diff options
| author |   Fabian Groffen <grobian@gentoo.org> | 2023-06-07 09:41:05 +0200 |
|---|---|---|
| committer | Fabian Groffen <grobian@gentoo.org> | 2023-06-07 09:42:49 +0200 |
| commit | 7d0191b1f3430240225b3e6c565f8ab6a9715996 (patch) | |
| tree | 4f6648fe380b41e0562869ac6770c9b6e434fd81 /dev-libs/iniparser/files | |
| parent | app-emacs/eselect-mode: add 1.4.24, drop 1.4.23 (diff) | |
| download | gentoo-7d0191b1f3430240225b3e6c565f8ab6a9715996.tar.gz gentoo-7d0191b1f3430240225b3e6c565f8ab6a9715996.tar.bz2 gentoo-7d0191b1f3430240225b3e6c565f8ab6a9715996.zip | |
dev-libs/iniparser: add patch for CVE-2023-33461 from upstream
- drop old 3.1-r3
- drop obsolete patches
- add patch from upstream for CVE-2023-33461
- drop my maintainership, portage-utils doesn't use this any more
Bug: https://bugs.gentoo.org/907928
Signed-off-by: Fabian Groffen <grobian@gentoo.org>
Diffstat (limited to 'dev-libs/iniparser/files')
4 files changed, 43 insertions, 94 deletions
diff --git a/dev-libs/iniparser/files/iniparser-3.0-autotools.patch b/dev-libs/iniparser/files/iniparser-3.0-autotools.patch deleted file mode 100644 index 361c96a7d4fb..000000000000 --- a/dev-libs/iniparser/files/iniparser-3.0-autotools.patch +++ /dev/null @@ -1,38 +0,0 @@ ---- /dev/null -+++ b/Makefile.am -@@ -0,0 +1,8 @@ -+ACLOCAL_AMFLAGS = -I config -+ -+lib_LTLIBRARIES = libiniparser.la -+ -+libiniparser_la_LDFLAGS = -no-undefined -version-info @SHARED_VERSION_INFO@ -+libiniparser_la_SOURCES = src/dictionary.c src/iniparser.c -+ -+include_HEADERS = src/dictionary.h src/iniparser.h ---- /dev/null -+++ b/configure.ac -@@ -0,0 +1,24 @@ -+AC_PREREQ([2.65]) -+AC_INIT([iniparser], [3.0], [ndevilla@free.fr]) -+ -+AC_CONFIG_AUX_DIR(config) -+AC_CONFIG_MACRO_DIR(config) -+ -+AM_INIT_AUTOMAKE([1.8 foreign]) -+ -+SHARED_VERSION_INFO="0" -+AC_SUBST(SHARED_VERSION_INFO) -+ -+# Checks for programs. -+AC_PROG_CC -+AC_SYS_LARGEFILE -+ -+LT_INIT -+# Checks for header files. -+AC_CHECK_HEADERS([ ctype.h stdio.h stdlib.h string.h ]) -+ -+# Checks for library functions. -+AC_CHECK_FUNCS([strcmp]) -+ -+AC_CONFIG_FILES([Makefile]) -+AC_OUTPUT diff --git a/dev-libs/iniparser/files/iniparser-3.0b-cpp.patch b/dev-libs/iniparser/files/iniparser-3.0b-cpp.patch deleted file mode 100644 index b7cd17d2d226..000000000000 --- a/dev-libs/iniparser/files/iniparser-3.0b-cpp.patch +++ /dev/null @@ -1,45 +0,0 @@ ---- a/src/dictionary.c -+++ b/src/dictionary.c -@@ -32,6 +32,9 @@ - /*--------------------------------------------------------------------------- - Private functions - ---------------------------------------------------------------------------*/ -+#ifdef __cplusplus -+extern "C" { -+#endif - - /* Doubles the allocated size associated to a pointer */ - /* 'size' is the current allocated size. */ -@@ -394,5 +397,10 @@ - dictionary_del(d); - return 0 ; - } -+ -+#ifdef __cplusplus -+} -+#endif -+ - #endif - /* vim: set ts=4 et sw=4 tw=75 */ ---- a/src/iniparser.h -+++ b/src/iniparser.h -@@ -49,6 +49,10 @@ - int iniparser_getnsec(dictionary * d); - - -+#ifdef __cplusplus -+extern "C" { -+#endif -+ - /*-------------------------------------------------------------------------*/ - /** - @brief Get name for section n in a dictionary. -@@ -304,4 +308,8 @@ - /*--------------------------------------------------------------------------*/ - void iniparser_freedict(dictionary * d); - -+#ifdef __cplusplus -+} -+#endif -+ - #endif diff --git a/dev-libs/iniparser/files/iniparser-4.0-out-of-bounds-read.patch b/dev-libs/iniparser/files/iniparser-4.0-out-of-bounds-read.patch deleted file mode 100644 index f6488810ac12..000000000000 --- a/dev-libs/iniparser/files/iniparser-4.0-out-of-bounds-read.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/src/iniparser.c -+++ b/src/iniparser.c -@@ -663,7 +663,7 @@ - while (fgets(line+last, ASCIILINESZ-last, in)!=NULL) { - lineno++ ; - len = (int)strlen(line)-1; -- if (len==0) -+ if (len<=0) - continue; - /* Safety check against buffer overflows */ - if (line[len]!='\n') { diff --git a/dev-libs/iniparser/files/iniparser-4.1-CVE-null-getstring.patch b/dev-libs/iniparser/files/iniparser-4.1-CVE-null-getstring.patch new file mode 100644 index 000000000000..bf3c035fda07 --- /dev/null +++ b/dev-libs/iniparser/files/iniparser-4.1-CVE-null-getstring.patch @@ -0,0 +1,43 @@ +From ace9871f65d11b5d73f0b9ee8cf5d2807439442d Mon Sep 17 00:00:00 2001 +From: Antonio <antoniolrt@gmail.com> +Date: Fri, 2 Jun 2023 15:03:10 -0300 +Subject: [PATCH] Handle null return from iniparser_getstring + +Fix handling of NULL returns from iniparser_getstring in +iniparser_getboolean, iniparser_getlongint and iniparser_getdouble, +avoiding a crash. +--- + src/iniparser.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/iniparser.c b/src/iniparser.c +index f1d1658..dbceb20 100644 +--- a/src/iniparser.c ++++ b/src/iniparser.c +@@ -456,7 +456,7 @@ long int iniparser_getlongint(const dictionary * d, const char * key, long int n + const char * str ; + + str = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (str==INI_INVALID_KEY) return notfound ; ++ if (str==NULL || str==INI_INVALID_KEY) return notfound ; + return strtol(str, NULL, 0); + } + +@@ -511,7 +511,7 @@ double iniparser_getdouble(const dictionary * d, const char * key, double notfou + const char * str ; + + str = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (str==INI_INVALID_KEY) return notfound ; ++ if (str==NULL || str==INI_INVALID_KEY) return notfound ; + return atof(str); + } + +@@ -553,7 +553,7 @@ int iniparser_getboolean(const dictionary * d, const char * key, int notfound) + const char * c ; + + c = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (c==INI_INVALID_KEY) return notfound ; ++ if (c==NULL || c==INI_INVALID_KEY) return notfound ; + if (c[0]=='y' || c[0]=='Y' || c[0]=='1' || c[0]=='t' || c[0]=='T') { + ret = 1 ; + } else if (c[0]=='n' || c[0]=='N' || c[0]=='0' || c[0]=='f' || c[0]=='F') { |