Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Anthony G. Basile" <blueness@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-dns/avahi/, net-dns/avahi/files/
Date: Thu, 18 Aug 2022 13:27:37
Message-Id: 1660828917.ca40d8f1bbfd62625a223896fefe4cc0d5284175.blueness@gentoo
1 commit: ca40d8f1bbfd62625a223896fefe4cc0d5284175
2 Author: Federico Denkena <federico.denkena <AT> posteo <DOT> de>
3 AuthorDate: Tue Jun 21 15:33:40 2022 +0000
4 Commit: Anthony G. Basile <blueness <AT> gentoo <DOT> org>
5 CommitDate: Thu Aug 18 13:21:57 2022 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ca40d8f1
7
8 Patches for net-dns/avahi
9
10 These patches were pulled from the avahi upstream to fix a vulnerability
11 and other bugs.
12 Bug: https://bugs.gentoo.org/793953
13 Signed-off-by: Federico Denkena <federico.denkena <AT> posteo.de>
14 Signed-off-by: Anthony G. Basile <blueness <AT> gentoo.org>
15
16 net-dns/avahi/avahi-0.8-r6.ebuild | 217 +++++++++++++++++++++
17 .../avahi/files/avahi-0.8-dependency-error.patch | 15 ++
18 .../files/avahi-0.8-disable-avahi-ui-sharp.patch | 12 --
19 .../avahi/files/avahi-0.8-null-pointer-crash.patch | 129 ++++++++++++
20 .../avahi-0.8-potentially-undefined-fix.patch | 25 +++
21 5 files changed, 386 insertions(+), 12 deletions(-)
22
23 diff --git a/net-dns/avahi/avahi-0.8-r6.ebuild b/net-dns/avahi/avahi-0.8-r6.ebuild
24 new file mode 100644
25 index 000000000000..4a301d91cbc8
26 --- /dev/null
27 +++ b/net-dns/avahi/avahi-0.8-r6.ebuild
28 @@ -0,0 +1,217 @@
29 +# Copyright 1999-2022 Gentoo Authors
30 +# Distributed under the terms of the GNU General Public License v2
31 +
32 +EAPI="7"
33 +
34 +PYTHON_COMPAT=( python3_{8..10} )
35 +PYTHON_REQ_USE="gdbm"
36 +inherit autotools flag-o-matic multilib-minimal mono-env python-single-r1 systemd
37 +
38 +DESCRIPTION="System which facilitates service discovery on a local network"
39 +HOMEPAGE="https://avahi.org/"
40 +SRC_URI="https://github.com/lathiat/avahi/archive/v${PV}.tar.gz -> ${P}.tar.gz"
41 +
42 +LICENSE="LGPL-2.1"
43 +SLOT="0"
44 +KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~mips ppc ppc64 ~riscv ~s390 sparc x86"
45 +IUSE="autoipd bookmarks +dbus doc gdbm gtk howl-compat +introspection ipv6 mdnsresponder-compat mono nls python qt5 selinux systemd test"
46 +
47 +REQUIRED_USE="
48 + python? ( dbus gdbm ${PYTHON_REQUIRED_USE} )
49 + bookmarks? ( python )
50 + mono? ( dbus )
51 + howl-compat? ( dbus )
52 + mdnsresponder-compat? ( dbus )
53 + systemd? ( dbus )
54 +"
55 +
56 +RESTRICT="!test? ( test )"
57 +
58 +DEPEND="
59 + dev-libs/libdaemon
60 + dev-libs/libevent:=[${MULTILIB_USEDEP}]
