Rebased ref, commits from common ancestor:
commit 406f9aba67e9a47fb89cd00412da045e2d8b37bb
Author: Michael Stahl <[email protected]>
AuthorDate: Tue Mar 24 10:48:04 2020 +0100
Commit: Andras Timar <[email protected]>
CommitDate: Mon Oct 11 16:27:06 2021 +0200
icu: add patch to fix CVE-2020-10531
Change-Id: I0aca4af1bd79f28bf1c920a4d05e80948106aaac
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90971
Tested-by: Jenkins
Reviewed-by: Michael Stahl <[email protected]>
(cherry picked from commit 002d1152dc418f7d624409e76cd9d4ac0b42c7f8)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90975
Reviewed-by: Thorsten Behrens <[email protected]>
(cherry picked from commit 63b573faf984875cda7a879e696ea75fae81df57)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90988
diff --git a/external/icu/UnpackedTarball_icu.mk
b/external/icu/UnpackedTarball_icu.mk
index 9e5f7974a700..a5416b7ee078 100644
--- a/external/icu/UnpackedTarball_icu.mk
+++ b/external/icu/UnpackedTarball_icu.mk
@@ -39,6 +39,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,icu,\
external/icu/gcc9.patch \
external/icu/char8_t.patch \
external/icu/CVE-2018-18928.patch.2 \
+ external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2 \
))
$(eval $(call
gb_UnpackedTarball_add_file,icu,source/data/brkitr/khmerdict.dict,external/icu/khmerdict.dict))
diff --git a/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2
b/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2
new file mode 100644
index 000000000000..07b3db6774be
--- /dev/null
+++ b/external/icu/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca.patch.2
@@ -0,0 +1,118 @@
+From b7d08bc04a4296982fcef8b6b8a354a9e4e7afca Mon Sep 17 00:00:00 2001
+From: Frank Tang <[email protected]>
+Date: Sat, 1 Feb 2020 02:39:04 +0000
+Subject: [PATCH] ICU-20958 Prevent SEGV_MAPERR in append
+
+See #971
+---
+ icu4c/source/common/unistr.cpp | 6 ++-
+ icu4c/source/test/intltest/ustrtest.cpp | 62 +++++++++++++++++++++++++
+ icu4c/source/test/intltest/ustrtest.h | 1 +
+ 3 files changed, 68 insertions(+), 1 deletion(-)
+
+diff --git a/icu4c/source/common/unistr.cpp b/icu4c/source/common/unistr.cpp
+index 901bb3358ba..077b4d6ef20 100644
+--- a/icu4c/source/common/unistr.cpp
++++ b/icu4c/source/common/unistr.cpp
+@@ -1563,7 +1563,11 @@ UnicodeString::doAppend(const UChar *srcChars, int32_t
srcStart, int32_t srcLeng
+ }
+
+ int32_t oldLength = length();
+- int32_t newLength = oldLength + srcLength;
++ int32_t newLength;
++ if (uprv_add32_overflow(oldLength, srcLength, &newLength)) {
++ setToBogus();
++ return *this;
++ }
+
+ // Check for append onto ourself
+ const UChar* oldArray = getArrayStart();
+diff --git a/icu4c/source/test/intltest/ustrtest.cpp
b/icu4c/source/test/intltest/ustrtest.cpp
+index b6515ea813c..ad38bdf53a3 100644
+--- a/icu4c/source/test/intltest/ustrtest.cpp
++++ b/icu4c/source/test/intltest/ustrtest.cpp
+@@ -67,6 +67,7 @@ void UnicodeStringTest::runIndexedTest( int32_t index, UBool
exec, const char* &
+ TESTCASE_AUTO(TestWCharPointers);
+ TESTCASE_AUTO(TestNullPointers);
+ TESTCASE_AUTO(TestUnicodeStringInsertAppendToSelf);
++ TESTCASE_AUTO(TestLargeAppend);
+ TESTCASE_AUTO_END;
+ }
+
+@@ -2310,3 +2311,64 @@ void
UnicodeStringTest::TestUnicodeStringInsertAppendToSelf() {
+ str.insert(2, sub);
+ assertEquals("", u"abbcdcde", str);
+ }
++
++void UnicodeStringTest::TestLargeAppend() {
++ if(quick) return;
++
++ IcuTestErrorCode status(*this, "TestLargeAppend");
++ // Make a large UnicodeString
++ int32_t len = 0xAFFFFFF;
++ UnicodeString str;
++ char16_t *buf = str.getBuffer(len);
++ // A fast way to set buffer to valid Unicode.
