guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/20: gnu: libtommath: Update to 1.2.1.


From: guix-commits
Subject: 02/20: gnu: libtommath: Update to 1.2.1.
Date: Tue, 5 Mar 2024 03:20:35 -0500 (EST)

efraim pushed a commit to branch master
in repository guix.

commit f9207c33780eaf97acdc209ef8bf5125c784a6f2
Author: Efraim Flashner <efraim@flashner.co.il>
AuthorDate: Mon Mar 4 11:58:50 2024 +0200

    gnu: libtommath: Update to 1.2.1.
    
    * gnu/packages/multiprecision.scm (libtommath): Update to 1.2.1.
    [source]: Remove patch.
    [arguments]: Remove trailing #t from phases.
    [properties]: Add upstream-name, lint-hidden-cve.
    * gnu/packages/patches/libtommath-integer-overflow.patch: Remove file.
    * gnu/local.mk (dist_patch_DATA): Remove it.
    
    Change-Id: I4c1de43b4083e0649fcb493a5c304736e41ab4b8
---
 gnu/local.mk                                       |   1 -
 gnu/packages/multiprecision.scm                    |  13 +-
 .../patches/libtommath-integer-overflow.patch      | 140 ---------------------
 3 files changed, 6 insertions(+), 148 deletions(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 5e7fbf3545..83937db4c8 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1608,7 +1608,6 @@ dist_patch_DATA =                                         
\
   %D%/packages/patches/libtiff-CVE-2022-34526.patch            \
   %D%/packages/patches/libtirpc-CVE-2021-46828.patch           \
   %D%/packages/patches/libtirpc-hurd.patch                     \
-  %D%/packages/patches/libtommath-integer-overflow.patch       \
   %D%/packages/patches/libtool-grep-compat.patch               \
   %D%/packages/patches/libtool-skip-tests2.patch               \
   %D%/packages/patches/libtree-fix-check-non-x86.patch         \
diff --git a/gnu/packages/multiprecision.scm b/gnu/packages/multiprecision.scm
index 18a269ddc7..daa3144bd3 100644
--- a/gnu/packages/multiprecision.scm
+++ b/gnu/packages/multiprecision.scm
@@ -455,7 +455,7 @@ number generators, public key cryptography and a plethora 
of other routines.")
 (define-public libtommath
   (package
     (name "libtommath")
-    (version "1.2.0")
+    (version "1.2.1")
     (outputs '("out" "static"))
     (source
       (origin
@@ -464,8 +464,7 @@ number generators, public key cryptography and a plethora 
of other routines.")
                             "download/v" version "/ltm-" version ".tar.xz"))
         (sha256
          (base32
-          "1c8q1qy88cjhdjlk3g24mra94h34c1ldvkjz0n2988c0yvn5xixp"))
-        (patches (search-patches "libtommath-integer-overflow.patch"))))
+          "07qdxnmp5bhfw5za6mr2l2w0vb7494v9zs9h5vp6y9vlngbjaq4q"))))
     (build-system gnu-build-system)
     (arguments
      '(#:phases
@@ -476,13 +475,11 @@ number generators, public key cryptography and a plethora 
of other routines.")
              ;; We want the shared library by default so force it to be the
              ;; default makefile target.
              (delete-file "makefile")
-             (symlink "makefile.shared" "makefile")
-             #t))
+             (symlink "makefile.shared" "makefile")))
          (add-after 'install 'remove-static-library
            (lambda* (#:key outputs #:allow-other-keys)
              (delete-file (string-append (assoc-ref outputs "out")
-                                         "/lib/libtommath.a"))
-             #t))
+                                         "/lib/libtommath.a"))))
          (replace 'check
            (lambda* (#:key tests? test-target make-flags #:allow-other-keys)
              (when tests?
@@ -504,4 +501,6 @@ number generators, public key cryptography and a plethora 
of other routines.")
 integer library written entirely in C.  It's designed to provide an API that is
 simple to work with that provides fairly efficient routines that build out of
 the box without configuration.")
+    (properties `((upstream-name . "ltm")
+                  (lint-hidden-cve . ("CVE-2023-36328"))))
     (license unlicense)))
diff --git a/gnu/packages/patches/libtommath-integer-overflow.patch 
b/gnu/packages/patches/libtommath-integer-overflow.patch
deleted file mode 100644
index 5241726775..0000000000
