diff options
Diffstat (limited to 'graphics/blender/blender-2.61-CVE-2009-3850.patch')
-rw-r--r-- | graphics/blender/blender-2.61-CVE-2009-3850.patch | 152 |
1 files changed, 152 insertions, 0 deletions
diff --git a/graphics/blender/blender-2.61-CVE-2009-3850.patch b/graphics/blender/blender-2.61-CVE-2009-3850.patch new file mode 100644 index 0000000000..06011bc6d3 --- /dev/null +++ b/graphics/blender/blender-2.61-CVE-2009-3850.patch @@ -0,0 +1,152 @@ +diff -ur blender-orig/source/blender/blenkernel/intern/blender.c blender-mod/source/blender/blenkernel/intern/blender.c +--- blender-orig/source/blender/blenkernel/intern/blender.c 2011-12-15 17:30:08.668883213 -0600 ++++ blender-mod/source/blender/blenkernel/intern/blender.c 2011-12-15 17:47:04.626925437 -0600 +@@ -144,6 +144,7 @@ + G.f |= G_SCRIPT_AUTOEXEC; + #else + G.f &= ~G_SCRIPT_AUTOEXEC; ++ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */ + #endif + } + +Only in blender-mod/source/blender/blenkernel/intern: blender.c.orig +diff -ur blender-orig/source/blender/makesrna/intern/rna_userdef.c blender-mod/source/blender/makesrna/intern/rna_userdef.c +--- blender-orig/source/blender/makesrna/intern/rna_userdef.c 2011-12-15 17:30:08.246883195 -0600 ++++ blender-mod/source/blender/makesrna/intern/rna_userdef.c 2011-12-15 17:47:04.626925437 -0600 +@@ -114,9 +114,17 @@ + + static void rna_userdef_script_autoexec_update(Main *UNUSED(bmain), Scene *UNUSED(scene), PointerRNA *ptr) + { +- UserDef *userdef = (UserDef*)ptr->data; +- if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC; +- else G.f |= G_SCRIPT_AUTOEXEC; ++ if ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) { ++ /* Blender run with --enable-autoexec */ ++ UserDef *userdef = (UserDef*)ptr->data; ++ if (userdef->flag & USER_SCRIPT_AUTOEXEC_DISABLE) G.f &= ~G_SCRIPT_AUTOEXEC; ++ else G.f |= G_SCRIPT_AUTOEXEC; ++ } ++} ++ ++static int rna_userdef_script_autoexec_editable(Main *bmain, Scene *scene, PointerRNA *ptr) { ++ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */ ++ return !(G.f & G_SCRIPT_OVERRIDE_PREF); + } + + static void rna_userdef_mipmap_update(Main *bmain, Scene *scene, PointerRNA *ptr) +@@ -2729,6 +2737,8 @@ + "Allow any .blend file to run scripts automatically " + "(unsafe with blend files from an untrusted source)"); + RNA_def_property_update(prop, 0, "rna_userdef_script_autoexec_update"); ++ /* Disable "Auto Run Python Scripts" checkbox unless Blender run with --enable-autoexec */ ++ RNA_def_property_editable_func(prop, "rna_userdef_script_autoexec_editable"); + + prop= RNA_def_property(srna, "use_tabs_as_spaces", PROP_BOOLEAN, PROP_NONE); + RNA_def_property_boolean_negative_sdna(prop, NULL, "flag", USER_TXT_TABSTOSPACES_DISABLE); +Only in blender-mod/source/blender/makesrna/intern: rna_userdef.c.orig +diff -ur blender-orig/source/blender/windowmanager/intern/wm_files.c blender-mod/source/blender/windowmanager/intern/wm_files.c +--- blender-orig/source/blender/windowmanager/intern/wm_files.c 2011-12-15 17:30:08.275883196 -0600 ++++ blender-mod/source/blender/windowmanager/intern/wm_files.c 2011-12-15 17:49:09.061930590 -0600 +@@ -286,13 +286,18 @@ + + /* set the python auto-execute setting from user prefs */ + /* enabled by default, unless explicitly enabled in the command line which overrides */ +- if((G.f & G_SCRIPT_OVERRIDE_PREF) == 0) { ++ if (! G.background && ((G.f & G_SCRIPT_OVERRIDE_PREF) == 0)) { ++ /* Blender run with --enable-autoexec */ + if ((U.flag & USER_SCRIPT_AUTOEXEC_DISABLE) == 0) G.f |= G_SCRIPT_AUTOEXEC; + else G.f &= ~G_SCRIPT_AUTOEXEC; + } + + /* update tempdir from user preferences */ + BLI_init_temporary_dir(U.tempdir); ++ ++ /* Workaround to fix default of "Auto Run Python Scripts" checkbox */ ++ if ((G.f & G_SCRIPT_OVERRIDE_PREF) && !(G.f & G_SCRIPT_AUTOEXEC)) ++ U.flag |= USER_SCRIPT_AUTOEXEC_DISABLE; + } + + +Only in blender-mod/source/blender/windowmanager/intern: wm_files.c.orig +Only in blender-mod/source/blender/windowmanager/intern: wm_files.c.rej +diff -ur blender-orig/source/blender/windowmanager/intern/wm_operators.c blender-mod/source/blender/windowmanager/intern/wm_operators.c +--- blender-orig/source/blender/windowmanager/intern/wm_operators.c 2011-12-15 17:30:08.275883196 -0600 ++++ blender-mod/source/blender/windowmanager/intern/wm_operators.c 2011-12-15 17:47:04.627925429 -0600 +@@ -1601,12 +1601,13 @@ + G.fileflags &= ~G_FILE_NO_UI; + else + G.fileflags |= G_FILE_NO_UI; +- +- if(RNA_boolean_get(op->ptr, "use_scripts")) ++ ++ /* Restrict "Trusted Source" mode to Blender in --enable-autoexec mode */ ++ if(RNA_boolean_get(op->ptr, "use_scripts") && (!(G.f & G_SCRIPT_OVERRIDE_PREF))) + G.f |= G_SCRIPT_AUTOEXEC; + else + G.f &= ~G_SCRIPT_AUTOEXEC; +- ++ + // XXX wm in context is not set correctly after WM_read_file -> crash + // do it before for now, but is this correct with multiple windows? + WM_event_add_notifier(C, NC_WINDOW, NULL); +@@ -1618,6 +1619,8 @@ + + static void WM_OT_open_mainfile(wmOperatorType *ot) + { ++ PropertyRNA * use_scripts_checkbox = NULL; ++ + ot->name= "Open Blender File"; + ot->idname= "WM_OT_open_mainfile"; + ot->description="Open a Blender file"; +@@ -1629,7 +1632,12 @@ + WM_operator_properties_filesel(ot, FOLDERFILE|BLENDERFILE, FILE_BLENDER, FILE_OPENFILE, WM_FILESEL_FILEPATH); + + RNA_def_boolean(ot->srna, "load_ui", 1, "Load UI", "Load user interface setup in the .blend file"); +- RNA_def_boolean(ot->srna, "use_scripts", 1, "Trusted Source", "Allow blend file execute scripts automatically, default available from system preferences"); ++ use_scripts_checkbox = RNA_def_boolean(ot->srna, "use_scripts", ++ !!(G.f & G_SCRIPT_AUTOEXEC), "Trusted Source", ++ "Allow blend file execute scripts automatically, default available from system preferences"); ++ /* Disable "Trusted Source" checkbox unless Blender run with --enable-autoexec */ ++ if (use_scripts_checkbox && (G.f & G_SCRIPT_OVERRIDE_PREF)) ++ RNA_def_property_clear_flag(use_scripts_checkbox, PROP_EDITABLE); + } + + /* **************** link/append *************** */ +Only in blender-mod/source/blender/windowmanager/intern: wm_operators.c.orig +diff -ur blender-orig/source/creator/creator.c blender-mod/source/creator/creator.c +--- blender-orig/source/creator/creator.c 2011-12-15 17:30:08.076883188 -0600 ++++ blender-mod/source/creator/creator.c 2011-12-15 17:47:04.628925424 -0600 +@@ -262,6 +262,7 @@ + + printf("\n"); + ++ BLI_argsPrintArgDoc(ba, "-666"); + BLI_argsPrintArgDoc(ba, "--enable-autoexec"); + BLI_argsPrintArgDoc(ba, "--disable-autoexec"); + +@@ -330,14 +331,14 @@ + static int enable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data)) + { + G.f |= G_SCRIPT_AUTOEXEC; +- G.f |= G_SCRIPT_OVERRIDE_PREF; ++ G.f &= ~G_SCRIPT_OVERRIDE_PREF; /* Enables turning G_SCRIPT_AUTOEXEC off from user prefs */ + return 0; + } + + static int disable_python(int UNUSED(argc), const char **UNUSED(argv), void *UNUSED(data)) + { + G.f &= ~G_SCRIPT_AUTOEXEC; +- G.f |= G_SCRIPT_OVERRIDE_PREF; ++ G.f |= G_SCRIPT_OVERRIDE_PREF; /* Disables turning G_SCRIPT_AUTOEXEC on from user prefs */ + return 0; + } + +@@ -1042,6 +1043,7 @@ + # define PY_DISABLE_AUTO ", (compiled as non-standard default)" + #endif + ++ BLI_argsAdd(ba, 1, NULL, "-666", "\n\tEnable automatic python script execution (port from CVE-2009-3850 patch to Blender 2.60a)" PY_ENABLE_AUTO, enable_python, NULL); + BLI_argsAdd(ba, 1, "-y", "--enable-autoexec", "\n\tEnable automatic python script execution" PY_ENABLE_AUTO, enable_python, NULL); + BLI_argsAdd(ba, 1, "-Y", "--disable-autoexec", "\n\tDisable automatic python script execution (pydrivers, pyconstraints, pynodes)" PY_DISABLE_AUTO, disable_python, NULL); + +Only in blender-mod/source/creator: creator.c.orig |