++ // 4E4E is a valid unicode character
++ uprv_memset(buf, 0x4e, len * 2);
++ str.releaseBuffer(len);
++ UnicodeString dest;
++ // Append it 16 times
++ // 0xAFFFFFF times 16 is 0xA4FFFFF1,
++ // which is greater than INT32_MAX, which is 0x7FFFFFFF.
++ int64_t total = 0;
++ for (int32_t i = 0; i < 16; i++) {
++ dest.append(str);
++ total += len;
++ if (total <= INT32_MAX) {
++ assertFalse("dest is not bogus", dest.isBogus());
++ } else {
++ assertTrue("dest should be bogus", dest.isBogus());
++ }
++ }
++ dest.remove();
++ total = 0;
++ for (int32_t i = 0; i < 16; i++) {
++ dest.append(str);
++ total += len;
++ if (total + len <= INT32_MAX) {
++ assertFalse("dest is not bogus", dest.isBogus());
++ } else if (total <= INT32_MAX) {
++ // Check that a string of exactly the maximum size works
++ UnicodeString str2;
++ int32_t remain = INT32_MAX - total;
++ char16_t *buf2 = str2.getBuffer(remain);
++ if (buf2 == nullptr) {
++ // if somehow memory allocation fail, return the test
++ return;
++ }
++ uprv_memset(buf2, 0x4e, remain * 2);
++ str2.releaseBuffer(remain);
++ dest.append(str2);
++ total += remain;
++ assertEquals("When a string of exactly the maximum size works",
(int64_t)INT32_MAX, total);
++ assertEquals("When a string of exactly the maximum size works",
INT32_MAX, dest.length());
++ assertFalse("dest is not bogus", dest.isBogus());
++
++ // Check that a string size+1 goes bogus
++ str2.truncate(1);
++ dest.append(str2);
++ total++;
++ assertTrue("dest should be bogus", dest.isBogus());
++ } else {
++ assertTrue("dest should be bogus", dest.isBogus());
++ }
++ }
++}
+diff --git a/icu4c/source/test/intltest/ustrtest.h
b/icu4c/source/test/intltest/ustrtest.h
+index 218befdcc68..4a356a92c7a 100644
+--- a/icu4c/source/test/intltest/ustrtest.h
++++ b/icu4c/source/test/intltest/ustrtest.h
+@@ -97,6 +97,7 @@ class UnicodeStringTest: public IntlTest {
+ void TestWCharPointers();
+ void TestNullPointers();
+ void TestUnicodeStringInsertAppendToSelf();
++ void TestLargeAppend();
+ };
+
+ #endif
commit aa16731ad563a9851cae242f3acd7916097a5a4a
Author: Stephan Bergmann <[email protected]>
AuthorDate: Wed Jan 15 17:16:02 2020 +0100
Commit: Andras Timar <[email protected]>
CommitDate: Mon Oct 11 16:27:06 2021 +0200
Remove a fragment from a file URL early on
...as ShellExecuteExW would ignore it anyway
Change-Id: I969db094bb7d2ea230ac8c36eb23d71a90fbe466
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86868
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <[email protected]>
(cherry picked from commit 14b36a16b225bf7c988f118d499a7287c47cd83e)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86877
Reviewed-by: Mike Kaganski <[email protected]>
diff --git a/shell/source/win32/SysShExec.cxx b/shell/source/win32/SysShExec.cxx
index 6948ee34b490..00384b8bd235 100644
--- a/shell/source/win32/SysShExec.cxx
+++ b/shell/source/win32/SysShExec.cxx
@@ -302,6 +302,7 @@ void SAL_CALL CSysShExec::execute( const OUString&
aCommand, const OUString& aPa
static_cast< XSystemShellExecute* >( this ),
3 );
+ OUString preprocessed_command(aCommand);
if ((nFlags & URIS_ONLY) != 0)
{
css::uno::Reference< css::uri::XUriReference > uri(
@@ -315,8 +316,10 @@ void SAL_CALL CSysShExec::execute( const OUString&
aCommand, const OUString& aPa
static_cast< cppu::OWeakObject * >(this), 0);
}
if (uri->getScheme().equalsIgnoreAsciiCase("file")) {
+ // ShellExecuteExW appears to ignore the fragment of a file URL
