[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/31: gnu: flex-2.6.1: Build fix for the Hurd.
|
From: |
guix-commits |
|
Subject: |
01/31: gnu: flex-2.6.1: Build fix for the Hurd. |
|
Date: |
Thu, 12 Mar 2020 02:59:02 -0400 (EDT) |
janneke pushed a commit to branch wip-hurd
in repository guix.
commit d8b53b924875a6f4bc91f63ee639a3243da09180
Author: Jan Nieuwenhuizen <address@hidden>
AuthorDate: Sun Mar 8 22:59:45 2020 +0100
gnu: flex-2.6.1: Build fix for the Hurd.
* gnu/packages/patches/flex-2.6.1-hurd-path-max.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/flex.scm (flex-2.6.1): Use it.
---
gnu/local.mk | 1 +
gnu/packages/flex.scm | 2 +
.../patches/flex-2.6.1-hurd-path-max.patch | 132 +++++++++++++++++++++
3 files changed, 135 insertions(+)
diff --git a/gnu/local.mk b/gnu/local.mk
index 7c3e264..281b827 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -872,6 +872,7 @@ dist_patch_DATA =
\
%D%/packages/patches/findutils-localstatedir.patch \
%D%/packages/patches/findutils-test-rwlock-threads.patch \
%D%/packages/patches/flann-cmake-3.11.patch \
+ %D%/packages/patches/flex-2.6.1-hurd-path-max.patch \
%D%/packages/patches/flint-ldconfig.patch \
%D%/packages/patches/foomatic-filters-CVE-2015-8327.patch \
%D%/packages/patches/foomatic-filters-CVE-2015-8560.patch \
diff --git a/gnu/packages/flex.scm b/gnu/packages/flex.scm
index f9a2120..b6e4521 100644
--- a/gnu/packages/flex.scm
+++ b/gnu/packages/flex.scm
@@ -1,6 +1,7 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014, 2019 Ludovic Courtès <address@hidden>
;;; Copyright © 2016 Efraim Flashner <address@hidden>
+;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <address@hidden>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -84,6 +85,7 @@ executes the corresponding C code.")
(uri (string-append "https://github.com/westes/flex";
"/releases/download/v" version "/"
"flex-" version ".tar.xz"))
+ (patches (search-patches "flex-2.6.1-hurd-path-max.patch"))
(sha256
(base32
"0gqhk4vkwy4gl9xbpgkljph8c0a5kpijz6wd0p5r9q202qn42yic"))))))
diff --git a/gnu/packages/patches/flex-2.6.1-hurd-path-max.patch
b/gnu/packages/patches/flex-2.6.1-hurd-path-max.patch
new file mode 100644
index 0000000..62e20f3
--- /dev/null
+++ b/gnu/packages/patches/flex-2.6.1-hurd-path-max.patch
@@ -0,0 +1,132 @@
+From 7c960b48c99b2044b65c0bc2af9e57202e326a90 Mon Sep 17 00:00:00 2001
+From: rlar <rlar>
+Date: Sun, 28 Feb 2016 21:12:45 +0100
+Subject: [PATCH 1/3] cast to get rid of warnings
+
+---
+ src/main.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/main.c b/src/main.c
+index e329e4e..1288a5d 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -360,14 +360,14 @@ void check_options (void)
+ } else {
+ do {
+ char m4_path[PATH_MAX];
+- int length = strlen(path);
++ size_t length = strlen(path);
+ struct stat sbuf;
+
+ const char *endOfDir = strchr(path,
':');
+ if (!endOfDir)
+ endOfDir = path+length;
+
+- if ((endOfDir-path+2) >=
sizeof(m4_path)) {
++ if (endOfDir + 2 >= path +
sizeof(m4_path)) {
+ path = endOfDir+1;
+ continue;
+ }
+--
+2.24.0
+
+From c85ca046b4d3171bdbb26e73f0ee4eb0b0921daa Mon Sep 17 00:00:00 2001
+From: Tobias Klauser <address@hidden>
+Date: Thu, 31 Mar 2016 10:09:57 +0200
+Subject: [PATCH 2/3] Fix potential buffer overflow in strncat()
+
+When using clang/llvm 3.8 to compile flex, the following warning is
+emitted:
+
+main.c:378:27: warning: the value of the size argument in 'strncat' is too
large, might lead to a buffer overflow [-Wstrncat-size]
+ strncat(m4_path, m4, sizeof(m4_path));
+ ^~~~~~~~~~~~~~~
+main.c:378:27: note: change the argument to be the free space in the
destination buffer minus the terminating null byte
+ strncat(m4_path, m4, sizeof(m4_path));
+ ^~~~~~~~~~~~~~~
+ sizeof(m4_path) -
strlen(m4_path) - 1
+
+Fix it up by using the solution proposed by the warning message.
