diff options
Diffstat (limited to 'gnu/packages/patches')
11 files changed, 202 insertions, 297 deletions
diff --git a/gnu/packages/patches/dbus-CVE-2020-12049.patch b/gnu/packages/patches/dbus-CVE-2020-12049.patch deleted file mode 100644 index 71280144a1..0000000000 --- a/gnu/packages/patches/dbus-CVE-2020-12049.patch +++ /dev/null @@ -1,58 +0,0 @@ -Fix CVE-2020-12049: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12049 -https://lists.freedesktop.org/archives/ftp-release/2020-June/000753.html - -Taken from upstream: - -https://gitlab.freedesktop.org/dbus/dbus/-/commit/272d484283883fa9ff95b69d924fff6cd34842f5 - -diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c ---- a/dbus/dbus-sysdeps-unix.c -+++ b/dbus/dbus-sysdeps-unix.c -@@ -435,18 +435,6 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd, - struct cmsghdr *cm; - dbus_bool_t found = FALSE; - -- if (m.msg_flags & MSG_CTRUNC) -- { -- /* Hmm, apparently the control data was truncated. The bad -- thing is that we might have completely lost a couple of fds -- without chance to recover them. Hence let's treat this as a -- serious error. */ -- -- errno = ENOSPC; -- _dbus_string_set_length (buffer, start); -- return -1; -- } -- - for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm)) - if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS) - { -@@ -501,6 +489,26 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd, - if (!found) - *n_fds = 0; - -+ if (m.msg_flags & MSG_CTRUNC) -+ { -+ unsigned int i; -+ -+ /* Hmm, apparently the control data was truncated. The bad -+ thing is that we might have completely lost a couple of fds -+ without chance to recover them. Hence let's treat this as a -+ serious error. */ -+ -+ /* We still need to close whatever fds we *did* receive, -+ * otherwise they'll never get closed. (CVE-2020-12049) */ -+ for (i = 0; i < *n_fds; i++) -+ close (fds[i]); -+ -+ *n_fds = 0; -+ errno = ENOSPC; -+ _dbus_string_set_length (buffer, start); -+ return -1; -+ } -+ - /* put length back (doesn't actually realloc) */ - _dbus_string_set_length (buffer, start + bytes_read); - diff --git a/gnu/packages/patches/docbook-xsl-nonrecursive-string-subst.patch b/gnu/packages/patches/docbook-xsl-nonrecursive-string-subst.patch index 4199dd18a5..fed4b76429 100644 --- a/gnu/packages/patches/docbook-xsl-nonrecursive-string-subst.patch +++ b/gnu/packages/patches/docbook-xsl-nonrecursive-string-subst.patch @@ -5,7 +5,7 @@ https://bugzilla.samba.org/show_bug.cgi?id=9515 https://bugzilla.gnome.org/show_bug.cgi?id=736077 (for xsltproc) Patch copied from Debian: -https://anonscm.debian.org/cgit/collab-maint/docbook-xsl.git/tree/debian/patches/765567_non-recursive_string_subst.patch +https://salsa.debian.org/debian/docbook-xsl/-/blob/master/debian/patches/765567_non-recursive_string_subst.patch Description: use EXSLT "replace" function when available A recursive implementation of string.subst is problematic, @@ -15,11 +15,12 @@ Bug-Debian: https://bugs.debian.org/750593 --- a/lib/lib.xsl +++ b/lib/lib.xsl -@@ -10,7 +10,10 @@ +@@ -6,7 +6,11 @@ + This module implements DTD-independent functions - ******************************************************************** --> --<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0"> +- ******************************************************************** --><xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0"> ++ ******************************************************************** --> +<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" + xmlns:str="http://exslt.org/strings" + exclude-result-prefixes="str" @@ -27,7 +28,7 @@ Bug-Debian: https://bugs.debian.org/750593 <xsl:template name="dot.count"> <!