61 + dev-libs/expat
62 + dev-libs/glib:2[${MULTILIB_USEDEP}]
63 + gdbm? ( sys-libs/gdbm:=[${MULTILIB_USEDEP}] )
64 + qt5? ( dev-qt/qtcore:5 )
65 + gtk? ( x11-libs/gtk+:3[${MULTILIB_USEDEP}] )
66 + dbus? ( sys-apps/dbus[${MULTILIB_USEDEP}] )
67 + kernel_linux? ( sys-libs/libcap )
68 + introspection? ( dev-libs/gobject-introspection:= )
69 + mono? ( dev-lang/mono )
70 + python? (
71 + ${PYTHON_DEPS}
72 + $(python_gen_cond_dep '
73 + bookmarks? ( >=dev-python/twisted-16.0.0[${PYTHON_USEDEP}] )
74 + dbus? ( dev-python/dbus-python[${PYTHON_USEDEP}] )
75 + introspection? ( dev-python/pygobject:3[${PYTHON_USEDEP}] )
76 + ')
77 + )
78 +"
79 +RDEPEND="
80 + acct-user/avahi
81 + acct-group/avahi
82 + acct-group/netdev
83 + autoipd? (
84 + acct-user/avahi-autoipd
85 + acct-group/avahi-autoipd
86 + )
87 + ${DEPEND}
88 + selinux? ( sec-policy/selinux-avahi )
89 +"
90 +BDEPEND="
91 + dev-util/glib-utils
92 + doc? ( app-doc/doxygen )
93 + app-doc/xmltoman
94 + sys-devel/gettext
95 + virtual/pkgconfig
96 +"
97 +
98 +MULTILIB_WRAPPED_HEADERS=( /usr/include/avahi-qt5/qt-watch.h )
99 +
100 +PATCHES=(
101 + "${FILESDIR}/${P}-disable-avahi-ui-sharp.patch" # bug 769062
102 + "${FILESDIR}/${P}-dependency-error.patch"
103 + "${FILESDIR}/${P}-null-pointer-crash.patch"
104 + "${FILESDIR}/${P}-potentially-undefined-fix.patch"
105 +# These patches do not apply cleanly but may need to be re-instated.
106 +# I'll leave them commented out for now.
107 +# "${FILESDIR}/${PN}-0.7-qt5.patch"
108 +# "${FILESDIR}/${PN}-0.7-CVE-2017-6519.patch"
109 +# "${FILESDIR}/${PN}-0.7-remove-empty-avahi_discover.patch"
110 +# "${FILESDIR}/${PN}-0.7-python3.patch"
111 +# "${FILESDIR}/${PN}-0.7-python3-unittest.patch"
112 +# "${FILESDIR}/${PN}-0.7-python3-gdbm.patch"
113 +)
114 +
115 +pkg_setup() {
116 + use mono && mono-env_pkg_setup
117 + use python && python-single-r1_pkg_setup
118 +}
119 +
120 +src_prepare() {
121 + default
122 +
123 + if ! use ipv6; then
124 + sed -i \
125 + -e "s/use-ipv6=yes/use-ipv6=no/" \
126 + avahi-daemon/avahi-daemon.conf || die
127 + fi
128 +
129 + sed -i \
130 + -e "s:\\.\\./\\.\\./\\.\\./doc/avahi-docs/html/:../../../doc/${PF}/html/:" \
131 + doxygen_to_devhelp.xsl || die
132 +
133 + eautoreconf
134 +
135 + # bundled manpages
136 + multilib_copy_sources
137 +}
138 +
139 +multilib_src_configure() {
140 + local myconf=(
141 + --disable-gtk
142 + --disable-monodoc
143 + --disable-python-dbus
144 + --disable-qt3
145 + --disable-qt4
146 + --disable-static
147 + --enable-manpages
148 + --enable-glib
149 + --enable-gobject
150 + --enable-xmltoman
151 + --localstatedir="${EPREFIX}/var"
