contrast-agent 3.8.4

data/ext/cs__contrast_patch/cs__contrast_patch.h

@@ -0,0 +1,196 @@
+#include <ruby.h>
+
+typedef enum {
+  IMPL_ALIAS_INSTANCE,
+  IMPL_ALIAS_SINGLETON,
+  IMPL_PREPEND
+} patch_impl;
+
+/* Calls to Contrast modules */
+/* Contrast::Agent::Patching::Policy::PatchStatus */
+static VALUE patch_status;
+/* Contrast::Agent::Assess::PreShift */
+static VALUE preshift_class;
+/* Symbol constants used throughout */
+static VALUE rb_sym_brackets;
+static VALUE rb_sym_build_preshift;
+
+static VALUE rb_sym_contrast_apply_post_patch;
+static VALUE rb_sym_contrast_apply_pre_patch;
+
+static VALUE rb_sym_custom_patch;
+static VALUE rb_sym_cs_to_s;
+
+static VALUE rb_sym_in_request_context;
+
+static VALUE rb_sym_build_method_name;
+static VALUE rb_sym_info_for;
+static VALUE rb_sym_propagation_node;
+static VALUE rb_sym_set_info_for;
+static VALUE rb_sym_private_method;
+static VALUE rb_sym_method_name;
+static VALUE rb_sym_alias_method;
+static VALUE rb_sym_public;
+static VALUE rb_sym_private;
+static VALUE rb_sym_instance_method;
+static VALUE rb_sym_cs_singleton_class;
+
+/**
+ * Build the preshift object - a snapshot of the object and parameters before
+ * they're transformed by the method being patched. This is required for
+ * proper taint creation in propagation events.
+ *
+ * method_policy - method_policy for the patched method; :MethodPolicy
+ * object - the object on which the method is invoked; Object
+ * argc - the number of params passed to the call of the patched method; C int
+ * params - the params passed to the call of the patched method; C Array
+ *
+ * return - :PreShift or nil if no snapshot is required
+ */
+VALUE build_preshift(const VALUE method_policy, const VALUE object,
+                     const int argc, const VALUE *params);
+
+/**
+ * Call the original function. Because we have to use the rb_rescue method, the
+ * args all have to be passed in as a C array.
+ *
+ * args[0] - the object on which the method is invoked; Object
+ * args[1] - the name of the method to be invoked, aliased by Contrast during
+ *           patching; cs__ format Symbol
+ * args[2] - the number of params to be used when the method is invoked; C int
+ * args[3] - the params to be used when the method is invoked; C Array or NULL
+ *
+ * return -  the return value of the original function; Object, nil, or
+ * Exception
+ */
+VALUE contrast_patch_call_original(const VALUE *args);
+
+/**
+ * Call the contrast patching function responsible for tracking, propagating,
+ * and triggering.
+ *
+ * method_policy -  method policy for the patched method; :MethodPolicy
+ * object -         the object on which the method was invoked; Object
+ * argc -           the number of params used when the method was invoked; C int
+ * params -         the params used when the method was invoked; C Array or NULL
+ * exception -      any exceptions raised that this patch has to account for
+ * return -         the value with which to replace the original functions
+ * return, allowing us to track frozen sources, or nil
+ */
+VALUE contrast_call_pre_patch(const VALUE method_policy, const VALUE method,
+                              const VALUE object, const int count,
+                              const VALUE *params, const VALUE exception);
+
+/**
+ * Call the contrast patching function responsible for tracking, propagating,
+ * and triggering.
+ *
+ * method_policy -  method_policy for the patched method; :MethodPolicy
+ * preshift - a capture of the state before the method was invoked; :PreShift
+ * object -   the object on which the method was invoked; Object
+ * ret -      the return of the method that was invoked; Object or nil
+ * argc -     the number of params used when the method was invoked; C int
+ * params -   the params used when the method was invoked; C Array or NULL
+ *
+ * return -   the value with which to replace the original functions return,
+ *            allowing us to track frozen sources, or nil
+ */
+VALUE contrast_call_post_patch(const VALUE method_policy, const VALUE preshift,
