[gentoo-commits] repo/gentoo:master commit in: net-libs/openslp/, net-libs/openslp/files/
commit: 7b3f685d9e0370f61574f8a810c79dfc13024bce Author: Andreas K. Hüttel gentoo org> AuthorDate: Fri Jun 9 23:22:19 2017 + Commit: Andreas Hüttel gentoo org> CommitDate: Fri Jun 9 23:22:44 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7b3f685d net-libs/openslp: Revision bump for bug 617278 Package-Manager: Portage-2.3.6, Repoman-2.3.2 .../openslp/files/openslp-2.0.0-namespace.patch| 773 + net-libs/openslp/openslp-2.0.0-r5.ebuild | 44 ++ 2 files changed, 817 insertions(+) diff --git a/net-libs/openslp/files/openslp-2.0.0-namespace.patch b/net-libs/openslp/files/openslp-2.0.0-namespace.patch new file mode 100644 index 000..b5e81787740 --- /dev/null +++ b/net-libs/openslp/files/openslp-2.0.0-namespace.patch @@ -0,0 +1,773 @@ +# HG changeset patch +# User John Calcote+# Date 1491588156 21600 +# Fri Apr 07 12:02:36 2017 -0600 +# Node ID 51ed69107d096c5b9886954d89e0709975d5aa15 +# Parent c1c294ce953e35f757020b01314cfc49556ccc0c +BUG#149: cleanup libslp namespace; fix ctype function calls throughout. + +diff -ruN openslp-2.0.0.orig/common/slp_compare.c openslp-2.0.0/common/slp_compare.c +--- openslp-2.0.0.orig/common/slp_compare.c2017-06-10 01:15:33.214875294 +0200 openslp-2.0.0/common/slp_compare.c 2017-06-10 01:16:39.072878034 +0200 +@@ -83,9 +83,10 @@ + * + * @internal + */ +-int strncasecmp(const char * s1, const char * s2, size_t len) ++int slp_strncasecmp(const char * s1, const char * s2, size_t len) + { +- while (*s1 && (*s1 == *s2 || tolower(*s1) == tolower(*s2))) ++ while (*s1 && (*s1 == *s2 ++ || tolower((unsigned char)*s1) == tolower((unsigned char)*s2))) +{ + len--; + if (len == 0) +@@ -93,7 +94,7 @@ + s1++; + s2++; +} +- return len? (int)(*(unsigned char *)s1 - (int)*(unsigned char *)s2): 0; ++ return len? (unsigned char)*s1 - (unsigned char)*s2: 0; + } + # endif + +@@ -113,11 +114,12 @@ + * + * @internal + */ +-int strcasecmp(const char * s1, const char * s2) ++int slp_strcasecmp(const char * s1, const char * s2) + { +- while (*s1 && (*s1 == *s2 || tolower(*s1) == tolower(*s2))) ++ while (*s1 && (*s1 == *s2 ++ || tolower((unsigned char)*s1) == tolower((unsigned char)*s2))) + s1++, s2++; +- return (int)(*(unsigned char *)s1 - (int)*(unsigned char *)s2); ++ return (unsigned char)*s1 - (unsigned char)*s2; + } + # endif + #endif +@@ -202,13 +204,13 @@ +char * p = str, * ep = str + len; +while (p < ep) +{ +- if (isspace(*p)) ++ if (isspace((unsigned char)*p)) + { +- char * ws2p = ++p;/* Point ws2p to the second ws char. */ +- while (p < ep && isspace(*p)) /* Scan till we hit a non-ws char. */ ++ char * ws2p = ++p; /* Point ws2p to the second ws char. */ ++ while (p < ep && isspace((unsigned char)*p)) /* Scan till we hit a non-ws char. */ + p++; +- len -= p - ws2p; /* Reduce the length by extra ws. */ +- memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */ ++ len -= p - ws2p; /* Reduce the length by extra ws. */ ++ memmove(ws2p, p, ep - p);/* Overwrite the extra white space. */ + } + p++; +} +@@ -276,9 +278,9 @@ +char *upd = dststr; +while (len > 0 && *srcstr) +{ +- if (isspace(*srcstr)) ++ if (isspace((unsigned char)*srcstr)) + { +- while (isspace(*srcstr) && len > 0) ++ while (isspace((unsigned char)*srcstr) && len > 0) + { + ++srcstr, --len; + } +@@ -311,7 +313,7 @@ + } + else + { +- *upd++ = (char)tolower(*srcstr++); ++ *upd++ = (char)tolower((unsigned char)*srcstr++); + --len; + } +} +@@ -340,15 +342,15 @@ +char * cpy1, * cpy2; + +/* Remove leading white space. */ +- while (str1len && isspace(*str1)) ++ while (str1len && isspace((unsigned char)*str1)) + str1++, str1len--; +- while (str2len && isspace(*str2)) ++ while (str2len && isspace((unsigned char)*str2)) + str2++, str2len--; + +/* Remove