webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

beep 1.3: Fixes for CVE-2018-0492

Browse Source 
For details see:
https://src.fedoraproject.org/cgit/rpms/beep.git
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-0492

Best,
Matthias

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Matthias Fischer
2018-04-06 13:48:19 +02:00
committed by Michael Tremer
parent c79cbc1594
commit 4217b4b6d8
8 changed files with 405 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
lfs/beep
View File

@@ -1,7 +1,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
# Copyright (C) 2007-2018 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -70,6 +70,15 @@ $(subst %,%_MD5,$(objects)) :
$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
@$(PREBUILD)
@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0001-Fixed-Makefile.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0002-Add-more-error-detection.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0004-also-catch-SIGTERM-for-stopping-the-beep.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0005-Make-build-install-more-user-and-packaging-friendly.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0006-Preserve-file-modification-time-on-install.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0007-Fix-identation-if-brace-error.patch
cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/beep/0008-Apply-CVE-2018-0492-from-Debian-package.patch
cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
cd $(DIR_APP) && install -m 0755 beep /usr/bin
@rm -rf $(DIR_APP)

44
src/patches/beep/0001-Fixed-Makefile.patch Normal file
View File

@@ -0,0 +1,44 @@
From 8b32b8b088be1f29e8bfea57a97b9bfaa76ec8ee Mon Sep 17 00:00:00 2001
From: Chris Wong <chrisyco@gmail.com>
Date: Wed, 23 Nov 2011 10:39:53 +1300
Subject: [PATCH] Fixed Makefile
* Use /usr/share/man (see http://www.pathname.com/fhs/2.2/fhs-4.11.html#4.11.5)
* Removed trailing spaces
* Added optimization flag (must beep FAST!!!)
---
Makefile | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/Makefile b/Makefile
index cc359c4..0f4f810 100644
--- a/Makefile
+++ b/Makefile
@@ -1,19 +1,19 @@
CC=gcc
-FLAGS=-Wall
+FLAGS=-Wall -O2
EXEC_NAME=beep
INSTALL_DIR=/usr/bin
MAN_FILE=beep.1.gz
-MAN_DIR=/usr/man/man1
+MAN_DIR=/usr/share/man/man1
default : beep
-clean :
+clean :
rm ${EXEC_NAME}
beep : beep.c
${CC} ${FLAGS} -o ${EXEC_NAME} beep.c
-install :
+install :
cp ${EXEC_NAME} ${INSTALL_DIR}
# rm -f /usr/man/man1/beep.1.bz2
cp ${MAN_FILE} ${MAN_DIR}
--
2.7.5

44
src/patches/beep/0002-Add-more-error-detection.patch Normal file
View File

@@ -0,0 +1,44 @@
From d3aee6c489852108c91dc22abcacff364e9429f2 Mon Sep 17 00:00:00 2001
From: Chris Wong <chrisyco@gmail.com>
Date: Wed, 23 Nov 2011 11:34:55 +1300
Subject: [PATCH] Add more error detection
---
beep.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/beep.c b/beep.c
index 452fc08..14fac3e 100644
--- a/beep.c
+++ b/beep.c
@@ -98,11 +98,11 @@ char *console_device = NULL;
void do_beep(int freq) {
- if (console_type == BEEP_TYPE_CONSOLE) {
- if(ioctl(console_fd, KIOCSOUND, freq != 0
- ? (int)(CLOCK_TICK_RATE/freq)
- : freq) < 0) {
- printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */
+ int period = (freq != 0 ? (int)(CLOCK_TICK_RATE/freq) : freq);
+
+ if(console_type == BEEP_TYPE_CONSOLE) {
+ if(ioctl(console_fd, KIOCSOUND, period) < 0) {
+ putchar('\a'); /* Output the only beep we can, in an effort to fall back on usefulness */
perror("ioctl");
}
} else {
@@ -113,7 +113,10 @@ void do_beep(int freq) {
e.code = SND_TONE;
e.value = freq;
- write(console_fd, &e, sizeof(struct input_event));
+ if(write(console_fd, &e, sizeof(struct input_event)) < 0) {
+ putchar('\a'); /* See above */
+ perror("write");
+ }
}
}
--
2.7.5