+                               const VALUE object, const VALUE ret,
+                               const int count, const VALUE *params);
+
+/**
+ * Call our Contrast rescue block for the original function. If the call to
+ * the original function results in exception, we still need to do our Contrast
+ * things.  An example is triggering for a SecurityException, i.e. if a command
+ * is poorly formatted doesn't mean it isn't still a command injection.
+ *
+ * args[0] - the object on which the method was invoked; Object
+ * args[1] - the name of the method invoked; Symbol
+ * args[2] - the number of params used when the method was invoked; C int
+ * args[3] - the params used when the method was invoked; C Array or NULL
+ * args[4] - method_policy for the patched method; :MethodPolicy
+ * args[5] - a capture of the state before the method was invoked; :PreShift
+ *
+ */
+VALUE contrast_patch_call_rescue(const VALUE *args);
+
+/**
+ * Call super() with an rb_rescue-compatible function signature.
+ *
+ * args[0] - argc, as native int.
+ * args[1] - *argv, of size argc.
+ *
+ * */
+VALUE contrast_call_super(const VALUE *args);
+
+/*
+ * Build the 'proc' to call in place of the original method
+ * 1) Pull the things needed from Policy
+ * 2) Capture state
+ * 3) Do Contrast things
+ * 4) Invoke the original method
+ * 5) Do more Contrast things
+ *
+ * argc   - the number of args used in this invocation of the method; C int
+ * argv   - the args used in this invocation of the method; C Array
+ * impl   - what patch implementation is being used
+ * object - the object on which this invocation of the method occurs; Object
+ *
+ * return - the result of the original function, or as close to it as we can
+ *          get. Should be the same value, but not guaranteed to be the same
+ *          instance (specifically for frozen sources)
+ */
+VALUE contrast_patch_dispatch(const int argc, const VALUE *argv,
+                              const patch_impl impl,
+                              const VALUE object);
+
+VALUE contrast_alias_instance_patch(const int argc, const VALUE *argv,
+                                    const VALUE object);
+
+VALUE contrast_alias_singleton_patch(const int argc, const VALUE *argv,
+                                     const VALUE object);
+
+
+VALUE contrast_prepend_patch(const int argc, const VALUE *argv,
+                             const VALUE object);
+
+/*
+ * Patches a module's method by prepend:
+ * - creates a Contrast module under the namespace of the original module
+ * - defines a shim method on the Contrast module
+ * - prepends the Contrast module to the original module
+ * After this, calling the original method results in calling our shim
+ * method instead.  Our shim method can call super() to achieve original
+ * behavior.
+ *
+ * Example:
+ *   Prepending Foo#bar results in:
+ *   - creating Foo::ContrastPrepend
+ *   - defining shim method Foo::ContrastPrepend#bar
+ *   - prepending Foo with Foo::ContrastPrepend
+ *
+ * originalModule - Module; the actual Module being prepended
+ * methodPolicy - :MethodPolicy; the method policy that apply to the method being redefined
+ *
+ * return - Boolean; if the prepend occurred or not
+ */
+VALUE contrast_patch_prepend(const VALUE self,
+                             const VALUE originalModule,
+                             const VALUE methodPolicy);
+
+/*
+ * Call this to redefine the given function such that it can be invoked with
+ * Contrast assess tracking.
+ *
+ * self - Patcher C - Ruby magic binding thing
+ * clazz - the class that owns the method being redefined; Module or Class
+ * method_policy - the method policy that apply to the method being redefined;
+ * :MethodPolicy
+ * cs_method - the name to which the method is being redefined; Symbol
+ */
+VALUE contrast_patch_define_method(const VALUE self, const VALUE clazz,
+                                   const VALUE methodPolicy,
+                                   const VALUE cs_method);
+
+void Init_cs__contrast_patch(void);

