diff options
author | Robert Scott <code@humanleg.org.uk> | 2021-12-08 00:12:46 +0000 |
---|---|---|
committer | Robert Scott <code@humanleg.org.uk> | 2021-12-08 23:58:39 +0000 |
commit | d35c79a419f49277fd4b7e55e69c16607b7a8a65 (patch) | |
tree | b35bce3696a1606d8d533d8cf5c246f77dc1670a /pkgs/development/libraries/gmp | |
parent | df0c1b8745db6ff501c95a057bfedea7bb538952 (diff) |
gmp: add patch for CVE-2021-43618
Diffstat (limited to 'pkgs/development/libraries/gmp')
-rw-r--r-- | pkgs/development/libraries/gmp/6.2.1-CVE-2021-43618.patch | 19 | ||||
-rw-r--r-- | pkgs/development/libraries/gmp/6.x.nix | 2 |
2 files changed, 21 insertions, 0 deletions
diff --git a/pkgs/development/libraries/gmp/6.2.1-CVE-2021-43618.patch b/pkgs/development/libraries/gmp/6.2.1-CVE-2021-43618.patch new file mode 100644 index 0000000000000..eec8206dba05c --- /dev/null +++ b/pkgs/development/libraries/gmp/6.2.1-CVE-2021-43618.patch @@ -0,0 +1,19 @@ +https://gmplib.org/repo/gmp-6.2/raw-rev/561a9c25298e + +diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c +--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100 ++++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200 +@@ -88,8 +88,11 @@ + + abs_csize = ABS (csize); + ++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) ++ return 0; /* Bit size overflows */ ++ + /* round up to a multiple of limbs */ +- abs_xsize = BITS_TO_LIMBS (abs_csize*8); ++ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8); + + if (abs_xsize != 0) + { + diff --git a/pkgs/development/libraries/gmp/6.x.nix b/pkgs/development/libraries/gmp/6.x.nix index 59bc98aa559f2..9093073cecff4 100644 --- a/pkgs/development/libraries/gmp/6.x.nix +++ b/pkgs/development/libraries/gmp/6.x.nix @@ -20,6 +20,8 @@ let self = stdenv.mkDerivation rec { sha256 = "0z2ddfiwgi0xbf65z4fg4hqqzlhv0cc6hdcswf3c6n21xdmk5sga"; }; + patches = [ ./6.2.1-CVE-2021-43618.patch ]; + #outputs TODO: split $cxx due to libstdc++ dependency # maybe let ghc use a version with *.so shared with rest of nixpkgs and *.a added # - see #5855 for related discussion |