Date: Sunday, August 19, 2018 @ 13:09:43 Author: ronald Revision: 332659
archrelease: copy trunk to testing-x86_64 Added: bzip2/repos/testing-x86_64/ bzip2/repos/testing-x86_64/PKGBUILD (from rev 332658, bzip2/trunk/PKGBUILD) bzip2/repos/testing-x86_64/bzip2-1.0.4-bzip2recover.patch (from rev 332658, bzip2/trunk/bzip2-1.0.4-bzip2recover.patch) --------------------------------+ PKGBUILD | 68 +++++++++++++++++++++++++++++++++++++++ bzip2-1.0.4-bzip2recover.patch | 12 ++++++ 2 files changed, 80 insertions(+) Copied: bzip2/repos/testing-x86_64/PKGBUILD (from rev 332658, bzip2/trunk/PKGBUILD) =================================================================== --- testing-x86_64/PKGBUILD (rev 0) +++ testing-x86_64/PKGBUILD 2018-08-19 13:09:43 UTC (rev 332659) @@ -0,0 +1,68 @@ +# $Id$ +# Maintainer: Ronald van Haren <ronald.archlinux.org> +# Contributor: Judd <jvi...@zeroflux.org> + +pkgname=bzip2 +pkgver=1.0.6 +pkgrel=8 +pkgdesc="A high-quality data compression program" +arch=('x86_64') +license=('custom') +url="http://sources.redhat.com/bzip2" +groups=('base') +depends=('glibc' 'sh') +source=(https://sources.archlinux.org/other/packages/bzip2/bzip2-$pkgver.tar.gz + bzip2-1.0.4-bzip2recover.patch + fix-heap-use-after-free-bzip2recover.patch::https://gitweb.gentoo.org/repo/gentoo.git/plain/app-arch/bzip2/files/bzip2-1.0.6-CVE-2016-3189.patch) +sha256sums=('a2848f34fcd5d6cf47def00461fcb528a0484d8edef8208d6d2e2909dc61d9cd' + '0585fb92a4b409404147a3f940ed2ca03b3eaed1ec4fb68ae6ad74db668bea83' + 'e8792b2c7943486ab35893ffd9e638bbf2edbcab4f9f7b87544519bb3564af41') + +build() { + cd "$srcdir/$pkgname-$pkgver" + + # add large-file support + sed -e 's/^CFLAGS=\(.*\)$/CFLAGS=\1 \$(BIGFILES)/' -i ./Makefile-libbz2_so + + # use our optimization + sed -i "s|-O2|${CFLAGS}|g" Makefile + sed -i "s|-O2|${CFLAGS}|g" Makefile-libbz2_so + + patch -Np1 < ../bzip2-1.0.4-bzip2recover.patch + # CVE-2016-3189 + patch -Np1 -i "${srcdir}/fix-heap-use-after-free-bzip2recover.patch" + + make -f Makefile-libbz2_so + make bzip2 bzip2recover +} + +check() { + cd "$srcdir/$pkgname-$pkgver" + make test +} + +package() { + cd "$srcdir/$pkgname-$pkgver" + + install -dm755 $pkgdir/usr/{bin,lib,include,share/man/man1} + + install -m755 bzip2-shared $pkgdir/usr/bin/bzip2 + install -m755 bzip2recover bzdiff bzgrep bzmore $pkgdir/usr/bin + ln -sf bzip2 $pkgdir/usr/bin/bunzip2 + ln -sf bzip2 $pkgdir/usr/bin/bzcat + + install -m755 libbz2.so.1.0.6 $pkgdir/usr/lib + ln -s libbz2.so.1.0.6 $pkgdir/usr/lib/libbz2.so + ln -s libbz2.so.1.0.6 $pkgdir/usr/lib/libbz2.so.1 + ln -s libbz2.so.1.0.6 $pkgdir/usr/lib/libbz2.so.1.0 + + install -m644 bzlib.h $pkgdir/usr/include/ + + install -m644 bzip2.1 $pkgdir/usr/share/man/man1/ + ln -sf bzip2.1 $pkgdir/usr/share/man/man1/bunzip2.1 + ln -sf bzip2.1 $pkgdir/usr/share/man/man1/bzcat.1 + ln -sf bzip2.1 $pkgdir/usr/share/man/man1/bzip2recover.1 + + install -Dm644 $srcdir/${pkgname}-${pkgver}/LICENSE \ + $pkgdir/usr/share/licenses/${pkgname}/LICENSE +} Copied: bzip2/repos/testing-x86_64/bzip2-1.0.4-bzip2recover.patch (from rev 332658, bzip2/trunk/bzip2-1.0.4-bzip2recover.patch) =================================================================== --- testing-x86_64/bzip2-1.0.4-bzip2recover.patch (rev 0) +++ testing-x86_64/bzip2-1.0.4-bzip2recover.patch 2018-08-19 13:09:43 UTC (rev 332659) @@ -0,0 +1,12 @@ +--- bzip2-1.0.4/bzip2recover.c.pom 2007-01-03 03:00:55.000000000 +0100 ++++ bzip2-1.0.4/bzip2recover.c 2007-02-05 11:55:17.000000000 +0100 +@@ -309,7 +309,8 @@ + UInt32 buffHi, buffLo, blockCRC; + Char* p; + +- strcpy ( progName, argv[0] ); ++ strncpy ( progName, argv[0], BZ_MAX_FILENAME-1); ++ progName[BZ_MAX_FILENAME-1]='\0'; + inFileName[0] = outFileName[0] = 0; + + fprintf ( stderr,