commit 12ce0db1bffb048fbf81a852aed7240aedc31757 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

beep: fix for CVE-2018-0492

Peter Hoeg 7 years ago 12ce0db1 e6c13548

+124 -10

2 changed files

expand all

unified split

pkgs

misc

beep

cve-2018-0492.patch

default.nix

+106

pkgs/misc/beep/cve-2018-0492.patch

··· 1 + diff --git a/beep.c b/beep.c 2 + index 7da2e70..4323d31 100644 3 + --- a/beep.c 4 + +++ b/beep.c 5 + @@ -109,6 +109,7 @@ void do_beep(int freq) { 6 + /* BEEP_TYPE_EVDEV */ 7 + struct input_event e; 8 + 9 + + memset(&e, 0, sizeof(e)); 10 + e.type = EV_SND; 11 + e.code = SND_TONE; 12 + e.value = freq; 13 + @@ -124,10 +125,6 @@ void do_beep(int freq) { 14 + /* If we get interrupted, it would be nice to not leave the speaker beeping in 15 + perpetuity. */ 16 + void handle_signal(int signum) { 17 + - 18 + - if(console_device) 19 + - free(console_device); 20 + - 21 + switch(signum) { 22 + case SIGINT: 23 + case SIGTERM: 24 + @@ -257,7 +254,7 @@ void parse_command_line(int argc, char **argv, beep_parms_t *result) { 25 + result->verbose = 1; 26 + break; 27 + case 'e' : /* also --device */ 28 + - console_device = strdup(optarg); 29 + + console_device = optarg; 30 + break; 31 + case 'h' : /* notice that this is also --help */ 32 + default : 33 + @@ -276,26 +273,6 @@ void play_beep(beep_parms_t parms) { 34 + "%d delay after) @ %.2f Hz\n", 35 + parms.reps, parms.length, parms.delay, parms.end_delay, parms.freq); 36 + 37 + - /* try to snag the console */ 38 + - if(console_device) 39 + - console_fd = open(console_device, O_WRONLY); 40 + - else 41 + - if((console_fd = open("/dev/tty0", O_WRONLY)) == -1) 42 + - console_fd = open("/dev/vc/0", O_WRONLY); 43 + - 44 + - if(console_fd == -1) { 45 + - fprintf(stderr, "Could not open %s for writing\n", 46 + - console_device != NULL ? console_device : "/dev/tty0 or /dev/vc/0"); 47 + - printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */ 48 + - perror("open"); 49 + - exit(1); 50 + - } 51 + - 52 + - if (ioctl(console_fd, EVIOCGSND(0)) != -1) 53 + - console_type = BEEP_TYPE_EVDEV; 54 + - else 55 + - console_type = BEEP_TYPE_CONSOLE; 56 + - 57 + /* Beep */ 58 + for (i = 0; i < parms.reps; i++) { /* start beep */ 59 + do_beep(parms.freq); 60 + @@ -305,8 +282,6 @@ void play_beep(beep_parms_t parms) { 61 + if(parms.end_delay || (i+1 < parms.reps)) 62 + usleep(1000*parms.delay); /* wait... */ 63 + } /* repeat. */ 64 + - 65 + - close(console_fd); 66 + } 67 + 68 + 69 + @@ -328,6 +303,26 @@ int main(int argc, char **argv) { 70 + signal(SIGTERM, handle_signal); 71 + parse_command_line(argc, argv, parms); 72 + 73 + + /* try to snag the console */ 74 + + if(console_device) 75 + + console_fd = open(console_device, O_WRONLY); 76 + + else 77 + + if((console_fd = open("/dev/tty0", O_WRONLY)) == -1) 78 + + console_fd = open("/dev/vc/0", O_WRONLY); 79 + + 80 + + if(console_fd == -1) { 81 + + fprintf(stderr, "Could not open %s for writing\n", 82 + + console_device != NULL ? console_device : "/dev/tty0 or /dev/vc/0"); 83 + + printf("\a"); /* Output the only beep we can, in an effort to fall back on usefulness */ 84 + + perror("open"); 85 + + exit(1); 86 + + } 87 + + 88 + + if (ioctl(console_fd, EVIOCGSND(0)) != -1) 89 + + console_type = BEEP_TYPE_EVDEV; 90 + + else 91 + + console_type = BEEP_TYPE_CONSOLE; 92 + + 93 + /* this outermost while loop handles the possibility that -n/--new has been 94 + used, i.e. that we have multiple beeps specified. Each iteration will 95 + play, then free() one parms instance. */ 96 + @@ -365,8 +360,8 @@ int main(int argc, char **argv) { 97 + parms = next; 98 + } 99 + 100 + - if(console_device) 101 + - free(console_device); 102 + + close(console_fd); 103 + + console_fd = -1; 104 + 105 + return EXIT_SUCCESS; 106 + }

+18 -10

pkgs/misc/beep/default.nix

··· 1 - { stdenv, fetchurl }: 1 + { stdenv, fetchFromGitHub }: 2 2 3 3 # this package is working only as root 4 4 # in order to work as a non privileged user you would need to suid the bin 5 5 6 6 stdenv.mkDerivation { 7 7 name = "beep-1.3"; 8 - src = fetchurl { 9 - url = http://www.johnath.com/beep/beep-1.3.tar.gz; 10 - sha256 = "0bgch6jq5cahakk3kbr9549iysf2dik09afixxy5brbxk1xfzb2r"; 8 + 9 + src = fetchFromGitHub { 10 + owner = "johnath"; 11 + repo = "beep"; 12 + rev = "0d790fa45777896749a885c3b93b2c1476d59f20"; 13 + sha256 = "0dxz58an0sz5r82al5sc935y2z2k60rz12ikjvx7sz39rfirgfpc"; 11 14 }; 12 15 13 - makeFlags = "INSTALL_DIR=\${out}/bin/ MAN_DIR=\${out}/man/man1/"; 16 + patches = [ ./cve-2018-0492.patch ]; 17 + 18 + makeFlags = [ 19 + "INSTALL_DIR=${placeholder "out"}/bin/" 20 + "MAN_DIR=${placeholder "out"}/man/man1/" 21 + ]; 14 22 15 23 preInstall = '' 16 - mkdir -p $out/bin 17 - mkdir -p $out/man/man1 24 + mkdir -p $out/{bin,man/man1} 18 25 ''; 19 - meta = { 26 + 27 + meta = with stdenv.lib; { 20 28 description = "The advanced PC speaker beeper"; 21 29 homepage = http://www.johnath.com/beep/; 22 - license = stdenv.lib.licenses.gpl2; 23 - platforms = stdenv.lib.platforms.linux; 30 + license = licenses.gpl2; 31 + platforms = platforms.linux; 24 32 }; 25 33 }