ case SIGTERM:
+ if(console_fd >= 0) {
+ /* Kill the sound, quit gracefully */
+ do_beep(0);
+@@ -324,6 +325,7 @@ int main(int argc, char **argv) {
+ parms->next = NULL;
+
+ signal(SIGINT, handle_signal);
++ signal(SIGTERM, handle_signal);
+ parse_command_line(argc, argv, parms);
+
+ /* this outermost while loop handles the possibility that -n/--new has been
+--
+2.7.5
diff --git a/src/patches/beep/0005-Make-build-install-more-user-and-packaging-friendly.patch b/src/patches/beep/0005-Make-build-install-more-user-and-packaging-friendly.patch
new file mode 100644
index 000000000..9e2b481b3
--- /dev/null
+++ b/src/patches/beep/0005-Make-build-install-more-user-and-packaging-friendly.patch
@@ -0,0 +1,85 @@
+From 947a7e332908dcba1c7e523fbdc927d39ee6adb1 Mon Sep 17 00:00:00 2001
+From: Hans Ulrich Niedermann <hun(a)n-dimensional.de>
+Date: Tue, 19 Nov 2013 23:40:50 +0100
+Subject: [PATCH] Make build/install more user and packaging friendly
+
+Make the build and install more user and packaging friendly
+by introducing the following features in the Makefile:
+
+ * Honor the $(CFLAGS) set when calling make.
+
+ * Prefix all install locations with $(DESTDIR) for
+ easy package building.
+
+ * Use GNU Makefile conventions for defining installation
+ directories. This means $(bindir) and $(man1dir)
+ instead of the former $(INSTALL_DIR) and $(MAN_DIR).
+
+ * Use install(1) for installing files and directories
+ so that permissions can be set properly.
+
+ * Stop "make clean" failing when it has nothing to do.
+
+ * Add 'uninstall' make target.
+
+ * Make 'install' target build executable if necessary.
+---
+ Makefile | 40 +++++++++++++++++++++++++++++-----------
+ 1 file changed, 29 insertions(+), 11 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 0f4f810..942a7a5 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1,19 +1,37 @@
+ CC=gcc
+ FLAGS=-Wall -O2
++
++INSTALL=install
++
+ EXEC_NAME=beep
+-INSTALL_DIR=/usr/bin
+ MAN_FILE=beep.1.gz
+-MAN_DIR=/usr/share/man/man1
+
+-default : beep
++# Use GNU makefile conventions for directory names with one notable
++# exception: prefix is not /usr/local in order to keep the default
++# installation location for beep.
++prefix=/usr
++exec_prefix=$(prefix)
++bindir=$(exec_prefix)/bin
++datarootdir=$(prefix)/share
++mandir=$(datarootdir)/man
++man1dir=$(mandir)/man1
++
++.PHONY: all
++all: $(EXEC_NAME)
++
++.PHONY: clean
++clean:
++ rm -f $(EXEC_NAME)
+
+-clean :
+- rm ${EXEC_NAME}
++$(EXEC_NAME): beep.c
++ $(CC) $(FLAGS) $(CFLAGS) -o $(EXEC_NAME) beep.c
+
+-beep : beep.c
+- ${CC} ${FLAGS} -o ${EXEC_NAME} beep.c
++install: all
++ $(INSTALL) -m 0755 -d $(DESTDIR)$(bindir)
++ $(INSTALL) -m 0755 $(EXEC_NAME) $(DESTDIR)$(bindir)/
++ $(INSTALL) -m 0755 -d $(DESTDIR)$(man1dir)
++ $(INSTALL) -m 0644 $(MAN_FILE) $(DESTDIR)$(man1dir)/
+
+-install :
+- cp ${EXEC_NAME} ${INSTALL_DIR}
+- # rm -f /usr/man/man1/beep.1.bz2
+- cp ${MAN_FILE} ${MAN_DIR}
++uninstall:
++ rm -f $(DESTDIR)$(bindir)/$(EXEC_NAME)
++ rm -f $(DESTDIR)$(man1dir)/$(MAN_FILE)
+--
+2.7.5
+
diff --git a/src/patches/beep/0006-Preserve-file-modification-time-on-install.patch b/src/patches/beep/0006-Preserve-file-modification-time-on-install.patch
new file mode 100644
index 000000000..fe844e6f1
--- /dev/null
+++ b/src/patches/beep/0006-Preserve-file-modification-time-on-install.patch
@@ -0,0 +1,32 @@
+From 4622dd15dc12dab47a0381a8a7188f0f0421e01d Mon Sep 17 00:00:00 2001
+From: Hans Ulrich Niedermann <hun(a)n-dimensional.de>
+Date: Wed, 20 Nov 2013 00:00:54 +0100
+Subject: [PATCH] Preserve file modification time on install
+
+Add -p option to install(1) invocation in order to preserve
+the timestamps of the files being installed.
