[gentoo-commits] repo/gentoo:master commit in: net-libs/openslp/, net-libs/openslp/files/

[Andreas Hüttel]

commit: 7b3f685d9e0370f61574f8a810c79dfc13024bce
Author: Andreas K. Hüttel  gentoo  org>
AuthorDate: Fri Jun  9 23:22:19 2017 +
Commit: Andreas Hüttel  gentoo  org>
CommitDate: Fri Jun  9 23:22:44 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7b3f685d

net-libs/openslp: Revision bump for bug 617278

Package-Manager: Portage-2.3.6, Repoman-2.3.2

 .../openslp/files/openslp-2.0.0-namespace.patch| 773 +
 net-libs/openslp/openslp-2.0.0-r5.ebuild   |  44 ++
 2 files changed, 817 insertions(+)

diff --git a/net-libs/openslp/files/openslp-2.0.0-namespace.patch 
b/net-libs/openslp/files/openslp-2.0.0-namespace.patch
new file mode 100644
index 000..b5e81787740
--- /dev/null
+++ b/net-libs/openslp/files/openslp-2.0.0-namespace.patch
@@ -0,0 +1,773 @@
+# HG changeset patch
+# User John Calcote 
+# Date 1491588156 21600
+#  Fri Apr 07 12:02:36 2017 -0600
+# Node ID 51ed69107d096c5b9886954d89e0709975d5aa15
+# Parent  c1c294ce953e35f757020b01314cfc49556ccc0c
+BUG#149: cleanup libslp namespace; fix ctype function calls throughout.
+
+diff -ruN openslp-2.0.0.orig/common/slp_compare.c 
openslp-2.0.0/common/slp_compare.c
+--- openslp-2.0.0.orig/common/slp_compare.c2017-06-10 01:15:33.214875294 
+0200
 openslp-2.0.0/common/slp_compare.c 2017-06-10 01:16:39.072878034 +0200
+@@ -83,9 +83,10 @@
+  *
+  * @internal
+  */
+-int strncasecmp(const char * s1, const char * s2, size_t len)
++int slp_strncasecmp(const char * s1, const char * s2, size_t len)
+ {
+-   while (*s1 && (*s1 == *s2 || tolower(*s1) == tolower(*s2)))
++   while (*s1 && (*s1 == *s2
++ || tolower((unsigned char)*s1) == tolower((unsigned char)*s2)))
+{
+   len--;
+   if (len == 0)
+@@ -93,7 +94,7 @@
+   s1++;
+   s2++;
+}
+-   return len? (int)(*(unsigned char *)s1 - (int)*(unsigned char *)s2): 0;
++   return len? (unsigned char)*s1 - (unsigned char)*s2: 0;
+ }
+ # endif
+ 
+@@ -113,11 +114,12 @@
+  *
+  * @internal
+  */
+-int strcasecmp(const char * s1, const char * s2)
++int slp_strcasecmp(const char * s1, const char * s2)
+ {
+-   while (*s1 && (*s1 == *s2 || tolower(*s1) == tolower(*s2)))
++   while (*s1 && (*s1 == *s2 
++ || tolower((unsigned char)*s1) == tolower((unsigned char)*s2)))
