about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--REUSE.toml8
-rw-r--r--bugs/README.md54
-rw-r--r--bugs/cve/2017/5974/heap-overflow.zipbin0 -> 161 bytes
-rw-r--r--bugs/cve/2017/5975/heap-overflow.zipbin0 -> 151 bytes
-rw-r--r--bugs/cve/2017/5976/heap-overflow.zipbin0 -> 188 bytes
-rw-r--r--bugs/cve/2017/5977/invalid-read.zipbin0 -> 163 bytes
-rw-r--r--bugs/cve/2017/5978/oob-read.zipbin0 -> 161 bytes
-rw-r--r--bugs/cve/2017/5979/null-deref.zipbin0 -> 155 bytes
-rw-r--r--bugs/cve/2017/5980/null-deref.zipbin0 -> 155 bytes
-rw-r--r--bugs/cve/2017/5981/fail-assert.zipbin0 -> 157 bytes
l---------bugs/maptools/26111
-rw-r--r--loftix/bugs.scm66
-rw-r--r--loftix/synthesis.scm15
13 files changed, 133 insertions, 11 deletions
diff --git a/REUSE.toml b/REUSE.toml
index dafc565..7913335 100644
--- a/REUSE.toml
+++ b/REUSE.toml
@@ -65,6 +65,14 @@ path = [ 'bugs/cve/2016/8691/11.crash',
          'bugs/cve/2017/7599/outside-short.tiff',
          'bugs/cve/2017/7600/outside-unsigned-char.tiff',
          'bugs/cve/2017/7601/shift-long.tiff',
+         'bugs/cve/2017/5974/heap-overflow.zip',
+         'bugs/cve/2017/5975/heap-overflow.zip',
+         'bugs/cve/2017/5976/heap-overflow.zip',
+         'bugs/cve/2017/5977/invalid-read.zip',
+         'bugs/cve/2017/5978/oob-read.zip',
+         'bugs/cve/2017/5979/null-deref.zip',
+         'bugs/cve/2017/5980/null-deref.zip',
+         'bugs/cve/2017/5981/fail-assert.zip',
          'bugs/cve/2017/14939/heapoverflow',
          'bugs/cve/2017/14940/nullderef',
          'bugs/cve/2017/15020/reproducer',
diff --git a/bugs/README.md b/bugs/README.md
index e2adcab..249f0da 100644
--- a/bugs/README.md
+++ b/bugs/README.md
@@ -105,9 +105,9 @@
 - CVE-2017-15232: [null pointer dereference][mozjpeg-268]
 
       guix shell libjpeg-turbo@1.5.2
-      djpeg -crop "1x1+16+16" -onepass -dither ordered -dct float -colors 8\
+      djpeg -crop 1x1+16+16 -onepass -dither ordered -dct float -colors 8\
         -targa -grayscale -outfile /dev/null cve/2017/15232/1.jpg
-      djpeg -crop "1x1+16+16" -onepass -dither ordered -dct float -colors 8\
+      djpeg -crop 1x1+16+16 -onepass -dither ordered -dct float -colors 8\
         -targa -grayscale -outfile /dev/null cve/2017/15232/2.jpg
 
 - CVE-2018-14498: [heap buffer overflow][libjpeg-turbo-258]
@@ -283,6 +283,56 @@
       potrace cve/2013/7437/1.bmp
       potrace cve/2013/7437/2.bmp
 
