Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package editorconfig-core-c for
openSUSE:Factory checked in at 2024-04-16 20:02:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/editorconfig-core-c (Old)
and /work/SRC/openSUSE:Factory/.editorconfig-core-c.new.26366 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "editorconfig-core-c"
Tue Apr 16 20:02:53 2024 rev:11 rq:1167676 version:0.12.7
Changes:
--------
--- /work/SRC/openSUSE:Factory/editorconfig-core-c/editorconfig-core-c.changes
2023-05-04 17:09:31.371995508 +0200
+++
/work/SRC/openSUSE:Factory/.editorconfig-core-c.new.26366/editorconfig-core-c.changes
2024-04-16 20:03:10.170962000 +0200
@@ -1,0 +2,9 @@
+Sun Apr 14 07:34:33 UTC 2024 - Andreas Stieger <[email protected]>
+
+- update to 0.12.7:
+ * Fix pointer overflow in STRING_CAT
+ * Fix a few more stack buffer overflows
+- drop HTML docs and editorconfig-core-c-0.12.1-install_paths.patch
+- drop editorconfig-core-c-0.12.1-no_timestamp.patch, upstream
+
+-------------------------------------------------------------------
Old:
----
editorconfig-core-c-0.12.1-install_paths.patch
editorconfig-core-c-0.12.1-no_timestamp.patch
editorconfig-core-c-0.12.6.tar.gz
New:
----
editorconfig-core-c-0.12.7.tar.gz
BETA DEBUG BEGIN:
Old: * Fix a few more stack buffer overflows
- drop HTML docs and editorconfig-core-c-0.12.1-install_paths.patch
- drop editorconfig-core-c-0.12.1-no_timestamp.patch, upstream
Old:- drop HTML docs and editorconfig-core-c-0.12.1-install_paths.patch
- drop editorconfig-core-c-0.12.1-no_timestamp.patch, upstream
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ editorconfig-core-c.spec ++++++
--- /var/tmp/diff_new_pack.byITcS/_old 2024-04-16 20:03:11.627015523 +0200
+++ /var/tmp/diff_new_pack.byITcS/_new 2024-04-16 20:03:11.631015670 +0200
@@ -2,6 +2,7 @@
# spec file for package editorconfig-core-c
#
# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 Andreas Stieger <[email protected]>
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +18,7 @@
Name: editorconfig-core-c
-Version: 0.12.6
+Version: 0.12.7
Release: 0
Summary: EditorConfig core library written in C
License: BSD-2-Clause AND BSD-3-Clause
@@ -25,8 +26,6 @@
URL: https://editorconfig.org/
Source:
https://github.com/editorconfig/editorconfig-core-c/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
Source99: baselibs.conf
-Patch0: editorconfig-core-c-0.12.1-install_paths.patch
-Patch1: editorconfig-core-c-0.12.1-no_timestamp.patch
BuildRequires: cmake >= 3.5.1
BuildRequires: doxygen
BuildRequires: pkgconfig
@@ -87,15 +86,17 @@
%build
%cmake \
-DLIB_SUFFIX=%{_lib} \
- -DINSTALL_HTML_DOC=ON
+ %{nil}
%make_build
%install
%cmake_install
find %{buildroot}/%{_libdir} -type f -name "*.a" -print -delete
-%post -n libeditorconfig0 -p /sbin/ldconfig
-%postun -n libeditorconfig0 -p /sbin/ldconfig
+%check
+%ctest
+
+%ldconfig_scriptlets -n libeditorconfig0
%files -n editorconfig
%license LICENSE
@@ -110,7 +111,6 @@
%files -n libeditorconfig-devel
%license LICENSE
%doc CONTRIBUTORS README.md
-%{_docdir}/libeditorconfig-devel
%{_includedir}/editorconfig
%{_libdir}/libeditorconfig.so
%{_mandir}/man3/editorconfig*
++++++ editorconfig-core-c-0.12.6.tar.gz -> editorconfig-core-c-0.12.7.tar.gz
++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/editorconfig-core-c-0.12.6/.github/workflows/CI_build.yml
new/editorconfig-core-c-0.12.7/.github/workflows/CI_build.yml
--- old/editorconfig-core-c-0.12.6/.github/workflows/CI_build.yml
2023-01-19 09:40:53.000000000 +0100
+++ new/editorconfig-core-c-0.12.7/.github/workflows/CI_build.yml
2024-03-30 18:46:28.000000000 +0100
@@ -14,7 +14,7 @@
build_vsver: [17]
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
submodules: recursive
@@ -44,7 +44,7 @@
build_platform: ["Unix Makefiles"]
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
submodules: recursive
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/editorconfig-core-c-0.12.6/CHANGELOG
new/editorconfig-core-c-0.12.7/CHANGELOG
--- old/editorconfig-core-c-0.12.6/CHANGELOG 2023-01-19 09:40:53.000000000
+0100
+++ new/editorconfig-core-c-0.12.7/CHANGELOG 2024-03-30 18:46:28.000000000
+0100
@@ -1,4 +1,21 @@
-- Fix cross compiling for Windows
+v0.12.7
+
+- Fix pointer overflow in STRING_CAT.