32
src/patches/beep/0004-also-catch-SIGTERM-for-stopping-the-beep.patch Normal file
View File

@@ -0,0 +1,32 @@
From e1320c1da52ca92aa68b4224f9532982184fbe00 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me?= <jerome@jolimont.fr>
Date: Thu, 7 Feb 2013 12:54:53 +0100
Subject: [PATCH] also catch SIGTERM for stopping the beep
Signed-off-by: Gerfried Fuchs <rhonda@deb.at>
---
beep.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/beep.c b/beep.c
index 452fc08..9cb63bf 100644
--- a/beep.c
+++ b/beep.c
@@ -130,6 +130,7 @@ void handle_signal(int signum) {
switch(signum) {
case SIGINT:
+ case SIGTERM:
if(console_fd >= 0) {
/* Kill the sound, quit gracefully */
do_beep(0);
@@ -324,6 +325,7 @@ int main(int argc, char **argv) {
parms->next = NULL;
signal(SIGINT, handle_signal);
+ signal(SIGTERM, handle_signal);
parse_command_line(argc, argv, parms);
/* this outermost while loop handles the possibility that -n/--new has been
--
2.7.5

85
src/patches/beep/0005-Make-build-install-more-user-and-packaging-friendly.patch Normal file
View File

@@ -0,0 +1,85 @@
From 947a7e332908dcba1c7e523fbdc927d39ee6adb1 Mon Sep 17 00:00:00 2001
From: Hans Ulrich Niedermann <hun@n-dimensional.de>
Date: Tue, 19 Nov 2013 23:40:50 +0100
Subject: [PATCH] Make build/install more user and packaging friendly
Make the build and install more user and packaging friendly
by introducing the following features in the Makefile:
* Honor the $(CFLAGS) set when calling make.
* Prefix all install locations with $(DESTDIR) for
easy package building.
* Use GNU Makefile conventions for defining installation
directories. This means $(bindir) and $(man1dir)
instead of the former $(INSTALL_DIR) and $(MAN_DIR).
* Use install(1) for installing files and directories
so that permissions can be set properly.
* Stop "make clean" failing when it has nothing to do.
* Add 'uninstall' make target.
* Make 'install' target build executable if necessary.
---
Makefile | 40 +++++++++++++++++++++++++++++-----------
1 file changed, 29 insertions(+), 11 deletions(-)
diff --git a/Makefile b/Makefile
index 0f4f810..942a7a5 100644
--- a/Makefile
+++ b/Makefile
@@ -1,19 +1,37 @@
CC=gcc
FLAGS=-Wall -O2
+
+INSTALL=install
+
EXEC_NAME=beep
-INSTALL_DIR=/usr/bin
MAN_FILE=beep.1.gz
-MAN_DIR=/usr/share/man/man1
-default : beep
+# Use GNU makefile conventions for directory names with one notable
+# exception: prefix is not /usr/local in order to keep the default
+# installation location for beep.
+prefix=/usr
+exec_prefix=$(prefix)
+bindir=$(exec_prefix)/bin
+datarootdir=$(prefix)/share
+mandir=$(datarootdir)/man
+man1dir=$(mandir)/man1
+
+.PHONY: all
+all: $(EXEC_NAME)
+
+.PHONY: clean
+clean:
+ rm -f $(EXEC_NAME)
-clean :
- rm ${EXEC_NAME}
+$(EXEC_NAME): beep.c
+ $(CC) $(FLAGS) $(CFLAGS) -o $(EXEC_NAME) beep.c
-beep : beep.c
- ${CC} ${FLAGS} -o ${EXEC_NAME} beep.c
+install: all
+ $(INSTALL) -m 0755 -d $(DESTDIR)$(bindir)
+ $(INSTALL) -m 0755 $(EXEC_NAME) $(DESTDIR)$(bindir)/
+ $(INSTALL) -m 0755 -d $(DESTDIR)$(man1dir)
+ $(INSTALL) -m 0644 $(MAN_FILE) $(DESTDIR)$(man1dir)/
-install :
- cp ${EXEC_NAME} ${INSTALL_DIR}
- # rm -f /usr/man/man1/beep.1.bz2
- cp ${MAN_FILE} ${MAN_DIR}
+uninstall:
+ rm -f $(DESTDIR)$(bindir)/$(EXEC_NAME)
+ rm -f $(DESTDIR)$(man1dir)/$(MAN_FILE)
--
2.7.5