+   s1++, s2++;
+-   return (int)(*(unsigned char *)s1 - (int)*(unsigned char *)s2);
++   return (unsigned char)*s1 - (unsigned char)*s2;
+ }
+ # endif
+ #endif
+@@ -202,13 +204,13 @@
+char * p = str, * ep = str + len;
+while (p < ep)
+{
+-  if (isspace(*p))
++  if (isspace((unsigned char)*p))
+   {
+- char * ws2p = ++p;/* Point ws2p to the second ws char. */
+- while (p < ep && isspace(*p)) /* Scan till we hit a non-ws char. */
++ char * ws2p = ++p;   /* Point ws2p to the 
second ws char. */
++ while (p < ep && isspace((unsigned char)*p)) /* Scan till we hit a 
non-ws char. */
+ p++;
+- len -= p - ws2p;  /* Reduce the length by extra ws. */
+- memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */
++ len -= p - ws2p; /* Reduce the length by 
extra ws. */
++ memmove(ws2p, p, ep - p);/* Overwrite the extra 
white space. */
+   }
+   p++;
+}
+@@ -276,9 +278,9 @@
+char *upd = dststr;
+while (len > 0 && *srcstr)
+{
+-  if (isspace(*srcstr))
++  if (isspace((unsigned char)*srcstr))
+   {
+- while (isspace(*srcstr) && len > 0)
++ while (isspace((unsigned char)*srcstr) && len > 0)
+  {
+ ++srcstr, --len;
+  }
+@@ -311,7 +313,7 @@
+   }
+   else
+   {
+- *upd++ = (char)tolower(*srcstr++);
++ *upd++ = (char)tolower((unsigned char)*srcstr++);
+  --len;
+   }
+}
+@@ -340,15 +342,15 @@
+char * cpy1, * cpy2;
+ 
+/* Remove leading white space. */
+-   while (str1len && isspace(*str1))
++   while (str1len && isspace((unsigned char)*str1))
+   str1++, str1len--;
+-   while (str2len && isspace(*str2))
++   while (str2len && isspace((unsigned char)*str2))
+   str2++, str2len--;
+ 
+/* Remove trailing white space. */
+-   while (str1len && isspace(str1[str1len - 1]))
++   while (str1len && isspace((unsigned char)str1[str1len - 1]))
+   str1len--;
+-   while (str2len && isspace(str2[str2len - 1]))
++   while (str2len && isspace((unsigned char)str2[str2len - 1]))
+   str2len--;
+ 
+/*A quick check for empty strings before we start xmemduping and xfreeing*/
+diff -ruN openslp-2.0.0.orig/common/slp_compare.h 
openslp-2.0.0/common/slp_compare.h
+--- openslp-2.0.0.orig/common/slp_compare.h2012-11-28 18:07:04.0 
+0100
 openslp-2.0.0/common/slp_compare.h 2017-06-10 01:16:39.072878034 +0200
+@@ -52,10 +52,12 @@
+ 
+ #ifndef _WIN32
+ # ifndef HAVE_STRNCASECMP
+-int 