-- Returns the number of "." characters in a string --> -@@ -56,6 +59,9 @@ +@@ -52,6 +56,9 @@ <xsl:param name="replacement"/> <xsl:choose> diff --git a/gnu/packages/patches/docbook-xsl-support-old-url.patch b/gnu/packages/patches/docbook-xsl-support-old-url.patch new file mode 100644 index 0000000000..5b7dda458f --- /dev/null +++ b/gnu/packages/patches/docbook-xsl-support-old-url.patch @@ -0,0 +1,17 @@ +Docbook 1.79.2 makes very few changes apart from changing the canonical URL +to cdn.docbook.org. This patch adds support for the previous URL to avoid +breaking packages that still use that. + +Adapted from Debian: +https://salsa.debian.org/debian/docbook-xsl/-/blob/master/debian/patches/0005-catalog.xml-Compatibility-with-1.79.1-or-earlier.patch + +--- a/catalog.xml ++++ b/catalog.xml +@@ -5,4 +5,7 @@ + <rewriteSystem systemIdStartString="http://cdn.docbook.org/release/xsl/current/" rewritePrefix="./"/> + <rewriteURI uriStartString="http://cdn.docbook.org/release/xsl/1.79.2/" rewritePrefix="./"/> + <rewriteSystem systemIdStartString="http://cdn.docbook.org/release/xsl/1.79.2/" rewritePrefix="./"/> ++ <!-- Also support old URI of v1.79.1 or earlier --> ++ <rewriteURI uriStartString="http://docbook.sourceforge.net/release/xsl/current/" rewritePrefix="./"/> ++ <rewriteSystem systemIdStartString="http://docbook.sourceforge.net/release/xsl/current/" rewritePrefix="./"/> + </catalog> diff --git a/gnu/packages/patches/glibc-bootstrap-system.patch b/gnu/packages/patches/glibc-bootstrap-system.patch index 39eb47ef26..fcaf17132d 100644 --- a/gnu/packages/patches/glibc-bootstrap-system.patch +++ b/gnu/packages/patches/glibc-bootstrap-system.patch @@ -3,17 +3,10 @@ and popen(3) need to be tweaked to use the right shell. For the bootstrap glibc, we just use whatever `sh' can be found in $PATH. The final glibc instead uses the hard-coded absolute file name of `bash'. ---- a/sysdeps/posix/system.c -+++ b/sysdeps/posix/system.c -@@ -140,7 +140,7 @@ do_system (const char *line) - __posix_spawnattr_setflags (&spawn_attr, - POSIX_SPAWN_SETSIGDEF | POSIX_SPAWN_SETSIGMASK); - -- status = __posix_spawn (&pid, SHELL_PATH, 0, &spawn_attr, -+ status = posix_spawnp (&pid, SHELL_NAME, 0, &spawn_attr, - (char *const[]){ (char*) SHELL_NAME, - (char*) "-c", - (char *) line, NULL }, +In addition, status should be initialized to 0 and not -1. + +diff --git a/libio/iopopen.c b/libio/iopopen.c +index ebc381ed7c..e0d3ed1bc3 100644 --- a/libio/iopopen.c +++ b/libio/iopopen.c @@ -85,7 +85,7 @@ spawn_process (posix_spawn_file_actions_t *fa, FILE *fp, const char *command, @@ -25,4 +18,25 @@ instead uses the hard-coded absolute file name of `bash'. (char *const[]){ (char*) "sh", (char*) "-c", (char *) command, NULL }, __environ) != 0) return false; - +diff --git a/sysdeps/posix/system.c b/sysdeps/posix/system.c +index a03f478fc7..94da6facf3 100644 +--- a/sysdeps/posix/system.c ++++ b/sysdeps/posix/system.c +@@ -101,7 +101,7 @@ cancel_handler (void *arg) + static int + do_system (const char *line) + { +- int status = -1; ++ int status = 0; + int ret; + pid_t pid; + struct sigaction sa; +@@ -145,7 +145,7 @@ do_system (const char *line) + __posix_spawnattr_setflags (&spawn_attr, + POSIX_SPAWN_SETSIGDEF | POSIX_SPAWN_SETSIGMASK); + +- ret = __posix_spawn (&pid, SHELL_PATH, 0, &spawn_attr, ++ ret = posix_spawnp (&pid, SHELL_NAME, 0, &spawn_attr, + (char *const[]){ (char *) SHELL_NAME, + (char *) "-c", + (char *) line, NULL }, diff --git a/gnu/packages/patches/icu4c-CVE-2020-10531.patch