data/ext/cs__contrast_patch/extconf.rb

@@ -0,0 +1,2 @@
+$TO_MAKE = File.basename(__dir__)
+require_relative '../extconf_common'

data/ext/cs__protect_kernel/cs__protect_kernel.c

@@ -0,0 +1,37 @@
+/* Copyright (c) 2020 Contrast Security, Inc.  See
+ * https://www.contrastsecurity.com/enduser-terms-0317a for more details. */
+
+#include "cs__protect_kernel.h"
+#include "../cs__common/cs__common.h"
+#include <ruby.h>
+
+static VALUE contrast_protect_fork(const int argc, const VALUE *argv,
+                                   const VALUE self) {
+    VALUE ret;
+    if (rb_block_given_p()) {
+        VALUE wrapper;
+        wrapper =
+            rb_funcall_with_block(rb_mKernel, rb_sym_protect_kernel_wrapper, 0,
+                                  NULL, rb_block_proc());
+        ret = rb_funcall_with_block(self, rb_sym_protect_kernel_fork, argc,
+                                    argv, wrapper);
+    } else {
+        ret = rb_funcall2(self, rb_sym_protect_kernel_fork, argc, argv);
+    }
+    return ret;
+}
+
+void Init_cs__protect_kernel(void) {
+
+    rb_sym_protect_kernel_fork = rb_intern("cs__protect_kernel_fork");
+    rb_sym_protect_kernel_wrapper = rb_intern("cs__protect_build_wrapper");
+
+    VALUE singleton = rb_singleton_class(rb_mKernel);
+    contrast_alias_method(rb_mKernel, "cs__protect_kernel_fork", "fork");
+    contrast_alias_method(singleton, "cs__protect_kernel_fork", "fork");
+    rb_define_module_function(rb_mKernel, "fork", contrast_protect_fork, -1);
+    // Kernel#fork, as opposed to Kernel.fork, is private. Restore that.
+    rb_funcall(rb_mKernel, rb_intern("public"), 1,
+               ID2SYM(rb_intern("cs__protect_kernel_fork")));
+    rb_funcall(rb_mKernel, rb_intern("private"), 1, ID2SYM(rb_intern("fork")));
+}

data/ext/cs__protect_kernel/cs__protect_kernel.h

@@ -0,0 +1,11 @@
+#include <ruby.h>
+
+extern VALUE rb_vm_top_self(void);
+
+static VALUE rb_sym_protect_kernel_fork;
+static VALUE rb_sym_protect_kernel_wrapper;
+
+static VALUE
+contrast_protect_fork(const int argc, const VALUE *argv, const VALUE self);
+
+void Init_cs__protect_kernel(void);

data/ext/cs__protect_kernel/extconf.rb

@@ -0,0 +1,2 @@
+$TO_MAKE = File.basename(__dir__)
+require_relative '../extconf_common'

data/ext/cs__scope/cs__scope.c

@@ -0,0 +1,96 @@
+/* Copyright (c) 2020 Contrast Security, Inc.  See
+ * https://www.contrastsecurity.com/enduser-terms-0317a for more details. */
+
+#include "cs__scope.h"
+#include <ruby.h>
+
+VALUE in_given_scope(const VALUE object, const char *scope) {
+    VALUE level;
+    level = rb_iv_get(object, scope);
+    if (NUM2INT(level) > 0) {
+        return Qtrue;
+    }
+    return Qfalse;
+}
+
+void enter_given_scope(const VALUE object, const char *scope) {
+    int level = NUM2INT(rb_iv_get(object, scope));
+    rb_iv_set(object, scope, INT2NUM(level + 1));
+}
+
+void exit_given_scope(const VALUE object, const char *scope) {
+    int level = NUM2INT(rb_iv_get(object, scope));
+    rb_iv_set(object, scope, INT2NUM(level - 1));
+}
+
+VALUE in_contrast_scope(const VALUE self) {
+    return in_given_scope(self, ivar_contrast_scope);
+}
+
+VALUE enter_contrast_scope(const VALUE self) {
+    enter_given_scope(self, ivar_contrast_scope);
+    return Qnil;
+}
+
+VALUE exit_contrast_scope(const VALUE self) {
+    exit_given_scope(self, ivar_contrast_scope);
+    return Qnil;
+}
+
+VALUE run_in_scope(const VALUE self) {
+    enter_contrast_scope(self);
+    rb_ensure(rb_yield, Qundef, exit_contrast_scope, self);
+    return Qnil;
+}
+
+VALUE enter_scope_for(const VALUE self, const VALUE scope_symbol) {
+    enter_contrast_scope(self);
+
+    return Qnil;
+}
+
+VALUE exit_scope_for(const VALUE self, const VALUE scope_symbol) {
+    exit_contrast_scope(self);
+
+    return Qnil;
+}
+
+VALUE initialize(const VALUE self) {
+    rb_iv_set(self, ivar_contrast_scope, rbzero);
+
+    return self;
+}
+
+VALUE deep_clone(const VALUE self) {
+    VALUE new_scope = rb_funcall(scope_class, rb_sym_new, 0);
+    rb_iv_set(new_scope, ivar_contrast_scope,
+              rb_iv_get(self, ivar_contrast_scope));
+    return new_scope;
+}
+
+void Init_cs__scope(void) {
+    rb_sym_new = rb_intern("new");
+    VALUE contrast = rb_define_module("Contrast");
+    VALUE agent = rb_define_module_under(contrast, "Agent");
+    scope_class = rb_define_class_under(agent, "Scope", rb_cObject);
+    rb_define_method(scope_class, "initialize", initialize, 0);
+
+    ivar_contrast_scope = "@contrast_scope";
+
+    rb_define_const(scope_class, "CONTRAST_SCOPE",
+                    ID2SYM(rb_intern("contrast")));
+    CONTRAST_SCOPE = rb_const_get(scope_class, rb_intern("CONTRAST_SCOPE"));
+
+    rb_define_method(scope_class, "in_contrast_scope?", in_contrast_scope, 0);
+
+    rb_define_method(scope_class, "enter_contrast_scope", enter_contrast_scope,
+                     0);
+    rb_define_method(scope_class, "exit_contrast_scope", exit_contrast_scope,
+                     0);
+
+    rb_define_method(scope_class, "run_in_scope", run_in_scope, 0);
+    rb_define_method(scope_class, "enter_scope_for", enter_scope_for, 1);
+    rb_define_method(scope_class, "exit_scope_for", exit_scope_for, 1);
+
+    rb_define_method(scope_class, "deep_clone", deep_clone, 0);
+}