trailing white space. */ +- while (str1len && isspace(str1[str1len - 1])) ++ while (str1len && isspace((unsigned char)str1[str1len - 1])) + str1len--; +- while (str2len && isspace(str2[str2len - 1])) ++ while (str2len && isspace((unsigned char)str2[str2len - 1])) + str2len--; + +/*A quick check for empty strings before we start xmemduping and xfreeing*/ +diff -ruN openslp-2.0.0.orig/common/slp_compare.h openslp-2.0.0/common/slp_compare.h +--- openslp-2.0.0.orig/common/slp_compare.h2012-11-28 18:07:04.0 +0100 openslp-2.0.0/common/slp_compare.h 2017-06-10 01:16:39.072878034 +0200 +@@ -52,10 +52,12 @@ + + #ifndef _WIN32 + # ifndef HAVE_STRNCASECMP +-int
[gentoo-commits] repo/gentoo:master commit in: net-libs/openslp/, net-libs/openslp/files/
commit: d9daa618c8a85908978180048f86c08c7a4dc85d Author: Andreas K. Hüttel gentoo org> AuthorDate: Sun Feb 19 16:48:34 2017 + Commit: Andreas Hüttel gentoo org> CommitDate: Sun Feb 19 16:48:54 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9daa618 net-libs/openslp: Add patch for CVE-2016-7567, bug 595542 Package-Manager: Portage-2.3.3, Repoman-2.3.1 .../files/openslp-2.0.0-CVE-2016-7567.patch| 94 ++ net-libs/openslp/openslp-2.0.0-r4.ebuild | 44 ++ 2 files changed, 138 insertions(+) diff --git a/net-libs/openslp/files/openslp-2.0.0-CVE-2016-7567.patch b/net-libs/openslp/files/openslp-2.0.0-CVE-2016-7567.patch new file mode 100644 index 00..2d54fa04bf --- /dev/null +++ b/net-libs/openslp/files/openslp-2.0.0-CVE-2016-7567.patch @@ -0,0 +1,94 @@ +See +http://www.openwall.com/lists/oss-security/2016/09/27/4 +https://bugs.gentoo.org/show_bug.cgi?id=595542 + +diff -r 598821da69f2 -r 34fb3aa5e6b4 openslp/common/slp_compare.c +--- a/common/slp_compare.c Sat Jun 08 15:14:45 2013 -0600 b/common/slp_compare.c Mon Nov 30 20:50:12 2015 -0700 +@@ -194,7 +194,8 @@ + * @return The new (shorter) length of @p str. + * + * @note This routine assumes that leading and trailing white space have +- *already been removed from @p str. ++ *already been removed from @p str. It also assumes that @p str may ++ *not be null-terminated. + */ + static int SLPFoldWhiteSpace(size_t len, char * str) + { +@@ -203,11 +204,11 @@ +{ + if (isspace(*p)) + { +- char * ws2p = ++p; /* Point ws2p to the second ws char. */ +- while (isspace(*p))/* Scan till we hit a non-ws char. */ ++ char * ws2p = ++p;/* Point ws2p to the second ws char. */ ++ while (p < ep && isspace(*p)) /* Scan till we hit a non-ws char. */ + p++; +- len -= p - ws2p; /* Reduce the length by extra ws. */ +- memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */ ++ len -= p - ws2p; /* Reduce the length by extra ws. */ ++ memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */ + } + p++; +} +@@ -821,6 +822,50 @@ + + #ifdef SLP_COMPARE_TEST + ++/* Test boundary conditions of SLPFoldWhiteSpace. */ ++static int test_SLPFoldWhiteSpace(void) ++{ ++ static char test_str0[] = ""; ++ static char test_str1[] = "Blah"; ++ static char test_str3[] = "Blah blah"; ++ static char test_str4[] = "Blah blah"; ++ static char test_str5[] = "Blah blah blah"; ++ static char test_str8[] = " Blah blah"; ++ static char test_str9[] = " Blah blah"; ++ static char test_strC[] = "Blah blah "; ++ static char test_strD[] = "Blah blah "; ++ ++ static char * test_strs[] = ++ { ++ test_str0, test_str0, test_str0, test_str1, test_strC, ++ test_str3, test_str4, test_str5, test_strC, test_strC, ++ test_str8, test_str9, test_strC, test_strD, ++ }; ++ ++ static int test_lens[] = ++ { ++ 0, 1, 2, 4, 9, 10, 11, 15, 10, 11, 10, 11, 11, 11, ++ }; ++ ++ static int test_fins[] = ++ { ++ 0, 1, 1, 4, 9, 9, 9, 14, 10, 10, 10, 10, 10, 10, ++ }; ++ ++#define MAX_BUFSZ 32 ++ ++ int i; ++ for (i = 0; i < sizeof(test_strs) / sizeof(*test_strs); ++i) ++ { ++ char