!34 [sync] PR-29: fix CVE-2023-31975

From: @openeuler-sync-bot Reviewed-by: @dillon_chen Signed-off-by: @dillon_chen
fix CVE-2023-31975
2024-01-05 07:20:18 +00:00 · 2023-08-18 11:13:53 +08:00 · 2023-08-15 09:19:49 +00:00 · 2023-08-15 10:55:51 +08:00 · 2022-11-08 11:20:13 +00:00 · 2022-10-31 11:20:20 +08:00
8 changed files with 180 additions and 75 deletions
--- a/CVE-2023-31975.patch
+++ b/CVE-2023-31975.patch
@ -0,0 +1,27 @@
 From b2cc5a1693b17ac415df76d0795b15994c106441 Mon Sep 17 00:00:00 2001
 From: Katsuhiko Gondow <gondow@cs.titech.ac.jp>
 Date: Tue, 13 Jun 2023 05:00:47 +0900
 Subject: [PATCH] Fix memory leak in bin-objfmt (#231)
 ---
 modules/objfmts/bin/bin-objfmt.c | 4 ++++
 1 file changed, 4 insertions(+)
 diff --git a/modules/objfmts/bin/bin-objfmt.c b/modules/objfmts/bin/bin-objfmt.c
 index 18026750..a38c3422 100644
 --- a/modules/objfmts/bin/bin-objfmt.c
 +++ b/modules/objfmts/bin/bin-objfmt.c
@@ -1680,6 +1680,10 @@ static void
 bin_section_data_destroy(void *data)
 {
     bin_section_data *bsd = (bin_section_data *)data;
 +    if (bsd->align)
 +        yasm_xfree(bsd->align);
 +    if (bsd->valign)
 +        yasm_xfree(bsd->valign);
     if (bsd->start)
         yasm_expr_destroy(bsd->start);
     if (bsd->vstart)
 -- 
 2.41.0.windows.3
--- a/CVE-2023-37732.patch
+++ b/CVE-2023-37732.patch
@ -0,0 +1,37 @@
 From 2cd3bb50e256f5ed5f611ac611d25fe673f2cec3 Mon Sep 17 00:00:00 2001
 From: Peter Johnson <johnson.peter@gmail.com>
 Date: Fri, 30 Jun 2023 08:08:55 -0700
 Subject: [PATCH] elf.c: Fix NULL deref on bad xsize expression (#234)
 ---
 modules/objfmts/elf/elf.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)
 diff --git a/modules/objfmts/elf/elf.c b/modules/objfmts/elf/elf.c
 index 67fe3f26..1ee98bfd 100644
 --- a/modules/objfmts/elf/elf.c
 +++ b/modules/objfmts/elf/elf.c
@@ -482,15 +482,15 @@ elf_symtab_write_to_file(FILE *f, elf_symtab_head *symtab,
         /* get size (if specified); expr overrides stored integer */
         if (entry->xsize) {
 -            size_intn = yasm_intnum_copy(
 -                yasm_expr_get_intnum(&entry->xsize, 1));
 -            if (!size_intn) {
 +            yasm_intnum *intn = yasm_expr_get_intnum(&entry->xsize, 1);
 +            if (!intn) {
                 yasm_error_set(YASM_ERROR_VALUE,
                                N_("size specifier not an integer expression"));
                 yasm_errwarn_propagate(errwarns, entry->xsize->line);
 -            }
 +            } else
 +                size_intn = yasm_intnum_copy(intn);
         }
 -        else
 +        if (!size_intn)
             size_intn = yasm_intnum_create_uint(entry->size);
         /* get EQU value for constants */
 -- 
 2.41.0.windows.3
--- a/README.en.md
+++ b/README.en.md
@ -1,36 +0,0 @@
 # yasm
 #### Description
 {**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**}
 #### Software Architecture
 Software architecture description
 #### Installation
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### Instructions
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### Contribution
 1.  Fork the repository
 2.  Create Feat_xxx branch
 3.  Commit your code
 4.  Create Pull Request
 #### Gitee Feature
 1.  You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md
 2.  Gitee blog [blog.gitee.com](https://blog.gitee.com)
 3.  Explore open source project [https://gitee.com/explore](https://gitee.com/explore)
 4.  The most valuable open source project [GVP](https://gitee.com/gvp)
 5.  The manual of Gitee [https://gitee.com/help](https://gitee.com/help)
 6.  The most popular members  [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
--- a/README.md
+++ b/README.md
@ -1,39 +0,0 @@
 # yasm
 #### 介绍
 {**以下是码云平台说明，您可以替换此简介**
 码云是 OSCHINA 推出的基于 Git 的代码托管平台（同时支持 SVN）。专为开发者提供稳定、高效、安全的云端软件开发协作平台
