From 9a904b48e6ca8fc549421a6fb04909cf4168671a Mon Sep 17 00:00:00 2001 From: Jochen Schmitt Date: Apr 27 2011 16:50:34 +0000 Subject: Add patch to solve CVE-2009-3850 (#5333395) --- diff --git a/blender-2.57-CVE-2009-3850.patch b/blender-2.57-CVE-2009-3850.patch new file mode 100644 index 0000000..ca50107 --- /dev/null +++ b/blender-2.57-CVE-2009-3850.patch @@ -0,0 +1,88 @@ +@@ -, +, @@ + --enable-autoexec|-y|-666 (CVE-2009-3850) + source/blender/blenkernel/intern/blender.c | 3 ++- + source/blender/makesrna/intern/rna_userdef.c | 9 ++++++--- + source/blender/windowmanager/intern/wm_files.c | 3 ++- + source/creator/creator.c | 10 ++++++---- + 4 files changed, 16 insertions(+), 9 deletions(-) +--- a/source/blender/blenkernel/intern/blender.c ++++ a/source/blender/blenkernel/intern/blender.c +@@ -141,7 +141,8 @@ void initglobals(void) + G.charmin = 0x0000; + G.charmax = 0xffff; + +- G.f |= G_SCRIPT_AUTOEXEC; ++ G.f &= ~G_SCRIPT_AUTOEXEC; ++ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */ + } + + /***/ +--- a/source/blender/makesrna/intern/rna_userdef.c ++++ a/source/blender/makesrna/intern/rna_userdef.c +@@ -99,9 +99,12 @@ static void rna_userdef_show_manipulator_update(Main *bmain, Scene *scene, Point + + static void rna_userdef_script_autoexec_update(Main *bmain, Scene *scene, PointerRNA *ptr) + { +- UserDef *userdef = (UserDef*)ptr->data; +- if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC; +- else G.f |= G_SCRIPT_AUTOEXEC; ++ if ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) { ++ /* Blender run with --enable-autoexec */ ++ UserDef *userdef = (UserDef*)ptr->data; ++ if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC; ++ else G.f |= G_SCRIPT_AUTOEXEC; ++ } + } + + static void rna_userdef_mipmap_update(Main *bmain, Scene *scene, PointerRNA *ptr) +--- a/source/blender/windowmanager/intern/wm_files.c ++++ a/source/blender/windowmanager/intern/wm_files.c +@@ -270,7 +270,8 @@ static void wm_init_userdef(bContext *C) + + /* set the python auto-execute setting from user prefs */ + /* enabled by default, unless explicitly enabled in the command line which overrides */ +- if((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) { ++ if (! G.background && ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0)) { ++ /* Blender run with --enable-autoexec */ + if ((U.flag & USER_SCRIPT_AUTOEXEC_DISABLE) == 0) G.f |= G_SCRIPT_AUTOEXEC; + else G.f &= ~G_SCRIPT_AUTOEXEC; + } +--- a/source/creator/creator.c ++++ a/source/creator/creator.c +@@ -278,6 +278,7 @@ static int print_help(int UNUSED(argc), const char **UNUSED(argv), void *data) + + printf("\n"); + ++ BLI_argsPrintArgDoc(ba, "-666"); + BLI_argsPrintArgDoc(ba, "--enable-autoexec"); + BLI_argsPrintArgDoc(ba, "--disable-autoexec"); + +@@ -359,14 +360,14 @@ static int end_arguments(int UNUSED(argc), const char **UNUSED(argv), void *UNUS + static int enable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data)) + { + G.f |= G_SCRIPT_AUTOEXEC; +- G.f |= G_SCRIPT_OVERRIDE_PREF; ++ G.f &= ~G_SCRIPT_OVERRIDE_PREF; /* Enables turning G_SCRIPT_AUTOEXEC off from user prefs */ + return 0; + } + + static int disable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data)) + { + G.f &= ~G_SCRIPT_AUTOEXEC; +- G.f |= G_SCRIPT_OVERRIDE_PREF; ++ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */ + return 0; + } + +@@ -1075,8 +1076,9 @@ static void setupArguments(bContext *C, bArgs *ba, SYS_SystemHandle *syshandle) + + BLI_argsAdd(ba, 1, "-v", "--version", "\n\tPrint Blender version and exit", print_version, NULL); + +- BLI_argsAdd(ba, 1, "-y", "--enable-autoexec", "\n\tEnable automatic python script execution (default)", enable_python, NULL); +- BLI_argsAdd(ba, 1, "-Y", "--disable-autoexec", "\n\tDisable automatic python script execution (pydrivers, pyconstraints, pynodes)", disable_python, NULL); ++ BLI_argsAdd(ba, 1, NULL, "-666", "\n\tEnable automatic python script execution (port from CVE-2009-3850 patch to Blender 2.49b)", enable_python, NULL); ++ BLI_argsAdd(ba, 1, "-y", "--enable-autoexec", "\n\tEnable automatic python script execution", enable_python, NULL); ++ BLI_argsAdd(ba, 1, "-Y", "--disable-autoexec", "\n\tDisable automatic python script execution (pydrivers, pyconstraints, pynodes) (default)", disable_python, NULL); + + BLI_argsAdd(ba, 1, "-b", "--background", "\n\tLoad in background (often used for UI-less rendering)", background_mode, NULL); + diff --git a/blender.spec b/blender.spec index 6541c8f..e615a7e 100644 --- a/blender.spec +++ b/blender.spec @@ -7,7 +7,7 @@ Name: blender Epoch: 1 Version: 2.57 -Release: 2%{?dist} +Release: 3%{?dist} Summary: 3D modeling, animation, rendering and post-production @@ -28,6 +28,9 @@ Patch1: blender-2.44-bid.patch Patch2: blender-2.57-ext.patch Patch3: blender-2.57-syspath.patch +# Patch taken from Gentoo Bug #364291 +Patch10: blender-2.57-CVE-2009-3850.patch + BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: desktop-file-utils @@ -109,6 +112,8 @@ addon packages to extend blender. %patch2 -p1 -b .ext %patch3 -p1 -b .syspath +%patch10 -p1 -b .cve + # No executable or shared library outside the gettext package is # supposed to link against libgettextlib or libgettextsrc. sed -i -e"s,gettextlib,,g" build_files/scons/config/linux2-config.py @@ -267,7 +272,10 @@ fi || : %{_sysconfdir}/rpm/macros.blender %changelog -* Sat Apr 16 2011 Jochen Schmitt 1:2.57-2 +* Wed Apr 27 2011 Jochen Schmitt - 1:2.57-3 +- Add patch to solve CVE-2009-3850 (#5333395) + +* Sat Apr 16 2011 Jochen Schmitt 1:2.57-2 - Add plugin directory - Add locale