Index: user/cperciva/freebsd-update-build/patches/10.3-RELEASE/11-SA-16:31.libarchive =================================================================== --- user/cperciva/freebsd-update-build/patches/10.3-RELEASE/11-SA-16:31.libarchive (revision 307874) +++ user/cperciva/freebsd-update-build/patches/10.3-RELEASE/11-SA-16:31.libarchive (nonexistent) @@ -1,321 +0,0 @@ ---- contrib/libarchive/libarchive/test/test_write_disk_secure744.c.orig -+++ contrib/libarchive/libarchive/test/test_write_disk_secure744.c -@@ -93,98 +93,3 @@ - free(buff); - #endif - } --/*- -- * Copyright (c) 2003-2007,2016 Tim Kientzle -- * All rights reserved. -- * -- * Redistribution and use in source and binary forms, with or without -- * modification, are permitted provided that the following conditions -- * are met: -- * 1. Redistributions of source code must retain the above copyright -- * notice, this list of conditions and the following disclaimer. -- * 2. Redistributions in binary form must reproduce the above copyright -- * notice, this list of conditions and the following disclaimer in the -- * documentation and/or other materials provided with the distribution. -- * -- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -- * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, -- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- */ --#include "test.h" --__FBSDID("$FreeBSD$"); -- --#define UMASK 022 -- --/* -- * Github Issue #744 describes a bug in the sandboxing code that -- * causes very long pathnames to not get checked for symlinks. -- */ -- --DEFINE_TEST(test_write_disk_secure744) --{ --#if defined(_WIN32) && !defined(__CYGWIN__) -- skipping("archive_write_disk security checks not supported on Windows"); --#else -- struct archive *a; -- struct archive_entry *ae; -- size_t buff_size = 8192; -- char *buff = malloc(buff_size); -- char *p = buff; -- int n = 0; -- int t; -- -- assert(buff != NULL); -- -- /* Start with a known umask. */ -- assertUmask(UMASK); -- -- /* Create an archive_write_disk object. */ -- assert((a = archive_write_disk_new()) != NULL); -- archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_SYMLINKS); -- -- while (p + 500 < buff + buff_size) { -- memset(p, 'x', 100); -- p += 100; -- p[0] = '\0'; -- -- buff[0] = ((n / 1000) % 10) + '0'; -- buff[1] = ((n / 100) % 10)+ '0'; -- buff[2] = ((n / 10) % 10)+ '0'; -- buff[3] = ((n / 1) % 10)+ '0'; -- buff[4] = '_'; -- ++n; -- -- /* Create a symlink pointing to the testworkdir */ -- assert((ae = archive_entry_new()) != NULL); -- archive_entry_copy_pathname(ae, buff); -- archive_entry_set_mode(ae, S_IFREG | 0777); -- archive_entry_copy_symlink(ae, testworkdir); -- assertEqualIntA(a, ARCHIVE_OK, archive_write_header(a, ae)); -- archive_entry_free(ae); -- -- *p++ = '/'; -- sprintf(p, "target%d", n); -- -- /* Try to create a file through the symlink, should fail. */ -- assert((ae = archive_entry_new()) != NULL); -- archive_entry_copy_pathname(ae, buff); -- archive_entry_set_mode(ae, S_IFDIR | 0777); -- -- t = archive_write_header(a, ae); -- archive_entry_free(ae); -- failure("Attempt to create target%d via %d-character symlink should have failed", n, (int)strlen(buff)); -- if(!assertEqualInt(ARCHIVE_FAILED, t)) { -- break; -- } -- } -- archive_free(a); -- free(buff); --#endif --} ---- contrib/libarchive/libarchive/test/test_write_disk_secure745.c.orig -+++ contrib/libarchive/libarchive/test/test_write_disk_secure745.c -@@ -77,82 +77,3 @@ - archive_write_free(a); - #endif - } --/*- -- * Copyright (c) 2003-2007,2016 Tim Kientzle -- * All rights reserved. -- * -- * Redistribution and use in source and binary forms, with or without -- * modification, are permitted provided that the following conditions -- * are met: -- * 1. Redistributions of source code must retain the above copyright -- * notice, this list of conditions and the following