32
src/patches/beep/0006-Preserve-file-modification-time-on-install.patch Normal file
View File

@@ -0,0 +1,32 @@
From 4622dd15dc12dab47a0381a8a7188f0f0421e01d Mon Sep 17 00:00:00 2001
From: Hans Ulrich Niedermann <hun@n-dimensional.de>
Date: Wed, 20 Nov 2013 00:00:54 +0100
Subject: [PATCH] Preserve file modification time on install
Add -p option to install(1) invocation in order to preserve
the timestamps of the files being installed.
---
Makefile | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/Makefile b/Makefile
index 942a7a5..290b8a4 100644
--- a/Makefile
+++ b/Makefile
@@ -27,10 +27,10 @@ $(EXEC_NAME): beep.c
$(CC) $(FLAGS) $(CFLAGS) -o $(EXEC_NAME) beep.c
install: all
- $(INSTALL) -m 0755 -d $(DESTDIR)$(bindir)
- $(INSTALL) -m 0755 $(EXEC_NAME) $(DESTDIR)$(bindir)/
- $(INSTALL) -m 0755 -d $(DESTDIR)$(man1dir)
- $(INSTALL) -m 0644 $(MAN_FILE) $(DESTDIR)$(man1dir)/
+ $(INSTALL) -m 0755 -d $(DESTDIR)$(bindir)
+ $(INSTALL) -m 0755 -p $(EXEC_NAME) $(DESTDIR)$(bindir)/
+ $(INSTALL) -m 0755 -d $(DESTDIR)$(man1dir)
+ $(INSTALL) -m 0644 -p $(MAN_FILE) $(DESTDIR)$(man1dir)/
uninstall:
rm -f $(DESTDIR)$(bindir)/$(EXEC_NAME)
--
2.7.5

41
src/patches/beep/0007-Fix-identation-if-brace-error.patch Normal file
View File

@@ -0,0 +1,41 @@
From 35ba84dccb8fc8dc43cb3f575904a33ffa27e7b7 Mon Sep 17 00:00:00 2001
From: Hans Ulrich Niedermann <hun@n-dimensional.de>
Date: Tue, 3 Apr 2018 19:11:07 +0200
Subject: [PATCH] Fix indentation/if brace error
As beep.c is not Python, the code blocks must be defined by
using braces instead of just indenting them differently.
Once we do that, the outcome of multiple -f parameters will
actually match what the warning message documents beep does:
Only the last -f value will be used.
Many projects proscribe using braces everywhere, but this
change keeps the beep.c coding style of using braces only
when absolutely necessary.
This issue was discovered by compiling with gcc 6.
---
beep.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/beep.c b/beep.c
index 7da2e70..d46adc8 100644
--- a/beep.c
+++ b/beep.c
@@ -194,11 +194,12 @@ void parse_command_line(int argc, char **argv, beep_parms_t *result) {
if(!sscanf(optarg, "%f", &argfreq) || (argfreq >= 20000 /* ack! */) ||
(argfreq <= 0))
usage_bail(argv[0]);
- else
+ else {
if (result->freq != 0)
fprintf(stderr, "WARNING: multiple -f values given, only last "
"one is used.\n");
result->freq = argfreq;
+ }
break;
case 'l' : /* length */
if(!sscanf(optarg, "%d", &argval) || (argval < 0))
--
2.7.5

117
src/patches/beep/0008-Apply-CVE-2018-0492-from-Debian-package.patch Normal file
View File

