From nobody Sat Nov 23 18:16:33 2024
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XwgCP4ZsXz5dfGC;
	Sat, 23 Nov 2024 18:16:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4XwgCP2gXwz4ZH6;
	Sat, 23 Nov 2024 18:16:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1732385793;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=MnFiHLFcQYBZlAvYZJ2ZmduMylucD6mZ9hJM1z8Fvxc=;
	b=gAq+/uUCUpM8ei9A6eX3hz1bOeBjlceBQVKufe1yR0Yee5dDRDOIAJ/O3l+1/GsVtdj8LR
	YHLilkmwTDkB90oOwc8LVMs+UeYev4AvgpFEmbvmX/ROgho3xImqLr+6HUJxtCwq+YJ7VF
	vMuDsseYETFieVDiG/uPo7Bh9N0WxsxaYeN+aZxbvFqgcl8/2tkpQIGUVDPQvRaHFBrcdD
	kJgY+IQtKhdT1bHPEcYRqkEqqVRQAIR3U9d0/4x7DYLJpqf5R7JOAR4SefAcOsNMheY4lp
	wUgmAD2MVtCRXP8KONMU2+mpY1lcVNdpZk6MGPVqQrTGo88egeSPD9Zmm/QWyQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1732385793;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=MnFiHLFcQYBZlAvYZJ2ZmduMylucD6mZ9hJM1z8Fvxc=;
	b=vrrwMGH7AGz1m2BmxI7RyZ0bjjXUBxXsnF/dg10M2wQGtcMmJreQe3yNaeA2GKhvWWO8iv
	dngrXRug+IFujwDd0/ko66i/dSxauC/cn1LrGK79Ffdvr/B+h4Vdvl2clScxsAhkTtxn8t
	DYXjQUrxJ/lNIenmcDeUZpIQpC1fvHoXgpURo29IC8vKAqxAZSIWWpFHMruPMmjgcdxceZ
	Acet576SFbRqoqlgftFqMfUD7u6tSBv7JlUAt65ua+77B9Ax5TvfMw50YtPvLQomSymasx
	1cqh98YR3f76pRApqKMVW0EHKyv062cxtza4CPdGcfVP81ziqvuxhxu4jncgQQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1732385793; a=rsa-sha256; cv=none;
	b=v0iB6fX0LS+oa4hgVT5HBTZeMw5o515jT04dzi930vO4qEWdPJ/nhBvoJzTNz8RMb8IGUo
	x4Q/pn4uIPltHbdr1nRovclJ4Yn+YkcQ7wVYkZ3JnOgmnzvTZO4u0RamV1Ex6H2vsqNWNr
	jhz/9HsoKfknKBT+2nfEgWFTMowEFHLKQ2dnv8tfw5pzKFhSTJPmsP0D22S4bUOYiN6NyP
	ImT28q7J99O/GWI6/0AE6PSjiDRTRADv3EQ0b7J23fRS153EgVPfH0Dg/phV2DGY1PH8Y5
	C7yC2U248cJs+i9pzLCRdSxpSug50dZDQI70c7aSXX+n+REzxDuNmFSwnXMDrQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XwgCP2DNzzKcy;
	Sat, 23 Nov 2024 18:16:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4ANIGXpV021730;
	Sat, 23 Nov 2024 18:16:33 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4ANIGX2Y021727;
	Sat, 23 Nov 2024 18:16:33 GMT
	(envelope-from git)
Date: Sat, 23 Nov 2024 18:16:33 GMT
Message-Id: <202411231816.4ANIGX2Y021727@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Michael Gmelin <grembo@FreeBSD.org>
Subject: git: a4b2dd46482c - main - sysutils/iocage-devel: Add
  hardening measures on untar
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-ports-main@freebsd.org
Sender: owner-dev-commits-ports-main@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: grembo
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: a4b2dd46482c6a039f9ca296fa738b83752b1457
Auto-Submitted: auto-generated

The branch main has been updated by grembo:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a4b2dd46482c6a039f9ca296fa738b83752b1457

commit a4b2dd46482c6a039f9ca296fa738b83752b1457
Author:     Michael Gmelin <grembo@FreeBSD.org>
AuthorDate: 2024-11-23 18:11:44 +0000
Commit:     Michael Gmelin <grembo@FreeBSD.org>
CommitDate: 2024-11-23 18:15:38 +0000

    sysutils/iocage-devel: Add hardening measures on untar
    
    This adds hardening measures while untaring archives fetched
    over the network (including FreeBSD tarballs and iocage plugins),
    as implemented by TrueNAS.
    
    This reduces the impact of intentionally malicious or accidentally
    broken archives.
    
    Please note that users are still advised to only fetch from
    trusted sources and make use of TLS to prevent MITM attacks.
    
    While there, add patch to store man pages in the correct location.
    
