DIST SparseBitSet-1.1.jar 23706 BLAKE2B 8623a723f11f97386a108c775fefddd324997b68bea7f7ade0581ec5800bfa8d32f699ab903ad66c631b7b5c69ba1ef377243653f5044f39234dac07543eb129 SHA512 cf75431c5f705961800ce5cbca2acb9b2459eaf98ec37b5ee21c5a90d204ffb466fa25457b0560fbb024489777efbea0276201024c7b1b2853124930ac490983
DIST libewf-20130128.tar.gz 1978794 BLAKE2B e5d2bd8f4a8b878e13536b89b032d8cee6982272065b2bf325f8a811dff258264118a79496912377337ceb9ad630138b6bedb89e3c3be89a5f6a6fea85ab586b SHA512 94cdd0c3f0d8f535f3462c5adba266302f9b129abacda077ed429fa38af6862fca5a90ba2e606b78607b509769305cc6134c483c7033c20e226596cca2d42b90
DIST sleuthkit-4.5.0.tar.gz 8611141 BLAKE2B a1ae66bfcb74ce1fec24f80dfe60cd68f1de53119331c38848f7f82de8052eda49d78fdea49e42ada5843094939ef212dece42a5ceb85931a79e02adccda30e6 SHA512 911890cacca739f121681514197104cb2dc3bd219f3e068c4ce61264498c56989359976fc75172e1f456c94e4e25c6206413b0234c36e55736a577b8e664e4b3
-DIST sleuthkit-4.6.0.tar.gz 8634432 BLAKE2B b45721cdee798d84f0caa0bfe38645346539bb497f5a492c72016a6b3b0246b362ecea676a7a0e788d66cc0dc32335e719912434bd61aa205b7d51b8d4bd7c14 SHA512 dbf880e8503dccb0a686f1d9658d56e9cb40f452127f9b713cf2a4941f4083fa1cf80a886994d58421307a679242cd4ee005b3e874cf429cfb140a597a0dc739
-DIST sleuthkit-4.6.4.tar.gz 8655341 BLAKE2B 9d8a2884d1c90e9be3104221c22fdc4346c8f288a13384ef8205cea46bbda2249691b548b7d19a1b34d6d0d1fc6d5390aa0fc8c8b28ea75b53de946b62c8e25c SHA512 0dd3fc3659fd6dee49ababd8033bcc5ce218c9154b61eb072a943e8d1a96fb04dcabc85124583bc69ad0ced2609fed11812164a3db6587446255a9c507f08762
DIST sleuthkit-4.6.5.tar.gz 8658866 BLAKE2B 29b75c96a14c5d42522e7116a80cc368c8097fa43af27c0e958215142d6ee61131c7b154fb876fa3ea9c727e8100de9bd703dfd8cef9ccce1f6602222c8470fa SHA512 ba21be166da1a7bdd197946722a1e0947f90bbb2c27d635cdfbcbc870aa42937fe6b42f432482f70a5e686942c8891d0367b5ce28615315d8905661e73aefe32
DIST sqlite-jdbc-3.8.11.jar 5131732 BLAKE2B 1a04fa9e9cb97fdddc19af2de9efa7b54c0b527642e6e325e31054e4e294e3bc6af00ea291087ed9dd26668d48dae356035fc85212c0eb81656550d552103ed0 SHA512 5f4705101992e8916e29742c560aef0d01eba9dc0d2d984b75a77e56be3c9fd20b284390fe8f9bb54bf9d1f8528c3413922684c446212ca8961ac731543fb179
+++ /dev/null
-From dd679ad1d855e7f69a887eb343bb53d49dc664e7 Mon Sep 17 00:00:00 2001
-From: Jordy Zomer <zome8499@student.alfa-college.nl>
-Date: Sat, 24 Nov 2018 12:19:38 +0100
-Subject: [PATCH 1/3] Fix CVE-2018-19497.
-
-An issue was discovered in The Sleuth Kit (TSK) through 4.6.4.