 无论是个人、团队、或是企业，都能够用码云实现代码托管、项目管理、协作开发。企业项目请看 [https://gitee.com/enterprises](https://gitee.com/enterprises)}
 #### 软件架构
 软件架构说明
 #### 安装教程
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### 使用说明
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### 参与贡献
 1.  Fork 本仓库
 2.  新建 Feat_xxx 分支
 3.  提交代码
 4.  新建 Pull Request
 #### 码云特技
 1.  使用 Readme\_XXX.md 来支持不同的语言，例如 Readme\_en.md, Readme\_zh.md
 2.  码云官方博客 [blog.gitee.com](https://blog.gitee.com)
 3.  你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解码云上的优秀开源项目
 4.  [GVP](https://gitee.com/gvp) 全称是码云最有价值开源项目，是码云综合评定出的优秀开源项目
 5.  码云官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help)
 6.  码云封面人物是一档用来展示码云会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
--- a/yasm-1.3.0-sw.patch
+++ b/yasm-1.3.0-sw.patch
@ -0,0 +1,49 @@
 diff -Nuar yasm-1.3.0.org/configure yasm-1.3.0.sw/configure
 --- yasm-1.3.0.org/configure	2022-05-26 14:47:18.140000000 +0000
 +++ yasm-1.3.0.sw/configure	2022-05-26 14:50:16.340000000 +0000
@@ -10262,7 +10262,7 @@
 typedef unsigned long long uint64_t;
 #endif
 -#elif defined __alpha || (defined __mips && defined _ABIN32)
 +#elif defined __alpha || defined __sw_64 || (defined __mips && defined _ABIN32)
 #if !defined _NO_LONGLONG
 typedef long int64_t;
 typedef unsigned long uint64_t;
 diff -Nuar yasm-1.3.0.org/m4/ax_create_stdint_h.m4 yasm-1.3.0.sw/m4/ax_create_stdint_h.m4
 --- yasm-1.3.0.org/m4/ax_create_stdint_h.m4	2022-05-26 14:47:18.330000000 +0000
 +++ yasm-1.3.0.sw/m4/ax_create_stdint_h.m4	2022-05-26 14:47:53.800000000 +0000
@@ -392,7 +392,7 @@
 typedef unsigned long long uint64_t;
 #endif
 -#elif defined __alpha || (defined __mips && defined _ABIN32)
 +#elif defined __alpha || defined _sw_64 || (defined __mips && defined _ABIN32)
 #if !defined _NO_LONGLONG
 typedef long int64_t;
 typedef unsigned long uint64_t;
 diff -Nuar yasm-1.3.0.org/m4/intdiv0.m4 yasm-1.3.0.sw/m4/intdiv0.m4
 --- yasm-1.3.0.org/m4/intdiv0.m4	2022-05-26 14:47:18.330000000 +0000
 +++ yasm-1.3.0.sw/m4/intdiv0.m4	2022-05-26 14:48:19.760000000 +0000
@@ -54,7 +54,7 @@
         [
           # Guess based on the CPU.
           case "$host_cpu" in
 -            alpha* | i[34567]86 | m68k | s390*)
 +            alpha* | sw_64* | i[34567]86 | m68k | s390*)
               gt_cv_int_divbyzero_sigfpe="guessing yes";;
             *)
               gt_cv_int_divbyzero_sigfpe="guessing no";;
 diff -Nuar yasm-1.3.0.org/modules/objfmts/elf/elf.h yasm-1.3.0.sw/modules/objfmts/elf/elf.h
 --- yasm-1.3.0.org/modules/objfmts/elf/elf.h	2022-05-26 14:47:18.250000000 +0000
 +++ yasm-1.3.0.sw/modules/objfmts/elf/elf.h	2022-05-26 14:56:18.410000000 +0000
@@ -75,7 +75,8 @@
     EM_SPARCV9 = 43,                            /* SPARC v9 64-bit */
     EM_IA_64 = 50,                              /* Intel IA-64 */
     EM_X86_64 = 62,                             /* AMD x86-64 */
 -    EM_ALPHA = 0x9026                           /* Alpha (no ABI) */
 +    EM_ALPHA = 0x9026,                           /* Alpha (no ABI) */
 +    EM_SW_64 = 0x9916                           /* Sw_64 (no ABI) */
 } elf_machine;
 typedef enum {
--- a/yasm-1.3.0.tar.gz
+++ b/yasm-1.3.0.tar.gz
--- a/yasm.spec
+++ b/yasm.spec
@ -0,0 +1,63 @@
 Name:           yasm
 Version:        1.3.0
 Release:        12
 Summary:        NASM assembler
 License:        BSD
 URL:            http://yasm.tortall.net/
 Source0:        http://www.tortall.net/projects/yasm/releases/yasm-1.3.0.tar.gz
 Patch1:         yasm-1.3.0-sw.patch
 Patch2:         CVE-2023-37732.patch
 Patch3:         CVE-2023-31975.patch
 BuildRequires:  gcc bison byacc gettext-devel xmlto
 Provides:       bundled(md5-plumb)
 %description
 Yasm is a complete rewrite of the NASM assembler under the “new” BSD License.