disclaimer. -- * 2. Redistributions in binary form must reproduce the above copyright -- * notice, this list of conditions and the following disclaimer in the -- * documentation and/or other materials provided with the distribution. -- * -- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -- * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, -- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- */ --#include "test.h" --__FBSDID("$FreeBSD$"); -- --#define UMASK 022 -- --/* -- * Github Issue #745 describes a bug in the sandboxing code that -- * allows one to use a symlink to edit the permissions on a file or -- * directory outside of the sandbox. -- */ -- --DEFINE_TEST(test_write_disk_secure745) --{ --#if defined(_WIN32) && !defined(__CYGWIN__) -- skipping("archive_write_disk security checks not supported on Windows"); --#else -- struct archive *a; -- struct archive_entry *ae; -- -- /* Start with a known umask. */ -- assertUmask(UMASK); -- -- /* Create an archive_write_disk object. */ -- assert((a = archive_write_disk_new()) != NULL); -- archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_SYMLINKS); -- -- /* The target dir: The one we're going to try to change permission on */ -- assertMakeDir("target", 0700); -- -- /* The sandbox dir we're going to run inside of. */ -- assertMakeDir("sandbox", 0700); -- assertChdir("sandbox"); -- -- /* Create a symlink pointing to the target directory */ -- assert((ae = archive_entry_new()) != NULL); -- archive_entry_copy_pathname(ae, "sym"); -- archive_entry_set_mode(ae, AE_IFLNK | 0777); -- archive_entry_copy_symlink(ae, "../target"); -- assert(0 == archive_write_header(a, ae)); -- archive_entry_free(ae); -- -- /* Try to alter the target dir through the symlink; this should fail. */ -- assert((ae = archive_entry_new()) != NULL); -- archive_entry_copy_pathname(ae, "sym"); -- archive_entry_set_mode(ae, S_IFDIR | 0777); -- assert(0 == archive_write_header(a, ae)); -- archive_entry_free(ae); -- -- /* Permission of target dir should not have changed. */ -- assertFileMode("../target", 0700); -- -- assert(0 == archive_write_close(a)); -- archive_write_free(a); --#endif --} ---- contrib/libarchive/libarchive/test/test_write_disk_secure746.c.orig -+++ contrib/libarchive/libarchive/test/test_write_disk_secure746.c -@@ -127,132 +127,3 @@ - archive_write_free(a); - #endif - } --/*- -- * Copyright (c) 2003-2007,2016 Tim Kientzle -- * All rights reserved. -- * -- * Redistribution and use in source and binary forms, with or without -- * modification, are permitted provided that the following conditions -- * are met: -- * 1. Redistributions of source code must retain the above copyright -- * notice, this list of conditions and the following disclaimer. -- * 2. Redistributions in binary form must reproduce the above copyright -- * notice, this list of conditions and the following disclaimer in the -- * documentation and/or other materials provided with the distribution. -- * -- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR -- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -- * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, -- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -- */ --#include "test.h" --__FBSDID("$FreeBSD$"); -- --#define UMASK 022 -- --/* -- * Github Issue #746 describes a problem in which hardlink targets are -- * not adequately checked and can be used to modify entries outside of -- * the sandbox. -- */ -- --/* -- * Verify that ARCHIVE_EXTRACT_SECURE_NODOTDOT disallows '..' in hardlink -- * targets. -- */ --DEFINE_TEST(test_write_disk_secure746a) --{ --#if defined(_WIN32) && !defined(__CYGWIN__) -- skipping("archive_write_disk security checks not supported on Windows"); --#else -- struct archive *a; -- struct archive_entry *ae; -- -- /* Start with a known umask. */ -- assertUmask(UMASK); -- -- /* The target