b/gnu/packages/patches/icu4c-CVE-2020-10531.patch deleted file mode 100644 index c2ab923bdc..0000000000 --- a/gnu/packages/patches/icu4c-CVE-2020-10531.patch +++ /dev/null @@ -1,127 +0,0 @@ -Fix CVE-2020-10531: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531 - -Patch copied from upstream source repository (changes to the test suite -are commented out): - -https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca - -From b7d08bc04a4296982fcef8b6b8a354a9e4e7afca Mon Sep 17 00:00:00 2001 -From: Frank Tang <ftang@chromium.org> -Date: Sat, 1 Feb 2020 02:39:04 +0000 -Subject: [PATCH] ICU-20958 Prevent SEGV_MAPERR in append - -See #971 ---- - icu4c/source/common/unistr.cpp | 6 ++- - icu4c/source/test/intltest/ustrtest.cpp | 62 +++++++++++++++++++++++++ - icu4c/source/test/intltest/ustrtest.h | 1 + - 3 files changed, 68 insertions(+), 1 deletion(-) - -diff --git a/icu4c/source/common/unistr.cpp b/icu4c/source/common/unistr.cpp -index 901bb3358ba..077b4d6ef20 100644 ---- a/icu4c/source/common/unistr.cpp -+++ b/icu4c/source/common/unistr.cpp -@@ -1563,7 +1563,11 @@ UnicodeString::doAppend(const UChar *srcChars, int32_t srcStart, int32_t srcLeng - } - - int32_t oldLength = length(); -- int32_t newLength = oldLength + srcLength; -+ int32_t newLength; -+ if (uprv_add32_overflow(oldLength, srcLength, &newLength)) { -+ setToBogus(); -+ return *this; -+ } - - // Check for append onto ourself - const UChar* oldArray = getArrayStart(); -#diff --git a/icu4c/source/test/intltest/ustrtest.cpp b/icu4c/source/test/intltest/ustrtest.cpp -#index b6515ea813c..ad38bdf53a3 100644 -#--- a/icu4c/source/test/intltest/ustrtest.cpp -#+++ b/icu4c/source/test/intltest/ustrtest.cpp -#@@ -67,6 +67,7 @@ void UnicodeStringTest::runIndexedTest( int32_t index, UBool exec, const char* & -# TESTCASE_AUTO(TestWCharPointers); -# TESTCASE_AUTO(TestNullPointers); -# TESTCASE_AUTO(TestUnicodeStringInsertAppendToSelf); -#+ TESTCASE_AUTO(TestLargeAppend); -# TESTCASE_AUTO_END; -# } -# -#@@ -2310,3 +2311,64 @@ void UnicodeStringTest::TestUnicodeStringInsertAppendToSelf() { -# str.insert(2, sub); -# assertEquals("", u"abbcdcde", str); -# } -#+ -#+void UnicodeStringTest::TestLargeAppend() { -#+ if(quick) return; -#+ -#+ IcuTestErrorCode status(*this, "TestLargeAppend"); -#+ // Make a large UnicodeString -#+ int32_t len = 0xAFFFFFF; -#+ UnicodeString str; -#+ char16_t *buf = str.getBuffer(len); -#+ // A fast way to set buffer to valid Unicode. -#+ // 4E4E is a valid unicode character -#+ uprv_memset(buf, 0x4e, len * 2); -#+ str.releaseBuffer(len); -#+ UnicodeString dest; -#+ // Append it 16 times -#+ // 0xAFFFFFF times 16 is 0xA4FFFFF1, -#+ // which is greater than INT32_MAX, which is 0x7FFFFFFF. -#+ int64_t total = 0; -#+ for (int32_t i = 0; i < 16; i++) { -#+ dest.append(str); -#+ total += len; -#+ if (total <= INT32_MAX) { -#+ assertFalse("dest is not bogus", dest.isBogus()); -#+ } else { -#+ assertTrue("dest should be bogus", dest.isBogus()); -#+ } -#+ } -#+ dest.remove(); -#+ total = 0; -#+ for (int32_t i = 0; i < 16; i++) { -#+ dest.append(str); -#+ total += len; -#+ if (total + len <= INT32_MAX) { -#+ assertFalse("dest is not bogus", dest.isBogus()); -#+ } else if (total <= INT32_MAX) { -#+ // Check that a string of exactly the maximum size works -#+ UnicodeString str2; -#+ int32_t remain = INT32_MAX - total; -#+ char16_t *buf2 = str2.getBuffer(remain); -#+ if (buf2 == nullptr) { -#+ // if somehow memory allocation fail, return the test -#+ return; -#+ } -#+ uprv_memset(buf2, 0x4e, remain * 2); -#+ str2.releaseBuffer(remain); -#+ dest.append(str2); -#+ total += remain; -#+ assertEquals("When a