Date: Mon, 9 Oct 2023 11:57:34 GMT From: Pietro Cerutti <gahr@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: c97e9a50f399 - main - math/libtommath: update to 1.2.1 Message-ID: <202310091157.399BvYu2039908@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by gahr: URL: https://cgit.FreeBSD.org/ports/commit/?id=c97e9a50f3996f7c8c6e0065209a43220d97eaef commit c97e9a50f3996f7c8c6e0065209a43220d97eaef Author: Pietro Cerutti <gahr@FreeBSD.org> AuthorDate: 2023-10-09 10:43:52 +0000 Commit: Pietro Cerutti <gahr@FreeBSD.org> CommitDate: 2023-10-09 11:57:32 +0000 math/libtommath: update to 1.2.1 PR: 274350 Reported by: dizzy This is a bugfix release because of potential integer overflow. See PR #546 and CVE-2023-36328. --- math/libtommath/Makefile | 10 ++- math/libtommath/distinfo | 6 +- math/libtommath/files/patch-beba89 | 137 ------------------------------------- math/libtommath/files/patch-c1cf80 | 57 --------------- 4 files changed, 10 insertions(+), 200 deletions(-) diff --git a/math/libtommath/Makefile b/math/libtommath/Makefile index 7c35694132c8..1e721627e196 100644 --- a/math/libtommath/Makefile +++ b/math/libtommath/Makefile @@ -1,6 +1,5 @@ PORTNAME= libtommath -DISTVERSION= 1.2.0 -PORTREVISION= 2 +DISTVERSION= 1.2.1 CATEGORIES= math MASTER_SITES= https://github.com/libtom/libtommath/releases/download/v${DISTVERSION}/ DISTNAME= ltm-${DISTVERSION} @@ -12,12 +11,13 @@ WWW= https://libtom.net/ LICENSE= UNLICENSE LICENSE_FILE= ${WRKSRC}/LICENSE -USES= gmake libtool:build tar:xz +USES= gmake libtool:build pathfix tar:xz WRKSRC= ${WRKDIR}/${PORTNAME}-${DISTVERSION} USE_LDCONFIG= yes MAKEFILE= makefile.shared +MAKE_ENV+= IGNORE_SPEED=yes ALL_TARGET= default CFLAGS+= -fPIC PORTDOCS= * @@ -31,6 +31,10 @@ PLIST_FILES= include/tommath.h \ OPTIONS_DEFINE= DOCS +post-patch: + @${REINPLACE_CMD} -e 's|$$(LIBPATH)/pkgconfig|${PREFIX}/libdata/pkgconfig|' \ + ${WRKSRC}/${MAKEFILE} + post-install: @${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${WRKSRC}/doc/bn.pdf ${STAGEDIR}${DOCSDIR} diff --git a/math/libtommath/distinfo b/math/libtommath/distinfo index c23e3259df3a..6cc0e5e7f56c 100644 --- a/math/libtommath/distinfo +++ b/math/libtommath/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1571744626 -SHA256 (ltm-1.2.0.tar.xz) = b7c75eecf680219484055fcedd686064409254ae44bc31a96c5032843c0e18b1 -SIZE (ltm-1.2.0.tar.xz) = 622120 +TIMESTAMP = 1696845190 +SHA256 (ltm-1.2.1.tar.xz) = 986025d7b374276fee2e30e99f3649e4ac0db8a02257a37ee10eae72abed0d1f +SIZE (ltm-1.2.1.tar.xz) = 635728 diff --git a/math/libtommath/files/patch-beba89 b/math/libtommath/files/patch-beba89 deleted file mode 100644 index c157ec911a48..000000000000 --- a/math/libtommath/files/patch-beba89 +++ /dev/null @@ -1,137 +0,0 @@ -From beba892bc0d4e4ded4d667ab1d2a94f4d75109a9 Mon Sep 17 00:00:00 2001 -From: czurnieden <czurnieden@gmx.de> -Date: Tue, 9 May 2023 17:17:12 +0200 -Subject: [PATCH] Fix possible integer overflow - ----.orig - bn_mp_2expt.c | 4 ++++ - bn_mp_grow.c | 4 ++++ - bn_mp_init_size.c | 5 +++++ - bn_mp_mul_2d.c | 4 ++++ - bn_s_mp_mul_digs.c | 4 ++++ - bn_s_mp_mul_digs_fast.c | 4 ++++ - bn_s_mp_mul_high_digs.c | 4 ++++ - bn_s_mp_mul_high_digs_fast.c | 4 ++++ - 8 files changed, 33 insertions(+) - -diff --git bn_mp_2expt.c bn_mp_2expt.c -index 0ae3df1bf..23de0c3c5 100644 ---- bn_mp_2expt.c.orig -+++ bn_mp_2expt.c -@@ -12,6 +12,10 @@ mp_err mp_2expt(mp_int *a, int b) - { - mp_err err; - -+ if (b < 0) { -+ return MP_VAL; -+ } -+ - /* zero a as per default */ - mp_zero(a); - -diff --git bn_mp_grow.c bn_mp_grow.c -index 9e904c547..2b1682651 100644 ---- bn_mp_grow.c.orig -+++ bn_mp_grow.c -@@ -9,6 +9,10 @@ mp_err mp_grow(mp_int *a, int size) - int i; - mp_digit *tmp; - -+ if (size < 0) { -+ return MP_VAL; -+ } -+ - /* if the alloc size is smaller alloc more ram */ - if (a->alloc < size) { - /* reallocate the array a->dp -diff --git bn_mp_init_size.c bn_mp_init_size.c -index d62268721..99573833f 100644 ---- bn_mp_init_size.c.orig -+++ bn_mp_init_size.c -@@ -6,6 +6,11 @@ - /* init an mp_init for a given size */ - mp_err mp_init_size(mp_int *a, int size) - { -+ -+ if (size < 0) { -+ return MP_VAL; -+ } -+ - size = MP_MAX(MP_MIN_PREC, size); - - /* alloc mem */ -diff --git bn_mp_mul_2d.c bn_mp_mul_2d.c -index 87354de20..bfeaf2eb2 100644 ---- bn_mp_mul_2d.c.orig -+++ bn_mp_mul_2d.c -@@ -9,6 +9,10 @@ mp_err mp_mul_2d(const mp_int *a, int b, mp_int *c) - mp_digit d; - mp_err err; - -+ if (b < 0) { -+ return MP_VAL; -+ } -+ - /* copy */ - if (a != c) { - if ((err = mp_copy(a, c)) != MP_OKAY) { -diff --git bn_s_mp_mul_digs.c bn_s_mp_mul_digs.c -index 64509d4cb..3682b4980 100644 ---- bn_s_mp_mul_digs.c.orig -+++ bn_s_mp_mul_digs.c -@@ -16,6 +16,10 @@ mp_err s_mp_mul_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs) - mp_word r; - mp_digit tmpx, *tmpt, *tmpy; - -+ if (digs < 0) { -+ return MP_VAL; -+ } -+ - /* can we use the fast multiplier? */ - if ((digs < MP_WARRAY) && - (MP_MIN(a->used, b->used) < MP_MAXFAST)) { -diff --git bn_s_mp_mul_digs_fast.c bn_s_mp_mul_digs_fast.c -index b2a287b02..3c4176a87 100644 ---- bn_s_mp_mul_digs_fast.c.orig -+++ bn_s_mp_mul_digs_fast.c -@@ -26,6 +26,10 @@ mp_err s_mp_mul_digs_fast(const mp_int *a, const mp_int *b, mp_int *c, int digs) - mp_digit W[MP_WARRAY]; - mp_word _W; - -+ if (digs < 0) { -+ return MP_VAL; -+ } -+ - /* grow the destination as required */ - if (c->alloc < digs) { - if ((err = mp_grow(c, digs)) != MP_OKAY) { -diff --git bn_s_mp_mul_high_digs.c bn_s_mp_mul_high_digs.c -index 2bb2a5098..c9dd355f8 100644 ---- bn_s_mp_mul_high_digs.c.orig -+++ bn_s_mp_mul_high_digs.c -@@ -15,6 +15,10 @@ mp_err s_mp_mul_high_digs(const mp_int *a, const mp_int *b, mp_int *c, int digs) - mp_word r; - mp_digit