[gentoo-commits] repo/gentoo:master commit in: net-libs/openslp/, net-libs/openslp/files/

[Andreas Hüttel]

commit: d9daa618c8a85908978180048f86c08c7a4dc85d
Author: Andreas K. Hüttel  gentoo  org>
AuthorDate: Sun Feb 19 16:48:34 2017 +
Commit: Andreas Hüttel  gentoo  org>
CommitDate: Sun Feb 19 16:48:54 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9daa618

net-libs/openslp: Add patch for CVE-2016-7567, bug 595542

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 .../files/openslp-2.0.0-CVE-2016-7567.patch| 94 ++
 net-libs/openslp/openslp-2.0.0-r4.ebuild   | 44 ++
 2 files changed, 138 insertions(+)

diff --git a/net-libs/openslp/files/openslp-2.0.0-CVE-2016-7567.patch 
b/net-libs/openslp/files/openslp-2.0.0-CVE-2016-7567.patch
new file mode 100644
index 00..2d54fa04bf
--- /dev/null
+++ b/net-libs/openslp/files/openslp-2.0.0-CVE-2016-7567.patch
@@ -0,0 +1,94 @@
+See
+http://www.openwall.com/lists/oss-security/2016/09/27/4
+https://bugs.gentoo.org/show_bug.cgi?id=595542
+
+diff -r 598821da69f2 -r 34fb3aa5e6b4 openslp/common/slp_compare.c
+--- a/common/slp_compare.c Sat Jun 08 15:14:45 2013 -0600
 b/common/slp_compare.c Mon Nov 30 20:50:12 2015 -0700
+@@ -194,7 +194,8 @@
+  * @return The new (shorter) length of @p str.
+  *
+  * @note This routine assumes that leading and trailing white space have
+- *already been removed from @p str.
++ *already been removed from @p str. It also assumes that @p str may
++ *not be null-terminated.
+  */
+ static int SLPFoldWhiteSpace(size_t len, char * str)
+ {
+@@ -203,11 +204,11 @@
+{
+   if (isspace(*p))
+   {
+- char * ws2p = ++p; /* Point ws2p to the second ws char. */
+- while (isspace(*p))/* Scan till we hit a non-ws char. */
++ char * ws2p = ++p;/* Point ws2p to the second ws char. */
++ while (p < ep && isspace(*p)) /* Scan till we hit a non-ws char. */
+ p++;
+- len -= p - ws2p;   /* Reduce the length by extra ws. */
+- memmove(ws2p, p, ep - p);  /* Overwrite the extra white space. */
++ len -= p - ws2p;  /* Reduce the length by extra ws. */
++ memmove(ws2p, p, ep - p); /* Overwrite the extra white space. */
+   }
+   p++;
+}
+@@ -821,6 +822,50 @@
+ 
+ #ifdef SLP_COMPARE_TEST
+ 
++/* Test boundary conditions of SLPFoldWhiteSpace. */
++static int test_SLPFoldWhiteSpace(void)
++{
++   static char test_str0[] = "";
++   static char test_str1[] = "Blah";
++   static char test_str3[] = "Blah  blah";
++   static char test_str4[] = "Blah   blah";
++   static char test_str5[] = "Blah blah  blah";
++   static char test_str8[] = " Blah blah";
++   static char test_str9[] = "  Blah blah";
++   static char test_strC[] = "Blah blah  ";
++   static char test_strD[] = "Blah blah  ";
++
++   static char * test_strs[] =
++   {
++  test_str0, test_str0, test_str0, test_str1, test_strC,
++  test_str3, test_str4, test_str5, test_strC, test_strC,
++  test_str8, test_str9, test_strC, test_strD,
++   };
++
++   static int test_lens[] =
++   {
++  0, 1, 2, 4, 9, 10, 11, 15, 10, 11, 10, 11, 11, 11,
++   };
++
++   static int test_fins[] =
++   {
++  0, 1, 1, 4, 9, 9, 9, 14, 10, 10, 10, 10, 10, 10,
++   };
++
++#define MAX_BUFSZ 32
++
++   int i;
++   for (i = 0; i < sizeof(test_strs) / sizeof(*test_strs); ++i)
++   {
++  char test_buf[MAX_BUFSZ];
++  memmove(test_buf, test_strs[i], test_lens[i]);
++  int len = SLPFoldWhiteSpace(test_lens[i], test_buf);
++  if (len != test_fins[i])
++ return -1;
++   }
++   return 0;
++}
++
+ /*  Test main for the slp_compare.c module 
+  *
+  * Compile with:
+@@ -840,6 +885,9 @@
+ 
+int count;
+ 
++   if (test_SLPFoldWhiteSpace() != 0)
++  return -1;
++
+/* *** SLPContainsStringList ***
+ */
+count = SLPContainsStringList(sizeof lst1 - 1, lst1, sizeof str1 - 1, 
str1);

diff --git a/net-libs/openslp/openslp-2.0.0-r4.ebuild 
b/net-libs/openslp/openslp-2.0.0-r4.ebuild
new file mode 100644
index 00..bda06a24f8
--- /dev/null
+++ b/net-libs/openslp/openslp-2.0.0-r4.ebuild
@@ -0,0 +1,44 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit autotools systemd
+
+DESCRIPTION="An open-source implementation of Service Location Protocol"
+HOMEPAGE="http://www.openslp.org/;
+SRC_URI="mirror://sourceforge/openslp/${P}.tar.gz"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh 
~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
+IUSE="libressl"
+RESTRICT="test"
+
+DEPEND="
+   !libressl? ( dev-libs/openssl:0= )
+   libressl? ( dev-libs/libressl:0= )
+"
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+   "${FILESDIR}"/${PN}-2.0.0-cflags.patch
+   "${FILESDIR}"/${PN}-2.0.0-CVE-2016-4912.patch
+   