anyway, so remove it:
+ uri->clearFragment();
+ preprocessed_command = uri->getUriReference();
OUString pathname;
- uri->clearFragment(); // getSystemPathFromFileURL fails for URLs
with fragment
auto const e1
=
osl::FileBase::getSystemPathFromFileURL(uri->getUriReference(), pathname);
if (e1 != osl::FileBase::E_None) {
@@ -439,7 +442,6 @@ void SAL_CALL CSysShExec::execute( const OUString&
aCommand, const OUString& aPa
and names no existing file (remember the jump mark
sign '#' is a valid file name character we remove
the jump mark, else ShellExecuteEx fails */
- OUString preprocessed_command(aCommand);
if (is_system_path(preprocessed_command))
{
if (has_jump_mark(preprocessed_command) &&
!is_existing_file(preprocessed_command))
commit d539915738a2a5ab30c3060abc748cfca2107b07
Author: Michael Stahl <[email protected]>
AuthorDate: Mon Nov 18 18:45:46 2019 +0100
Commit: Andras Timar <[email protected]>
CommitDate: Mon Oct 11 16:27:06 2021 +0200
python3: upgrade to release 3.5.9
Fixes CVE-2019-9948 CVE-2019-9740 CVE-2019-10160 CVE-2019-16056
and expat CVE-2019-15903.
python-3.3.5-pyexpat-symbols.patch.1 fails to apply, and it's a
mystery why --with-system-expat is used everywhere but on MacOSX,
where 292af048ace2d4b455b2da3a22c784cb05db1d09 disabled it for no
obvious reason, so try to remove the special case and get rid of the
patch.
Change-Id: I5ba4532eb6e7c2fb90daba95d132dcc7c9013d96
Reviewed-on: https://gerrit.libreoffice.org/83117
Tested-by: Jenkins
Reviewed-by: Michael Stahl <[email protected]>
(cherry picked from commit b0930d56130fdddfe65e92b081a8afad77974076)
Reviewed-on: https://gerrit.libreoffice.org/83189
Reviewed-by: Thorsten Behrens <[email protected]>
diff --git a/configure.ac b/configure.ac
index a60bef2d6124..fd2fda691e95 100644
--- a/configure.ac
+++ b/configure.ac
@@ -8449,7 +8449,7 @@ internal)
SYSTEM_PYTHON=
PYTHON_VERSION_MAJOR=3
PYTHON_VERSION_MINOR=5
- PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.7
+ PYTHON_VERSION=${PYTHON_VERSION_MAJOR}.${PYTHON_VERSION_MINOR}.9
if ! grep -q -i python.*${PYTHON_VERSION} ${SRC_ROOT}/download.lst; then
AC_MSG_ERROR([PYTHON_VERSION ${PYTHON_VERSION} but no matching file in
download.lst])
fi
diff --git a/download.lst b/download.lst
index 3840aa7ffdca..48f0e39f77c7 100644
--- a/download.lst
+++ b/download.lst
@@ -210,8 +210,8 @@ export POPPLER_SHA256SUM :=
016dde34e5f868ea98a32ca99b643325a9682281500942b7113f
export POPPLER_TARBALL := poppler-21.01.0.tar.xz
export POSTGRESQL_SHA256SUM :=
a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126
export POSTGRESQL_TARBALL := postgresql-9.2.24.tar.bz2
-export PYTHON_SHA256SUM :=
285892899bf4d5737fd08482aa6171c6b2564a45b9102dfacfb72826aebdc7dc
-export PYTHON_TARBALL := Python-3.5.7.tar.xz
+export PYTHON_SHA256SUM :=
c24a37c63a67f53bdd09c5f287b5cff8e8b98f857bf348c577d454d3f74db049
+export PYTHON_TARBALL := Python-3.5.9.tar.xz
export QXP_SHA256SUM :=
e137b6b110120a52c98edd02ebdc4095ee08d0d5295a94316a981750095a945c
export QXP_TARBALL := libqxp-0.0.2.tar.xz
export RAPTOR_SHA256SUM :=
ada7f0ba54787b33485d090d3d2680533520cd4426d2f7fb4782dd4a6a1480ed
diff --git
a/external/python3/0001-3.6-closes-bpo-42938-Replace-snprintf-with-Python-un.patch.1
b/external/python3/0001-3.6-closes-bpo-42938-Replace-snprintf-with-Python-un.patch.1
deleted file mode 100644
index fdcc5cb65267..000000000000
---
a/external/python3/0001-3.6-closes-bpo-42938-Replace-snprintf-with-Python-un.patch.1