directory we're going to try to affect. */ -- assertMakeDir("target", 0700); -- assertMakeFile("target/foo", 0700, "unmodified"); -- -- /* The sandbox dir we're going to work within. */ -- assertMakeDir("sandbox", 0700); -- assertChdir("sandbox"); -- -- /* Create an archive_write_disk object. */ -- assert((a = archive_write_disk_new()) != NULL); -- archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_NODOTDOT); -- -- /* Attempt to hardlink to the target directory. */ -- assert((ae = archive_entry_new()) != NULL); -- archive_entry_copy_pathname(ae, "bar"); -- archive_entry_set_mode(ae, AE_IFREG | 0777); -- archive_entry_set_size(ae, 8); -- archive_entry_copy_hardlink(ae, "../target/foo"); -- assertEqualInt(ARCHIVE_FAILED, archive_write_header(a, ae)); -- assertEqualInt(ARCHIVE_FATAL, archive_write_data(a, "modified", 8)); -- archive_entry_free(ae); -- -- /* Verify that target file contents are unchanged. */ -- assertTextFileContents("unmodified", "../target/foo"); --#endif --} -- --/* -- * Verify that ARCHIVE_EXTRACT_SECURE_NOSYMLINK disallows symlinks in hardlink -- * targets. -- */ --DEFINE_TEST(test_write_disk_secure746b) --{ --#if defined(_WIN32) && !defined(__CYGWIN__) -- skipping("archive_write_disk security checks not supported on Windows"); --#else -- struct archive *a; -- struct archive_entry *ae; -- -- /* Start with a known umask. */ -- assertUmask(UMASK); -- -- /* The target directory we're going to try to affect. */ -- assertMakeDir("target", 0700); -- assertMakeFile("target/foo", 0700, "unmodified"); -- -- /* The sandbox dir we're going to work within. */ -- assertMakeDir("sandbox", 0700); -- assertChdir("sandbox"); -- -- /* Create an archive_write_disk object. */ -- assert((a = archive_write_disk_new()) != NULL); -- archive_write_disk_set_options(a, ARCHIVE_EXTRACT_SECURE_SYMLINKS); -- -- /* Create a symlink to the target directory. */ -- assert((ae = archive_entry_new()) != NULL); -- archive_entry_copy_pathname(ae, "symlink"); -- archive_entry_set_mode(ae, AE_IFLNK | 0777); -- archive_entry_copy_symlink(ae, "../target"); -- assertEqualIntA(a, ARCHIVE_OK, archive_write_header(a, ae)); -- archive_entry_free(ae); -- -- /* Attempt to hardlink to the target directory via the symlink. */ -- assert((ae = archive_entry_new()) != NULL); -- archive_entry_copy_pathname(ae, "bar"); -- archive_entry_set_mode(ae, AE_IFREG | 0777); -- archive_entry_set_size(ae, 8); -- archive_entry_copy_hardlink(ae, "symlink/foo"); -- assertEqualIntA(a, ARCHIVE_FAILED, archive_write_header(a, ae)); -- assertEqualIntA(a, ARCHIVE_FATAL, archive_write_data(a, "modified", 8)); -- archive_entry_free(ae); -- -- /* Verify that target file contents are unchanged. */ -- assertTextFileContents("unmodified", "../target/foo"); -- -- assertEqualIntA(a, ARCHIVE_FATAL, archive_write_close(a)); -- archive_write_free(a); --#endif --} Index: user/cperciva/freebsd-update-build/patches/10.3-RELEASE/11-SA-16:15.sysarch =================================================================== --- user/cperciva/freebsd-update-build/patches/10.3-RELEASE/11-SA-16:15.sysarch (nonexistent) +++ user/cperciva/freebsd-update-build/patches/10.3-RELEASE/11-SA-16:15.sysarch (revision 307875) @@ -0,0 +1,21 @@ +--- sys/amd64/amd64/sys_machdep.c.orig ++++ sys/amd64/amd64/sys_machdep.c +@@ -608,6 +608,8 @@ + largest_ld = uap->start + uap->num; + if (largest_ld > max_ldt_segment) + largest_ld = max_ldt_segment; ++ if (largest_ld < uap->start) ++ return (EINVAL); + i = largest_ld - uap->start; + mtx_lock(&dt_lock); + bzero(&((struct user_segment_descriptor *)(pldt->ldt_base)) +@@ -620,7 +622,8 @@ + /* verify range of descriptors to modify */ + largest_ld = uap->start + uap->num; + if (uap->start >= max_ldt_segment || +- largest_ld > max_ldt_segment) ++ largest_ld > max_ldt_segment || ++ largest_ld < uap->start) + return (EINVAL); + } +