[gentoo-commits] repo/gentoo:master commit in: net-libs/openslp/, net-libs/openslp/files/

[Andreas Hüttel]

commit: a5ebb986de32e702fece9392cc511a6e2d31f08a
Author: Andreas K. Hüttel  gentoo  org>
AuthorDate: Sat Feb 18 13:01:53 2017 +
Commit: Andreas Hüttel  gentoo  org>
CommitDate: Sat Feb 18 13:01:53 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a5ebb986

net-libs/openslp: EAPI bump, add Fedora patch for CVE 2016-4912

Package-Manager: Portage-2.3.3, Repoman-2.3.1

 .../files/openslp-2.0.0-CVE-2016-4912.patch| 15 
 net-libs/openslp/openslp-2.0.0-r2.ebuild   | 42 ++
 2 files changed, 57 insertions(+)

diff --git a/net-libs/openslp/files/openslp-2.0.0-CVE-2016-4912.patch 
b/net-libs/openslp/files/openslp-2.0.0-CVE-2016-4912.patch
new file mode 100644
index 00..d8a0eca0d3
--- /dev/null
+++ b/net-libs/openslp/files/openslp-2.0.0-CVE-2016-4912.patch
@@ -0,0 +1,15 @@
+Source: 
https://src.fedoraproject.org/cgit/rpms/openslp.git/plain/openslp-2.0.0-null-pointer-deref.patch
+See also https://bugs.gentoo.org/show_bug.cgi?id=583396
+
+diff -up openslp-2.0.0/common/slp_xmalloc.c.orig 
openslp-2.0.0/common/slp_xmalloc.c
+--- openslp-2.0.0/common/slp_xmalloc.c.orig2012-12-07 01:52:08.0 
+0100
 openslp-2.0.0/common/slp_xmalloc.c 2016-05-23 12:58:57.953532979 +0200
+@@ -203,6 +203,8 @@ void * _xrealloc(const char * file, int
+   if (x->size != size)
+   {
+  newptr = _xmalloc(file, line, size);
++ if (newptr == 0)
++return 0;
+  memcpy(newptr, ptr, x->size);
+  _xfree(file, line, x);
+   }

diff --git a/net-libs/openslp/openslp-2.0.0-r2.ebuild 
b/net-libs/openslp/openslp-2.0.0-r2.ebuild
new file mode 100644
index 00..43d36bd99b
--- /dev/null
+++ b/net-libs/openslp/openslp-2.0.0-r2.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+inherit autotools systemd
+
+DESCRIPTION="An open-source implementation of Service Location Protocol"
+HOMEPAGE="http://www.openslp.org/;
+SRC_URI="mirror://sourceforge/openslp/${P}.tar.gz"
+
+LICENSE="BSD GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh 
~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
+IUSE="libressl"
+RESTRICT="test"
+
+DEPEND="
+   !libressl? ( dev-libs/openssl:0= )
+   libressl? ( dev-libs/libressl:0= )
+"
+RDEPEND="${DEPEND}"
+
+PATCHES=(
+   "${FILESDIR}"/${PN}-2.0.0-cflags.patch
+   "${FILESDIR}"/${PN}-2.0.0-CVE-2016-4912.patch
+)
+
+src_prepare() {
+   default
+   eautoreconf
+}
+
+src_install() {
+   make DESTDIR="${D}" install || die "make install failed"
+   dodoc AUTHORS FAQ ChangeLog NEWS README* THANKS
+   rm -rfv "${D}"/usr/doc
+   dohtml -r .
+   newinitd "${FILESDIR}"/slpd-init slpd
+   systemd_dounit "${FILESDIR}"/slpd.service
+}