Hello community, here is the log from the commit of package transfig for openSUSE:Factory checked in at 2020-10-03 18:55:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/transfig (Old) and /work/SRC/openSUSE:Factory/.transfig.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "transfig" Sat Oct 3 18:55:00 2020 rev:45 rq:838775 version:3.2.7b Changes: -------- --- /work/SRC/openSUSE:Factory/transfig/transfig.changes 2020-02-21 16:39:30.925692265 +0100 +++ /work/SRC/openSUSE:Factory/.transfig.new.4249/transfig.changes 2020-10-03 18:55:20.085471141 +0200 @@ -1,0 +2,13 @@ +Wed Sep 30 10:48:31 UTC 2020 - Dr. Werner Fink <wer...@suse.de> + +- Add upstream security patches/commits + * 100e27.patch + * 3065eb.patch + * ca48cc.patch + +------------------------------------------------------------------- +Tue Sep 29 09:24:16 UTC 2020 - Dr. Werner Fink <wer...@suse.de> + +- Do hardening via compile and linker flags + +------------------------------------------------------------------- New: ---- 100e27.patch 3065eb.patch ca48cc.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ transfig.spec ++++++ --- /var/tmp/diff_new_pack.zLF5Tt/_old 2020-10-03 18:55:20.909472054 +0200 +++ /var/tmp/diff_new_pack.zLF5Tt/_new 2020-10-03 18:55:20.909472054 +0200 @@ -70,6 +70,9 @@ Patch15: 4d4e1f.patch Patch16: 3165d8.patch Patch17: 639c36.patch +Patch18: 100e27.patch +Patch19: 3065eb.patch +Patch20: ca48cc.patch Patch43: fig2dev-3.2.6-fig2mpdf.patch Patch44: fig2dev-3.2.6-fig2mpdf-doc.patch Patch45: fig2dev-3.2.6a-RGBFILE.patch @@ -127,14 +130,59 @@ %patch15 -p0 -b .sec12 %patch16 -p0 -b .sec13 %patch17 -p0 -b .sec14 +%patch18 -p0 -b .sec15 +%patch19 -p0 -b .sec16 +%patch20 -p0 -b .sec17 %patch43 -p2 -b .mpdf %patch44 -p1 -b .mpdfdoc %patch45 -p1 -b .p45 %build ulimit -v unlimited || : + # + # Used for detection of hardening options of gcc and linker + # + cflags () + { + local flag=$1; shift + local var=$1; shift + test -n "${flag}" -a -n "${var}" || return + case "${!var}" in + *${flag}*) return + esac + case "$flag" in + -Wl,*) + set -o noclobber + echo 'int main () { return 0; }' > ldtest.c + if ${CC:-gcc} -Werror $flag -o /dev/null -xc ldtest.c > /dev/null 2>&1 ; then + eval $var=\${$var:+\$$var\ }$flag + fi + set +o noclobber + rm -f ldtest.c + ;; + *) + if ${CC:-gcc} -Werror $flag -S -o /dev/null -xc /dev/null > /dev/null 2>&1 ; then + eval $var=\${$var:+\$$var\ }$flag + fi + if ${CXX:-g++} -Werror $flag -S -o /dev/null -xc++ /dev/null > /dev/null 2>&1 ; then + eval $var=\${$var:+\$$var\ }$flag + fi + esac + } + CC=gcc CFLAGS="%{optflags} -fno-strict-aliasing -w -D_GNU_SOURCE -std=gnu99 $(getconf LFS_CFLAGS)" +cflags -D_FORTIFY_SOURCE=2 CFLAGS +cflags -fstack-protector CFLAGS +cflags -fstack-protector-strong CFLAGS +cflags -fstack-protector-all CFLAGS +cflags -Wformat CFLAGS +cflags -Wformat-security CFLAGS +cflags -Werror=format-security CFLAGS +cflags -fPIE CFLAGS +cflags -pie LDFLAGS +cflags -Wl,-z,relro LDFLAGS +cflags -Wl,-z,now LDFLAGS export CC CFLAGS LDFLAGS chmod 755 configure %configure \ ++++++ 100e27.patch ++++++ >From 100e2789f8106f9cc0f7e4319c4ee7bda076c3ac Mon Sep 17 00:00:00 2001 From: Thomas Loimer <thomas.loi...@tuwien.ac.at> Date: Sun, 16 Feb 2020 13:25:03 +0100 Subject: [PATCH] Modify commit [3165d8]: Use tangent, not secant Use the tangent, not a secant, for short arrows on arcs. --- fig2dev/bound.