+++ /dev/null
@@ -1,175 +0,0 @@
-From 34df10a9a16b38d54421eeeaf73ec89828563be7 Mon Sep 17 00:00:00 2001
-From: Benjamin Peterson <[email protected]>
-Date: Mon, 18 Jan 2021 15:11:46 -0600
-Subject: [PATCH] [3.6] closes bpo-42938: Replace snprintf with Python unicode
- formatting in ctypes param reprs. (GH-24250)
-
-(cherry picked from commit 916610ef90a0d0761f08747f7b0905541f0977c7)
-
-Co-authored-by: Benjamin Peterson <[email protected]>
----
- Lib/ctypes/test/test_parameters.py | 43 +++++++++++++++
- .../2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst | 2 +
- Modules/_ctypes/callproc.c | 55 +++++++------------
- 3 files changed, 66 insertions(+), 34 deletions(-)
- create mode 100644
Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-
-diff --git a/Lib/ctypes/test/test_parameters.py
b/Lib/ctypes/test/test_parameters.py
-index e4c25fd880..531894fdec 100644
---- a/Lib/ctypes/test/test_parameters.py
-+++ b/Lib/ctypes/test/test_parameters.py
-@@ -201,6 +201,49 @@ def __dict__(self):
- self.assertRaises(ArgumentError, func, 99)
-
-
-+ def test_parameter_repr(self):
-+ from ctypes import (
-+ c_bool,
-+ c_char,
-+ c_wchar,
-+ c_byte,
-+ c_ubyte,
-+ c_short,
-+ c_ushort,
-+ c_int,
-+ c_uint,
-+ c_long,
-+ c_ulong,
-+ c_longlong,
-+ c_ulonglong,
-+ c_float,
-+ c_double,
-+ c_longdouble,
-+ c_char_p,
-+ c_wchar_p,
-+ c_void_p,
-+ )
-+ self.assertRegex(repr(c_bool.from_param(True)), r"^<cparam '\?' at
0x[A-Fa-f0-9]+>$")
-+ self.assertEqual(repr(c_char.from_param(97)), "<cparam 'c' ('a')>")
-+ self.assertRegex(repr(c_wchar.from_param('a')), r"^<cparam 'u' at
0x[A-Fa-f0-9]+>$")
-+ self.assertEqual(repr(c_byte.from_param(98)), "<cparam 'b' (98)>")
-+ self.assertEqual(repr(c_ubyte.from_param(98)), "<cparam 'B' (98)>")
-+ self.assertEqual(repr(c_short.from_param(511)), "<cparam 'h' (511)>")
-+ self.assertEqual(repr(c_ushort.from_param(511)), "<cparam 'H' (511)>")
-+ self.assertRegex(repr(c_int.from_param(20000)), r"^<cparam '[li]'
\(20000\)>$")
-+ self.assertRegex(repr(c_uint.from_param(20000)), r"^<cparam '[LI]'
\(20000\)>$")
-+ self.assertRegex(repr(c_long.from_param(20000)), r"^<cparam '[li]'
\(20000\)>$")
-+ self.assertRegex(repr(c_ulong.from_param(20000)), r"^<cparam '[LI]'
\(20000\)>$")
-+ self.assertRegex(repr(c_longlong.from_param(20000)), r"^<cparam
'[liq]' \(20000\)>$")
-+ self.assertRegex(repr(c_ulonglong.from_param(20000)), r"^<cparam
'[LIQ]' \(20000\)>$")
-+ self.assertEqual(repr(c_float.from_param(1.5)), "<cparam 'f' (1.5)>")
-+ self.assertEqual(repr(c_double.from_param(1.5)), "<cparam 'd' (1.5)>")
-+ self.assertEqual(repr(c_double.from_param(1e300)), "<cparam 'd'
(1e+300)>")
-+ self.assertRegex(repr(c_longdouble.from_param(1.5)), r"^<cparam ('d'
\(1.5\)|'g' at 0x[A-Fa-f0-9]+)>$")
-+ self.assertRegex(repr(c_char_p.from_param(b'hihi')), "^<cparam 'z'
\(0x[A-Fa-f0-9]+\)>$")
-+ self.assertRegex(repr(c_wchar_p.from_param('hihi')), "^<cparam 'Z'
\(0x[A-Fa-f0-9]+\)>$")
-+ self.assertRegex(repr(c_void_p.from_param(0x12)), r"^<cparam 'P'
\(0x0*12\)>$")
-+
- ################################################################
-
- if __name__ == '__main__':
-diff --git
a/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-new file mode 100644
-index 0000000000..7df65a156f
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-@@ -0,0 +1,2 @@
-+Avoid static buffers when computing the repr of :class:`ctypes.c_double` and
-+:class:`ctypes.c_longdouble` values.
-diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c
-index 70e416b950..9fcf95f543 100644
---- a/Modules/_ctypes/callproc.c
-+++ b/Modules/_ctypes/callproc.c
-@@ -451,54 +451,43 @@ PyCArg_dealloc(PyCArgObject *self)
- static PyObject *
- PyCArg_repr(PyCArgObject *self)
- {
-- char buffer[256];
- switch(self->tag) {
- case 'b':
- case 'B':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.b);
-- break;
- case 'h':
- case 'H':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.h);
-- break;
- case 'i':
- case 'I':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.i);
-- break;
- case 'l':
- case 'L':
-- sprintf(buffer, "<cparam '%c' (%ld)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%ld)>",
- self->tag, self->value.l);
-- break;
-
- #ifdef HAVE_LONG_LONG
- case 'q':
- case 'Q':
-- sprintf(buffer,
--#ifdef MS_WIN32
-- "<cparam '%c' (%I64d)>",
--#else
-- "<cparam '%c' (%qd)>",
--#endif
-+ return PyUnicode_FromFormat("<cparam '%c' (%qd)>",
- self->tag, self->value.q);
-- break;
- #endif
- case 'd':
-- sprintf(buffer, "<cparam '%c' (%f)>",
-- self->tag, self->value.d);
-- break;
-- case 'f':
-- sprintf(buffer, "<cparam '%c' (%f)>",
-- self->tag, self->value.f);
-- break;
--
-+ case 'f': {
-+ PyObject *f = PyFloat_FromDouble((self->tag == 'f') ? self->value.f :
self->value.d);
-+ if (f == NULL) {
-+ return NULL;
-+ }
-+ { PyObject *result = PyUnicode_FromFormat("<cparam '%c' (%R)>",
self->tag, f);
-+ Py_DECREF(f);
-+ return result; }
-+ }
- case 'c':
-- sprintf(buffer, "<cparam '%c' (%c)>",
-+ return PyUnicode_FromFormat("<cparam '%c' ('%c')>",
- self->tag, self->value.c);
-- break;
-
- /* Hm, are these 'z' and 'Z' codes useful at all?