@@ -0,0 +1,117 @@
From 3b67473e16aaf2f83cb8ac18c13c9183a8e3c7b2 Mon Sep 17 00:00:00 2001
From: Hans Ulrich Niedermann <hun@n-dimensional.de>
Date: Tue, 3 Apr 2018 18:37:33 +0200
Subject: [PATCH] Apply CVE-2018-0492.patch from Debian package
---
beep.c | 53 ++++++++++++++++++++++++-----------------------------
1 file changed, 24 insertions(+), 29 deletions(-)
diff --git a/beep.c b/beep.c
index d46adc8..f6781e8 100644
--- a/beep.c
+++ b/beep.c
@@ -109,6 +109,7 @@ void do_beep(int freq) {
/* BEEP_TYPE_EVDEV */
struct input_event e;
+ memset(&e, 0, sizeof(e));
e.type = EV_SND;
e.code = SND_TONE;
e.value = freq;
@@ -124,10 +125,6 @@ void do_beep(int freq) {
/* If we get interrupted, it would be nice to not leave the speaker beeping in
perpetuity. */
void handle_signal(int signum) {
-
- if(console_device)
- free(console_device);
-
switch(signum) {
case SIGINT:
case SIGTERM:
@@ -258,7 +255,7 @@ void parse_command_line(int argc, char **argv, beep_parms_t *result) {
result->verbose = 1;
break;
case 'e' : /* also --device */
- console_device = strdup(optarg);
+ console_device = optarg;
break;
case 'h' : /* notice that this is also --help */
default :
@@ -277,26 +274,6 @@ void play_beep(beep_parms_t parms) {
"%d delay after) @ %.2f Hz\n",
parms.reps, parms.length, parms.delay, parms.end_delay, parms.freq);
- /* try to snag the console */
- if(console_device)
- console_fd = open(console_device, O_WRONLY);
- else
- if((console_fd = open("/dev/tty0", O_WRONLY)) == -1)
- console_fd = open("/dev/vc/0", O_WRONLY);
-
- if(console_fd == -1) {
- fprintf(stderr, "Could not open %s for writing\n",
- console_device != NULL ? console_device : "/dev/tty0 or /dev/vc/0");
- printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */
- perror("open");
- exit(1);
- }
-
- if (ioctl(console_fd, EVIOCGSND(0)) != -1)
- console_type = BEEP_TYPE_EVDEV;
- else
- console_type = BEEP_TYPE_CONSOLE;
-
/* Beep */
for (i = 0; i < parms.reps; i++) { /* start beep */
do_beep(parms.freq);
@@ -306,8 +283,6 @@ void play_beep(beep_parms_t parms) {
if(parms.end_delay || (i+1 < parms.reps))
usleep(1000*parms.delay); /* wait... */
} /* repeat. */
-
- close(console_fd);
}
@@ -329,6 +304,26 @@ int main(int argc, char **argv) {
signal(SIGTERM, handle_signal);
parse_command_line(argc, argv, parms);
+ /* try to snag the console */
+ if(console_device)
+ console_fd = open(console_device, O_WRONLY);
+ else
+ if((console_fd = open("/dev/tty0", O_WRONLY)) == -1)
+ console_fd = open("/dev/vc/0", O_WRONLY);
+
+ if(console_fd == -1) {
+ fprintf(stderr, "Could not open %s for writing\n",
+ console_device != NULL ? console_device : "/dev/tty0 or /dev/vc/0");
+ printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */
+ perror("open");
+ exit(1);
+ }
+
+ if (ioctl(console_fd, EVIOCGSND(0)) != -1)
+ console_type = BEEP_TYPE_EVDEV;
+ else
+ console_type = BEEP_TYPE_CONSOLE;
+
/* this outermost while loop handles the possibility that -n/--new has been
used, i.e. that we have multiple beeps specified. Each iteration will
play, then free() one parms instance. */
@@ -366,8 +361,8 @@ int main(int argc, char **argv) {
parms = next;
}
- if(console_device)
- free(console_device);
+ close(console_fd);
+ console_fd = -1;
return EXIT_SUCCESS;
}
--
2.7.5