[152842] trunk/dports/devel/libcryptopp

raphael at macports.org raphael at macports.org
Mon Sep 19 09:35:32 PDT 2016 

Revision: 152842
          https://trac.macports.org/changeset/152842
Author:   raphael at macports.org
Date:     2016-09-19 09:35:32 -0700 (Mon, 19 Sep 2016)
Log Message:
-----------
libcryptopp: fix CVE-2016-7420

Modified Paths:
--------------
    trunk/dports/devel/libcryptopp/Portfile
    trunk/dports/devel/libcryptopp/files/patch-config.h.diff

Modified: trunk/dports/devel/libcryptopp/Portfile
===================================================================
--- trunk/dports/devel/libcryptopp/Portfile	2016-09-19 13:29:50 UTC (rev 152841)
+++ trunk/dports/devel/libcryptopp/Portfile	2016-09-19 16:35:32 UTC (rev 152842)
@@ -5,6 +5,7 @@
 
 name                libcryptopp
 version             5.6.4
+revision            1
 categories          devel security
 platforms           darwin
 maintainers         raphael openmaintainer
@@ -27,6 +28,10 @@
 
 patchfiles          patch-config.h.diff \
                     patch-GNUmakefile.diff
+post-patch {
+    # render the asserts inert; fixes CVE-2016-7420 (see <https://groups.google.com/forum/#!topic/cryptopp-users/NhWvEAMKcsU>)
+    reinplace "s|assert\[\[:space:\]\]*(|CRYPTOPP_UNUSED(|g" {*}[glob ${worksrcpath}/*.h ${worksrcpath}/*.cpp]
+}
 
 use_configure       no
 

Modified: trunk/dports/devel/libcryptopp/files/patch-config.h.diff
===================================================================
--- trunk/dports/devel/libcryptopp/files/patch-config.h.diff	2016-09-19 13:29:50 UTC (rev 152841)
+++ trunk/dports/devel/libcryptopp/files/patch-config.h.diff	2016-09-19 16:35:32 UTC (rev 152842)
@@ -1,5 +1,5 @@
---- config.h.orig	2016-09-11 15:07:47.000000000 +0200
-+++ config.h	2016-09-12 08:47:14.000000000 +0200
+--- config.h.orig	2016-09-19 18:03:02.000000000 +0200
++++ config.h	2016-09-19 18:04:26.000000000 +0200
 @@ -57,7 +57,7 @@
  // Define this to ensure C/C++ standard compliance and respect for GCC aliasing rules and other alignment fodder. If you
  // experience a break with GCC at -O3, you should try this first. Guard it in case its set on the command line (and it differs).
@@ -18,3 +18,12 @@
  
  // CRYPTOPP_USER_PRIORITY is for other libraries and user code that is using Crypto++
  // and managing C++ static object creation. It is guaranteed not to conflict with
+@@ -737,7 +737,7 @@
+ 
+ // Portable way to suppress warnings.
+ //   Moved from misc.h due to circular depenedencies.
+-#define CRYPTOPP_UNUSED(x) ((void)x)
++#define CRYPTOPP_UNUSED(x) ((void)(x))
+ 
+ // ************** Deprecated ***************
+ 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/macports-changes/attachments/20160919/8ecf3c8d/attachment.html>

More information about the macports-changes mailing list