- Shouldn't they be replaced by the functionality of c_string
-@@ -507,16 +495,14 @@ PyCArg_repr(PyCArgObject *self)
- case 'z':
- case 'Z':
- case 'P':
-- sprintf(buffer, "<cparam '%c' (%p)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%p)>",
- self->tag, self->value.p);
- break;
-
- default:
-- sprintf(buffer, "<cparam '%c' at %p>",
-- self->tag, self);
-- break;
-+ return PyUnicode_FromFormat("<cparam '%c' at %p>",
-+ (unsigned char)self->tag, (void *)self);
- }
-- return PyUnicode_FromString(buffer);
- }
-
- static PyMemberDef PyCArgType_members[] = {
---
-2.29.2
-
diff --git a/external/python3/ExternalProject_python3.mk
b/external/python3/ExternalProject_python3.mk
index 7e9952ac6cc7..ca81fd2ed77b 100644
--- a/external/python3/ExternalProject_python3.mk
+++ b/external/python3/ExternalProject_python3.mk
@@ -39,14 +39,13 @@ $(call gb_ExternalProject_get_state_target,python3,build) :
/maxcpucount \
$(if $(filter 140,$(VCVER)),/p:PlatformToolset=v140
/p:VisualStudioVersion=14.0 /ToolsVersion:14.0) \
$(if $(filter 150,$(VCVER)),/p:PlatformToolset=v141
/p:VisualStudioVersion=15.0 /ToolsVersion:15.0) \
- $(if $(filter
150-10,$(VCVER)-$(WINDOWS_SDK_VERSION)),/p:WindowsTargetPlatformVersion=$(UCRTVERSION))
\
+ $(if $(filter 160,$(VCVER)),/p:PlatformToolset=v142
/p:VisualStudioVersion=16.0 /ToolsVersion:Current) \
+ $(if $(filter
10,$(WINDOWS_SDK_VERSION)),/p:WindowsTargetPlatformVersion=$(UCRTVERSION)) \
,PCBuild)
else
-# this was added in 2004, hopefully is obsolete now (and why only intel
anyway)? $(if $(filter SOLARIS-INTEL,$(OS)$(CPUNAME)),--disable-ipv6)
-
-# --with-system-expat: this should find the one in the solver (or system)
+# --with-system-expat: this should find the one in the workdir (or system)
# create a symlink "LO_lib" because the .so are in a directory with platform
# specific name like build/lib.linux-x86_64-3.3
@@ -68,11 +67,11 @@ $(call gb_ExternalProject_get_state_target,python3,build) :
$(if $(CROSS_COMPILING),--build=$(BUILD_PLATFORM)
--host=$(HOST_PLATFORM)) \
$(if $(ENABLE_VALGRIND),--with-valgrind) \
--prefix=/python-inst \
- $(if $(filter MACOSX,$(OS)),,--with-system-expat) \
+ --with-system-expat \
$(if $(filter AIX,$(OS)), \
--disable-ipv6 --with-threads OPT="-g0 -fwrapv -O3
-Wall", \
$(if $(gb_Module_CURRENTMODULE_DEBUG_ENABLED), \
- OPT="$(gb_COMPILERNOOPTFLAGS)
$(gb_DEBUGINFO_FLAGS) $(gb_DEBUG_CFLAGS)")) \
+ OPT="$(gb_COMPILERNOOPTFLAGS)
$(gb_DEBUGINFO_FLAGS)")) \
$(if $(filter MACOSX,$(OS)), \
$(if $(filter
INTEL,$(CPUNAME)),--enable-universalsdk=$(MACOSX_SDK_PATH) \
--with-universal-archs=intel \
diff --git a/external/python3/UnpackedTarball_python3.mk
b/external/python3/UnpackedTarball_python3.mk
index 07ff3b6f2ced..29d417e57833 100644
--- a/external/python3/UnpackedTarball_python3.mk
+++ b/external/python3/UnpackedTarball_python3.mk
@@ -23,12 +23,10 @@ $(eval $(call gb_UnpackedTarball_add_patches,python3,\
external/python3/python-3.5.4-msvc-disable.patch.1 \
external/python3/python-3.3.0-pythreadstate.patch.1 \
external/python3/python-3.3.0-clang.patch.1 \
- external/python3/python-3.3.5-pyexpat-symbols.patch.1 \
external/python3/ubsan.patch.0 \
external/python3/python-3.5.tweak.strip.soabi.patch \
+ external/python3/darwin.patch.0 \
external/python3/0001-3.6-bpo-17239-Disable-external-entities-in-SAX-parse.patch.1
\
- external/python3/python-3.5.7-c99.patch.1 \
-
external/python3/0001-3.6-closes-bpo-42938-Replace-snprintf-with-Python-un.patch.1
\
))
ifneq ($(filter DRAGONFLY FREEBSD LINUX NETBSD OPENBSD SOLARIS,$(OS)),)
diff --git a/external/python3/darwin.patch.0 b/external/python3/darwin.patch.0
new file mode 100644
index 000000000000..139cdc9780bb
--- /dev/null
+++ b/external/python3/darwin.patch.0
@@ -0,0 +1,10 @@
+--- Modules/_ctypes/libffi_osx/x86/darwin64.S
++++ Modules/_ctypes/libffi_osx/x86/darwin64.S
+@@ -29,7 +29,6 @@
+ #include <fficonfig.h>
+ #include <ffi.h>
+
+- .file "darwin64.S"
+ .text
+
+ /* ffi_call_unix64 (void *args, unsigned long bytes, unsigned flags,
diff --git a/external/python3/python-3.3.5-pyexpat-symbols.patch.1
b/external/python3/python-3.3.5-pyexpat-symbols.patch.1
deleted file mode 100644
index c04c78cf36e7..000000000000
--- a/external/python3/python-3.3.5-pyexpat-symbols.patch.1
+++ /dev/null
@@ -1,28 +0,0 @@
-HACK: Fix build breakage on MacOS:
-
-*** WARNING: renaming "pyexpat" since importing it failed:
dlopen(build/lib.macosx-10.6-i386-3.3/pyexpat.so, 2): Symbol not found:
_XML_ErrorString
-
-This reverts c242a8f30806 from the python hg repo:
-
-restore namespacing of pyexpat symbols (closes #19186)
-
-
-See http://bugs.python.org/issue19186#msg214069
-
-The recommendation to include Modules/inc at first broke the Linux build...