-The "tsk_getu16(hfs->fs_info.endian, &rec_buf[rec_off2])" call in hfs_dir_open_meta_cb in
-tsk/fs/hfs_dent.c does not properly check boundaries. This results in
-a crash (SEGV on unknown address
-READ memory access)
-when reading too much in the destination buffer.
----
- tsk/fs/hfs.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
-index 00f1720b1b..0dec507165 100644
---- a/tsk/fs/hfs.c
-+++ b/tsk/fs/hfs.c
-@@ -956,7 +956,8 @@ hfs_cat_traverse(HFS_INFO * hfs,
- key = (hfs_btree_key_cat *) & node[rec_off];
-
- keylen = 2 + tsk_getu16(hfs->fs_info.endian, key->key_len);
-- if ((keylen) > nodesize) {
-+
-+ if (keylen > nodesize - rec_off) {
- tsk_error_set_errno(TSK_ERR_FS_GENFS);
- tsk_error_set_errstr
- ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %"
-
-From fb2bc0ad693db852fac1dcc77a072aeabe106ac8 Mon Sep 17 00:00:00 2001
-From: Jordy Zomer <zome8499@student.alfa-college.nl>
-Date: Sat, 24 Nov 2018 12:37:09 +0100
-Subject: [PATCH 2/3] fix length in printf of nodesize
-
-Also fix the length in printf next to comit dd679ad1d855e7f69a887eb343bb53d49dc664e7
----
- tsk/fs/hfs.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
-index 0dec507165..4f7c0679a8 100644
---- a/tsk/fs/hfs.c
-+++ b/tsk/fs/hfs.c
-@@ -961,7 +961,7 @@ hfs_cat_traverse(HFS_INFO * hfs,
- tsk_error_set_errno(TSK_ERR_FS_GENFS);
- tsk_error_set_errstr
- ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %"
-- PRIu16 ")", rec, cur_node, keylen, nodesize);
-+ PRIu16 ")", rec, cur_node, keylen, nodesize - rec_off);
- free(node);
- return 1;
- }
-
-From 8242588f4354339d9cb1ad82622e7c16c55391c9 Mon Sep 17 00:00:00 2001
-From: Jordy Zomer <zome8499@student.alfa-college.nl>
-Date: Sat, 24 Nov 2018 12:47:23 +0100
-Subject: [PATCH 3/3] UPDATE on CVE-2018-19497.
-
-make it >= because if keylen == nodesize - rec_off it's already past it's destination.
-Also fix the sprintf
----
- tsk/fs/hfs.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/tsk/fs/hfs.c b/tsk/fs/hfs.c
-index 4f7c0679a8..bb3819ada9 100644
---- a/tsk/fs/hfs.c
-+++ b/tsk/fs/hfs.c
-@@ -957,11 +957,11 @@ hfs_cat_traverse(HFS_INFO * hfs,
-
- keylen = 2 + tsk_getu16(hfs->fs_info.endian, key->key_len);
-
-- if (keylen > nodesize - rec_off) {
-+ if (keylen >= nodesize - rec_off) {
- tsk_error_set_errno(TSK_ERR_FS_GENFS);
- tsk_error_set_errstr
- ("hfs_cat_traverse: length of key %d in index node %d too large (%d vs %"
-- PRIu16 ")", rec, cur_node, keylen, nodesize - rec_off);
-+ PRIu16 ")", rec, cur_node, keylen, (nodesize - rec_off));
- free(node);
- return 1;
- }
+++ /dev/null
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-JAVA_PKG_BSFIX_NAME="build.xml build-unix.xml"
-inherit autotools java-pkg-opt-2 java-ant-2
-
-DESCRIPTION="A collection of file system and media management forensic analysis tools"
-HOMEPAGE="https://www.sleuthkit.org/sleuthkit/"
-# TODO: sqlite-jdbc does not exist in the tree, we bundle it for now
-# TODO: Upstream uses a very specific version of libewf which is not in
-# the tree anymore. So we statically compile and link to sleuthkit.
-# Hopefully upstream will figure something out in the future.
