Index: head/archivers/brotli/Makefile =================================================================== --- head/archivers/brotli/Makefile (revision 410663) +++ head/archivers/brotli/Makefile (revision 410664) @@ -1,27 +1,28 @@ # Created by: Sunpoet Po-Chuan Hsieh # $FreeBSD$ PORTNAME= brotli PORTVERSION= 0.3.0 DISTVERSIONPREFIX= v +PORTREVISION= 1 CATEGORIES= archivers MAINTAINER= sunpoet@FreeBSD.org COMMENT= Generic-purpose lossless compression algorithm LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE USE_PYTHON= autoplist distutils USES= compiler:c++0x python PLIST_FILES= bin/brotli GH_ACCOUNT= google USE_GITHUB= yes post-install: ${INSTALL_SCRIPT} ${WRKSRC}/python/bro.py ${STAGEDIR}${PREFIX}/bin/brotli ${STRIP_CMD} ${STAGEDIR}${PYTHON_SITELIBDIR}/brotli.so .include Index: head/archivers/brotli/files/patch-CVE-2016-1624 =================================================================== --- head/archivers/brotli/files/patch-CVE-2016-1624 (nonexistent) +++ head/archivers/brotli/files/patch-CVE-2016-1624 (revision 410664) @@ -0,0 +1,24 @@ +From 37a320dd81db8d546cd24a45b4c61d87b45dcade Mon Sep 17 00:00:00 2001 +From: eustas +Date: Thu, 4 Feb 2016 15:35:44 +0100 +Subject: [PATCH] Fix possible pointer underflow + +--- + dec/decode.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/dec/decode.c b/dec/decode.c +index 920959c..892a254 100644 +--- dec/decode.c ++++ dec/decode.c +@@ -1714,6 +1714,10 @@ static BROTLI_INLINE BrotliResult ProcessCommandsInternal(int safe, + } else { + const uint8_t *ringbuffer_end_minus_copy_length = + s->ringbuffer_end - i; ++ /* Check for possible underflow and clamp the pointer to 0. */ ++ if (PREDICT_FALSE(s->ringbuffer_end < (const uint8_t*)0 + i)) { ++ ringbuffer_end_minus_copy_length = 0; ++ } + uint8_t* copy_src = &s->ringbuffer[ + (pos - s->distance_code) & s->ringbuffer_mask]; + uint8_t* copy_dst = &s->ringbuffer[pos]; Property changes on: head/archivers/brotli/files/patch-CVE-2016-1624 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property Index: head/devel/libbrotli/Makefile =================================================================== --- head/devel/libbrotli/Makefile (revision 410663) +++ head/devel/libbrotli/Makefile (revision 410664) @@ -1,31 +1,33 @@ # Created by: Sergey A. Osokin # $FreeBSD$ PORTNAME= libbrotli PORTVERSION= ${BROTLI_VERSION} -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= devel archivers MAINTAINER= osa@FreeBSD.org COMMENT= Library for generic-purpose lossless compression algorithm LICENSE= MIT LIBBROTLI_VERSION= 347bc0f BROTLI_VERSION= 0.3.0 USE_GITHUB= yes GH_ACCOUNT= bagder google:brotli GH_PROJECT= brotli:brotli GH_TAGNAME= ${LIBBROTLI_VERSION} v${BROTLI_VERSION}:brotli USES= pkgconfig autoreconf libtool compiler:c++0x GNU_CONFIGURE= yes MAKE_JOBS_UNSAFE= yes USE_LDCONFIG= yes -pre-configure: +post-extract: ${RMDIR} ${WRKSRC}/brotli && ${MV} ${WRKDIR}/brotli-${BROTLI_VERSION} ${WRKSRC}/brotli + +pre-configure: cd ${WRKSRC} && ./autogen.sh .include Index: head/devel/libbrotli/files/patch-CVE-2016-1624 =================================================================== --- head/devel/libbrotli/files/patch-CVE-2016-1624 (nonexistent) +++ head/devel/libbrotli/files/patch-CVE-2016-1624 (revision 410664) @@ -0,0 +1,24 @@ +From 37a320dd81db8d546cd24a45b4c61d87b45dcade Mon Sep 17 00:00:00 2001 +From: eustas +Date: Thu, 4 Feb 2016 15:35:44 +0100 +Subject: [PATCH] Fix possible pointer underflow + +--- + dec/decode.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/dec/decode.c b/dec/decode.c +index 920959c..892a254 100644 +--- brotli/dec/decode.c ++++ brotli/dec/decode.c +@@ -1714,6 +1714,10 @@ static BROTLI_INLINE BrotliResult ProcessCommandsInternal(int safe, + } else { + const uint8_t *ringbuffer_end_minus_copy_length = + s->ringbuffer_end - i; ++ /* Check for possible underflow and clamp the pointer to 0. */ ++ if (PREDICT_FALSE(s->ringbuffer_end < (const uint8_t*)0 + i)) { ++ ringbuffer_end_minus_copy_length = 0; ++ } + uint8_t* copy_src = &s->ringbuffer[ + (pos - s->distance_code) & s->ringbuffer_mask]; + uint8_t* copy_dst = &s->ringbuffer[pos]; Property changes on: head/devel/libbrotli/files/patch-CVE-2016-1624 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property