-
-So do it this way, as it was before. Needs some realignment later.
-
---- python3/Modules/expat/expat_external.h
-+++ python3/Modules/expat/expat_external.h
-@@ -7,10 +7,6 @@
-
- /* External API definitions */
-
--/* Namespace external symbols to allow multiple libexpat version to
-- co-exist. */
--#include "pyexpatns.h"
--
- #if defined(_MSC_EXTENSIONS) && !defined(__BEOS__) && !defined(__CYGWIN__)
- #define XML_USE_MSC_EXTENSIONS 1
- #endif
diff --git a/external/python3/python-3.5.7-c99.patch.1
b/external/python3/python-3.5.7-c99.patch.1
deleted file mode 100644
index 558166d9953f..000000000000
--- a/external/python3/python-3.5.7-c99.patch.1
+++ /dev/null
@@ -1,62 +0,0 @@
-remove C99 which isn't suppored by all compilers yet
-
---- python3/Modules/_pickle.c.orig 2019-04-03 16:34:01.380124314 +0200
-+++ python3/Modules/_pickle.c 2019-04-03 16:35:18.579005171 +0200
-@@ -674,9 +674,12 @@
- PyErr_NoMemory();
- return NULL;
- }
-- for (size_t i = 0; i < self->mt_allocated; i++) {
-+ {
-+ size_t i;
-+ for (i = 0; i < self->mt_allocated; i++) {
- Py_XINCREF(self->mt_table[i].me_key);
- }
-+ }
- memcpy(new->mt_table, self->mt_table,
- sizeof(PyMemoEntry) * self->mt_allocated);
-
-@@ -4204,7 +4207,9 @@
- return NULL;
-
- memo = self->pickler->memo;
-- for (size_t i = 0; i < memo->mt_allocated; ++i) {
-+ {
-+ size_t i;
-+ for (i = 0; i < memo->mt_allocated; ++i) {
- PyMemoEntry entry = memo->mt_table[i];
- if (entry.me_key != NULL) {
- int status;
-@@ -4225,6 +4230,7 @@
- goto error;
- }
- }
-+ }
- return new_memo;
-
- error:
-@@ -6791,10 +6797,13 @@
- if (new_memo == NULL)
- return -1;
-
-- for (size_t i = 0; i < new_memo_size; i++) {
-+ {
-+ size_t i;
-+ for (i = 0; i < new_memo_size; i++) {
- Py_XINCREF(unpickler->memo[i]);
- new_memo[i] = unpickler->memo[i];
- }
-+ }
- }
- else if (PyDict_Check(obj)) {
- Py_ssize_t i = 0;
-@@ -6839,7 +6848,8 @@
-
- error:
- if (new_memo_size) {
-- for (size_t i = new_memo_size - 1; i != SIZE_MAX; i--) {
-+ size_t i;
-+ for (i = new_memo_size - 1; i != SIZE_MAX; i--) {
- Py_XDECREF(new_memo[i]);
- }
- PyMem_FREE(new_memo);
