summaryrefslogtreecommitdiffstats
path: root/graphics/blender/blender-2.61-CVE-2009-3850.patch
diff options
context:
space:
mode:
Diffstat (limited to 'graphics/blender/blender-2.61-CVE-2009-3850.patch')
-rw-r--r--graphics/blender/blender-2.61-CVE-2009-3850.patch152
1 files changed, 152 insertions, 0 deletions
diff --git a/graphics/blender/blender-2.61-CVE-2009-3850.patch b/graphics/blender/blender-2.61-CVE-2009-3850.patch
new file mode 100644
index 0000000000..06011bc6d3
--- /dev/null
+++ b/graphics/blender/blender-2.61-CVE-2009-3850.patch
@@ -0,0 +1,152 @@
+diff -ur blender-orig/source/blender/blenkernel/intern/blender.c blender-mod/source/blender/blenkernel/intern/blender.c
+--- blender-orig/source/blender/blenkernel/intern/blender.c 2011-12-15 17:30:08.668883213 -0600
++++ blender-mod/source/blender/blenkernel/intern/blender.c 2011-12-15 17:47:04.626925437 -0600
+@@ -144,6 +144,7 @@
+ G.f |= G_SCRIPT_AUTOEXEC;
+ #else
+ G.f &= ~G_SCRIPT_AUTOEXEC;
++ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */
+ #endif
+ }
+
+Only in blender-mod/source/blender/blenkernel/intern: blender.c.orig
+diff -ur blender-orig/source/blender/makesrna/intern/rna_userdef.c blender-mod/source/blender/makesrna/intern/rna_userdef.c
+--- blender-orig/source/blender/makesrna/intern/rna_userdef.c 2011-12-15 17:30:08.246883195 -0600
++++ blender-mod/source/blender/makesrna/intern/rna_userdef.c 2011-12-15 17:47:04.626925437 -0600
+@@ -114,9 +114,17 @@
+
+ static void rna_userdef_script_autoexec_update(Main *UNUSED(bmain), Scene *UNUSED(scene), PointerRNA *ptr)
+ {
+- UserDef *userdef = (UserDef*)ptr->data;
+- if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC;
+- else G.f |= G_SCRIPT_AUTOEXEC;
++ if ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) {
++ /* Blender run with --enable-autoexec */
++ UserDef *userdef = (UserDef*)ptr->data;
++ if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC;
++ else G.f |= G_SCRIPT_AUTOEXEC;
++ }
++}
++
++static int rna_userdef_script_autoexec_editable(Main *bmain, Scene *scene, PointerRNA *ptr) {
++ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */
++ return !(G.f & G_SCRIPT_OVERRIDE_PREF);
+ }
+
+ static void rna_userdef_mipmap_update(Main *bmain, Scene *scene, PointerRNA *ptr)
+@@ -2729,6 +2737,8 @@
+ "Allow any .blend file to run scripts automatically "
+ "(unsafe with blend files from an untrusted source)");
+ RNA_def_property_update(prop, 0, "rna_userdef_script_autoexec_update");
++ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */
++ RNA_def_property_editable_func(prop, "rna_userdef_script_autoexec_editable");
+
+ prop= RNA_def_property(srna, "use_tabs_as_spaces", PROP_BOOLEAN, PROP_NONE);
+ RNA_def_property_boolean_negative_sdna(prop, NULL, "flag", USER_TXT_TABSTOSPACES_DISABLE);
+Only in blender-mod/source/blender/makesrna/intern: rna_userdef.c.orig
+diff -ur blender-orig/source/blender/windowmanager/intern/wm_files.c blender-mod/source/blender/windowmanager/intern/wm_files.c
+--- blender-orig/source/blender/windowmanager/intern/wm_files.c 2011-12-15 17:30:08.275883196 -0600
++++ blender-mod/source/blender/windowmanager/intern/wm_files.c 2011-12-15 17:49:09.061930590 -0600
+@@ -286,13 +286,18 @@
+
+ /* set the python auto-execute setting from user prefs */
+ /* enabled by default, unless explicitly enabled in the command line which overrides */
+- if((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) {
++ if (! G.background && ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0)) {
++ /* Blender run with --enable-autoexec */
+ if ((U.flag & USER_SCRIPT_AUTOEXEC_DISABLE) == 0) G.f |= G_SCRIPT_AUTOEXEC;
+ else G.f &= ~G_SCRIPT_AUTOEXEC;
+ }
+
+ /* update tempdir from user preferences */
+ BLI_init_temporary_dir(U.tempdir);
++
++ /* Workaround to fix default of "Auto Run Python Scripts" checkbox */
++ if ((G.f & G_SCRIPT_OVERRIDE_PREF) && !(G.f & G_SCRIPT_AUTOEXEC))
++ U.flag |= USER_SCRIPT_AUTOEXEC_DISABLE;
+ }
+
+
+Only in blender-mod/source/blender/windowmanager/intern: wm_files.c.orig
+Only in blender-mod/source/blender/windowmanager/intern: wm_files.c.rej
+diff -ur blender-orig/source/blender/windowmanager/intern/wm_operators.c blender-mod/source/blender/windowmanager/intern/wm_operators.c
+--- blender-orig/source/blender/windowmanager/intern/wm_operators.c 2011-12-15 17:30:08.275883196 -0600
++++ blender-mod/source/blender/windowmanager/intern/wm_operators.c 2011-12-15 17:47:04.627925429 -0600
+@@ -1601,12 +1601,13 @@
+ G.fileflags &= ~G_FILE_NO_UI;
+ else
+ G.fileflags |= G_FILE_NO_UI;
+-
+- if(RNA_boolean_get(op->ptr, "use_scripts"))
++
++ /* Restrict "Trusted Source" mode to Blender in --enable-autoexec mode */
++ if(RNA_boolean_get(op->ptr, "use_scripts") && (!(G.f & G_SCRIPT_OVERRIDE_PREF)))
+ G.f |= G_SCRIPT_AUTOEXEC;
+ else
+ G.f &= ~G_SCRIPT_AUTOEXEC;
+-
++
+ // XXX wm in context is not set correctly after WM_read_file -> crash
+ // do it before for now, but is this correct with multiple windows?
