Date: Friday, January 7, 2011 @ 08:58:42 Author: stephane Revision: 105198
upgpkg: gdbm 1.8.3-8 Tidy up PKGBUILD, Rebuild of old package, Use fcntl instead of flock for locking to make nfs safe, Prevent gdbm from storing uninitialized memory content to db files Added: gdbm/trunk/gdbm-1.8.3-zeroheaders.patch Modified: gdbm/trunk/PKGBUILD ------------------------------+ PKGBUILD | 39 +++++++++++++++++++++++++++--------- gdbm-1.8.3-zeroheaders.patch | 44 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 74 insertions(+), 9 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2011-01-07 13:51:23 UTC (rev 105197) +++ PKGBUILD 2011-01-07 13:58:42 UTC (rev 105198) @@ -4,30 +4,51 @@ pkgname=gdbm pkgver=1.8.3 -pkgrel=7 +pkgrel=8 pkgdesc="GNU database library" url="http://www.gnu.org/software/gdbm/gdbm.html"; license=('GPL') arch=('i686' 'x86_64') depends=('glibc' 'sh') -source=(ftp://ftp.gnu.org/gnu/gdbm/$pkgname-$pkgver.tar.gz - gdbm-1.8.3-fhs.patch) +source=(ftp://ftp.gnu.org/gnu/gdbm/${pkgname}-${pkgver}.tar.gz + gdbm-1.8.3-zeroheaders.patch + gdbm-1.8.3-fhs.patch) options=('!libtool' '!makeflags') install=gdbm.install md5sums=('1d1b1d5c0245b1c00aff92da751e9aa1' + 'a2ed344be9258775bd718074cf2e4ec6' '66a7c235416c136dc89efc7d03352514') build() { - cd $srcdir/$pkgname-$pkgver - patch -Np1 -i $srcdir/gdbm-1.8.3-fhs.patch - + cd "${srcdir}/${pkgname}-${pkgver}" + + # Prevent gdbm from storing uninitialized memory content + # to database files. This patch improves security, as the + # uninitialized memory might contain sensitive informations + # from other applications. + # https://bugzilla.redhat.com/show_bug.cgi?id=4457 + # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208927 + patch -Np1 -i ../gdbm-1.8.3-zeroheaders.patch + + # Make gdbm buildable. + patch -Np1 -i ../gdbm-1.8.3-fhs.patch + libtoolize --force --copy aclocal - autoconf - + autoconf + ./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info - make prefix=/usr || return 1 + # flock does not work on nfs, we use fcntl instead + # https://bugzilla.redhat.com/show_bug.cgi?id=477300 + echo "/* We use fcntl locking (POSIX) instead of flock (BSD) */" >> autoconf.h + echo "#undef HAVE_FLOCK" >> autoconf.h + + make prefix=/usr +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" make prefix=$pkgdir/usr \ manprefix=$pkgdir/usr/share/man \ man3dir=$pkgdir/usr/share/man/man3 \ Added: gdbm-1.8.3-zeroheaders.patch =================================================================== --- gdbm-1.8.3-zeroheaders.patch (rev 0) +++ gdbm-1.8.3-zeroheaders.patch 2011-01-07 13:58:42 UTC (rev 105198) @@ -0,0 +1,44 @@ +02_zero-headers.patch by Jeff Johnson <[email protected]> and Colin Watson <[email protected]> + +diff -urNad a/falloc.c b/falloc.c +--- a/falloc.c 2001-02-28 06:52:33.000000000 +0000 ++++ b/falloc.c 2003-09-08 23:58:43.000000000 +0100 +@@ -272,7 +272,7 @@ + + + /* Split the header block. */ +- temp = (avail_block *) malloc (av_size); ++ temp = (avail_block *) calloc (1, av_size); + if (temp == NULL) _gdbm_fatal (dbf, "malloc error"); + /* Set the size to be correct AFTER the pop_avail_block. */ + temp->size = dbf->header->avail.size; +diff -urNad a/gdbmopen.c b/gdbmopen.c +--- a/gdbmopen.c 2003-09-08 23:58:01.000000000 +0100 ++++ b/gdbmopen.c 2003-09-08 23:58:43.000000000 +0100 +@@ -212,7 +212,7 @@ + file_block_size = block_size; + + /* Get space for the file header. */ +- dbf->header = (gdbm_file_header *) malloc (file_block_size); ++ dbf->header = (gdbm_file_header *) calloc (1, file_block_size); + if (dbf->header == NULL) + { + gdbm_close (dbf); +@@ -256,7 +256,7 @@ + (dbf->header->block_size - sizeof (hash_bucket)) + / sizeof (bucket_element) + 1; + dbf->header->bucket_size = dbf->header->block_size; +- dbf->bucket = (hash_bucket *) malloc (dbf->header->bucket_size); ++ dbf->bucket = (hash_bucket *) calloc (1, dbf->header->bucket_size); + if (dbf->bucket == NULL) + { + gdbm_close (dbf); +@@ -420,7 +420,7 @@ + for(index = 0; index < size; index++) + { + (dbf->bucket_cache[index]).ca_bucket +- = (hash_bucket *) malloc (dbf->header->bucket_size); ++ = (hash_bucket *) calloc (1, dbf->header->bucket_size); + if ((dbf->bucket_cache[index]).ca_bucket == NULL) + { + gdbm_errno = GDBM_MALLOC_ERROR;
