dev-cpp/yaml-cpp: Fix CVE-2017-11692

Bug: https://bugs.gentoo.org/626662
Thanks-to: sam_c (Security Padawan) <sam@cmpct.info>
Package-Manager: Portage-2.3.94, Repoman-2.3.21
Signed-off-by: Johannes Huber <johu@gentoo.org>

2 files changed, 92 insertions, 0 deletions

diff --git a/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.3-CVE-2017-11692.patch b/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.3-CVE-2017-11692.patch
new file mode 100644
index 000000000000..fd7a7198c1c6
--- /dev/null
+++ b/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.3-CVE-2017-11692.patch
@@ -0,0 +1,44 @@
+From c9460110e072df84b7dee3eb651f2ec5df75fb18 Mon Sep 17 00:00:00 2001
+From: Jesse Beder <jbeder@gmail.com>
+Date: Mon, 20 Jan 2020 18:05:15 -0600
+Subject: [PATCH] Fix reading empty token stack with a node with properties but
+ no scalar.
+
+E.g. `!2`.
+---
+ src/singledocparser.cpp             | 6 ++++++
+ test/integration/load_node_test.cpp | 5 +++++
+ 2 files changed, 11 insertions(+)
+
+diff --git a/src/singledocparser.cpp b/src/singledocparser.cpp
+index 52544dd6..47e9e047 100644
+--- a/src/singledocparser.cpp
++++ b/src/singledocparser.cpp
+@@ -79,6 +79,12 @@ void SingleDocParser::HandleNode(EventHandler& eventHandler) {
+   if (!anchor_name.empty())
+     eventHandler.OnAnchor(mark, anchor_name);
+ 
++  // after parsing properties, an empty node is again a possibility
++  if (m_scanner.empty()) {
++    eventHandler.OnNull(mark, anchor);
++    return;
++  }
++
+   const Token& token = m_scanner.peek();
+ 
+   if (token.type == Token::PLAIN_SCALAR && IsNullString(token.value)) {
+diff --git a/test/integration/load_node_test.cpp b/test/integration/load_node_test.cpp
+index 4f4f28e8..0e0dd6bc 100644
+--- a/test/integration/load_node_test.cpp
++++ b/test/integration/load_node_test.cpp
+@@ -257,5 +257,10 @@ TEST(NodeTest, LoadTagWithParenthesis) {
+     EXPECT_EQ(node.as<std::string>(), "foo");
+ }
+ 
++TEST(NodeTest, LoadTagWithNullScalar) {
++  Node node = Load("!2");
++  EXPECT_TRUE(node.IsNull());
++}
++
+ }  // namespace
+ }  // namespace YAML
diff --git a/dev-cpp/yaml-cpp/yaml-cpp-0.6.3-r2.ebuild b/dev-cpp/yaml-cpp/yaml-cpp-0.6.3-r2.ebuild
new file mode 100644
index 000000000000..db3c4f6dd2db
--- /dev/null
+++ b/dev-cpp/yaml-cpp/yaml-cpp-0.6.3-r2.ebuild
@@ -0,0 +1,48 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+CMAKE_ECLASS="cmake"
+inherit cmake-multilib
+
+DESCRIPTION="YAML parser and emitter in C++"
+HOMEPAGE="https://github.com/jbeder/yaml-cpp"
+SRC_URI="https://github.com/jbeder/${PN}/archive/${P}.tar.gz"
+
+LICENSE="MIT"
+SLOT="0/0.6"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="test"
+
+# test breaks build
+# RESTRICT="!test? ( test )"
+RESTRICT+="test"
+
+DEPEND="test? ( dev-cpp/gtest )"
+
+S="${WORKDIR}/${PN}-${P}"
+
+PATCHES=(
+	"${FILESDIR}/${P}-abi-breakage.patch"
+	"${FILESDIR}/${P}-CVE-2017-11692.patch"
+)
+
+src_prepare() {
+	sed -i \
+		-e 's:INCLUDE_INSTALL_ROOT_DIR:INCLUDE_INSTALL_DIR:g' \
+		yaml-cpp.pc.cmake || die
+
+	cmake_src_prepare
+}
+
+src_configure() {
+	local mycmakeargs=(
+		-DBUILD_SHARED_LIBS=ON
+		-DYAML_BUILD_SHARED_LIBS=ON
+		-DYAML_CPP_BUILD_TOOLS=OFF # Don't have install rule
+		-DYAML_CPP_BUILD_TESTS=$(usex test)
+	)
+
+	cmake-multilib_src_configure
+}