152 + --with-distro=gentoo
153 + --with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
154 + $(use_enable dbus)
155 + $(use_enable gdbm)
156 + $(use_enable gtk gtk3)
157 + $(use_enable howl-compat compat-howl)
158 + $(use_enable mdnsresponder-compat compat-libdns_sd)
159 + $(use_enable nls)
160 + $(multilib_native_use_enable autoipd)
161 + $(multilib_native_use_enable doc doxygen-doc)
162 + $(multilib_native_use_enable introspection)
163 + $(multilib_native_use_enable mono)
164 + $(multilib_native_use_enable python)
165 + $(multilib_native_use_enable test tests)
166 + )
167 +
168 + if use python; then
169 + myconf+=(
170 + $(multilib_native_use_enable dbus python-dbus)
171 + $(multilib_native_use_enable introspection pygobject)
172 + )
173 + fi
174 +
175 + if use mono; then
176 + myconf+=( $(multilib_native_use_enable doc monodoc) )
177 + fi
178 +
179 + if ! multilib_is_native_abi; then
180 + myconf+=(
181 + # used by daemons only
182 + --disable-libdaemon
183 + --with-xml=none
184 + )
185 + fi
186 +
187 + myconf+=( $(multilib_native_use_enable qt5) )
188 +
189 + econf "${myconf[@]}"
190 +}
191 +
192 +multilib_src_compile() {
193 + emake
194 +
195 + multilib_is_native_abi && use doc && emake avahi.devhelp
196 +}
197 +
198 +multilib_src_install() {
199 + emake install DESTDIR="${D}"
200 +
201 + if ! use bookmarks || ! use python || ! use dbus; then
202 + rm -f "${ED}"/usr/bin/avahi-bookmarks || die
203 + fi
204 +
205 + # https://github.com/lathiat/avahi/issues/28
206 + use howl-compat && dosym avahi-compat-howl.pc /usr/$(get_libdir)/pkgconfig/howl.pc
207 + use mdnsresponder-compat && dosym avahi-compat-libdns_sd/dns_sd.h /usr/include/dns_sd.h
208 +
209 + if multilib_is_native_abi && use doc; then
210 + docinto html
211 + dodoc -r doxygen/html/.
212 + insinto /usr/share/devhelp/books/avahi
213 + doins avahi.devhelp
214 + fi
215 +
216 + # The build system creates an empty "/run" directory, so we clean it up here
217 + rmdir "${ED}"/run || die
218 +}
219 +
220 +multilib_src_install_all() {
221 + use python && python_optimize
222 +
223 + if use autoipd; then
224 + insinto /lib/rcscripts/net
225 + doins "${FILESDIR}"/autoipd.sh
226 +
227 + insinto /lib/netifrc/net
228 + newins "${FILESDIR}"/autoipd-openrc.sh autoipd.sh
229 + fi
230 +
231 + dodoc docs/{AUTHORS,NEWS,README,TODO}
232 +
233 + find "${ED}" -name '*.la' -type f -delete || die
234 +}
235 +
236 +pkg_postinst() {
237 + if use autoipd; then
238 + elog
239 + elog "To use avahi-autoipd to configure your interfaces with IPv4LL (RFC3927)"
240 + elog "addresses, just set config_<interface>=( autoipd ) in /etc/conf.d/net!"