    Obtained from:          https://github.com/truenas/iocage/pull/358
---
 sysutils/iocage-devel/Makefile                     |  1 +
 .../files/patch-iocage__lib_ioc__fetch.py          | 22 ++++++++++++++++++++++
 .../files/patch-iocage__lib_ioc__plugin.py         | 22 ++++++++++++++++++++++
 sysutils/iocage-devel/files/patch-setup.py         | 15 +++++++++++++++
 4 files changed, 60 insertions(+)

diff --git a/sysutils/iocage-devel/Makefile b/sysutils/iocage-devel/Makefile
index 548871820f6b..21db6054355a 100644
--- a/sysutils/iocage-devel/Makefile
+++ b/sysutils/iocage-devel/Makefile
@@ -1,5 +1,6 @@
 PORTNAME=	iocage-devel
 PORTVERSION=	1.8.20241014
+PORTREVISION=	1
 PORTEPOCH=	1
 CATEGORIES=	sysutils python
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
diff --git a/sysutils/iocage-devel/files/patch-iocage__lib_ioc__fetch.py b/sysutils/iocage-devel/files/patch-iocage__lib_ioc__fetch.py
new file mode 100644
index 000000000000..73d8b6e58068
--- /dev/null
+++ b/sysutils/iocage-devel/files/patch-iocage__lib_ioc__fetch.py
@@ -0,0 +1,22 @@
+--- iocage_lib/ioc_fetch.py.orig	2024-09-20 06:45:27 UTC
++++ iocage_lib/ioc_fetch.py
+@@ -47,7 +47,10 @@ import iocage_lib.ioc_start
+ from iocage_lib.pools import Pool
+ from iocage_lib.dataset import Dataset
+ 
++# deliberately crash if tarfile doesn't have required filter
++tarfile.tar_filter
+ 
++
+ class IOCFetch:
+ 
+     """Fetch a RELEASE for use as a jail base."""
+@@ -817,7 +820,7 @@ class IOCFetch:
+             # removing them first.
+             member = self.__fetch_extract_remove__(f)
+             member = self.__fetch_check_members__(member)
+-            f.extractall(dest, members=member)
++            f.extractall(dest, members=member, filter='tar')
+ 
+     def fetch_update(self, cli=False, uuid=None):
+         """This calls 'freebsd-update' to update the fetched RELEASE."""
diff --git a/sysutils/iocage-devel/files/patch-iocage__lib_ioc__plugin.py b/sysutils/iocage-devel/files/patch-iocage__lib_ioc__plugin.py
new file mode 100644
index 000000000000..be9ee84d1e3f
--- /dev/null
+++ b/sysutils/iocage-devel/files/patch-iocage__lib_ioc__plugin.py
@@ -0,0 +1,22 @@
+--- iocage_lib/ioc_plugin.py.orig	2024-09-20 06:45:27 UTC
++++ iocage_lib/ioc_plugin.py
+@@ -61,7 +61,10 @@ from iocage_lib.dataset import Dataset
+ GIT_LOCK = threading.Lock()
+ RE_PLUGIN_VERSION = re.compile(r'"path":"([/\.\+,\d\w-]*)\.txz"')
+ 
++# deliberately crash if tarfile doesn't have required filter
++tarfile.tar_filter
+ 
++
+ class IOCPlugin(object):
+ 
+     """
+@@ -157,7 +160,7 @@ class IOCPlugin(object):
+                             shutil.copyfileobj(r.raw, f)
+ 
+                     with tarfile.open(packagesite_txz_path) as p_file:
+-                        p_file.extractall(path=tmpdir)
++                        p_file.extractall(path=tmpdir, filter='data')
+ 
+                     packagesite_path = os.path.join(tmpdir, 'packagesite.yaml')
+                     if not os.path.exists(packagesite_path):
diff --git a/sysutils/iocage-devel/files/patch-setup.py b/sysutils/iocage-devel/files/patch-setup.py
new file mode 100644
index 000000000000..cad071146d2d
--- /dev/null
+++ b/sysutils/iocage-devel/files/patch-setup.py
@@ -0,0 +1,15 @@
+--- setup.py.orig	2024-09-20 06:45:27 UTC
++++ setup.py
+@@ -30,10 +30,10 @@ from setuptools import find_packages, setup
+ 
+ if os.path.isdir("/".join([sys.prefix, "etc/init.d"])):
+     _data = [('etc/init.d', ['rc.d/iocage']),
+-             ('man/man8', ['iocage.8.gz'])]
++             ('share/man/man8', ['iocage.8.gz'])]
+ else:
+     _data = [('etc/rc.d', ['rc.d/iocage']),
+-             ('man/man8', ['iocage.8.gz'])]
++             ('share/man/man8', ['iocage.8.gz'])]
+ 
+ if os.path.isdir("/".join([sys.prefix, "share/zsh/site-functions/"])):
+     _data.append(('share/zsh/site-functions', ['zsh-completion/_iocage']))