+## ZZIPlib
+
+- CVE-2017-5974: [heap buffer overflow][ago-2017-5974]
+
+      guix shell zziplib-with-asan@0.13.62
+      unzzipcat-mem cve/2017/5974/heap-overflow.zip
+
+- CVE-2017-5975: [heap buffer overflow][ago-2017-5975]
+
+      guix shell zziplib-with-asan@0.13.62
+      unzzipcat-mem cve/2017/5975/heap-overflow.zip
+
+- CVE-2017-5976: [heap buffer overflow][ago-2017-5976]
+
+      guix shell zziplib-with-asan@0.13.62
+      unzzipcat-mem cve/2017/5976/heap-overflow.zip
+
+- CVE-2017-5977: [invalid memory read][ago-2017-5977]
+
+      guix shell zziplib-with-asan@0.13.62
+      unzzipcat-mem cve/2017/5977/invalid-read.zip
+
+- CVE-2017-5978: [out-of-bound read][ago-2017-5978]
+
+      guix shell zziplib@0.13.62
+      unzzipcat-mem cve/2017/5978/oob-read.zip
+
+- CVE-2017-5979: [null pointer derefence][ago-2017-5979]
+
+      guix shell zziplib-with-asan@0.13.62
+      unzzipcat-seeko cve/2017/5979/null-deref.zip
+
+- CVE-2017-5980: [null pointer derefence][ago-2017-5980]
+
+      guix shell zziplib@0.13.62
+      unzzipcat-mem cve/2017/5980/null-deref.zip
+
+- CVE-2017-5981: [assertion failure][ago-2017-5981]
+
+      guix shell zziplib@0.13.62
+      unzzipcat-seeko cve/2017/5981/fail-assert.zip
+
+[ago-2017-5974]: https://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get32-fetch-c
+[ago-2017-5975]: https://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-__zzip_get64-fetch-c
+[ago-2017-5976]: https://blogs.gentoo.org/ago/2017/02/09/zziplib-heap-based-buffer-overflow-in-zzip_mem_entry_extra_block-memdisk-c
+[ago-2017-5977]: https://blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c
+[ago-2017-5978]: https://blogs.gentoo.org/ago/2017/02/09/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c
+[ago-2017-5979]: https://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-prescan_entry-fseeko-c/https://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-prescan_entry-fseeko-c
+[ago-2017-5980]: https://blogs.gentoo.org/ago/2017/02/09/zziplib-null-pointer-dereference-in-zzip_mem_entry_new-memdisk-c
+[ago-2017-5981]: https://blogs.gentoo.org/ago/2017/02/09/zziplib-assertion-failure-in-seeko-c
 [chromium-40058947]: https://issues.chromium.org/issues/40058947
 [chromium-40076524]: https://issues.chromium.org/issues/40076524
 [chromium-42452152]: https://project-zero.issues.chromium.org/issues/42452152
diff --git a/bugs/cve/2017/5974/heap-overflow.zip b/bugs/cve/2017/5974/heap-overflow.zip
new file mode 100644
index 0000000..d55ee15
--- /dev/null
+++ b/bugs/cve/2017/5974/heap-overflow.zip
Binary files differdiff --git a/bugs/cve/2017/5975/heap-overflow.zip b/bugs/cve/2017/5975/heap-overflow.zip
new file mode 100644
index 0000000..1d641dd
--- /dev/null
+++ b/bugs/cve/2017/5975/heap-overflow.zip
Binary files differdiff --git a/bugs/cve/2017/5976/heap-overflow.zip b/bugs/cve/2017/5976/heap-overflow.zip
new file mode 100644
index 0000000..cbb3899
--- /dev/null
+++ b/bugs/cve/2017/5976/heap-overflow.zip
Binary files differdiff --git a/bugs/cve/2017/5977/invalid-read.zip b/bugs/cve/2017/5977/invalid-read.zip
new file mode 100644
index 0000000..803ddac
--- /dev/null
+++ b/bugs/cve/2017/5977/invalid-read.zip
Binary files differdiff --git a/bugs/cve/2017/5978/oob-read.zip b/bugs/cve/2017/5978/oob-read.zip
new file mode 100644
index 0000000..79a1ca2
--- /dev/null
+++ b/bugs/cve/2017/5978/oob-read.zip
Binary files differdiff --git a/bugs/cve/2017/5979/null-deref.zip b/bugs/cve/2017/5979/null-deref.zip
new file mode 100644
index 0000000..41b4ba4
--- /dev/null
+++ b/bugs/cve/2017/5979/null-deref.zip
Binary files differdiff --git a/bugs/cve/2017/5980/null-deref.zip b/bugs/cve/2017/5980/null-deref.zip
new file mode 100644
index 0000000..1b8d2ab
--- /dev/null
+++ b/bugs/cve/2017/5980/null-deref.zip
Binary files differdiff --git a/bugs/cve/2017/5981/fail-assert.zip b/bugs/cve/2017/5981/fail-assert.zip
new file mode 100644
index 0000000..e2e26c6
--- /dev/null
+++ b/bugs/cve/2017/5981/fail-assert.zip
Binary files differdiff --git a/bugs/maptools/2611 b/bugs/maptools/2611
new file mode 120000
index 0000000..3e75a7d
--- /dev/null
+++ b/bugs/maptools/2611
@@ -0,0 +1 @@
+../cve/2016/10267
\ No newline at end of file
diff --git a/loftix/bugs.scm b/loftix/bugs.scm
index 7b63a28..f46ecfd 100644
--- a/loftix/bugs.scm
+++ b/loftix/bugs.scm
@@ -2,11 +2,12 @@
 ;;;
 ;;; SPDX-FileCopyrightText: 2012, 2014-2015 Ludovic Courtès
 ;;; SPDX-FileCopyrightText: 2013 Andreas Enge
+;;; SPDX-FileCopyrightText: 2013 John Darrington
 ;;; SPDX-FileCopyrightText: 2014 Eric Bavier
 ;;; SPDX-FileCopyrightText: 2014-2015 David Thompson
 ;;; SPDX-FileCopyrightText: 2016 Efraim Flashner
 ;;; SPDX-FileCopyrightText: 2016 Tobias Geerinckx-Rice
-;;; SPDX-FileCopyrightText: 2017, 2019 Marius Bakke
+;;; SPDX-FileCopyrightText: 2017-2019 Marius Bakke
 ;;; SPDX-FileCopyrightText: 2024-2025 Nguyễn Gia Phong
 ;;; SPDX-License-Identifier: GPL-3.0-or-later
 