 %package devel
 Summary:        The libraries and headers for yasm
 Requires:       yasm  = %{version}-%{release}
 Provides:       yasm-static = %{version}-%{release} bundled(md5-plumb)
 %description devel
 The package contains the libraries and headers necessary for the yasm Modular Assembler.
 %package_help
 %prep
 %autosetup -p1
 %build
 %configure
 %make_build
 %install
 rm -rf %{buildroot}
 %make_install
 %files
 %license Artistic.txt BSD.txt COPYING GNU_GPL-2.0 GNU_LGPL-2.0
 %doc AUTHORS
 %{_bindir}/*
 %files devel
 %{_includedir}/*
 %{_libdir}/libyasm.a
 %files help
 %{_mandir}/*
 %changelog
 * Tue Aug 15 2023 liningjie <liningjie@xfusion.com> - 1.3.0-12
 - fix CVE-2023-31975
 * Fri Aug 11 2023 liningjie <liningjie@xfusion.com> - 1.3.0-11
 - fix CVE-2023-37732
 * Wed Oct 26 2022 wuzx<wuzx1226@qq.com> - 1.3.0-10
 - Add sw64 architecture
 * Mon Jan 6 2020 qinjian <qinjian18@huawei.com> - 1.3.0-9
 - Package init
--- a/yasm.yaml
+++ b/yasm.yaml
@ -0,0 +1,4 @@
 version_control: github
 src_repo: yasm/yasm
 tag_prefix: ^v
 seperator: .
Author	SHA1	Message	Date
openeuler-ci-bot	954a69a3f9	!34 [sync] PR-29: fix CVE-2023-31975 From: @openeuler-sync-bot Reviewed-by: @dillon_chen Signed-off-by: @dillon_chen	2024-01-05 07:20:18 +00:00
liningjie	6573fd488c	fix CVE-2023-31975 (cherry picked from commit 2c12d973ef67f16cb250f35f5034cad6e8c01a82)	2023-08-18 11:13:53 +08:00
openeuler-ci-bot	0f90536030	!26 [sync] PR-21: fix CVE-2023-37732 From: @openeuler-sync-bot Reviewed-by: @dillon_chen Signed-off-by: @dillon_chen	2023-08-15 09:19:49 +00:00
liningjie	e5265217d0	fix CVE-2023-37732 (cherry picked from commit 096bde8e567aa054b13ee2d800519a52f58fbb1f)	2023-08-15 10:55:51 +08:00
openeuler-ci-bot	acfeb11ae8	!4 [sync] PR-3: 添加sw架构 From: @openeuler-sync-bot Reviewed-by: @caodongxia Signed-off-by: @caodongxia	2022-11-08 11:20:13 +00:00
wzx	684dea049e	Add sw64 architecture Signed-off-by: wzx <wuzx1226@qq.com> (cherry picked from commit b4e0696a7663068975658578345f2f46f43e3b2c)	2022-10-31 11:20:20 +08:00
openeuler-ci-bot	59beef7e9b	!2 Add yasm.yaml Merge pull request !2 from yaokai13/master	2020-05-11 20:17:55 +08:00
yaokai13	0a9e921b19	Add yasm.yaml	2020-05-09 14:42:00 +08:00
openeuler-ci-bot	5528ca79ae	!1 package init Merge pull request !1 from tubalu/master	2020-01-10 11:37:17 +08:00
tubalu	8103691b16	package init	2020-01-10 11:33:19 +08:00