+---
+ src/main.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/main.c b/src/main.c
+index 1288a5d..b4d47cb 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -375,7 +375,7 @@ void check_options (void)
+ strncpy(m4_path, path, sizeof(m4_path));
+ m4_path[endOfDir-path] = '/';
+ m4_path[endOfDir-path+1] = '\0';
+- strncat(m4_path, m4, sizeof(m4_path));
++ strncat(m4_path, m4, sizeof(m4_path) -
strlen(m4_path) - 1);
+ if (stat(m4_path, &sbuf) == 0 &&
+ (S_ISREG(sbuf.st_mode)) &&
sbuf.st_mode & S_IXUSR) {
+ m4 = strdup(m4_path);
+--
+2.24.0
+
+From 376c31df7d7dcbd7ca0616d49f32086ca17a18d3 Mon Sep 17 00:00:00 2001
+From: Samuel Thibault <address@hidden>
+Date: Thu, 29 Dec 2016 08:44:22 -0500
+Subject: [PATCH 3/3] scanner: allocate correct buffer size for m4 path.
+
+Flex did not check the length of the m4 path which could lead to a
+buffer overflow in some cases. Additionally, not all platforms believe
+in PATH_MAX, so stop relying on it.
+
+Fixes #138
+---
+ src/main.c | 26 ++++++++++++--------------
+ 1 file changed, 12 insertions(+), 14 deletions(-)
+
+diff --git a/src/main.c b/src/main.c
+index b4d47cb..7ae7980 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -358,8 +358,8 @@ void check_options (void)
+ if (!path) {
+ m4 = M4;
+ } else {
++ int m4_length = strlen(m4);
+ do {
+- char m4_path[PATH_MAX];
+ size_t length = strlen(path);
+ struct stat sbuf;
+
+@@ -367,19 +367,17 @@ void check_options (void)
+ if (!endOfDir)
+ endOfDir = path+length;
+
+- if (endOfDir + 2 >= path +
sizeof(m4_path)) {
+- path = endOfDir+1;
+- continue;
+- }
+-
+- strncpy(m4_path, path, sizeof(m4_path));
+- m4_path[endOfDir-path] = '/';
+- m4_path[endOfDir-path+1] = '\0';
+- strncat(m4_path, m4, sizeof(m4_path) -
strlen(m4_path) - 1);
+- if (stat(m4_path, &sbuf) == 0 &&
+- (S_ISREG(sbuf.st_mode)) &&
sbuf.st_mode & S_IXUSR) {
+- m4 = strdup(m4_path);
+- break;
++ {
++ char m4_path[endOfDir-path + 1
+ m4_length + 1];
++
++ memcpy(m4_path, path,
endOfDir-path);
++ m4_path[endOfDir-path] = '/';
++ memcpy(m4_path +
(endOfDir-path) + 1, m4, m4_length + 1);
++ if (stat(m4_path, &sbuf) == 0 &&
++ (S_ISREG(sbuf.st_mode))
&& sbuf.st_mode & S_IXUSR) {
++ m4 = strdup(m4_path);
++ break;
++ }
+ }
+ path = endOfDir+1;
+ } while (path[0]);
+--
+2.24.0
+
- branch wip-hurd created (now 26973d5), guix-commits, 2020/03/12
- 04/31: gnu: java-jansi-native: Compile fix for the Hurd., guix-commits, 2020/03/12
- 05/31: gnu: make: Support for the Hurd., guix-commits, 2020/03/12
- 03/31: gnu: hurd: Fix hurd-target?, add hurd-system?., guix-commits, 2020/03/12
- 01/31: gnu: flex-2.6.1: Build fix for the Hurd.,
guix-commits <=
- 07/31: gnu: fontconfig: Build fix for the Hurd., guix-commits, 2020/03/12
- 06/31: gnu: less: Build fix for the Hurd., guix-commits, 2020/03/12
- 10/31: gnu: cross-libc: Build fix for the Hurd., guix-commits, 2020/03/12
- 12/31: gnu: coreutils: Remove libcap dependency for the Hurd., guix-commits, 2020/03/12
- 08/31: gnu: glibc: Add and update patches for the Hurd., guix-commits, 2020/03/12
- 13/31: gnu: pciutils: Build fixes for the Hurd., guix-commits, 2020/03/12
- 09/31: gnu: glibc: Add signal SA_SIGINFO support for the Hurd., guix-commits, 2020/03/12
- 02/31: gnu: grub: Support for the Hurd., guix-commits, 2020/03/12
- 16/31: gnu: screen: Build fix for the Hurd., guix-commits, 2020/03/12
- 11/31: gnu: shadow: Add linux-pam dependency for the Hurd., guix-commits, 2020/03/12