+- Fix a few more stack buffer overflows.
+- Add license for FindPcre2 from LuaDist.
+- Document and CI fixes.
+
+v0.12.6
+
+- Update property key, value length limits per spec change.
+- Fix potential buffer overflow in ec_glob.
+- CI fixes.
+- Fix paths in pkg-config file with absolute CMAKE_INSTALL_*.
+- Fix cross compiling for Windows.
+
+v0.12.5
+
+- Fix memory leak in editorconfig_parse() which would occur if no
.editorconfig is found.
v0.12.4
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/editorconfig-core-c-0.12.6/CMakeLists.txt
new/editorconfig-core-c-0.12.7/CMakeLists.txt
--- old/editorconfig-core-c-0.12.6/CMakeLists.txt 2023-01-19
09:40:53.000000000 +0100
+++ new/editorconfig-core-c-0.12.7/CMakeLists.txt 2024-03-30
18:46:28.000000000 +0100
@@ -29,7 +29,7 @@
cmake_minimum_required(VERSION 3.5.1)
cmake_policy(VERSION 3.5.1)
-project(editorconfig VERSION "0.12.6" LANGUAGES C)
+project(editorconfig VERSION "0.12.7" LANGUAGES C)
set(PROJECT_VERSION_SUFFIX "")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/editorconfig-core-c-0.12.6/LICENSE
new/editorconfig-core-c-0.12.7/LICENSE
--- old/editorconfig-core-c-0.12.6/LICENSE 2023-01-19 09:40:53.000000000
+0100
+++ new/editorconfig-core-c-0.12.7/LICENSE 2024-03-30 18:46:28.000000000
+0100
@@ -28,3 +28,43 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
POSSIBILITY OF SUCH DAMAGE.
+
+
+Third Party
+===========
+
+CMake_Modules/FindPCRE2.cmake
+
+LuaDist License
+---------------
+
+LuaDist is licensed under the terms of the MIT license reproduced below.
+This means that LuaDist is free software and can be used for both academic
+and commercial purposes at absolutely no cost.
+
+Modules and Lua bindings contained in "dist" packages have their
+individual copyright.
+
+===============================================================================
+
+Copyright (C) 2007-2010 LuaDist.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+
+===============================================================================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/editorconfig-core-c-0.12.6/build.ps1
new/editorconfig-core-c-0.12.7/build.ps1
--- old/editorconfig-core-c-0.12.6/build.ps1 2023-01-19 09:40:53.000000000
+0100
+++ new/editorconfig-core-c-0.12.7/build.ps1 2024-03-30 18:46:28.000000000
+0100
@@ -48,8 +48,8 @@
}
if ($proj -eq "all"){
- .\build.ps1 -proj pcre2 -init:$init -install:$install -arch $arch -config
$config -static $static
- .\build.ps1 -proj core -init:$init -install:$install -arch $arch -config
$config -static $static
+ .\build.ps1 -proj pcre2 -init:$init -install:$install -vsver $vsver -arch
$arch -config $config -static $static
+ .\build.ps1 -proj core -init:$init -install:$install -vsver $vsver -arch
$arch -config $config -static $static
return
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/editorconfig-core-c-0.12.6/doc/CMakeLists.txt
new/editorconfig-core-c-0.12.7/doc/CMakeLists.txt
--- old/editorconfig-core-c-0.12.6/doc/CMakeLists.txt 2023-01-19
09:40:53.000000000 +0100
+++ new/editorconfig-core-c-0.12.7/doc/CMakeLists.txt 2024-03-30
18:46:28.000000000 +0100
@@ -125,7 +125,7 @@
if(INSTALL_HTML_DOC)
install(DIRECTORY "${CMAKE_CURRENT_BINARY_DIR}/html"
- DESTINATION "${CMAKE_INSTALL_DATAROOTDIR}/doc/editorconfig")
+ DESTINATION "${CMAKE_INSTALL_DOCDIR}")
endif(INSTALL_HTML_DOC)
else(DOXYGEN_FOUND)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/editorconfig-core-c-0.12.6/doc/Doxyfile.in
