mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-11 21:59:08 -05:00
gnu: ocaml: Fix CVE-2015-8869.
* gnu/packages/patches/ocaml-CVE-2015-8869.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/ocaml.scm (ocaml): Use it.
This commit is contained in:
parent
73124d3422
commit
3854f3d7e4
3 changed files with 75 additions and 1 deletions
|
@ -642,6 +642,7 @@ dist_patch_DATA = \
|
|||
gnu/packages/patches/nvi-assume-preserve-path.patch \
|
||||
gnu/packages/patches/nvi-dbpagesize-binpower.patch \
|
||||
gnu/packages/patches/nvi-db4.patch \
|
||||
gnu/packages/patches/ocaml-CVE-2015-8869.patch \
|
||||
gnu/packages/patches/ocaml-findlib-make-install.patch \
|
||||
gnu/packages/patches/openexr-missing-samples.patch \
|
||||
gnu/packages/patches/openimageio-boost-1.60.patch \
|
||||
|
|
|
@ -60,7 +60,8 @@ (define-public ocaml
|
|||
"/ocaml-" version ".tar.xz"))
|
||||
(sha256
|
||||
(base32
|
||||
"1qwwvy8nzd87hk8rd9sm667nppakiapnx4ypdwcrlnav2dz6kil3"))))
|
||||
"1qwwvy8nzd87hk8rd9sm667nppakiapnx4ypdwcrlnav2dz6kil3"))
|
||||
(patches (search-patches "ocaml-CVE-2015-8869.patch"))))
|
||||
(build-system gnu-build-system)
|
||||
(native-search-paths
|
||||
(list (search-path-specification
|
||||
|
|
72
gnu/packages/patches/ocaml-CVE-2015-8869.patch
Normal file
72
gnu/packages/patches/ocaml-CVE-2015-8869.patch
Normal file
|
@ -0,0 +1,72 @@
|
|||
Adapted from upstream commit 659615c7b100a89eafe6253e7a5b9d84d0e8df74,
|
||||
this patch omits the upstream changes to 'Changes' and 'VERSION'.
|
||||
|
||||
http://seclists.org/oss-sec/2016/q2/170
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8869
|
||||
https://github.com/ocaml/ocaml/commit/659615c7b100a89eafe6253e7a5b9d84d0e8df74
|
||||
---
|
||||
byterun/alloc.c | 4 ++--
|
||||
byterun/intern.c | 2 +-
|
||||
byterun/str.c | 4 ++--
|
||||
3 files changed, 5 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/byterun/alloc.c b/byterun/alloc.c
|
||||
index 96a21bf..0db9947 100644
|
||||
--- a/byterun/alloc.c
|
||||
+++ b/byterun/alloc.c
|
||||
@@ -153,7 +153,7 @@ CAMLexport int caml_convert_flag_list(value list, int *flags)
|
||||
/* [size] is a [value] representing number of words (fields) */
|
||||
CAMLprim value caml_alloc_dummy(value size)
|
||||
{
|
||||
- mlsize_t wosize = Int_val(size);
|
||||
+ mlsize_t wosize = Long_val(size);
|
||||
|
||||
if (wosize == 0) return Atom(0);
|
||||
return caml_alloc (wosize, 0);
|
||||
@@ -169,7 +169,7 @@ CAMLprim value caml_alloc_dummy_function(value size,value arity)
|
||||
/* [size] is a [value] representing number of floats. */
|
||||
CAMLprim value caml_alloc_dummy_float (value size)
|
||||
{
|
||||
- mlsize_t wosize = Int_val(size) * Double_wosize;
|
||||
+ mlsize_t wosize = Long_val(size) * Double_wosize;
|
||||
|
||||
if (wosize == 0) return Atom(0);
|
||||
return caml_alloc (wosize, 0);
|
||||
diff --git a/byterun/intern.c b/byterun/intern.c
|
||||
index 89d13d1..7b8d049 100644
|
||||
--- a/byterun/intern.c
|
||||
+++ b/byterun/intern.c
|
||||
@@ -291,7 +291,7 @@ static void intern_rec(value *dest)
|
||||
case OFreshOID:
|
||||
/* Refresh the object ID */
|
||||
/* but do not do it for predefined exception slots */
|
||||
- if (Int_val(Field((value)dest, 1)) >= 0)
|
||||
+ if (Long_val(Field((value)dest, 1)) >= 0)
|
||||
caml_set_oo_id((value)dest);
|
||||
/* Pop item and iterate */
|
||||
sp--;
|
||||
diff --git a/byterun/str.c b/byterun/str.c
|
||||
index 5ad4e29..885772f 100644
|
||||
--- a/byterun/str.c
|
||||
+++ b/byterun/str.c
|
||||
@@ -266,7 +266,7 @@ CAMLprim value caml_string_greaterequal(value s1, value s2)
|
||||
CAMLprim value caml_blit_string(value s1, value ofs1, value s2, value ofs2,
|
||||
value n)
|
||||
{
|
||||
- memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Int_val(n));
|
||||
+ memmove(&Byte(s2, Long_val(ofs2)), &Byte(s1, Long_val(ofs1)), Long_val(n));
|
||||
return Val_unit;
|
||||
}
|
||||
|
||||
@@ -278,7 +278,7 @@ CAMLprim value caml_fill_string(value s, value offset, value len, value init)
|
||||
|
||||
CAMLprim value caml_bitvect_test(value bv, value n)
|
||||
{
|
||||
- int pos = Int_val(n);
|
||||
+ intnat pos = Long_val(n);
|
||||
return Val_int(Byte_u(bv, pos >> 3) & (1 << (pos & 7)));
|
||||
}
|
||||
|
||||
--
|
||||
2.7.4
|
||||
|
Loading…
Reference in a new issue