Hello community, here is the log from the commit of package expat for openSUSE:Factory checked in at 2011-11-02 11:51:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/expat (Old) and /work/SRC/openSUSE:Factory/.expat.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "expat", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/expat/expat.changes 2011-09-23 01:57:10.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.expat.new/expat.changes 2011-11-02 11:51:46.000000000 +0100 @@ -1,0 +2,7 @@ +Sun Oct 30 22:03:29 UTC 2011 - [email protected] + +- Hide non public symbols reusing existing win32 API export/imports +- annotate malloc/realloc-like functions with attribute alloc_size + to catch possible misuses in calling code. + +------------------------------------------------------------------- New: ---- expat-alloc-size.patch expat-visibility.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ expat.spec ++++++ --- /var/tmp/diff_new_pack.cQRt6A/_old 2011-11-02 11:51:47.000000000 +0100 +++ /var/tmp/diff_new_pack.cQRt6A/_new 2011-11-02 11:51:47.000000000 +0100 @@ -34,6 +34,8 @@ Source2: baselibs.conf Patch0: %{name}-CVE-2009-2625.patch Patch1: %{name}-CVE-2009-3560.patch +Patch2: expat-visibility.patch +Patch3: expat-alloc-size.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: gcc-c++ @@ -126,10 +128,13 @@ %setup -q %patch0 %patch1 +%patch2 +%patch3 cp %{S:1} . rm -f examples/*.dsp %build +autoreconf %configure --disable-static --with-pic --libdir=/%{_lib} make %{?_smp_mflags} @@ -142,6 +147,7 @@ %{__rm} -v %{buildroot}/%{_lib}/lib%{name}.so # remove .la file rm -f $RPM_BUILD_ROOT/%{_lib}/libexpat.la +nm -C -D %{buildroot}/%{_lib}/libexpat.so.1 | wc -l %check make check ++++++ expat-alloc-size.patch ++++++ --- lib/expat.h.orig +++ lib/expat.h @@ -941,9 +941,13 @@ XML_FreeContentModel(XML_Parser parser, /* Exposing the memory handling functions used in Expat */ XMLPARSEAPI(void *) +XML_ATTR_MALLOC +XML_ATTR_ALLOC_SIZE(2) XML_MemMalloc(XML_Parser parser, size_t size); XMLPARSEAPI(void *) +XML_ATTR_MALLOC +XML_ATTR_ALLOC_SIZE(3) XML_MemRealloc(XML_Parser parser, void *ptr, size_t size); XMLPARSEAPI(void) --- lib/expat_external.h.orig +++ lib/expat_external.h @@ -74,6 +74,17 @@ #define XMLIMPORT #endif +#if defined(__GNUC__) && (__GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 96)) +#define XML_ATTR_MALLOC __attribute__((__malloc__)) +#else +#define XML_ATTR_MALLOC +#endif + +#if defined(__GNUC__) && ((__GNUC__ > 4) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3)) +#define XML_ATTR_ALLOC_SIZE(x) __attribute__((__alloc_size__(x))) +#else +#define XML_ATTR_ALLOC_SIZE(x) +#endif #define XMLPARSEAPI(type) XMLIMPORT type XMLCALL ++++++ expat-visibility.patch ++++++ --- /dev/null +++ conftools/visibility.m4 @@ -0,0 +1,77 @@ +# visibility.m4 serial 4 (gettext-0.18.2) +dnl Copyright (C) 2005, 2008, 2010-2011 Free Software Foundation, Inc. +dnl This file is free software; the Free Software Foundation +dnl gives unlimited permission to copy and/or distribute it, +dnl with or without modifications, as long as this notice is preserved. + +dnl From Bruno Haible. + +dnl Tests whether the compiler supports the command-line option +dnl -fvisibility=hidden and the function and variable attributes +dnl __attribute__((__visibility__("hidden"))) and +dnl __attribute__((__visibility__("default"))). +dnl Does *not* test for __visibility__("protected") - which has tricky +dnl semantics (see the 'vismain' test in glibc) and does not exist e.g. on +dnl MacOS X. +dnl Does *not* test for __visibility__("internal") - which has processor +dnl dependent semantics. +dnl Does *not* test for #pragma GCC visibility push(hidden) - which is +dnl "really only recommended for legacy code". +dnl