241 + elog
242 + fi
243 +
244 + systemd_reenable avahi-daemon.service
245 +}
246
247 diff --git a/net-dns/avahi/files/avahi-0.8-dependency-error.patch b/net-dns/avahi/files/avahi-0.8-dependency-error.patch
248 new file mode 100644
249 index 000000000000..1a4025ea2002
250 --- /dev/null
251 +++ b/net-dns/avahi/files/avahi-0.8-dependency-error.patch
252 @@ -0,0 +1,15 @@
253 +https://github.com/lathiat/avahi/commit/366e3798bdbd6b7bf24e59379f4a9a51af575ce9.patch
254 +From: =?UTF-8?q?Tomasz=20Pawe=C5=82=20Gajc?= <tpgxyz@×××××.com>
255 +Date: Thu, 20 Feb 2020 16:09:40 +0100
256 +Subject: [PATCH] fix requires in pc file
257 +
258 +--- a/avahi-libevent.pc.in
259 ++++ b/avahi-libevent.pc.in
260 +@@ -6,6 +6,6 @@ includedir=${prefix}/include
261 + Name: avahi-libevent
262 + Description: Avahi Multicast DNS Responder (libevent Support)
263 + Version: @PACKAGE_VERSION@
264 +-Requires: libevent-2.1.5
265 ++Requires: libevent >= 2.1.5
266 + Libs: -L${libdir} -lavahi-libevent
267 + Cflags: -D_REENTRANT -I${includedir}
268
269 diff --git a/net-dns/avahi/files/avahi-0.8-disable-avahi-ui-sharp.patch b/net-dns/avahi/files/avahi-0.8-disable-avahi-ui-sharp.patch
270 index 31b361d4e17f..35f2a15af919 100644
271 --- a/net-dns/avahi/files/avahi-0.8-disable-avahi-ui-sharp.patch
272 +++ b/net-dns/avahi/files/avahi-0.8-disable-avahi-ui-sharp.patch
273 @@ -4,13 +4,6 @@ Date: Sat, 27 Mar 2021 22:49:08 +0100
274 Subject: [PATCH] Disable avahi-ui-sharp
275
276 Signed-off-by: Andreas Sturmlechner <asturm@g.o>
277 ----
278 - Makefile.am | 6 ++----
279 - configure.ac | 1 -
280 - 2 files changed, 2 insertions(+), 5 deletions(-)
281 -
282 -diff --git a/Makefile.am b/Makefile.am
283 -index 33c51f5..0e12120 100644
284 --- a/Makefile.am
285 +++ b/Makefile.am
286 @@ -46,7 +46,6 @@ EXTRA_DIST = \
287 @@ -40,8 +33,6 @@ index 33c51f5..0e12120 100644
288 endif
289
290 endif
291 -diff --git a/configure.ac b/configure.ac
292 -index 58db8c7..844360f 100644
293 --- a/configure.ac
294 +++ b/configure.ac
295 @@ -1166,7 +1166,6 @@ man/Makefile
296 @@ -52,6 +43,3 @@ index 58db8c7..844360f 100644
297 avahi-compat-libdns_sd/Makefile
298 avahi-compat-howl/Makefile
299 avahi-compat-howl/samples/Makefile
300 ---
301 -2.31.1
302 -
303
304 diff --git a/net-dns/avahi/files/avahi-0.8-null-pointer-crash.patch b/net-dns/avahi/files/avahi-0.8-null-pointer-crash.patch
305 new file mode 100644
306 index 000000000000..93ed513a59cd
307 --- /dev/null
308 +++ b/net-dns/avahi/files/avahi-0.8-null-pointer-crash.patch
309 @@ -0,0 +1,129 @@
310 +https://github.com/lathiat/avahi/commit/fd482a74625b8db8547b8cfca3ee3d3c6c721423.patch
311 +From: Tommi Rantala <tommi.t.rantala@×××××.com>
312 +Date: Mon, 8 Feb 2021 11:04:43 +0200
313 +Subject: [PATCH] Fix NULL pointer crashes from #175
314 +
315 +avahi-daemon is crashing when running "ping .local".
316 +The crash is due to failing assertion from NULL pointer.
317 +Add missing NULL pointer checks to fix it.