data/ext/cs__scope/cs__scope.h

@@ -0,0 +1,33 @@
+#include <ruby.h>
+
+VALUE rbzero = INT2NUM(0);
+VALUE scope_class;
+VALUE rb_sym_new;
+
+const char *ivar_contrast_scope;
+
+VALUE CONTRAST_SCOPE;
+
+VALUE in_given_scope(const VALUE object, const char *scope);
+
+void enter_given_scope(const VALUE object, const char *scope);
+
+void exit_given_scope(const VALUE object, const char *scope);
+
+VALUE in_contrast_scope(const VALUE self);
+
+VALUE enter_contrast_scope(const VALUE self);
+
+VALUE exit_contrast_scope(const VALUE self);
+
+VALUE run_in_scope(const VALUE self);
+
+VALUE enter_scope_for(const VALUE self, const VALUE scope_symbol);
+
+VALUE exit_scope_for(const VALUE self, const VALUE scope_symbol);
+
+VALUE initialize(const VALUE self);
+
+VALUE deep_clone(const VALUE self);
+
+void Init_cs__scope(void);

data/ext/cs__scope/extconf.rb

@@ -0,0 +1,2 @@
+$TO_MAKE = File.basename(__dir__)
+require_relative '../extconf_common'

data/ext/extconf_common.rb

@@ -0,0 +1,49 @@
+# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+require 'mkmf'
+
+require_relative '../lib/contrast/agent/version'
+
+def name
+  $TO_MAKE
+end
+
+def make!
+  create_makefile "#{name}/#{name}"
+end
+
+def ext_path
+  # __dir__ is relative to the file you're reading.
+  # this file you're reading is presently within $APP_ROOT/ext/.
+  __dir__
+end
+
+def rpath_root
+  if (darwin = !(/darwin/ =~ RUBY_PLATFORM).nil?)
+    "@loader_path"
+  else
+    "\\$${ORIGIN}"
+  end
+end
+
+def funchook_rpath!
+  options = " -Wl,-rpath,#{rpath_root}/../../shared_libraries"
+  raise unless try_link('int main() {return 0;}', options)
+  $LDFLAGS << options
+  $LDFLAGS << " -L#{__dir__}/../shared_libraries"
+
+  find_header('funchook.h', ext_path)
+  have_header('funchook.h')
+
+  find_library('funchook', 'funchook_create', "../shared_libraries")
+  find_library('funchook', 'funchook_install')
+  find_library('funchook', 'funchook_prepare')
+  have_library('funchook', 'funchook_create')
+  have_library('funchook', 'funchook_install')
+  have_library('funchook', 'funchook_prepare')
+end
+
+require_relative './build_funchook'
+
+# default make pathway, here for convenience
+funchook_rpath!
+make!

data/funchook/LICENSE

@@ -0,0 +1,360 @@
+Funchook is distributed under the terms of the GNU General Public
+License version 2 or later with the following clarification and
+special exception.
+
+Linking this library statically or dynamically with other modules is
+making a combined work based on this library. Thus, the terms and
+conditions of the GNU General Public License cover the whole
+combination.
+
+As a special exception, the copyright holders of this library give you
+permission to link this library with independent modules to produce an
+executable, regardless of the license terms of these independent
+modules, and to copy and distribute the resulting executable under
+terms of your choice, provided that you also meet, for each linked
+independent module, the terms and conditions of the license of that
+module. An independent module is a module which is not derived from or
+based on this library. If you modify this library, you must extend this
+exception to your version of the library.
+
+=====================================================================
+
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+                            NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.