-SRC_URI="https://github.com/${PN}/${PN}/releases/download/${P}/${P}.tar.gz
- java? ( http://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.8.11/sqlite-jdbc-3.8.11.jar )
- ewf? ( https://dev.gentoo.org/~gokturk/distfiles/app-forensics/libewf/libewf-20130128.tar.gz )"
-
-LICENSE="BSD CPL-1.0 GPL-2+ IBM java? ( Apache-2.0 )"
-SLOT="0/13" # subslot = major soname version
-KEYWORDS="~amd64 ~hppa ~ppc ~x86"
-IUSE="aff doc ewf java static-libs test +threads zlib"
-
-DEPEND="
- dev-db/sqlite:3
- dev-lang/perl:*
- aff? ( app-forensics/afflib )
- ewf? ( sys-libs/zlib )
- java? (
- >=virtual/jdk-1.8:*
- >=dev-java/c3p0-0.9.5:0
- >=dev-java/jdbc-postgresql-9.4:0
- )
- zlib? ( sys-libs/zlib )
-"
-RDEPEND="${DEPEND}
- java? ( >=virtual/jre-1.8:= )
-"
-DEPEND="${DEPEND}
- doc? ( app-doc/doxygen )
- test? ( >=dev-util/cppunit-1.2.1 )
-"
-
-PATCHES=(
- "${FILESDIR}"/${PN}-4.1.0-tools-shared-libs.patch
-)
-
-src_unpack() {
- local f
-
- unpack ${P}.tar.gz
-
- # Ick, the upstream is stuck at libewf-20130128 which is
- # not even in the tree anymore. So we have to bundle it.
- if use ewf; then
- pushd "${T}" &>/dev/null || die
- unpack libewf-20130128.tar.gz
- export TSK_LIBEWF_SRCDIR="${T}"/libewf-20130128
- popd &>/dev/null || die
- fi
-
- # Copy the jar files that don't exist in the tree yet
- if use java; then
- TSK_JAR_DIR="${S}/bindings/java/lib"
- mkdir "${TSK_JAR_DIR}" || die
- for f in ${A}; do
- if [[ ${f} =~ .jar$ ]]; then
- cp "${DISTDIR}"/"${f}" "${TSK_JAR_DIR}" || die
- fi
- done
- export TSK_JAR_DIR
- fi
-}
-
-src_prepare() {
- if use ewf; then
- # Yeah, libewf-20130128 obviously doesn't just nicely compile
- sed -e 's/LIBUNA_INLINE inline/LIBUNA_INLINE/' \
- -i "${TSK_LIBEWF_SRCDIR}"/libuna/libuna_inline.h || die
- fi
-
- if use java; then
- pushd "${S}"/bindings/java &>/dev/null || die
-
- # Prevent "make install" from installing
- # jar files under /usr/share/java
- # We'll use the java eclasses for this
- sed -e '/^jar_DATA/ d;' -i Makefile.am || die
-
- # Disable dependency retrieval using ivy
- # We will handle it ourselves
- sed -e '/name="compile"/ s/, retrieve-deps//' \
- -e '/name="dist-/ s/, init-ivy//g' \
- -i build.xml || die
-
- java-pkg-opt-2_src_prepare
-
- popd &>/dev/null || die
- fi
-
- # Override the doxygen output directories
- if use doc; then
- sed -e "/^OUTPUT_DIRECTORY/ s|=.*$|= ${T}/doc|" \
- -i tsk/docs/Doxyfile \
- -i bindings/java/doxygen/Doxyfile || die
- fi
-
- # It's safe to call this even after java-pkg-opt-2_src_prepare
- # because future calls to eapply_user do nothing and return 0
- default
-
- eautoreconf
-}
-
-tsk_compile_libewf() {
- local myeconfargs=(
- --prefix=/
- --libdir=/lib
- --enable-static
- --disable-shared
- --disable-winapi
- --without-libbfio
- --with-zlib
- --without-bzip2
- --without-libhmac
- --without-openssl
- --without-libuuid