tmpx, *tmpt, *tmpy; - -+ if (digs < 0) { -+ return MP_VAL; -+ } -+ - /* can we use the fast multiplier? */ - if (MP_HAS(S_MP_MUL_HIGH_DIGS_FAST) - && ((a->used + b->used + 1) < MP_WARRAY) -diff --git bn_s_mp_mul_high_digs_fast.c bn_s_mp_mul_high_digs_fast.c -index a2c4fb692..4ce7f590c 100644 ---- bn_s_mp_mul_high_digs_fast.c.orig -+++ bn_s_mp_mul_high_digs_fast.c -@@ -19,6 +19,10 @@ mp_err s_mp_mul_high_digs_fast(const mp_int *a, const mp_int *b, mp_int *c, int - mp_digit W[MP_WARRAY]; - mp_word _W; - -+ if (digs < 0) { -+ return MP_VAL; -+ } -+ - /* grow the destination as required */ - pa = a->used + b->used; - if (c->alloc < pa) { diff --git a/math/libtommath/files/patch-c1cf80 b/math/libtommath/files/patch-c1cf80 deleted file mode 100644 index a6137942d9f0..000000000000 --- a/math/libtommath/files/patch-c1cf80 +++ /dev/null @@ -1,57 +0,0 @@ -From c1cf80738219dbd70cba0c0c1244698aad842ec7 Mon Sep 17 00:00:00 2001 -From: Steffen Jaeckel <s@jaeckel.eu> -Date: Thu, 5 Mar 2020 13:57:07 +0100 -Subject: [PATCH] introduce MP_HAS_SET_DOUBLE - ---- - demo/test.c | 4 ++-- - mp_set_double.c | 2 +- - tommath_private.h | 7 +++++++ - 3 files changed, 10 insertions(+), 3 deletions(-) - ---- demo/test.c.orig 2019-10-22 09:44:44.000000000 +0000 -+++ demo/test.c 2021-09-20 10:02:00.103699000 +0000 -@@ -625,7 +625,7 @@ - - } - --#if defined(__STDC_IEC_559__) || defined(__GCC_IEC_559) -+#if defined(MP_HAS_SET_DOUBLE) - static int test_mp_set_double(void) - { - int i; -@@ -2461,7 +2461,7 @@ - T1(mp_read_write_sbin, MP_TO_SBIN), - T1(mp_reduce_2k, MP_REDUCE_2K), - T1(mp_reduce_2k_l, MP_REDUCE_2K_L), --#if defined(__STDC_IEC_559__) || defined(__GCC_IEC_559) -+#if defined(MP_HAS_SET_DOUBLE) - T1(mp_set_double, MP_SET_DOUBLE), - #endif - T1(mp_signed_rsh, MP_SIGNED_RSH), ---- bn_mp_set_double.c.orig 2019-10-22 09:44:44.000000000 +0000 -+++ bn_mp_set_double.c 2021-09-20 10:05:36.466235000 +0000 -@@ -3,7 +3,7 @@ - /* LibTomMath, multiple-precision integer library -- Tom St Denis */ - /* SPDX-License-Identifier: Unlicense */ - --#if defined(__STDC_IEC_559__) || defined(__GCC_IEC_559) -+#if defined(MP_HAS_SET_DOUBLE) - mp_err mp_set_double(mp_int *a, double b) - { - uint64_t frac; ---- tommath_private.h.orig -+++ tommath_private.h -@@ -164,6 +164,13 @@ MP_STATIC_ASSERT(prec_geq_min_prec, MP_DEFAULT_DIGIT_COUNT >= MP_MIN_DIGIT_COUNT - */ - #define MP_MAX_DIGIT_COUNT ((INT_MAX - 2) / MP_DIGIT_BIT) - -+#if defined(__STDC_IEC_559__) || defined(__GCC_IEC_559) \ -+ || defined(__x86_64__) || defined(_M_X64) || defined(_M_AMD64) \ -+ || defined(__i386__) || defined(_M_X86) \ -+ || defined(__aarch64__) || defined(__arm__) -+#define MP_HAS_SET_DOUBLE -+#endif -+ - /* random number source */ - extern MP_PRIVATE mp_err(*s_mp_rand_source)(void *out, size_t size);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202310091157.399BvYu2039908>