@@ -16,10 +17,13 @@
   #:use-module (gnu packages backup)
   #:use-module (gnu packages base)
   #:use-module (gnu packages bison)
+  #:use-module (gnu packages compression)
   #:use-module (gnu packages flex)
   #:use-module (gnu packages fontutils)
   #:use-module (gnu packages image)
+  #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages python)
   #:use-module (gnu packages swig)
   #:use-module (gnu packages xml)
   #:use-module (guix build-system)
@@ -252,6 +256,32 @@
    "patches/jasper-lint.patch"
    "patches/jasper-sanitized-bmp.patch"))
 
+(define (static base)
+  (package
+    (inherit base)
+    (name (string-append (package-name base) "-static"))
+    (arguments
+     (case (build-system-name (package-build-system base))
+       ((cmake)
+        (substitute-keyword-arguments (package-arguments base)
+          ((#:phases phases #~%standard-phases)
+           (with-imported-modules '((loftix transform))
+             #~(modify-phases #$phases
+                 (add-before 'configure 'set-env
+                   (lambda _
+                     (use-modules (loftix transform))
+                     (append-env "LDFLAGS" "-static" #f))))))))
+       ((gnu)
+        (substitute-keyword-arguments (package-arguments base)
+          ((#:make-flags flags #~'())
+           (with-imported-modules '((loftix transform))
+             #~((@ (loftix transform) append-make-flag)
+                #$flags
+                '(("LDFLAGS" "-static")))))))))))
+
+(define-public jasper-static-1.900.5 (static jasper-1.900.5))
+(define-public jasper-static-1.900.3 (static jasper-1.900.3))
+
 (define-public libarchive-3.2.0
   (package
     (inherit libarchive)
@@ -308,6 +338,9 @@
 (define-public libjpeg-turbo-with-asan-2.0.1 (with-asan libjpeg-turbo-2.0.1))
 (define-public libjpeg-turbo-with-asan-1.5.3 (with-asan libjpeg-turbo-1.5.3))
 (define-public libjpeg-turbo-with-asan-1.2.0 (with-asan libjpeg-turbo-1.2.0))
+(define-public libjpeg-turbo-static-1.5.3 (static libjpeg-turbo-1.5.3))
+(define-public libjpeg-turbo-static-1.5.2 (static libjpeg-turbo-1.5.2))
+(define-public libjpeg-turbo-static-1.2.0 (static libjpeg-turbo-1.2.0))
 
 (define-public libming-0.4.8
   (package
@@ -355,6 +388,9 @@ It can be used from PHP, Perl, Ruby, Python, C, C++ and Java.")
    "0.4.7"
    "17ngz1n1mnknixzchywkhbw9s3scad8ajmk97gx14xbsw1603gd2"))
 