- --without-libfuse
- )
- # We want to contain our build flags
- local CFLAGS="${CFLAGS}"
- local LDFLAGS="${LDFLAGS}"
-
- pushd "${TSK_LIBEWF_SRCDIR}" &>/dev/null || die
-
- # Produce relocatable code
- CFLAGS+=" -fPIC"
- LDFLAGS+=" -fPIC"
- econf "${myeconfargs[@]}"
-
- # Do not waste CPU cycles on building ewftools
- sed -e '/ewftools/ d' -i Makefile || die
- emake
-
- # Only install the headers and the library
- emake -C libewf DESTDIR="${T}"/image install
- emake -C include DESTDIR="${T}"/image install
-
- popd &>/dev/null || die
-}
-
-src_configure() {
- local myeconfargs=(
- $(use_enable java)
- $(use_enable static-libs static)
- $(use_enable threads multithreading)
- $(use_with aff afflib)
- $(use_with ewf libewf)
- $(use_with zlib)
- )
-
- use ewf && tsk_compile_libewf
- myeconfargs+=( $(use_with ewf libewf "${T}"/image) )
-
- if use java; then
- pushd "${S}"/bindings/java &>/dev/null || die
- java-ant-2_src_configure
- popd &>/dev/null || die
- fi
-
- econf "${myeconfargs[@]}"
-}
-
-src_compile() {
- # Create symlinks of jars for the required dependencies
- if use java; then
- pushd "${S}"/bindings/java &>/dev/null || die
-
- java-pkg_jar-from --into "${TSK_JAR_DIR}" c3p0
- java-pkg_jar-from --into "${TSK_JAR_DIR}" jdbc-postgresql
-
- popd &>/dev/null || die
- fi
-
- # Create the doc output dirs if requested
- if use doc; then
- mkdir -p "${T}"/doc/{api-docs,jni-docs} || die
- fi
-
- emake all $(usex doc api-docs "")
-}
-
-src_install() {
- local f
-
- if use java; then
- pushd "${S}"/bindings/java &>/dev/null || die
-
- java-pkg_dojar dist/${P}.jar
-
- # Install the bundled jar files
- pushd "${TSK_JAR_DIR}" &>/dev/null || die
- for f in *; do
- # Skip the symlinks java-pkg_jar-from created
- [[ -f ${f} ]] || continue
-
- # Strip the version numbers as per eclass recommendation
- [[ ${f} =~ -([0-9].)+.jar$ ]] || continue
-
- java-pkg_newjar "${f}" "${f/${BASH_REMATCH[0]}/.jar}"
- done
- popd &>/dev/null || die
-
- popd &>/dev/null || die
- fi
-
- default
-
- # It unconditionally builds both api and jni docs
- # We install conditionally based on the provided use flags
- if use doc; then
- dodoc -r "${T}"/doc/api-docs
- use java && dodoc -r "${T}"/doc/jni-docs
- fi
-
- find "${D}" -name '*.la' -delete || die
-}
+++ /dev/null
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-JAVA_PKG_BSFIX_NAME="build.xml build-unix.xml"
-inherit autotools java-pkg-opt-2 java-ant-2
-
-DESCRIPTION="A collection of file system and media management forensic analysis tools"
-HOMEPAGE="https://www.sleuthkit.org/sleuthkit/"
-# TODO: sqlite-jdbc does not exist in the tree, we bundle it for now
-# TODO: Upstream uses a very specific version of libewf which is not in
-# the tree anymore. So we statically compile and link to sleuthkit.
-# Hopefully upstream will figure something out in the future.
-SRC_URI="https://github.com/${PN}/${PN}/releases/download/${P}/${P}.tar.gz
- java? (
- http://repo1.maven.org/maven2/org/xerial/sqlite-jdbc/3.8.11/sqlite-jdbc-3.8.11.jar
- http://repo1.maven.org/maven2/com/zaxxer/SparseBitSet/1.1/SparseBitSet-1.1.jar
- )
- ewf? ( https://dev.gentoo.org/~gokturk/distfiles/app-forensics/libewf/libewf-20130128.tar.gz )"
-
-LICENSE="BSD CPL-1.0 GPL-2+ IBM java? ( Apache-2.0 )"
-SLOT="0/13" # subslot = major soname version
-KEYWORDS="~amd64 ~hppa ~ppc ~x86"
-IUSE="aff doc ewf java postgres static-libs test +threads zlib"
-
-# Note: It is not possible to move the dep on dev-java/jdbc-postgresql
-# inside a conditional postgres? block because java sources import
-# org.postgres unconditionally as of writing this (version 4.6.4). The
-# postgres USE flag will be used for the TSK postgresql support however.
-DEPEND="
- dev-db/sqlite:3
- dev-lang/perl:*
- aff? ( app-forensics/afflib )
- ewf? ( sys-libs/zlib )
- java? (
- >=virtual/jdk-1.8:*
- >=dev-java/c3p0-0.9.5:0
- >=dev-java/jdbc-postgresql-9.4:0
- )
- postgres? ( dev-db/postgresql:= )
- zlib? ( sys-libs/zlib )
-"
-# TODO: add support for not-in-tree libraries libvhdi and libvmdk
-# libvhdi: https://github.com/libyal/libvhdi
-# libvmdk: https://github.com/libyal/libvmdk
-# DEPEND="${DEPEND}
-# vhdi? ( dev-libs/libvhdi )
-# vmdk? ( dev-libs/libvmdk )
-# "
-
-RDEPEND="${DEPEND}
- java? ( >=virtual/jre-1.8:= )
-"
-DEPEND="${DEPEND}
- doc? ( app-doc/doxygen )
- test? ( >=dev-util/cppunit-1.2.1 )
-"
-
-PATCHES=(
- "${FILESDIR}"/${PN}-4.1.0-tools-shared-libs.patch
- "${FILESDIR}"/${PN}-4.6.4-default-jar-location-fix.patch
- "${FILESDIR}"/${PN}-4.6.4-CVE-2018-19497-backport.patch
-)
-
-src_unpack() {
- local f
-
- unpack ${P}.tar.gz
-
- # Ick, the upstream is stuck at libewf-20130128 which is
- # not even in the tree anymore. So we have to bundle it.
- if use ewf; then
- pushd "${T}" &>/dev/null || die
- unpack libewf-20130128.tar.gz
- export TSK_LIBEWF_SRCDIR="${T}"/libewf-20130128
- popd &>/dev/null || die
- fi
-
- # Copy the jar files that don't exist in the tree yet
- if use java; then
- TSK_JAR_DIR="${T}/lib"
- mkdir "${TSK_JAR_DIR}" || die
- for f in ${A}; do
- if [[ ${f} =~ .jar$ ]]; then
- cp "${DISTDIR}"/"${f}" "${TSK_JAR_DIR}" || die
- fi
- done
- export TSK_JAR_DIR
- fi
-}
-
-tsk_prepare_libewf() {
- # Yeah, libewf-20130128 obviously doesn't just nicely compile
- sed -e 's/LIBUNA_INLINE inline/LIBUNA_INLINE/' \
- -i "${TSK_LIBEWF_SRCDIR}"/libuna/libuna_inline.h || die
-}
-
-src_prepare() {
- use ewf && tsk_prepare_libewf
-
- if use java; then
- pushd "${S}"/bindings/java &>/dev/null || die
-
- # Prevent "make install" from installing
- # jar files under /usr/share/java
- # We'll use the java eclasses for this
- sed -e '/^jar_DATA/ d;' -i Makefile.am || die
-
- java-pkg-opt-2_src_prepare
-
- popd &>/dev/null || die
- fi
-
- # Override the doxygen output directories
- if use doc; then
- sed -e "/^OUTPUT_DIRECTORY/ s|=.*$|= ${T}/doc|" \
- -i tsk/docs/Doxyfile \
- -i bindings/java/doxygen/Doxyfile || die
- fi
-
- # It's safe to call this even after java-pkg-opt-2_src_prepare
