Date: Wednesday, August 1, 2018 @ 12:51:12 Author: foutrelis Revision: 330250
Add build fix from Fedora Added: frozen-bubble/trunk/fix-buffer-size-when-formatting-current-date.patch Modified: frozen-bubble/trunk/PKGBUILD ----------------------------------------------------+ PKGBUILD | 11 ++- fix-buffer-size-when-formatting-current-date.patch | 69 +++++++++++++++++++ 2 files changed, 79 insertions(+), 1 deletion(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2018-08-01 12:35:46 UTC (rev 330249) +++ PKGBUILD 2018-08-01 12:51:12 UTC (rev 330250) @@ -14,11 +14,20 @@ depends=(perl-sdl perl-ipc-system-simple perl-compress-bzip2 perl-file-which) makedepends=(perl-file-slurp perl-locale-maketext-lexicon perl-module-build) options=('!emptydirs') -source=(http://www.frozen-bubble.org/data/$pkgname-$_pkgver.tar.bz2 \ +source=(http://www.frozen-bubble.org/data/$pkgname-$_pkgver.tar.bz2 + fix-buffer-size-when-formatting-current-date.patch frozen-bubble.desktop) md5sums=('825cc23ed806838b9d86de9982a5687a' + '8b189952734ca0c6e94b0959994e54d1' '01b10b77ba6ad856f5c199121c582272') +prepare() { + cd "$srcdir/$pkgname-$_pkgver" + + # https://bugzilla.redhat.com/show_bug.cgi?id=1541359 + patch -Np1 -i ../fix-buffer-size-when-formatting-current-date.patch +} + build() { cd "$srcdir/$pkgname-$_pkgver" unset CFLAGS Added: fix-buffer-size-when-formatting-current-date.patch =================================================================== --- fix-buffer-size-when-formatting-current-date.patch (rev 0) +++ fix-buffer-size-when-formatting-current-date.patch 2018-08-01 12:51:12 UTC (rev 330250) @@ -0,0 +1,69 @@ +From aa2ce32185b4477e659ed7c70d09c440610ef67b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppi...@redhat.com> +Date: Fri, 2 Feb 2018 12:44:15 +0100 +Subject: [PATCH] Fix buffer size when formatting current date +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +gcc-8 and glibc-2.26.9000 reports this error: + +server/log.c:64:54: error: '%03d' directive output may be truncated writing between 3 and 11 bytes into a region of size between 0 and 49 [-Werror=format-truncation=] + snprintf(current_date, sizeof(current_date), "%s.%03d", buf, (int)(1000 * (time-seconds))); + ^~~~ + +This patch fixes two mistakes in the get_current_date() function: + +First strftime() can fail and then buf content is undefined. The patch +makes sure the buf content is properly null-termited. + +Second if strftime() uses up the the whole buf array, no space will be +left for appending miliseconds to current_date value in the subsequent +snprintf() call. The patch increases current_data size so that things +will always fit. + +In reality, all this should not matter because sane strftime() will +return fixed-lenght string. But for all the cases and for sake of the +compiler check this patch should be applied. + +Signed-off-by: Petr Písař <ppi...@redhat.com> +--- + server/log.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/server/log.c b/server/log.c +index 2fe7b7c..f696752 100644 +--- a/server/log.c ++++ b/server/log.c +@@ -52,15 +52,17 @@ double get_current_time_exact(void) + return (double) now.tv_sec + now.tv_usec / 1e6; // bad bad idea to use float as precision is not down to the seconds then + } + +-char current_date[50]; ++char current_date[70]; + char* get_current_date(void) + { + struct tm * lt; + char buf[50]; + double time = get_current_time_exact(); + time_t seconds = (time_t)time; ++ size_t length; + lt = localtime(&seconds); +- strftime(buf, sizeof(buf), "%Y-%m-%d %H:%M:%S", lt); ++ length = strftime(buf, sizeof(buf), "%Y-%m-%d %H:%M:%S", lt); ++ buf[length] = '\0'; + snprintf(current_date, sizeof(current_date), "%s.%03d", buf, (int)(1000 * (time-seconds))); + return current_date; + } +diff -up frozen-bubble-2.2.1-beta1/server/log.h~ frozen-bubble-2.2.1-beta1/server/log.h +--- frozen-bubble-2.2.1-beta1/server/log.h~ 2010-08-07 15:36:27.000000000 +0200 ++++ frozen-bubble-2.2.1-beta1/server/log.h 2018-02-08 14:09:52.472451694 +0100 +@@ -23,7 +23,7 @@ + time_t get_current_time(void); + double get_current_time_exact(void); + +-extern char current_date[50]; ++extern char current_date[70]; + char* get_current_date(void); + + enum output_types { OUTPUT_TYPE_DEBUG, OUTPUT_TYPE_CONNECT, OUTPUT_TYPE_INFO, OUTPUT_TYPE_ERROR };