new/editorconfig-core-c-0.12.7/doc/Doxyfile.in
--- old/editorconfig-core-c-0.12.6/doc/Doxyfile.in 2023-01-19
09:40:53.000000000 +0100
+++ new/editorconfig-core-c-0.12.7/doc/Doxyfile.in 2024-03-30
18:46:28.000000000 +0100
@@ -1279,7 +1279,7 @@
# The default value is: NO.
# This tag requires that the tag GENERATE_HTML is set to YES.
-HTML_TIMESTAMP = YES
+HTML_TIMESTAMP = NO
# If the HTML_DYNAMIC_MENUS tag is set to YES then the generated HTML
# documentation will contain a main index with vertical navigation menus that
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/editorconfig-core-c-0.12.6/include/editorconfig/editorconfig.h
new/editorconfig-core-c-0.12.7/include/editorconfig/editorconfig.h
--- old/editorconfig-core-c-0.12.6/include/editorconfig/editorconfig.h
2023-01-19 09:40:53.000000000 +0100
+++ new/editorconfig-core-c-0.12.7/include/editorconfig/editorconfig.h
2024-03-30 18:46:28.000000000 +0100
@@ -72,13 +72,13 @@
* @endhtmlonly
* @manonly
*
- * -f Specify conf filename other than ".editorconfig".
+ * \-f Specify conf filename other than ".editorconfig".
*
- * -b Specify version (used by devs to test compatibility).
+ * \-b Specify version (used by devs to test compatibility).
*
- * -h OR --help Print this help message.
+ * \-h OR \-\-help Print this help message.
*
- * --version Display version information.
+ * \-\-version Display version information.
*
* @endmanonly
*
@@ -181,7 +181,7 @@
* <li><strong>tab_width</strong>: a whole number defining the number of
columns used to represent a tab character. This defaults to the value of
<strong>indent_size</strong> and should not usually need to be specified.</li>
* <li><strong>end_of_line</strong>: set to "lf", "cr", or "crlf" to control
how line breaks are represented. The values are case insensitive.</li>
* <li><strong>charset</strong>: set to "latin1", "utf-8", "utf-8-bom",
"utf-16be" or "utf-16le" to control the character set. Use of "utf-8-bom" is
discouraged.</li>
- * <li><strong>trim_trailing_whitespace</strong>: set to "true" to remove any
whitespace characters preceeding newline characters and "false" to ensure it
doesn't.</li>
+ * <li><strong>trim_trailing_whitespace</strong>: set to "true" to remove any
whitespace characters preceding newline characters and "false" to ensure it
doesn't.</li>
* <li><strong>insert_final_newline</strong>: set to "true" ensure file ends
with a newline when saving and "false" to ensure it doesn't.</li>
* <li><strong>root</strong>: special property that should be specified at the
top of the file outside of any sections. Set to "true" to stop
<code>.editorconfig</code> files search on current file. The value is case
insensitive.</li>
* </ul>
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/editorconfig-core-c-0.12.6/src/lib/ec_glob.c
new/editorconfig-core-c-0.12.7/src/lib/ec_glob.c
--- old/editorconfig-core-c-0.12.6/src/lib/ec_glob.c 2023-01-19
09:40:53.000000000 +0100
+++ new/editorconfig-core-c-0.12.7/src/lib/ec_glob.c 2024-03-30
18:46:28.000000000 +0100
@@ -27,6 +27,7 @@
#include "global.h"
+#include <assert.h>
#include <ctype.h>
#include <string.h>
#include <pcre2.h>
@@ -51,7 +52,8 @@
/* concatenate the string then move the pointer to the end */
#define STRING_CAT(p, string, end) do { \
size_t string_len = strlen(string); \
- if (p + string_len >= end) \
+ assert(end > p); \
+ if (string_len >= (size_t)(end - p)) \
return -1; \
strcat(p, string); \
p += string_len; \
@@ -192,10 +194,14 @@
if (!right_bracket) /* The right bracket may not exist */
right_bracket = c + strlen(c);
- strcat(p_pcre, "\\");
+ STRING_CAT(p_pcre, "\\", pcre_str_end);
+ /* Boundary check for strncat below. */
+ if (pcre_str_end - p_pcre <= right_bracket - c) {
+ return -1;
+ }
strncat(p_pcre, c, right_bracket - c);
if (*right_bracket) /* right_bracket is a bracket */
- strcat(p_pcre, "\\]");
+ STRING_CAT(p_pcre, "\\]", pcre_str_end);
p_pcre += strlen(p_pcre);
c = right_bracket;
if (!*c)
@@ -339,7 +345,7 @@
}
}
- *(p_pcre ++) = '$';
+ ADD_CHAR(p_pcre, '$', pcre_str_end);
pcre2_code_free(re); /* ^\\d+\\.\\.\\d+$ */