- # because future calls to eapply_user do nothing and return 0
- default
-
- eautoreconf
-}
-
-tsk_compile_libewf() {
- local myeconfargs=(
- --prefix=/
- --libdir=/lib
- --enable-static
- --disable-shared
- --disable-winapi
- --without-libbfio
- --with-zlib
- --without-bzip2
- --without-libhmac
- --without-openssl
- --without-libuuid
- --without-libfuse
- )
- # We want to contain our build flags
- local CFLAGS="${CFLAGS}"
- local LDFLAGS="${LDFLAGS}"
-
- pushd "${TSK_LIBEWF_SRCDIR}" &>/dev/null || die
-
- # Produce relocatable code
- CFLAGS+=" -fPIC"
- LDFLAGS+=" -fPIC"
- econf "${myeconfargs[@]}"
-
- # Do not waste CPU cycles on building ewftools
- sed -e '/ewftools/ d' -i Makefile || die
- emake
-
- # Only install the headers and the library
- emake -C libewf DESTDIR="${T}"/image install
- emake -C include DESTDIR="${T}"/image install
- find "${T}"/image -name '*.la' -delete || die
-
- popd &>/dev/null || die
-}
-
-src_configure() {
- local myeconfargs=(
- --enable-offline="${TSK_JAR_DIR}"
- $(use_enable java)
- $(use_enable static-libs static)
- $(use_enable threads multithreading)
- $(use_with aff afflib)
- $(use_with zlib)
- )
- # Workaround the automagic detection of postgresql
- local -x ac_cv_lib_pq_PQlibVersion="$(usex postgres)"
- # TODO: add support for non-existing libraries libvhdi and libvmdk
- # myeconfargs+=(
- # $(use_with vhdi libvhdi)
- # $(use_with vmdk libvmdk)
- # )
- myeconfargs+=(
- --without-libvhdi
- --without-libvmdk
- )
-
- use ewf && tsk_compile_libewf
- myeconfargs+=( $(use_with ewf libewf "${T}"/image) )
-
- if use java; then
- pushd "${S}"/bindings/java &>/dev/null || die
- java-ant-2_src_configure
- popd &>/dev/null || die
- fi
-
- econf "${myeconfargs[@]}"
-}
-
-src_compile() {
- # Give it an existing bogus ivy home #672220
- local -x IVY_HOME="${T}"
-
- # Create symlinks of jars for the required dependencies
- if use java; then
- pushd "${S}"/bindings/java &>/dev/null || die
-
- java-pkg_jar-from --into "${TSK_JAR_DIR}" c3p0
- java-pkg_jar-from --into "${TSK_JAR_DIR}" jdbc-postgresql
-
- popd &>/dev/null || die
- fi
-
- # Create the doc output dirs if requested
- if use doc; then
- mkdir -p "${T}"/doc/{api-docs,jni-docs} || die
- fi
-
- emake all $(usex doc api-docs "")
-}
-
-src_install() {
- local f
-
- if use java; then
- pushd "${S}"/bindings/java &>/dev/null || die
-
- java-pkg_newjar "dist/${P}.jar" "${PN}.jar"
-
- # Install the bundled jar files
- pushd "${TSK_JAR_DIR}" &>/dev/null || die
- for f in *; do
- # Skip the symlinks java-pkg_jar-from created
- [[ -f ${f} ]] || continue
-
- # Strip the version numbers as per eclass recommendation
- [[ ${f} =~ -([0-9]+\.)+jar$ ]] || continue
-
- java-pkg_newjar "${f}" "${f/${BASH_REMATCH[0]}/.jar}"
- done
- popd &>/dev/null || die
-
- popd &>/dev/null || die
- fi
-
- default
-
- # It unconditionally builds both api and jni docs
- # We install conditionally based on the provided use flags
- if use doc; then
- dodoc -r "${T}"/doc/api-docs
- use java && dodoc -r "${T}"/doc/jni-docs
- fi
-
- find "${D}" -name '*.la' -delete || die
-}