test_buf[MAX_BUFSZ]; ++ memmove(test_buf, test_strs[i], test_lens[i]); ++ int len = SLPFoldWhiteSpace(test_lens[i], test_buf); ++ if (len != test_fins[i]) ++ return -1; ++ } ++ return 0; ++} ++ + /* Test main for the slp_compare.c module + * + * Compile with: +@@ -840,6 +885,9 @@ + +int count; + ++ if (test_SLPFoldWhiteSpace() != 0) ++ return -1; ++ +/* *** SLPContainsStringList *** + */ +count = SLPContainsStringList(sizeof lst1 - 1, lst1, sizeof str1 - 1, str1); diff --git a/net-libs/openslp/openslp-2.0.0-r4.ebuild b/net-libs/openslp/openslp-2.0.0-r4.ebuild new file mode 100644 index 00..bda06a24f8 --- /dev/null +++ b/net-libs/openslp/openslp-2.0.0-r4.ebuild @@ -0,0 +1,44 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 + +inherit autotools systemd + +DESCRIPTION="An open-source implementation of Service Location Protocol" +HOMEPAGE="http://www.openslp.org/; +SRC_URI="mirror://sourceforge/openslp/${P}.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux" +IUSE="libressl" +RESTRICT="test" + +DEPEND=" + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) +" +RDEPEND="${DEPEND}" + +PATCHES=( + "${FILESDIR}"/${PN}-2.0.0-cflags.patch + "${FILESDIR}"/${PN}-2.0.0-CVE-2016-4912.patch +
[gentoo-commits] repo/gentoo:master commit in: net-libs/openslp/, net-libs/openslp/files/
commit: a5ebb986de32e702fece9392cc511a6e2d31f08a Author: Andreas K. Hüttel gentoo org> AuthorDate: Sat Feb 18 13:01:53 2017 + Commit: Andreas Hüttel gentoo org> CommitDate: Sat Feb 18 13:01:53 2017 + URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a5ebb986 net-libs/openslp: EAPI bump, add Fedora patch for CVE 2016-4912 Package-Manager: Portage-2.3.3, Repoman-2.3.1 .../files/openslp-2.0.0-CVE-2016-4912.patch| 15 net-libs/openslp/openslp-2.0.0-r2.ebuild | 42 ++ 2 files changed, 57 insertions(+) diff --git a/net-libs/openslp/files/openslp-2.0.0-CVE-2016-4912.patch b/net-libs/openslp/files/openslp-2.0.0-CVE-2016-4912.patch new file mode 100644 index 00..d8a0eca0d3 --- /dev/null +++ b/net-libs/openslp/files/openslp-2.0.0-CVE-2016-4912.patch @@ -0,0 +1,15 @@ +Source: https://src.fedoraproject.org/cgit/rpms/openslp.git/plain/openslp-2.0.0-null-pointer-deref.patch +See also https://bugs.gentoo.org/show_bug.cgi?id=583396 + +diff -up openslp-2.0.0/common/slp_xmalloc.c.orig openslp-2.0.0/common/slp_xmalloc.c +--- openslp-2.0.0/common/slp_xmalloc.c.orig2012-12-07 01:52:08.0 +0100 openslp-2.0.0/common/slp_xmalloc.c 2016-05-23 12:58:57.953532979 +0200 +@@ -203,6 +203,8 @@ void * _xrealloc(const char * file, int + if (x->size != size) + { + newptr = _xmalloc(file, line, size); ++ if (newptr == 0) ++return 0; + memcpy(newptr, ptr, x->size); + _xfree(file, line, x); + } diff --git a/net-libs/openslp/openslp-2.0.0-r2.ebuild b/net-libs/openslp/openslp-2.0.0-r2.ebuild new file mode 100644 index 00..43d36bd99b --- /dev/null +++ b/net-libs/openslp/openslp-2.0.0-r2.ebuild @@ -0,0 +1,42 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 + +inherit autotools systemd + +DESCRIPTION="An open-source implementation of Service Location Protocol" +HOMEPAGE="http://www.openslp.org/; +SRC_URI="mirror://sourceforge/openslp/${P}.tar.gz" + +LICENSE="BSD GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux" +IUSE="libressl" +RESTRICT="test" + +DEPEND=" + !libressl? ( dev-libs/openssl:0= ) + libressl? ( dev-libs/libressl:0= ) +" +RDEPEND="${DEPEND}" + +PATCHES=( + "${FILESDIR}"/${PN}-2.0.0-cflags.patch + "${FILESDIR}"/${PN}-2.0.0-CVE-2016-4912.patch +) + +src_prepare() { + default + eautoreconf +} + +src_install() { + make DESTDIR="${D}" install || die "make install failed" + dodoc AUTHORS FAQ ChangeLog NEWS README* THANKS + rm -rfv "${D}"/usr/doc + dohtml -r . + newinitd "${FILESDIR}"/slpd-init slpd + systemd_dounit "${FILESDIR}"/slpd.service +}