diff options
Diffstat (limited to 'poky/meta/recipes-extended/cracklib')
4 files changed, 526 insertions, 0 deletions
diff --git a/poky/meta/recipes-extended/cracklib/cracklib/0001-Apply-patch-to-fix-CVE-2016-6318.patch b/poky/meta/recipes-extended/cracklib/cracklib/0001-Apply-patch-to-fix-CVE-2016-6318.patch new file mode 100644 index 0000000000..b251ac9056 --- /dev/null +++ b/poky/meta/recipes-extended/cracklib/cracklib/0001-Apply-patch-to-fix-CVE-2016-6318.patch @@ -0,0 +1,105 @@ +From 47e5dec521ab6243c9b249dd65b93d232d90d6b1 Mon Sep 17 00:00:00 2001 +From: Jan Dittberner <jan@dittberner.info> +Date: Thu, 25 Aug 2016 17:13:49 +0200 +Subject: [PATCH] Apply patch to fix CVE-2016-6318 + +This patch fixes an issue with a stack-based buffer overflow when +parsing large GECOS field. See +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6318 and +https://security-tracker.debian.org/tracker/CVE-2016-6318 for more +information. + +Upstream-Status: Backport [https://github.com/cracklib/cracklib/commit/47e5dec521ab6243c9b249dd65b93d232d90d6b1] +CVE: CVE-2016-6318 +Signed-off-by: Dengke Du <dengke.du@windriver.com> +--- + lib/fascist.c | 57 ++++++++++++++++++++++++++++++++----------------------- + 1 file changed, 33 insertions(+), 24 deletions(-) + +diff --git a/lib/fascist.c b/lib/fascist.c +index a996509..d4deb15 100644 +--- a/lib/fascist.c ++++ b/lib/fascist.c +@@ -502,7 +502,7 @@ FascistGecosUser(char *password, const char *user, const char *gecos) + char gbuffer[STRINGSIZE]; + char tbuffer[STRINGSIZE]; + char *uwords[STRINGSIZE]; +- char longbuffer[STRINGSIZE * 2]; ++ char longbuffer[STRINGSIZE]; + + if (gecos == NULL) + gecos = ""; +@@ -583,38 +583,47 @@ FascistGecosUser(char *password, const char *user, const char *gecos) + { + for (i = 0; i < j; i++) + { +- strcpy(longbuffer, uwords[i]); +- strcat(longbuffer, uwords[j]); +- +- if (GTry(longbuffer, password)) ++ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE) + { +- return _("it is derived from your password entry"); +- } ++ strcpy(longbuffer, uwords[i]); ++ strcat(longbuffer, uwords[j]); + +- strcpy(longbuffer, uwords[j]); +- strcat(longbuffer, uwords[i]); ++ if (GTry(longbuffer, password)) ++ { ++ return _("it is derived from your password entry"); ++ } + +- if (GTry(longbuffer, password)) +- { +- return _("it's derived from your password entry"); +- } ++ strcpy(longbuffer, uwords[j]); ++ strcat(longbuffer, uwords[i]); + +- longbuffer[0] = uwords[i][0]; +- longbuffer[1] = '\0'; +- strcat(longbuffer, uwords[j]); ++ if (GTry(longbuffer, password)) ++ { ++ return _("it's derived from your password entry"); ++ } ++ } + +- if (GTry(longbuffer, password)) ++ if (strlen(uwords[j]) < STRINGSIZE - 1) + { +- return _("it is derivable from your password entry"); ++ longbuffer[0] = uwords[i][0]; ++ longbuffer[1] = '\0'; ++ strcat(longbuffer, uwords[j]); ++ ++ if (GTry(longbuffer, password)) ++ { ++ return _("it is derivable from your password entry"); ++ } + } + +- longbuffer[0] = uwords[j][0]; +- longbuffer[1] = '\0'; +- strcat(longbuffer, uwords[i]); +- +- if (GTry(longbuffer, password)) ++ if (strlen(uwords[i]) < STRINGSIZE - 1) + { +- return _("it's derivable from your password entry"); ++ longbuffer[0] = uwords[j][0]; ++ longbuffer[1] = '\0'; ++ strcat(longbuffer, uwords[i]); ++ ++ if (GTry(longbuffer, password)) ++ { ++ return _("it's derivable from your password entry"); ++ } + } + } + } +-- +2.8.1 + diff --git a/poky/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch b/poky/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch new file mode 100644 index 0000000000..adbe7dfff4 --- /dev/null +++ b/poky/meta/recipes-extended/cracklib/cracklib/0001-packlib.c-support-dictionary-byte-order-dependent.patch @@ -0,0 +1,339 @@ +From 8a6e43726ad0ae41bd1cc2c248d91deb31459357 Mon Sep 17 00:00:00 2001 +From: Lei Maohui <leimaohui@cn.fujitsu.com> +Date: Tue, 9 Jun 2015 11:11:48 +0900 +Subject: [PATCH] packlib.c: support dictionary byte order dependent + +The previous dict files are NOT byte-order independent, in fact they are +probably ARCHITECTURE SPECIFIC. +Create the dict files in big endian, and convert to host endian while +load them. This could fix the endian issue on multiple platform. + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +Upstream-Status: Pending + +We can't use the endian.h, htobe* and be*toh functions because they are +not available on older versions of glibc, such as that found in RHEL +5.9. + +Change to checking endian and directly calling bswap_* as defined in +byteswap.h. + +Signed-off-by: Mark Hatle <mark.hatle@windriver.com> + +Signed-off-by: Lei Maohui <leimaohui@cn.fujitsu.com> +--- + lib/packlib.c | 214 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 210 insertions(+), 4 deletions(-) + +diff --git a/lib/packlib.c b/lib/packlib.c +index f851424..3aac805 100644 +--- a/lib/packlib.c ++++ b/lib/packlib.c +@@ -16,6 +16,12 @@ + #ifdef HAVE_STDINT_H + #include <stdint.h> + #endif ++ ++#ifndef _BSD_SOURCE ++#define _BSD_SOURCE /* See feature_test_macros(7) */ ++#endif ++#include <endian.h> ++#include <byteswap.h> + #include "packer.h" + + static const char vers_id[] = "packlib.c : v2.3p2 Alec Muffett 18 May 1993"; +@@ -45,6 +51,185 @@ typedef struct + char data_get[NUMWORDS][MAXWORDLEN]; + } PWDICT64; + ++enum{ ++ en_is32, ++ en_is64 ++}; ++ ++static int ++IheaderHostToBigEndian(char *pHeader, int nBitType) ++{ ++ if (nBitType == en_is64 && __BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ struct pi_header64 *pHeader64 = (struct pi_header64*)pHeader; ++ ++ pHeader64->pih_magic = bswap_64(pHeader64->pih_magic); ++ pHeader64->pih_numwords = bswap_64(pHeader64->pih_numwords); ++ pHeader64->pih_blocklen = bswap_16(pHeader64->pih_blocklen); ++ pHeader64->pih_pad = bswap_16(pHeader64->pih_pad); ++ ++#if DEBUG ++ printf("Header64: magic %x, numwords %x, blocklen %x, pad %x\n", ++ pHeader64->pih_magic, pHeader64->pih_numwords, ++ pHeader64->pih_blocklen, pHeader64->pih_pad); ++#endif ++ } ++ else if (nBitType == en_is32 && __BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ struct pi_header *pHeader32 = (struct pi_header*)pHeader; ++ ++ pHeader32->pih_magic = bswap_32(pHeader32->pih_magic); ++ pHeader32->pih_numwords = bswap_32(pHeader32->pih_numwords); ++ pHeader32->pih_blocklen = bswap_16(pHeader32->pih_blocklen); ++ pHeader32->pih_pad = bswap_16(pHeader32->pih_pad); ++ ++#if DEBUG ++ printf("Header32: magic %x, numwords %x, blocklen %x, pad %x\n", ++ pHeader32->pih_magic, pHeader32->pih_numwords, ++ pHeader32->pih_blocklen, pHeader32->pih_pad); ++#endif ++ } ++ else if (__BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ fprintf(stderr, "Neither 32 or 64: %d\n", nBitType); ++ return (-1); ++ } ++ ++ return 0; ++} ++ ++static int ++IheaderBigEndianToHost(char *pHeader, int nBitType) ++{ ++ if (nBitType == en_is64 && __BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ struct pi_header64 *pHeader64 = (struct pi_header64*)pHeader; ++ ++ pHeader64->pih_magic = bswap_64(pHeader64->pih_magic); ++ pHeader64->pih_numwords = bswap_64(pHeader64->pih_numwords); ++ pHeader64->pih_blocklen = bswap_16(pHeader64->pih_blocklen); ++ pHeader64->pih_pad = bswap_16(pHeader64->pih_pad); ++ ++#if DEBUG ++ printf("Header64: magic %x, numwords %x, blocklen %x, pad %x\n", ++ pHeader64->pih_magic, pHeader64->pih_numwords, ++ pHeader64->pih_blocklen, pHeader64->pih_pad); ++#endif ++ } ++ else if (nBitType == en_is32 && __BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ struct pi_header *pHeader32 = (struct pi_header*)pHeader; ++ ++ pHeader32->pih_magic = bswap_32(pHeader32->pih_magic); ++ pHeader32->pih_numwords = bswap_32(pHeader32->pih_numwords); ++ pHeader32->pih_blocklen = bswap_16(pHeader32->pih_blocklen); ++ pHeader32->pih_pad = bswap_16(pHeader32->pih_pad); ++ ++#if DEBUG ++ printf("Header32: magic %x, numwords %x, blocklen %x, pad %x\n", ++ pHeader32->pih_magic, pHeader32->pih_numwords, ++ pHeader32->pih_blocklen, pHeader32->pih_pad); ++#endif ++ } ++ else if (__BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ fprintf(stderr, "Neither 32 or 64: %d\n", nBitType); ++ return (-1); ++ } ++ ++ return 0; ++} ++ ++static int ++HwmsHostToBigEndian(char *pHwms, int nLen,int nBitType) ++{ ++ int i = 0; ++ ++ if (nBitType == en_is64 && __BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ uint64_t *pHwms64 = (uint64_t*)pHwms; ++ ++ for (i = 0; i < nLen / sizeof(uint64_t); i++) ++ { ++ *pHwms64 = bswap_64(*pHwms64); ++ *pHwms64++; ++ } ++ ++ } ++ else if (nBitType == en_is32 && __BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ uint32_t *pHwms32 = (uint32_t*)pHwms; ++ ++ for (i = 0; i < nLen / sizeof(uint32_t); i++) ++ { ++ *pHwms32 = bswap_32(*pHwms32); ++ *pHwms32++; ++ } ++ ++ } ++ else if (__BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ fprintf(stderr, "Neither 32 or 64: %d\n", nBitType); ++ return (-1); ++ } ++ ++#if DEBUG ++ for (i = 0; i < nLen; i+=8) ++ { ++ printf("hwms%s: %02X %02X %02X %02X %02X %02X %02X %02X\n", ++ nBitType==en_is64?"64":"32", pHwms[i+0]&0xFF, pHwms[i+1]&0xFF, ++ pHwms[i+2]&0xFF, pHwms[i+3]&0xFF, pHwms[i+4]&0xFF, ++ pHwms[i+5]&0xFF, pHwms[i+6]&0xFF, pHwms[i+7]&0xFF); ++ } ++#endif ++ ++ return 0; ++} ++ ++static int ++HwmsBigEndianToHost(char *pHwms, int nLen, int nBitType) ++{ ++ int i = 0; ++ ++ if (nBitType == en_is64 && __BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ uint64_t *pHwms64 = (uint64_t*)pHwms; ++ ++ for (i = 0; i < nLen / sizeof(uint64_t); i++) ++ { ++ *pHwms64++ = bswap_64(*pHwms64); ++ } ++ ++ } ++ else if (nBitType == en_is32 && __BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ uint32_t *pHwms32 = (uint32_t*)pHwms; ++ ++ for (i = 0; i < nLen / sizeof(uint32_t); i++) ++ { ++ *pHwms32 = bswap_32(*pHwms32); ++ *pHwms32++; ++ } ++ ++ } ++ else if (__BYTE_ORDER == __LITTLE_ENDIAN) ++ { ++ fprintf(stderr, "Neither 32 or 64: %d\n", nBitType); ++ return (-1); ++ } ++ ++#if DEBUG ++ for (i = 0; i < nLen; i+=8) ++ { ++ printf("hwms%s: %02X %02X %02X %02X %02X %02X %02X %02X\n", ++ nBitType==en_is64?"64":"32", pHwms[i+0]&0xFF, pHwms[i+1]&0xFF, ++ pHwms[i+2]&0xFF, pHwms[i+3]&0xFF, pHwms[i+4]&0xFF, ++ pHwms[i+5]&0xFF, pHwms[i+6]&0xFF, pHwms[i+7]&0xFF); ++ } ++#endif ++ ++ return 0; ++} + + static int + _PWIsBroken64(FILE *ifp) +@@ -57,6 +242,7 @@ _PWIsBroken64(FILE *ifp) + return 0; + } + ++ IheaderBigEndianToHost((char *) &pdesc64.header, en_is64); + return (pdesc64.header.pih_magic == PIH_MAGIC); + } + +@@ -149,7 +335,11 @@ PWOpen(prefix, mode) + pdesc.header.pih_blocklen = NUMWORDS; + pdesc.header.pih_numwords = 0; + +- fwrite((char *) &pdesc.header, sizeof(pdesc.header), 1, ifp); ++ struct pi_header tmpheader32; ++ ++ memcpy(&tmpheader32, &pdesc.header, sizeof(pdesc.header)); ++ IheaderHostToBigEndian((char *) &tmpheader32, en_is32); ++ fwrite((char *) &tmpheader32, sizeof(tmpheader32), 1, ifp); + } else + { + pdesc.flags &= ~PFOR_WRITE; +@@ -173,6 +363,7 @@ PWOpen(prefix, mode) + return NULL; + } + ++ IheaderBigEndianToHost((char *) &pdesc.header, en_is32); + if ((pdesc.header.pih_magic == 0) || (pdesc.header.pih_numwords == 0)) + { + /* uh-oh. either a broken "64-bit" file or a garbage file. */ +@@ -195,6 +386,7 @@ PWOpen(prefix, mode) + } + return NULL; + } ++ IheaderBigEndianToHost((char *) &pdesc64.header, en_is64); + if (pdesc64.header.pih_magic != PIH_MAGIC) + { + /* nope, not "64-bit" after all */ +@@ -290,6 +482,7 @@ PWOpen(prefix, mode) + { + pdesc.flags &= ~PFOR_USEHWMS; + } ++ HwmsBigEndianToHost((char*)pdesc64.hwms, sizeof(pdesc64.hwms), en_is64); + for (i = 0; i < sizeof(pdesc.hwms) / sizeof(pdesc.hwms[0]); i++) + { + pdesc.hwms[i] = pdesc64.hwms[i]; +@@ -299,6 +492,7 @@ PWOpen(prefix, mode) + { + pdesc.flags &= ~PFOR_USEHWMS; + } ++ HwmsBigEndianToHost((char*)pdesc.hwms, sizeof(pdesc.hwms), en_is32); + #if DEBUG + for (i=1; i<=0xff; i++) + { +@@ -332,7 +526,11 @@ PWClose(pwp) + return (-1); + } + +- if (!fwrite((char *) &pwp->header, sizeof(pwp->header), 1, pwp->ifp)) ++ struct pi_header tmpheader32; ++ ++ memcpy(&tmpheader32, &pwp->header, sizeof(pwp->header)); ++ IheaderHostToBigEndian((char *) &tmpheader32, en_is32); ++ if (!fwrite((char *) &tmpheader32, sizeof(tmpheader32), 1, pwp->ifp)) + { + fprintf(stderr, "index magic fwrite failed\n"); + return (-1); +@@ -351,7 +549,12 @@ PWClose(pwp) + printf("hwm[%02x] = %d\n", i, pwp->hwms[i]); + #endif + } +- fwrite(pwp->hwms, 1, sizeof(pwp->hwms), pwp->wfp); ++ ++ PWDICT tmp_pwp; ++ ++ memcpy(&tmp_pwp, pwp, sizeof(PWDICT)); ++ HwmsHostToBigEndian(tmp_pwp.hwms, sizeof(tmp_pwp.hwms), en_is32); ++ fwrite(tmp_pwp.hwms, 1, sizeof(tmp_pwp.hwms), pwp->wfp); + } + } + +@@ -405,7 +608,8 @@ PutPW(pwp, string) + + datum = (uint32_t) ftell(pwp->dfp); + +- fwrite((char *) &datum, sizeof(datum), 1, pwp->ifp); ++ uint32_t tmpdatum = (__BYTE_ORDER == __LITTLE_ENDIAN) ? bswap_32(datum) : datum; ++ fwrite((char *) &tmpdatum, sizeof(tmpdatum), 1, pwp->ifp); + + fputs(pwp->data_put[0], pwp->dfp); + putc(0, pwp->dfp); +@@ -464,6 +668,7 @@ GetPW(pwp, number) + perror("(index fread failed)"); + return NULL; + } ++ datum64 = (__BYTE_ORDER == __LITTLE_ENDIAN) ? bswap_64(datum64) : datum64; + datum = datum64; + } else { + if (fseek(pwp->ifp, sizeof(struct pi_header) + (thisblock * sizeof(uint32_t)), 0)) +@@ -477,6 +682,7 @@ GetPW(pwp, number) + perror("(index fread failed)"); + return NULL; + } ++ datum = (__BYTE_ORDER == __LITTLE_ENDIAN) ? bswap_32(datum) : datum; + } + + int r = 1; +-- +1.8.4.2 + diff --git a/poky/meta/recipes-extended/cracklib/cracklib/0002-craklib-fix-testnum-and-teststr-failed.patch b/poky/meta/recipes-extended/cracklib/cracklib/0002-craklib-fix-testnum-and-teststr-failed.patch new file mode 100644 index 0000000000..6210e82121 --- /dev/null +++ b/poky/meta/recipes-extended/cracklib/cracklib/0002-craklib-fix-testnum-and-teststr-failed.patch @@ -0,0 +1,53 @@ +From 06f9a88b5dd5597f9198ea0cb34f5e96f180e6e3 Mon Sep 17 00:00:00 2001 +From: Hongxu Jia <hongxu.jia@windriver.com> +Date: Sat, 27 Apr 2013 16:02:30 +0800 +Subject: [PATCH] craklib:fix testnum and teststr failed + +Error log: +... +$ ./testnum +(null).pwd.gz: No such file or directory +PWOpen: No such file or directory + +$ ./util/teststr +(null).pwd.gz: No such file or directory +PWOpen: No such file or directory +... +Set DEFAULT_CRACKLIB_DICT as the path of PWOpen + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +Upstream-Status: Pending +--- + util/testnum.c | 2 +- + util/teststr.c | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/util/testnum.c b/util/testnum.c +index ae2246d..ca210ff 100644 +--- a/util/testnum.c ++++ b/util/testnum.c +@@ -20,7 +20,7 @@ main () + PWDICT *pwp; + char buffer[STRINGSIZE]; + +- if (!(pwp = PWOpen (NULL, "r"))) ++ if (!(pwp = PWOpen (DEFAULT_CRACKLIB_DICT, "r"))) + { + perror ("PWOpen"); + return (-1); +diff --git a/util/teststr.c b/util/teststr.c +index 2a31fa4..9fb9cda 100644 +--- a/util/teststr.c ++++ b/util/teststr.c +@@ -15,7 +15,7 @@ main () + PWDICT *pwp; + char buffer[STRINGSIZE]; + +- if (!(pwp = PWOpen (NULL, "r"))) ++ if (!(pwp = PWOpen (DEFAULT_CRACKLIB_DICT, "r"))) + { + perror ("PWOpen"); + return (-1); +-- +1.7.10.4 + diff --git a/poky/meta/recipes-extended/cracklib/cracklib_2.9.5.bb b/poky/meta/recipes-extended/cracklib/cracklib_2.9.5.bb new file mode 100644 index 0000000000..82995219dc --- /dev/null +++ b/poky/meta/recipes-extended/cracklib/cracklib_2.9.5.bb @@ -0,0 +1,29 @@ +SUMMARY = "Password strength checker library" +HOMEPAGE = "http://sourceforge.net/projects/cracklib" + +LICENSE = "LGPLv2.1+" +LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=e3eda01d9815f8d24aae2dbd89b68b06" + +DEPENDS = "cracklib-native zlib" + +EXTRA_OECONF = "--without-python --libdir=${base_libdir}" + +SRC_URI = "${SOURCEFORGE_MIRROR}/cracklib/cracklib-${PV}.tar.gz \ + file://0001-packlib.c-support-dictionary-byte-order-dependent.patch \ + file://0001-Apply-patch-to-fix-CVE-2016-6318.patch \ + file://0002-craklib-fix-testnum-and-teststr-failed.patch" + +SRC_URI[md5sum] = "376790a95c1fb645e59e6e9803c78582" +SRC_URI[sha256sum] = "59ab0138bc8cf90cccb8509b6969a024d5e58d2d02bcbdccbb9ba9b88be3fa33" + +UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/cracklib/files/cracklib/" +UPSTREAM_CHECK_REGEX = "/cracklib/(?P<pver>(\d+[\.\-_]*)+)/" + +inherit autotools gettext + +do_install_append_class-target() { + create-cracklib-dict -o ${D}${datadir}/cracklib/pw_dict ${D}${datadir}/cracklib/cracklib-small +} + +BBCLASSEXTEND = "native nativesdk" + |