string of exactly the maximum size works", (int64_t)INT32_MAX, total); -#+ assertEquals("When a string of exactly the maximum size works", INT32_MAX, dest.length()); -#+ assertFalse("dest is not bogus", dest.isBogus()); -#+ -#+ // Check that a string size+1 goes bogus -#+ str2.truncate(1); -#+ dest.append(str2); -#+ total++; -#+ assertTrue("dest should be bogus", dest.isBogus()); -#+ } else { -#+ assertTrue("dest should be bogus", dest.isBogus()); -#+ } -#+ } -#+} -#diff --git a/icu4c/source/test/intltest/ustrtest.h b/icu4c/source/test/intltest/ustrtest.h -#index 218befdcc68..4a356a92c7a 100644 -#--- a/icu4c/source/test/intltest/ustrtest.h -#+++ b/icu4c/source/test/intltest/ustrtest.h -#@@ -97,6 +97,7 @@ class UnicodeStringTest: public IntlTest { -# void TestWCharPointers(); -# void TestNullPointers(); -# void TestUnicodeStringInsertAppendToSelf(); -#+ void TestLargeAppend(); -# }; -# -# #endif diff --git a/gnu/packages/patches/jsoncpp-fix-inverted-case.patch b/gnu/packages/patches/jsoncpp-fix-inverted-case.patch deleted file mode 100644 index e4897de1b8..0000000000 --- a/gnu/packages/patches/jsoncpp-fix-inverted-case.patch +++ /dev/null @@ -1,22 +0,0 @@ -This patch fixes a bug and related test failure on platforms where 'char' -is unsigned. - -Taken from upstream: -https://github.com/open-source-parsers/jsoncpp/commit/f11611c8785082ead760494cba06196f14a06dcb - -diff --git a/src/lib_json/json_writer.cpp b/src/lib_json/json_writer.cpp -index 8e06cca2..56195dc1 100644 ---- a/src/lib_json/json_writer.cpp -+++ b/src/lib_json/json_writer.cpp -@@ -178,8 +178,9 @@ static bool isAnyCharRequiredQuoting(char const* s, size_t n) { - - char const* const end = s + n; - for (char const* cur = s; cur < end; ++cur) { -- if (*cur == '\\' || *cur == '\"' || *cur < ' ' || -- static_cast<unsigned char>(*cur) < 0x80) -+ if (*cur == '\\' || *cur == '\"' || -+ static_cast<unsigned char>(*cur) < ' ' || -+ static_cast<unsigned char>(*cur) >= 0x80) - return true; - } - return false; diff --git a/gnu/packages/patches/libffi-float128-powerpc64le.patch b/gnu/packages/patches/libffi-float128-powerpc64le.patch new file mode 100644 index 0000000000..4fd32b0102 --- /dev/null +++ b/gnu/packages/patches/libffi-float128-powerpc64le.patch @@ -0,0 +1,58 @@ +From de93adfb6f48100946bba2c3abad2a77a0cfde0b Mon Sep 17 00:00:00 2001 +From: Fabrice Fontaine <fontaine.fabrice@gmail.com> +Date: Sun, 24 Nov 2019 09:52:01 +0100 +Subject: [PATCH] ffi_powerpc.h: fix build failure with powerpc7 + +This is a patch pulled down from the following: +https://github.com/buildroot/buildroot/blob/78926f610b1411b03464152472fd430012deb9ac/package/libffi/0004-ffi_powerpc.h-fix-build-failure-with-powerpc7.patch + +This issue is being hit on OpenBMC code when pulling the latest +libffi tag and building on a P8 ppc64le machine. I verified this +patch fixes the issue we are seeing. + +Below is the original commit message: + +Sicne commit 73dd43afc8a447ba98ea02e9aad4c6898dc77fb0, build on powerpc7 +fails on: + +In file included from ../src/powerpc/ffi.c:33:0: +../src/powerpc/ffi_powerpc.h:61:9: error: '_Float128' is not supported on this target + typedef _Float128 float128; + ^~~~~~~~~ + +Fix this build failure by checking for __HAVE_FLOAT128 before using +_Float128, as _Float128 is enabled only on specific conditions, see +output/host/powerpc64-buildroot-linux-gnu/sysroot/usr/include/bits/floatn.h: + + /* Defined to 1 if the current compiler invocation provides a + floating-point type with the IEEE 754 binary128 format, and this glibc + includes corresponding *f128 interfaces for it. */ + #if defined _ARCH_PWR8 && defined __LITTLE_ENDIAN__ && (_CALL_ELF == 2) \ + && defined __FLOAT128__ && !defined __NO_LONG_DOUBLE_MATH + # define __HAVE_FLOAT128 1 + #else + # define __HAVE_FLOAT128 0 + #endif + +Fixes: + - http://autobuild.buildroot.org/results/5c9dd8fb3b6a128882b6250f197c80232d8a3b53 + +Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> +Signed-off-by: Andrew Geissler <geissonator@yahoo.com> +--- + src/powerpc/ffi_powerpc.