diff options
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/gmp')
4 files changed, 46 insertions, 1 deletions
diff --git a/nixpkgs/pkgs/development/libraries/gmp/5.1.3-CVE-2021-43618.patch b/nixpkgs/pkgs/development/libraries/gmp/5.1.3-CVE-2021-43618.patch new file mode 100644 index 000000000000..13b9bc5f58cd --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/gmp/5.1.3-CVE-2021-43618.patch @@ -0,0 +1,20 @@ +Based on https://gmplib.org/repo/gmp-6.2/raw-rev/561a9c25298e, +adapted for 5.x by ris + +diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c +--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100 ++++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200 +@@ -81,8 +81,11 @@ + + abs_csize = ABS (csize); + ++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) ++ return 0; /* Bit size overflows */ ++ + /* round up to a multiple of limbs */ +- abs_xsize = (abs_csize*8 + GMP_NUMB_BITS-1) / GMP_NUMB_BITS; ++ abs_xsize = ((mp_bitcnt_t)abs_csize*8 + GMP_NUMB_BITS-1) / GMP_NUMB_BITS; + + if (abs_xsize != 0) + { + diff --git a/nixpkgs/pkgs/development/libraries/gmp/5.1.x.nix b/nixpkgs/pkgs/development/libraries/gmp/5.1.x.nix index aa3704eb0b58..c83a4785ebea 100644 --- a/nixpkgs/pkgs/development/libraries/gmp/5.1.x.nix +++ b/nixpkgs/pkgs/development/libraries/gmp/5.1.x.nix @@ -22,7 +22,11 @@ let self = stdenv.mkDerivation rec { nativeBuildInputs = [ m4 ]; - patches = if stdenv.isDarwin then [ ./need-size-t.patch ] else null; + patches = [ + ./5.1.3-CVE-2021-43618.patch + ] ++ lib.optionals stdenv.isDarwin [ + ./need-size-t.patch + ]; configureFlags = [ "--with-pic" diff --git a/nixpkgs/pkgs/development/libraries/gmp/6.2.1-CVE-2021-43618.patch b/nixpkgs/pkgs/development/libraries/gmp/6.2.1-CVE-2021-43618.patch new file mode 100644 index 000000000000..eec8206dba05 --- /dev/null +++ b/nixpkgs/pkgs/development/libraries/gmp/6.2.1-CVE-2021-43618.patch @@ -0,0 +1,19 @@ +https://gmplib.org/repo/gmp-6.2/raw-rev/561a9c25298e + +diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c +--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100 ++++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200 +@@ -88,8 +88,11 @@ + + abs_csize = ABS (csize); + ++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) ++ return 0; /* Bit size overflows */ ++ + /* round up to a multiple of limbs */ +- abs_xsize = BITS_TO_LIMBS (abs_csize*8); ++ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8); + + if (abs_xsize != 0) + { + diff --git a/nixpkgs/pkgs/development/libraries/gmp/6.x.nix b/nixpkgs/pkgs/development/libraries/gmp/6.x.nix index 59bc98aa559f..9093073cecff 100644 --- a/nixpkgs/pkgs/development/libraries/gmp/6.x.nix +++ b/nixpkgs/pkgs/development/libraries/gmp/6.x.nix @@ -20,6 +20,8 @@ let self = stdenv.mkDerivation rec { sha256 = "0z2ddfiwgi0xbf65z4fg4hqqzlhv0cc6hdcswf3c6n21xdmk5sga"; }; + patches = [ ./6.2.1-CVE-2021-43618.patch ]; + #outputs TODO: split $cxx due to libstdc++ dependency # maybe let ghc use a version with *.so shared with rest of nixpkgs and *.a added # - see #5855 for related discussion |