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git fig2dev/bound.c fig2dev/bound.c index d305ab9..ea97461 100644 --- fig2dev/bound.c +++ fig2dev/bound.c @@ -1102,12 +1102,10 @@ compute_arcarrow_angle(double x1, double y1, double x2, double y2, /* add this to the length */ h += lpt; - /* radius too small for this method, use normal method */ - if (h > 2.0*r) { + /* secant would be too large or too small */ + if (h > 2.0*r || h < 0.01*r) { arc_tangent_int(x1,y1,x2,y2,direction,x,y); return; - } else if (h < thick) { - h = thick; } beta=atan2(dy,dx); -- 2.16.4 ++++++ 3065eb.patch ++++++ >From 3065ebc14bb96506429b4ebde3aeb3793c72a66d Mon Sep 17 00:00:00 2001 From: Thomas Loimer <thomas.loi...@tuwien.ac.at> Date: Sun, 16 Feb 2020 18:54:01 +0100 Subject: [PATCH] Allow last line of file lacking eol char, #83, #84 If the last line of a fig file does not end with a newline, the code parsing the input could read beyond the allocated buffer. This commit fixes the parsing at two locations in the code, one in string parsing, the second where sequences of a backslash and octal digits are converted to characters. --- fig2dev/read.c | 6 ++++-- fig2dev/tests/read.at | 11 +++++++++++ 2 files changed, 15 insertions(+), 2 deletions(-) --- fig2dev/read.c +++ fig2dev/read.c 2020-09-30 10:46:34.214234522 +0000 @@ -1483,6 +1483,8 @@ read_textobject(FILE *fp, char **restric len = strlen(start); start[len++] = '\n'; /* put back the newline */ + start[len] = '\0'; /* and terminate the string, + in case nothing else is found */ /* allocate plenty of space */ next = malloc(len + BUFSIZ); @@ -1491,7 +1493,7 @@ read_textobject(FILE *fp, char **restric free(t); return NULL; } - memcpy(next, start, len); + memcpy(next, start, len + 1); while ((chars = getline(line, line_len, fp)) != -1) { ++(*line_no); @@ -1525,7 +1527,7 @@ read_textobject(FILE *fp, char **restric len = end - start; l = len; while (c[l] != '\0') { - if (c[l] == '\\') { + if (c[l] == '\\' && c[l+1] != '\0') { /* convert 3 digit octal value */ if (isdigit(c[l+1]) && c[l+2] != '\0' && c[l+3] != '\0') { --- fig2dev/tests/read.at +++ fig2dev/tests/read.at 2020-09-30 10:46:34.262233620 +0000 @@ -416,6 +416,17 @@ AT_CHECK([fig2dev -L tikz text.fig ], 0, ignore) AT_CLEANUP +AT_SETUP([allow files end without eol, tickets #83, #84]) +AT_KEYWORDS([read.c]) +AT_CHECK([AS_ECHO_N(["FIG_FILE_TOP +4 0 0 50 0 -1 12 0 0 150 405 0 0 No end-of-line here -->"]) | \ + fig2dev -L box], 0, ignore) +AT_CHECK([AS_ECHO_N(["FIG_FILE_TOP +4 0 0 50 0 -1 12 0 0 150 405 0 0 Start string +No end-of-line after one backslash --> \\"]) | \ + fig2dev -L box], 0, ignore) +AT_CLEANUP + AT_BANNER([Dynamically allocate picture file name.]) AT_SETUP([prepend fig file path to picture file name]) ++++++ ca48cc.patch ++++++ >From ca48ccc90bd3e7801a63cf9a541f292b28ed1260 Mon Sep 17 00:00:00 2001 From: Thomas Loimer <thomas.loi...@tuwien.ac.at> Date: Mon, 17 Feb 2020 12:18:12 +0100 Subject: [PATCH] Amend previous commit - avoid buffer overflow Regards to Dr. Werner Fink, see discussion to ticket #83. --- fig2dev/read.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git fig2dev/read.c fig2dev/read.c index 0bdcd3d..d1ae463 100644 --- fig2dev/read.c +++ fig2dev/read.c @@ -1489,8 +1489,6 @@ read_textobject(FILE *fp, char **restrict line, size_t *line_len, int *line_no) len = strlen(start); start[len++] = '\n'; /* put back the newline */ - start[len] = '\0'; /* and terminate the string, - in case nothing else is found */ /* allocate plenty of space */ next = malloc(len + BUFSIZ); @@ -1500,6 +1498,8 @@ read_textobject(FILE *fp, char **restrict line, size_t *line_len, int *line_no) return NULL; } memcpy(next, start, len + 1); + next[len] = '\0'; /* terminate the initial string, + in case nothing else is found */ while ((chars = getline(line, line_len, fp)) != -1) { ++(*line_no); -- 2.16.4