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/powerpc/ffi_powerpc.h b/src/powerpc/ffi_powerpc.h +index 8e2f2f0e..960a5c42 100644 +--- a/src/powerpc/ffi_powerpc.h ++++ b/src/powerpc/ffi_powerpc.h +@@ -57,7 +57,7 @@ typedef union + double d; + } ffi_dblfl; + +-#if defined(__FLOAT128_TYPE__) ++#if defined(__FLOAT128_TYPE__) && defined(__HAVE_FLOAT128) + typedef _Float128 float128; + #elif defined(__FLOAT128__) + typedef __float128 float128; diff --git a/gnu/packages/patches/meson-for-build-rpath.patch b/gnu/packages/patches/meson-for-build-rpath.patch deleted file mode 100644 index ef9a73f07c..0000000000 --- a/gnu/packages/patches/meson-for-build-rpath.patch +++ /dev/null @@ -1,24 +0,0 @@ -This patch removes a part of meson that clears the rpath upon installation. -This will only be applied to a special version of meson, used for the -meson-build-system. - -Original patch for Meson 0.42.0 by Peter Mikkelsen <petermikkelsen10@gmail.com> - ---- meson-0.47.1/mesonbuild/minstall.py.old 2018-08-10 11:01:27.812327013 +0200 -+++ meson-0.47.1/mesonbuild/minstall.py 2018-08-10 11:01:51.940368505 +0200 -@@ -436,15 +436,6 @@ - print("Symlink creation does not work on this platform. " - "Skipping all symlinking.") - printed_symlink_error = True -- if os.path.isfile(outname): -- try: -- depfixer.fix_rpath(outname, install_rpath, final_path, -- install_name_mappings, verbose=False) -- except SystemExit as e: -- if isinstance(e.code, int) and e.code == 0: -- pass -- else: -- raise - - def run(args): - parser = buildparser() diff --git a/gnu/packages/patches/python-3-hurd-configure.patch b/gnu/packages/patches/python-3-hurd-configure.patch new file mode 100644 index 0000000000..aa25a401c5 --- /dev/null +++ b/gnu/packages/patches/python-3-hurd-configure.patch @@ -0,0 +1,27 @@ +Upstream status: Not upstreamed. + +The build system refuses to cross-compile for unknown targets +even though it works fine. Add GNU/Hurd target. + +--- Python-3.8.5/configure.orig 2020-10-26 14:06:09.665423525 +0100 ++++ Python-3.8.5/configure 2020-10-26 14:08:30.987765738 +0100 +@@ -3278,6 +3278,9 @@ + *-*-vxworks*) + ac_sys_system=VxWorks + ;; ++ *-*-gnu) ++ ac_sys_system=GNU ++ ;; + *) + # for now, limit cross builds to known configurations + MACHDEP="unknown" +@@ -3328,6 +3331,9 @@ + *-*-vxworks*) + _host_cpu=$host_cpu + ;; ++ *-*-gnu) ++ _host_cpu=$host_cpu ++ ;; + *) + # for now, limit cross builds to known configurations + MACHDEP="unknown" diff --git a/gnu/packages/patches/python-babel-fix-parse-future-test.patch b/gnu/packages/patches/python-babel-fix-parse-future-test.patch new file mode 100644 index 0000000000..8a90166ec5 --- /dev/null +++ b/gnu/packages/patches/python-babel-fix-parse-future-test.patch @@ -0,0 +1,68 @@ +From 7bdaa28a55e8d8228d5434effa4b1473ab7b3669 Mon Sep 17 00:00:00 2001 +From: Felix Schwarz <felix.schwarz@oss.schwarz.eu> +Date: Tue, 5 May 2020 08:05:56 +0000 +Subject: [PATCH] fix tests when using Python 3.9a6 + +In Python 3.9a6 integer values for future flags were changed to prevent +collision with compiler flags. We need to retrieve these at runtime so +the test suite works with Python <= 3.8 as well as Python 