+---
+ Makefile | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 942a7a5..290b8a4 100644
+--- a/Makefile
++++ b/Makefile
+@@ -27,10 +27,10 @@ $(EXEC_NAME): beep.c
+ $(CC) $(FLAGS) $(CFLAGS) -o $(EXEC_NAME) beep.c
+
+ install: all
+- $(INSTALL) -m 0755 -d $(DESTDIR)$(bindir)
+- $(INSTALL) -m 0755 $(EXEC_NAME) $(DESTDIR)$(bindir)/
+- $(INSTALL) -m 0755 -d $(DESTDIR)$(man1dir)
+- $(INSTALL) -m 0644 $(MAN_FILE) $(DESTDIR)$(man1dir)/
++ $(INSTALL) -m 0755 -d $(DESTDIR)$(bindir)
++ $(INSTALL) -m 0755 -p $(EXEC_NAME) $(DESTDIR)$(bindir)/
++ $(INSTALL) -m 0755 -d $(DESTDIR)$(man1dir)
++ $(INSTALL) -m 0644 -p $(MAN_FILE) $(DESTDIR)$(man1dir)/
+
+ uninstall:
+ rm -f $(DESTDIR)$(bindir)/$(EXEC_NAME)
+--
+2.7.5
diff --git a/src/patches/beep/0007-Fix-identation-if-brace-error.patch b/src/patches/beep/0007-Fix-identation-if-brace-error.patch
new file mode 100644
index 000000000..30ec41406
--- /dev/null
+++ b/src/patches/beep/0007-Fix-identation-if-brace-error.patch
@@ -0,0 +1,41 @@
+From 35ba84dccb8fc8dc43cb3f575904a33ffa27e7b7 Mon Sep 17 00:00:00 2001
+From: Hans Ulrich Niedermann <hun(a)n-dimensional.de>
+Date: Tue, 3 Apr 2018 19:11:07 +0200
+Subject: [PATCH] Fix indentation/if brace error
+
+As beep.c is not Python, the code blocks must be defined by
+using braces instead of just indenting them differently.
+
+Once we do that, the outcome of multiple -f parameters will
+actually match what the warning message documents beep does:
+Only the last -f value will be used.
+
+Many projects proscribe using braces everywhere, but this
+change keeps the beep.c coding style of using braces only
+when absolutely necessary.
+
+This issue was discovered by compiling with gcc 6.
+---
+ beep.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/beep.c b/beep.c
+index 7da2e70..d46adc8 100644
+--- a/beep.c
++++ b/beep.c
+@@ -194,11 +194,12 @@ void parse_command_line(int argc, char **argv, beep_parms_t *result) {
+ if(!sscanf(optarg, "%f", &argfreq) || (argfreq >= 20000 /* ack! */) ||
+ (argfreq <= 0))
+ usage_bail(argv[0]);
+- else
++ else {
+ if (result->freq != 0)
+ fprintf(stderr, "WARNING: multiple -f values given, only last "
+ "one is used.\n");
+ result->freq = argfreq;
++ }
+ break;
+ case 'l' : /* length */
+ if(!sscanf(optarg, "%d", &argval) || (argval < 0))
+--
+2.7.5
diff --git a/src/patches/beep/0008-Apply-CVE-2018-0492-from-Debian-package.patch b/src/patches/beep/0008-Apply-CVE-2018-0492-from-Debian-package.patch
new file mode 100644
index 000000000..ac1f0b514
--- /dev/null
+++ b/src/patches/beep/0008-Apply-CVE-2018-0492-from-Debian-package.patch
@@ -0,0 +1,117 @@
+From 3b67473e16aaf2f83cb8ac18c13c9183a8e3c7b2 Mon Sep 17 00:00:00 2001
+From: Hans Ulrich Niedermann <hun(a)n-dimensional.de>
+Date: Tue, 3 Apr 2018 18:37:33 +0200
+Subject: [PATCH] Apply CVE-2018-0492.patch from Debian package
+
+---
+ beep.c | 53 ++++++++++++++++++++++++-----------------------------
+ 1 file changed, 24 insertions(+), 29 deletions(-)
+
+diff --git a/beep.c b/beep.c
+index d46adc8..f6781e8 100644
+--- a/beep.c
++++ b/beep.c
+@@ -109,6 +109,7 @@ void do_beep(int freq) {
+ /* BEEP_TYPE_EVDEV */
