Page MenuHomeFreeBSD
Files F160929555

D3385.id.diff
No OneTemporary
Actions

D3385.id.diff
View Options

Index: head/emulators/qemu-sbruno/Makefile
===================================================================
--- head/emulators/qemu-sbruno/Makefile
+++ head/emulators/qemu-sbruno/Makefile
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= qemu
-PORTVERSION= 2.3.50.g20150713
+PORTVERSION= 2.4.50.g20150814
CATEGORIES= emulators
MASTER_SITES= GH \
LOCAL/nox \
@@ -20,7 +20,7 @@
USE_GITHUB= yes
GH_ACCOUNT= seanbruno
GH_PROJECT= ${PORTNAME}-bsd-user
-GH_TAGNAME= 754fb51
+GH_TAGNAME= 6764363
HAS_CONFIGURE= yes
USES= gmake pkgconfig bison perl5 python:2,build
USE_PERL5= build
Index: head/emulators/qemu-sbruno/distinfo
===================================================================
--- head/emulators/qemu-sbruno/distinfo
+++ head/emulators/qemu-sbruno/distinfo
@@ -1,4 +1,4 @@
-SHA256 (qemu/2.3.50.g20150713/seanbruno-qemu-bsd-user-2.3.50.g20150713-754fb51_GH0.tar.gz) = 82cbaecd850009fb1a69fc9615dce827642689e27fb9d20d1e86a58978eb27d2
-SIZE (qemu/2.3.50.g20150713/seanbruno-qemu-bsd-user-2.3.50.g20150713-754fb51_GH0.tar.gz) = 11012856
-SHA256 (qemu/2.3.50.g20150713/dtc-v1.4.0.tar.gz) = 39d0713efd82a27adc065ecb9ef36401c53d5ee87ae1764e2bb243fcd97488e3
-SIZE (qemu/2.3.50.g20150713/dtc-v1.4.0.tar.gz) = 131893
+SHA256 (qemu/2.4.50.g20150814/seanbruno-qemu-bsd-user-2.4.50.g20150814-6764363_GH0.tar.gz) = 6fef33fc642016ef762943e4327d6a88bff216121ec98157205ddcdc8c876870
+SIZE (qemu/2.4.50.g20150814/seanbruno-qemu-bsd-user-2.4.50.g20150814-6764363_GH0.tar.gz) = 11272282
+SHA256 (qemu/2.4.50.g20150814/dtc-v1.4.0.tar.gz) = 39d0713efd82a27adc065ecb9ef36401c53d5ee87ae1764e2bb243fcd97488e3
+SIZE (qemu/2.4.50.g20150814/dtc-v1.4.0.tar.gz) = 131893
Index: head/emulators/qemu-sbruno/files/patch-CVE-2015-3209
===================================================================
--- head/emulators/qemu-sbruno/files/patch-CVE-2015-3209
+++ head/emulators/qemu-sbruno/files/patch-CVE-2015-3209
@@ -1,45 +0,0 @@
-From 2630672ab22255de252f877709851c0557a1c647 Mon Sep 17 00:00:00 2001
-From: Petr Matousek <pmatouse@redhat.com>
-Date: Sun, 24 May 2015 10:53:44 +0200
-Subject: [PATCH] pcnet: force the buffer access to be in bounds during tx
-
-4096 is the maximum length per TMD and it is also currently the size of
-the relay buffer pcnet driver uses for sending the packet data to QEMU
-for further processing. With packet spanning multiple TMDs it can
-happen that the overall packet size will be bigger than sizeof(buffer),
-which results in memory corruption.
-
-Fix this by only allowing to queue maximum sizeof(buffer) bytes.
-
-This is CVE-2015-3209.
-
-Signed-off-by: Petr Matousek <pmatouse@redhat.com>
-Reported-by: Matt Tait <matttait@google.com>
-Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
-Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
----
- hw/net/pcnet.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c
-index bdfd38f..6d32e4c 100644
---- a/hw/net/pcnet.c
-+++ b/hw/net/pcnet.c
-@@ -1241,6 +1241,14 @@ static void pcnet_transmit(PCNetState *s)
- }
-
- bcnt = 4096 - GET_FIELD(tmd.length, TMDL, BCNT);
-+
-+ /* if multi-tmd packet outsizes s->buffer then skip it silently.
-+ Note: this is not what real hw does */
-+ if (s->xmit_pos + bcnt > sizeof(s->buffer)) {
-+ s->xmit_pos = -1;
-+ goto txdone;
-+ }
-+
- s->phys_mem_read(s->dma_opaque, PHYSADDR(s, tmd.tbadr),
- s->buffer + s->xmit_pos, bcnt, CSR_BSWP(s));
- s->xmit_pos += bcnt;
---
-2.1.0
-
Index: head/emulators/qemu-sbruno/files/patch-include-qemu-aes.h
===================================================================
--- head/emulators/qemu-sbruno/files/patch-include-qemu-aes.h
+++ head/emulators/qemu-sbruno/files/patch-include-qemu-aes.h
@@ -1,18 +0,0 @@
---- a/include/qemu/aes.h
-+++ b/include/qemu/aes.h
-@@ -10,6 +10,15 @@ struct aes_key_st {
- };
- typedef struct aes_key_st AES_KEY;
-
-+/* FreeBSD has it's own AES_set_decrypt_key in -lcrypto, avoid conflicts */
-+#ifdef __FreeBSD__
-+#define AES_set_encrypt_key QEMU_AES_set_encrypt_key
-+#define AES_set_decrypt_key QEMU_AES_set_decrypt_key
-+#define AES_encrypt QEMU_AES_encrypt
-+#define AES_decrypt QEMU_AES_decrypt
-+#define AES_cbc_encrypt QEMU_AES_cbc_encrypt
-+#endif
-+
- int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
- AES_KEY *key);
- int AES_set_decrypt_key(const unsigned char *userKey, const int bits,

File Metadata

Mime Type
text/plain
Expires
Tue, Jun 30, 4:18 AM (16 h, 5 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
34483568
Default Alt Text
D3385.id.diff (4 KB)

Event Timeline