+(define-public libming-static-0.4.8 (static libming-0.4.8))
+(define-public libming-static-0.4.7 (static libming-0.4.7))
+
 (define-public libtiff-4.0.7
   (package
     (inherit libtiff)
@@ -391,6 +427,8 @@ It can be used from PHP, Perl, Ruby, Python, C, C++ and Java.")
 (define-public libtiff-with-asan-4.0.7 (with-asan libtiff-4.0.7))
 (define-public libtiff-with-asan-4.0.6 (with-asan libtiff-4.0.6))
 (define-public libtiff-with-ubsan-4.0.7 (with-ubsan libtiff-4.0.7))
+(define-public libtiff-static-4.0.7 (static libtiff-4.0.7))
+(define-public libtiff-static-4.0.6 (static libtiff-4.0.6))
 
 (define (with-ubsan-float-cast-overflow base)
   (package
@@ -428,6 +466,8 @@ It can be used from PHP, Perl, Ruby, Python, C, C++ and Java.")
   (libxml2-at-version
    (package
      (inherit libxml2)
+     (source (origin (inherit (package-source libxml2))
+                     (patches '())))
      ;; $XML_CATALOG_FILES lists 'catalog.xml' files found in under the 'xml'
      ;; sub-directory of any given package.
      (native-search-paths (list (search-path-specification
@@ -454,6 +494,9 @@ It can be used from PHP, Perl, Ruby, Python, C, C++ and Java.")
 
 (define-public libxml2-with-asan-2.9.3 (with-asan libxml2-2.9.3))
 (define-public libxml2-with-asan-2.9.0 (with-asan libxml2-2.9.0))
+(define-public libxml2-static-2.9.4 (static libxml2-2.9.4))
+(define-public libxml2-static-2.9.3 (static libxml2-2.9.3))
+(define-public libxml2-static-2.9.0 (static libxml2-2.9.0))
 
 (define-public potrace-1.11
   (package
@@ -470,3 +513,24 @@ It can be used from PHP, Perl, Ruby, Python, C, C++ and Java.")
     ;; Tests are failing on newer Ghostscript versions
     (native-inputs '())
     (arguments '(#:tests? #f))))
+
+(define-public zziplib-0.13.62
+  (package
+    (inherit zziplib)
+    (name "zziplib")
+    (version "0.13.62")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append "mirror://sourceforge/zziplib/zziplib13/"
+                           version "/zziplib-" version ".tar.bz2"))
+       (sha256
+        (base32 "0nsjqxw017hiyp524p9316283jlf5piixc1091gkimhz38zh7f51"))))
+    (build-system gnu-build-system)
+    (inputs (list zlib))
+    (native-inputs (list perl pkg-config python-2.7 zip))
+    ;; Since test files are created on the fly
+    (arguments '(#:parallel-tests? #f))))
+
+(define-public zziplib-with-asan-0.13.62 (with-asan zziplib-0.13.62))
+(define-public zziplib-static-0.13.62 (static zziplib-0.13.62))
diff --git a/loftix/synthesis.scm b/loftix/synthesis.scm
index 0138199..e44f509 100644
--- a/loftix/synthesis.scm
+++ b/loftix/synthesis.scm
@@ -50,15 +50,14 @@ from values in possitive and negative examples using a PAC learning algorithm.")
 (define-public taosc
   (package
     (name "taosc")
-    (version "0.0.3.dev2")
+    (version "0.0.4")
     (source
-      (origin
-        (method url-fetch)
-        (uri (string-append
-               "https://trong.loang.net/~cnx/taosc/snapshot/taosc-"
-               version ".tar.gz"))
-        (sha256
-          (base32 "0372a542gpn46kz50nq4a8js3b1n3x3ibdg0j0j5ff9dams6cnax"))))
+     (origin
+       (method url-fetch)
+       (uri (string-append "https://trong.loang.net/~cnx/taosc/snapshot/taosc-"
+                           version ".tar.gz"))
+       (sha256
+        (base32 "0va9sns8pfsv4md66dqxjn8s374fkby1y2yyqcmi8ac5aqs9f9vm"))))
     (build-system gnu-build-system)
     (arguments
       (list #:imported-modules `((guix build zig-utils)
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-10-24 23:33:18 +0000