+ struct input_event e;
+
++ memset(&e, 0, sizeof(e));
+ e.type = EV_SND;
+ e.code = SND_TONE;
+ e.value = freq;
+@@ -124,10 +125,6 @@ void do_beep(int freq) {
+ /* If we get interrupted, it would be nice to not leave the speaker beeping in
+ perpetuity. */
+ void handle_signal(int signum) {
+-
+- if(console_device)
+- free(console_device);
+-
+ switch(signum) {
+ case SIGINT:
+ case SIGTERM:
+@@ -258,7 +255,7 @@ void parse_command_line(int argc, char **argv, beep_parms_t *result) {
+ result->verbose = 1;
+ break;
+ case 'e' : /* also --device */
+- console_device = strdup(optarg);
++ console_device = optarg;
+ break;
+ case 'h' : /* notice that this is also --help */
+ default :
+@@ -277,26 +274,6 @@ void play_beep(beep_parms_t parms) {
+ "%d delay after) @ %.2f Hz\n",
+ parms.reps, parms.length, parms.delay, parms.end_delay, parms.freq);
+
+- /* try to snag the console */
+- if(console_device)
+- console_fd = open(console_device, O_WRONLY);
+- else
+- if((console_fd = open("/dev/tty0", O_WRONLY)) == -1)
+- console_fd = open("/dev/vc/0", O_WRONLY);
+-
+- if(console_fd == -1) {
+- fprintf(stderr, "Could not open %s for writing\n",
+- console_device != NULL ? console_device : "/dev/tty0 or /dev/vc/0");
+- printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */
+- perror("open");
+- exit(1);
+- }
+-
+- if (ioctl(console_fd, EVIOCGSND(0)) != -1)
+- console_type = BEEP_TYPE_EVDEV;
+- else
+- console_type = BEEP_TYPE_CONSOLE;
+-
+ /* Beep */
+ for (i = 0; i < parms.reps; i++) { /* start beep */
+ do_beep(parms.freq);
+@@ -306,8 +283,6 @@ void play_beep(beep_parms_t parms) {
+ if(parms.end_delay || (i+1 < parms.reps))
+ usleep(1000*parms.delay); /* wait... */
+ } /* repeat. */
+-
+- close(console_fd);
+ }
+
+
+@@ -329,6 +304,26 @@ int main(int argc, char **argv) {
+ signal(SIGTERM, handle_signal);
+ parse_command_line(argc, argv, parms);
+
++ /* try to snag the console */
++ if(console_device)
++ console_fd = open(console_device, O_WRONLY);
++ else
++ if((console_fd = open("/dev/tty0", O_WRONLY)) == -1)
++ console_fd = open("/dev/vc/0", O_WRONLY);
++
++ if(console_fd == -1) {
++ fprintf(stderr, "Could not open %s for writing\n",
++ console_device != NULL ? console_device : "/dev/tty0 or /dev/vc/0");
++ printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */
++ perror("open");
++ exit(1);
++ }
++
++ if (ioctl(console_fd, EVIOCGSND(0)) != -1)
++ console_type = BEEP_TYPE_EVDEV;
++ else
++ console_type = BEEP_TYPE_CONSOLE;
++
+ /* this outermost while loop handles the possibility that -n/--new has been
+ used, i.e. that we have multiple beeps specified. Each iteration will
+ play, then free() one parms instance. */
+@@ -366,8 +361,8 @@ int main(int argc, char **argv) {
+ parms = next;
+ }
+
+- if(console_device)
+- free(console_device);
++ close(console_fd);
++ console_fd = -1;
+
+ return EXIT_SUCCESS;
+ }
+--
+2.7.5
--
2.16.2
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2018-04-06 11:48 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-04-06 11:48 [PATCH] beep 1.3: Fixes for CVE-2018-0492 Matthias Fischer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox