# Buildsheet autogenerated by ravenadm tool -- Do not edit.

NAMEBASE=		libtomcrypt
VERSION=		1.18.2
REVISION=		2
KEYWORDS=		security
VARIANTS=		std
SDESC[std]=		Comprehensive, portable cryptographic toolkit
HOMEPAGE=		https://www.libtom.net/LibTomCrypt/
CONTACT=		nobody

DOWNLOAD_GROUPS=	main
SITES[main]=		https://github.com/libtom/libtomcrypt/releases/download/v1.18.2/
DISTFILE[1]=		crypt-1.18.2.tar.xz:main
DF_INDEX=		1
SPKGS[std]=		set
			primary
			dev

OPTIONS_AVAILABLE=	none
OPTIONS_STANDARD=	none

BUILD_DEPENDS=		libtommath:dev:std
BUILDRUN_DEPENDS=	libtommath:primary:std

USES=			cpe gmake libtool:build

LICENSE=		PUBDOM:primary
LICENSE_FILE=		PUBDOM:{{WRKSRC}}/LICENSE
LICENSE_SCHEME=		solo

CPE_VENDOR=		libtom
FPC_EQUIVALENT=		security/libtomcrypt

BUILD_TARGET=		library
MAKEFILE=		makefile.shared
MAKE_ARGS=		INCPATH="{{PREFIX}}/include"
			LIBPATH="{{PREFIX}}/lib"
			EXTRALIBS="-ltommath"

SOVERSION=		1.0.1

CFLAGS=			-DLTM_DESC
CVE_FIXED=		CVE-2019-17362

post-patch:
	${REINPLACE_CMD} -e 's|gcc|${CC}|' -e 's| make | $$(MAKE) |' \
		-e 's|-g $$(GROUP)||' -e 's|-o $$(USER)||' \
		${WRKSRC}/makefile.shared ${WRKSRC}/makefile_include.mk

post-install:
	${STRIP_CMD} ${STAGEDIR}${PREFIX}/lib/libtomcrypt.so

[FILE:220:descriptions/desc.primary]
LibTomCrypt is a portable ANSI C cryptographic library that supports
symmetric ciphers, one-way hashes, pseudo-random number generators,
public key cryptography (via RSA,DH or ECC/DH) and a plethora of support
routines.


[FILE:98:distinfo]
96ad4c3b8336050993c5bc2cf6c057484f2b0f9f763448151567fbab5e767b84      2638064 crypt-1.18.2.tar.xz


[FILE:63:manifests/plist.primary]
lib/
 libtomcrypt.so.%%SOMAJOR%%
 libtomcrypt.so.%%SOVERSION%%


[FILE:294:manifests/plist.dev]
include/
 tomcrypt.h
 tomcrypt_argchk.h
 tomcrypt_cfg.h
 tomcrypt_cipher.h
 tomcrypt_custom.h
 tomcrypt_hash.h
 tomcrypt_mac.h
 tomcrypt_macros.h
 tomcrypt_math.h
 tomcrypt_misc.h
 tomcrypt_pk.h
 tomcrypt_pkcs.h
 tomcrypt_prng.h
lib/
 libtomcrypt.a
 libtomcrypt.so
lib/pkgconfig/libtomcrypt.pc


[FILE:731:patches/patch-fix-CVE-2019-17362]
From 25c26a3b7a9ad8192ccc923e15cf62bf0108ef94 Mon Sep 17 00:00:00 2001
From: werew <werew@ret2libc.com>
Date: Thu, 3 Oct 2019 19:57:10 +0200
Subject: [PATCH] Fixes #507

---
 src/pk/asn1/der/utf8/der_decode_utf8_string.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- src/pk/asn1/der/utf8/der_decode_utf8_string.c
+++ src/pk/asn1/der/utf8/der_decode_utf8_string.c
@@ -65,7 +65,7 @@ int der_decode_utf8_string(const unsigned char *in,  unsigned long inlen,
       /* count number of bytes */
       for (z = 0; (tmp & 0x80) && (z <= 4); z++, tmp = (tmp << 1) & 0xFF);
 
-      if (z > 4 || (x + (z - 1) > inlen)) {
+      if (z == 1 || z > 4 || (x + (z - 1) > inlen)) {
          return CRYPT_INVALID_PACKET;
       }