Set the variable CFLAG_VISIBILITY. +dnl Defines and sets the variable HAVE_VISIBILITY. + +AC_DEFUN([gl_VISIBILITY], +[ + AC_REQUIRE([AC_PROG_CC]) + CFLAG_VISIBILITY= + HAVE_VISIBILITY=0 + if test -n "$GCC"; then + dnl First, check whether -Werror can be added to the command line, or + dnl whether it leads to an error because of some other option that the + dnl user has put into $CC $CFLAGS $CPPFLAGS. + AC_MSG_CHECKING([whether the -Werror option is usable]) + AC_CACHE_VAL([gl_cv_cc_vis_werror], [ + gl_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -Werror" + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[]], [[]])], + [gl_cv_cc_vis_werror=yes], + [gl_cv_cc_vis_werror=no]) + CFLAGS="$gl_save_CFLAGS"]) + AC_MSG_RESULT([$gl_cv_cc_vis_werror]) + dnl Now check whether visibility declarations are supported. + AC_MSG_CHECKING([for simple visibility declarations]) + AC_CACHE_VAL([gl_cv_cc_visibility], [ + gl_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fvisibility=hidden" + dnl We use the option -Werror and a function dummyfunc, because on some + dnl platforms (Cygwin 1.7) the use of -fvisibility triggers a warning + dnl "visibility attribute not supported in this configuration; ignored" + dnl at the first function definition in every compilation unit, and we + dnl don't want to use the option in this case. + if test $gl_cv_cc_vis_werror = yes; then + CFLAGS="$CFLAGS -Werror" + fi + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[extern __attribute__((__visibility__("hidden"))) int hiddenvar; + extern __attribute__((__visibility__("default"))) int exportedvar; + extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void); + extern __attribute__((__visibility__("default"))) int exportedfunc (void); + void dummyfunc (void) {} + ]], + [[]])], + [gl_cv_cc_visibility=yes], + [gl_cv_cc_visibility=no]) + CFLAGS="$gl_save_CFLAGS"]) + AC_MSG_RESULT([$gl_cv_cc_visibility]) + if test $gl_cv_cc_visibility = yes; then + CFLAG_VISIBILITY="-fvisibility=hidden" + HAVE_VISIBILITY=1 + fi + fi + AC_SUBST([CFLAG_VISIBILITY]) + AC_SUBST([HAVE_VISIBILITY]) + AC_DEFINE_UNQUOTED([HAVE_VISIBILITY], [$HAVE_VISIBILITY], + [Define to 1 or 0, depending whether the compiler supports simple visibility declarations.]) +]) --- configure.in.orig +++ configure.in @@ -52,17 +52,20 @@ AC_CONFIG_HEADER(expat_config.h) sinclude(conftools/libtool.m4) sinclude(conftools/ac_c_bigendian_cross.m4) - -AC_LIBTOOL_WIN32_DLL -AC_PROG_LIBTOOL +sinclude(conftools/visibility.m4) AC_SUBST(LIBCURRENT) AC_SUBST(LIBREVISION) AC_SUBST(LIBAGE) dnl Checks for programs. -AC_PROG_CC +AC_PROG_CC_STDC +AC_USE_SYSTEM_EXTENSIONS +AC_SYS_LARGEFILE AC_PROG_INSTALL +gl_VISIBILITY +AC_LIBTOOL_WIN32_DLL +AC_PROG_LIBTOOL if test "$GCC" = yes ; then dnl --- lib/expat_external.h.orig +++ lib/expat_external.h @@ -65,6 +65,9 @@ #endif #endif /* not defined XML_STATIC */ +#if HAVE_VISIBILITY +#define XMLIMPORT __attribute__ ((visibility ("default"))) +#endif /* If we didn't define it above, define it away: */ #ifndef XMLIMPORT --- Makefile.in.orig +++ Makefile.in @@ -110,11 +110,11 @@ CPPFLAGS = @CPPFLAGS@ -DHAVE_EXPAT_CONFI CFLAGS = @CFLAGS@ CXXFLAGS = @CXXFLAGS@ VSNFLAG = -version-info @LIBCURRENT@:@LIBREVISION@:@LIBAGE@ - +CFLAG_VISIBILITY = @CFLAG_VISIBILITY@ ### autoconf this? LTFLAGS = --silent -COMPILE = $(CC) $(INCLUDES) $(CFLAGS) $(DEFS) $(CPPFLAGS) +COMPILE = $(CC) $(CFLAG_VISIBILITY) $(INCLUDES) $(CFLAGS) $(DEFS) $(CPPFLAGS) CXXCOMPILE = $(CXX) $(INCLUDES) $(CXXFLAGS) $(DEFS) $(CPPFLAGS) LTCOMPILE = $(LIBTOOL) $(LTFLAGS) --mode=compile $(COMPILE) LINK_LIB = $(LIBTOOL) $(LTFLAGS) --mode=link $(COMPILE) -no-undefined $(VSNFLAG) -rpath $(libdir) $(LDFLAGS) -o $@ -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
