libosip2: add that fixes multiple CVEs

This commit adds a patch copied from Debian that addresses the following bugs: CVE-2016-10324 CVE-2016-10325 CVE-2016-10326 CVE-2017-7853 Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
2018-01-15 20:01:55 +01:00 · 2018-01-15 20:01:55 +01:00 · f9f74ca869
commit f9f74ca869
parent f7abf90be9
2 changed files with 70 additions and 1 deletions
--- a/libs/libosip2/Makefile
+++ b/libs/libosip2/Makefile
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=libosip2
 PKG_VERSION:=4.1.0
-PKG_RELEASE:=1
+PKG_RELEASE:=2

 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=@GNU/osip
--- a/libs/libosip2/patches/002-CVE-2016-10324_CVE-2016-10325_CVE-2016-10326_CVE-2017-7853.patch
+++ b/libs/libosip2/patches/002-CVE-2016-10324_CVE-2016-10325_CVE-2016-10326_CVE-2017-7853.patch
@ -0,0 +1,69 @@
+Upstream patches by Aymeric Moizard <amoizard@gmail.com>:
+
+7e0793e15e21f68337e130c67b031ca38edf055f
+1d9fb1d3a71cc85ef95352e549b140c706cf8696
+b9dd097b5b24f5ee54b0a8739e59641cd51b6ead
+1ae06daf3b2375c34af23083394a6f010be24a45
+
+--- libosip2-4.1.0.orig/src/osipparser2/osip_body.c
+++ libosip2-4.1.0/src/osipparser2/osip_body.c
+@@ -417,6 +417,14 @@ osip_body_to_str (const osip_body_t * bo
+   }
+ 
+   if ((osip_list_size (body->headers) > 0) || (body->content_type != NULL)) {
+    if (length < tmp_body - ptr + 3) {
+      size_t len;
+
+      len = tmp_body - ptr;
+      length = length + 3 + body->length; /* add body->length, to avoid calling realloc often */
+      ptr = osip_realloc (ptr, length);
+      tmp_body = ptr + len;
+    }
+     tmp_body = osip_strn_append (tmp_body, CRLF, 2);
+   }
+   if (length < tmp_body - ptr + body->length + 4) {
+--- libosip2-4.1.0.orig/src/osipparser2/osip_message_parse.c
+++ libosip2-4.1.0/src/osipparser2/osip_message_parse.c
+@@ -812,6 +812,12 @@ msg_osip_body_parse (osip_message_t * si
+     if ('\n' == start_of_body[0] || '\r' == start_of_body[0])
+       start_of_body++;
+ 
+    /* if message body is empty or contains a single CR/LF */
+    if (end_of_body <= start_of_body) {
+      osip_free (sep_boundary);
+      return OSIP_SYNTAXERROR;
+    }
+
+     body_len = end_of_body - start_of_body;
+ 
+     /* Skip CR before end boundary. */
+--- libosip2-4.1.0.orig/src/osipparser2/osip_message_to_str.c
+++ libosip2-4.1.0/src/osipparser2/osip_message_to_str.c
+@@ -378,6 +378,13 @@ _osip_message_to_str (osip_message_t * s
+     /* A start-line isn't required for message/sipfrag parts. */
+   }
+   else {
+    size_t message_len = strlen(tmp);
+    if (_osip_message_realloc (&message, dest, message_len + 3, &malloc_size) < 0) {
+      osip_free (tmp);
+      *dest = NULL;
+      return OSIP_NOMEM;
+    }
+
+     message = osip_str_append (message, tmp);
+     osip_free (tmp);
+     message = osip_strn_append (message, CRLF, 2);
+--- libosip2-4.1.0.orig/src/osipparser2/osip_port.c
+++ libosip2-4.1.0/src/osipparser2/osip_port.c
+@@ -1462,8 +1462,10 @@ osip_clrncpy (char *dst, const char *src
+   char *p;
+   size_t spaceless_length;
+ 
+-  if (src == NULL)
+  if (src == NULL || len == 0) {
+    *dst = '\0';
+     return NULL;
+  }
+ 
+   /* find the start of relevant text */
+   pbeg = src;