3.9. +--- + tests/test_util.py | 17 ++++++++++++----- + 1 file changed, 12 insertions(+), 5 deletions(-) + +diff --git a/tests/test_util.py b/tests/test_util.py +index a6a4450c..b9343aaa 100644 +--- a/tests/test_util.py ++++ b/tests/test_util.py +@@ -11,6 +11,7 @@ + # individuals. For the exact contribution history, see the revision + # history and logs, available at http://babel.edgewall.org/log/. + ++import __future__ + import unittest + + import pytest +@@ -20,6 +21,12 @@ + from babel.util import parse_future_flags + + ++class _FF: ++ division = __future__.division.compiler_flag ++ print_function = __future__.print_function.compiler_flag ++ with_statement = __future__.with_statement.compiler_flag ++ unicode_literals = __future__.unicode_literals.compiler_flag ++ + def test_distinct(): + assert list(util.distinct([1, 2, 1, 3, 4, 4])) == [1, 2, 3, 4] + assert list(util.distinct('foobar')) == ['f', 'o', 'b', 'a', 'r'] +@@ -70,25 +77,25 @@ def test_parse_encoding_non_ascii(): + from __future__ import print_function, + division, with_statement, + unicode_literals +-''', 0x10000 | 0x2000 | 0x8000 | 0x20000), ++''', _FF.print_function | _FF.division | _FF.with_statement | _FF.unicode_literals), + (''' + from __future__ import print_function, division + print('hello') +-''', 0x10000 | 0x2000), ++''', _FF.print_function | _FF.division), + (''' + from __future__ import print_function, division, unknown,,,,, + print 'hello' +-''', 0x10000 | 0x2000), ++''', _FF.print_function | _FF.division), + (''' + from __future__ import ( + print_function, + division) +-''', 0x10000 | 0x2000), ++''', _FF.print_function | _FF.division), + (''' + from __future__ import \\ + print_function, \\ + division +-''', 0x10000 | 0x2000), ++''', _FF.print_function | _FF.division), + ]) + def test_parse_future(source, result): + fp = BytesIO(source.encode('latin-1')) diff --git a/gnu/packages/patches/zziplib-CVE-2018-16548.patch b/gnu/packages/patches/zziplib-CVE-2018-16548.patch deleted file mode 100644 index a17c6a9768..0000000000 --- a/gnu/packages/patches/zziplib-CVE-2018-16548.patch +++ /dev/null @@ -1,49 +0,0 @@ -The following 3 patches applied to 0.13.69 in this order, combined: -https://github.com/gdraheim/zziplib/commit/9411bde3e4a70a81ff3ffd256b71927b2d90dcbb.patch -https://github.com/gdraheim/zziplib/commit/d2e5d5c53212e54a97ad64b793a4389193fec687.patch -https://github.com/gdraheim/zziplib/commit/0e1dadb05c1473b9df2d7b8f298dab801778ef99.patch - -diff --git a/test/test.zip b/test/test.zip -index 2c992ea..952d475 100644 -Binary files a/test/test.zip and b/test/test.zip differ -diff --git a/zzip/zip.c b/zzip/zip.c -index 14e2e06..f97a40a 100644 ---- a/zzip/zip.c -+++ b/zzip/zip.c -@@ -472,9 +472,15 @@ __zzip_parse_root_directory(int fd, - } else - { - if (io->fd.seeks(fd, zz_rootseek + zz_offset, SEEK_SET) < 0) -+ { -+ free(hdr0); - return ZZIP_DIR_SEEK; -+ } - if (io->fd.read(fd, &dirent, sizeof(dirent)) < __sizeof(dirent)) -+ { -+ free(hdr0); - return ZZIP_DIR_READ; -+ } - d = &dirent; - } - -@@ -574,11 +580,18 @@ __zzip_parse_root_directory(int fd, - - if (hdr_return) - *hdr_return = hdr0; -+ else -+ { -+ /* If it is not assigned to *hdr_return, it will never be free()'d */ -+ free(hdr0); -+ } - } /* else zero (sane) entries */ -+ else -+ free(hdr0); - # ifndef ZZIP_ALLOW_MODULO_ENTRIES -- return (entries != zz_entries ? ZZIP_CORRUPTED : 0); -+ return (entries != zz_entries) ? ZZIP_CORRUPTED : 0; - # else -- return ((entries & (unsigned)0xFFFF) != zz_entries ? ZZIP_CORRUPTED : 0); -+ return ((entries & (unsigned)0xFFFF) != zz_entries) ? ZZIP_CORRUPTED : 0; - # endif - } - |