+ WM_event_add_notifier(C, NC_WINDOW, NULL);
+@@ -1618,6 +1619,8 @@
+
+ static void WM_OT_open_mainfile(wmOperatorType *ot)
+ {
++ PropertyRNA * use_scripts_checkbox = NULL;
++
+ ot->name= "Open Blender File";
+ ot->idname= "WM_OT_open_mainfile";
+ ot->description="Open a Blender file";
+@@ -1629,7 +1632,12 @@
+ WM_operator_properties_filesel(ot, FOLDERFILE|BLENDERFILE, FILE_BLENDER, FILE_OPENFILE, WM_FILESEL_FILEPATH);
+
+ RNA_def_boolean(ot->srna, "load_ui", 1, "Load UI", "Load user interface setup in the .blend file");
+- RNA_def_boolean(ot->srna, "use_scripts", 1, "Trusted Source", "Allow blend file execute scripts automatically, default available from system preferences");
++ use_scripts_checkbox = RNA_def_boolean(ot->srna, "use_scripts",
++ !!(G.f & G_SCRIPT_AUTOEXEC), "Trusted Source",
++ "Allow blend file execute scripts automatically, default available from system preferences");
++ /* Disable "Trusted Source" checkbox unless Blender run with --enable-autoexec */
++ if (use_scripts_checkbox && (G.f & G_SCRIPT_OVERRIDE_PREF))
++ RNA_def_property_clear_flag(use_scripts_checkbox, PROP_EDITABLE);
+ }
+
+ /* **************** link/append *************** */
+Only in blender-mod/source/blender/windowmanager/intern: wm_operators.c.orig
+diff -ur blender-orig/source/creator/creator.c blender-mod/source/creator/creator.c
+--- blender-orig/source/creator/creator.c 2011-12-15 17:30:08.076883188 -0600
++++ blender-mod/source/creator/creator.c 2011-12-15 17:47:04.628925424 -0600
+@@ -262,6 +262,7 @@
+
+ printf("\n");
+
++ BLI_argsPrintArgDoc(ba, "-666");
+ BLI_argsPrintArgDoc(ba, "--enable-autoexec");
+ BLI_argsPrintArgDoc(ba, "--disable-autoexec");
+
+@@ -330,14 +331,14 @@
+ static int enable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data))
+ {
+ G.f |= G_SCRIPT_AUTOEXEC;
+- G.f |= G_SCRIPT_OVERRIDE_PREF;
++ G.f &= ~G_SCRIPT_OVERRIDE_PREF; /* Enables turning G_SCRIPT_AUTOEXEC off from user prefs */
+ return 0;
+ }
+
+ static int disable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data))
+ {
+ G.f &= ~G_SCRIPT_AUTOEXEC;
+- G.f |= G_SCRIPT_OVERRIDE_PREF;
++ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */
+ return 0;
+ }
+
+@@ -1042,6 +1043,7 @@
+ # define PY_DISABLE_AUTO ", (compiled as non-standard default)"
+ #endif
+
++ BLI_argsAdd(ba, 1, NULL, "-666", "\n\tEnable automatic python script execution (port from CVE-2009-3850 patch to Blender 2.60a)" PY_ENABLE_AUTO, enable_python, NULL);
+ BLI_argsAdd(ba, 1, "-y", "--enable-autoexec", "\n\tEnable automatic python script execution" PY_ENABLE_AUTO, enable_python, NULL);
+ BLI_argsAdd(ba, 1, "-Y", "--disable-autoexec", "\n\tDisable automatic python script execution (pydrivers, pyconstraints, pynodes)" PY_DISABLE_AUTO, disable_python, NULL);
+
+Only in blender-mod/source/creator: creator.c.orig
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-24 00:15:42 +0000