--- a/gnu/packages/patches/libtommath-integer-overflow.patch
+++ /dev/null
@@ -1,140 +0,0 @@
-This patch is from upstream:
-https://github.com/libtom/libtommath/pull/546
-
-From beba892bc0d4e4ded4d667ab1d2a94f4d75109a9 Mon Sep 17 00:00:00 2001
-From: czurnieden <czurnieden@gmx.de>
-Date: Tue, 9 May 2023 17:17:12 +0200
-Subject: [PATCH] Fix possible integer overflow
-
----
- bn_mp_2expt.c                | 4 ++++
- bn_mp_grow.c                 | 4 ++++
- bn_mp_init_size.c            | 5 +++++
- bn_mp_mul_2d.c               | 4 ++++
- bn_s_mp_mul_digs.c           | 4 ++++
- bn_s_mp_mul_digs_fast.c      | 4 ++++
- bn_s_mp_mul_high_digs.c      | 4 ++++
- bn_s_mp_mul_high_digs_fast.c | 4 ++++
- 8 files changed, 33 insertions(+)
-
-diff --git a/bn_mp_2expt.c b/bn_mp_2expt.c
-index 0ae3df1bf..23de0c3c5 100644
---- a/bn_mp_2expt.c
-+++ b/bn_mp_2expt.c
-@@ -12,6 +12,10 @@ mp_err mp_2expt(mp_int *a, int b)
- {
-    mp_err    err;
- 
-+   if (b < 0) {
-+      return MP_VAL;
-+   }
-+
-    /* zero a as per default */
-    mp_zero(a);
- 
-diff --git a/bn_mp_grow.c b/bn_mp_grow.c
-index 9e904c547..2b1682651 100644
---- a/bn_mp_grow.c
-+++ b/bn_mp_grow.c
-@@ -9,6 +9,10 @@ mp_err mp_grow(mp_int *a, int size)
-    int     i;
-    mp_digit *tmp;
- 
-+   if (size < 0) {
-+      return MP_VAL;
-+   }
-+
-    /* if the alloc size is smaller alloc more ram */
-    if (a->alloc < size) {
-       /* reallocate the array a->dp
-diff --git a/bn_mp_init_size.c b/bn_mp_init_size.c
-index d62268721..99573833f 100644
---- a/bn_mp_init_size.c
-+++ b/bn_mp_init_size.c
-@@ -6,6 +6,11 @@
- /* init an mp_init for a given size */
- mp_err mp_init_size(mp_int *a, int size)
- {
-+
-+   if (size < 0) {
-+      return MP_VAL;
-+   }
-+
-    size = MP_MAX(MP_MIN_PREC, size);
- 
-    /* alloc mem */
-diff --git a/bn_mp_mul_2d.c b/bn_mp_mul_2d.c
-index 87354de20..bfeaf2eb2 100644
---- a/bn_mp_mul_2d.c
-+++ b/bn_mp_mul_2d.c
-@@ -9,6 +9,10 @@ mp_err mp_mul_2d(const mp_int *a, int b, mp_int *c)
-    mp_digit d;
-    mp_err   err;
- 
-+   if (b < 0) {
-+      return MP_VAL;
-+   }
-+
-    /* copy */
-    if (a != c) {
-       if ((err = mp_copy(a, c)) != MP_OKAY) {
-diff --git a/bn_s_mp_mul_digs.c b/bn_s_mp_mul_digs.c
-index 64509d4cb..3682b4980 100644
---- a/bn_s_mp_mul_digs.c
-+++ b/bn_s_mp_mul_digs.c
-@@ -16,6 +16,10 @@ mp_err s_mp_mul_digs(const mp_int *a, const mp_int *b, 
mp_int *c, int digs)
-    mp_word r;
-    mp_digit tmpx, *tmpt, *tmpy;
- 
-+   if (digs < 0) {
-+      return MP_VAL;
-+   }
-+
-    /* can we use the fast multiplier? */
-    if ((digs < MP_WARRAY) &&
-        (MP_MIN(a->used, b->used) < MP_MAXFAST)) {
-diff --git a/bn_s_mp_mul_digs_fast.c b/bn_s_mp_mul_digs_fast.c
-index b2a287b02..3c4176a87 100644
---- a/bn_s_mp_mul_digs_fast.c
-+++ b/bn_s_mp_mul_digs_fast.c
-@@ -26,6 +26,10 @@ mp_err s_mp_mul_digs_fast(const mp_int *a, const mp_int *b, 
mp_int *c, int digs)
-    mp_digit W[MP_WARRAY];
-    mp_word  _W;
- 
-+   if (digs < 0) {
-+      return MP_VAL;
-+   }
-+
-    /* grow the destination as required */
-    if (c->alloc < digs) {
-       if ((err = mp_grow(c, digs)) != MP_OKAY) {
-diff --git a/bn_s_mp_mul_high_digs.c b/bn_s_mp_mul_high_digs.c
-index 2bb2a5098..c9dd355f8 100644
---- a/bn_s_mp_mul_high_digs.c
-+++ b/bn_s_mp_mul_high_digs.c
-@@ -15,6 +15,10 @@ mp_err s_mp_mul_high_digs(const mp_int *a, const mp_int *b, 
mp_int *c, int digs)
-    mp_word  r;
-    mp_digit tmpx, *tmpt, *tmpy;
- 
-+   if (digs < 0) {
-+      return MP_VAL;
-+   }
-+
-    /* can we use the fast multiplier? */
-    if (MP_HAS(S_MP_MUL_HIGH_DIGS_FAST)
-        && ((a->used + b->used + 1) < MP_WARRAY)
-diff --git a/bn_s_mp_mul_high_digs_fast.c b/bn_s_mp_mul_high_digs_fast.c
-index a2c4fb692..4ce7f590c 100644
---- a/bn_s_mp_mul_high_digs_fast.c
-+++ b/bn_s_mp_mul_high_digs_fast.c
-@@ -19,6 +19,10 @@ mp_err s_mp_mul_high_digs_fast(const mp_int *a, const 
mp_int *b, mp_int *c, int
-    mp_digit W[MP_WARRAY];
-    mp_word  _W;
- 
-+   if (digs < 0) {
-+      return MP_VAL;
-+   }
-+
-    /* grow the destination as required */
-    pa = a->used + b->used;
-    if (c->alloc < pa) {



reply via email to

[Prev in Thread] Current Thread [Next in Thread]