Mercurial > trustbridge > trustbridge

comparison INSTALL @ 1400:e18fccc081f1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(issue182) Document applying the patch for CVE-2015-1182
author Andre Heinecke <andre.heinecke@intevation.de>
date Tue, 27 Jan 2015 15:15:19 +0100
parents 3d6faded03dd
children
comparison
equal deleted inserted replaced
1399:9283376283aa 1400:e18fccc081f1
77 + set(CMAKE_C_FLAGS "\${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wlogical-op -Wwrite-strings") 77 + set(CMAKE_C_FLAGS "\${CMAKE_C_FLAGS} -Wall -Wextra -W -Wdeclaration-after-statement -Wlogical-op -Wwrite-strings")
78 set(CMAKE_C_FLAGS_RELEASE "-O2") 78 set(CMAKE_C_FLAGS_RELEASE "-O2")
79 set(CMAKE_C_FLAGS_DEBUG "-g3 -O0") 79 set(CMAKE_C_FLAGS_DEBUG "-g3 -O0")
80 set(CMAKE_C_FLAGS_COVERAGE "-g3 -O0 --coverage") 80 set(CMAKE_C_FLAGS_COVERAGE "-g3 -O0 --coverage")
81 EOF 81 EOF
82 # Patch for CVE 2015-1182
83 patch -p1 << EOF
84 diff --git a/library/asn1parse.c b/library/asn1parse.c
85 index a3a2b56..e2117bf 100644
86 --- a/library/asn1parse.c
87 +++ b/library/asn1parse.c
88 @@ -278,6 +278,8 @@ int asn1_get_sequence_of( unsigned char **p,
89 if( cur->next == NULL )
90 return( POLARSSL_ERR_ASN1_MALLOC_FAILED );
91
92 + memset( cur->next, 0, sizeof( asn1_sequence ) );
93 +
94 cur = cur->next;
95 }
96 }
97 EOF
82 98
83 mkdir build 99 mkdir build
84 cd build 100 cd build
85 cmake .. -DCMAKE_C_FLAGS=-fpic -DCMAKE_INSTALL_PREFIX=$YOURPREFIX 101 cmake .. -DCMAKE_C_FLAGS=-fpic -DCMAKE_INSTALL_PREFIX=$YOURPREFIX
86 make && make test && make install 102 make && make test && make install
http://wald.intevation.org/projects/trustbridge/