318 +
319 +Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd
320 +--- a/avahi-core/browse-dns-server.c
321 ++++ b/avahi-core/browse-dns-server.c
322 +@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new(
323 + AvahiSDNSServerBrowser* b;
324 +
325 + b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata);
326 ++ if (!b)
327 ++ return NULL;
328 ++
329 + avahi_s_dns_server_browser_start(b);
330 +
331 + return b;
332 +-}
333 +\ No newline at end of file
334 ++}
335 +
336 +--- a/avahi-core/browse-domain.c
337 ++++ b/avahi-core/browse-domain.c
338 +@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new(
339 + AvahiSDomainBrowser *b;
340 +
341 + b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata);
342 ++ if (!b)
343 ++ return NULL;
344 ++
345 + avahi_s_domain_browser_start(b);
346 +
347 + return b;
348 +-}
349 +\ No newline at end of file
350 ++}
351 +
352 +--- a/avahi-core/browse-service-type.c
353 ++++ b/avahi-core/browse-service-type.c
354 +@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new(
355 + AvahiSServiceTypeBrowser *b;
356 +
357 + b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata);
358 ++ if (!b)
359 ++ return NULL;
360 ++
361 + avahi_s_service_type_browser_start(b);
362 +
363 + return b;
364 +
365 +--- a/avahi-core/browse-service.c
366 ++++ b/avahi-core/browse-service.c
367 +@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new(
368 + AvahiSServiceBrowser *b;
369 +
370 + b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata);
371 ++ if (!b)
372 ++ return NULL;
373 ++
374 + avahi_s_service_browser_start(b);
375 +
376 + return b;
377 +
378 +--- a/avahi-core/browse.c
379 ++++ b/avahi-core/browse.c
380 +@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new(
381 + AvahiSRecordBrowser *b;
382 +
383 + b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata);
384 ++ if (!b)
385 ++ return NULL;
386 ++
387 + avahi_s_record_browser_start_query(b);
388 +
389 + return b;
390 +
391 +--- a/avahi-core/resolve-address.c
392 ++++ b/avahi-core/resolve-address.c
393 +@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new(
394 + AvahiSAddressResolver *b;
395 +
396 + b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata);
397 ++ if (!b)
398 ++ return NULL;
399 ++
400 + avahi_s_address_resolver_start(b);
401 +
402 + return b;
403 +-}
404 +\ No newline at end of file
405 ++}
406 +
407 +--- a/avahi-core/resolve-host-name.c
408 ++++ b/avahi-core/resolve-host-name.c
409 +@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new(
410 + AvahiSHostNameResolver *b;
411 +
412 + b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata);
413 ++ if (!b)
414 ++ return NULL;
415 ++
416 + avahi_s_host_name_resolver_start(b);
417 +
418 + return b;
419 +-}
420 +\ No newline at end of file
421 ++}
422 +
423 +--- a/avahi-core/resolve-service.c
424 ++++ b/avahi-core/resolve-service.c
425 +@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new(
426 + AvahiSServiceResolver *b;
427 +
428 + b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata);
429 ++ if (!b)
430 ++ return NULL;
431 ++
432 + avahi_s_service_resolver_start(b);
433 +
434 + return b;
435 +-}
436 +\ No newline at end of file
437 ++}
438 +
439
440 diff --git a/net-dns/avahi/files/avahi-0.8-potentially-undefined-fix.patch b/net-dns/avahi/files/avahi-0.8-potentially-undefined-fix.patch
441 new file mode 100644
442 index 000000000000..4419831939e1
443 --- /dev/null
444 +++ b/net-dns/avahi/files/avahi-0.8-potentially-undefined-fix.patch
445 @@ -0,0 +1,25 @@
446 +https://github.com/lathiat/avahi/commit/b897ca43ac100d326d118e5877da710eb7f836f9.patch
447 +From: traffic-millions <60914101+traffic-millions@××××××××××××××××××××.com>
448 +Date: Tue, 3 Mar 2020 11:15:48 +0800
449 +Subject: [PATCH] avahi_dns_packet_consume_uint32: fix potential undefined
450 + behavior
451 +
452 +avahi_dns_packet_consume_uint32 left shifts uint8_t values by 8, 16 and 24 bits to combine them into a 32-bit value. This produces an undefined behavior warning with gcc -fsanitize when fed input values of 128 or 255 however in testing no actual unexpected behavior occurs in practice and the 32-bit uint32_t is always correctly produced as the final value is immediately stored into a uint32_t and the compiler appears to handle this "correctly".
453 +
454 +Cast the intermediate values to uint32_t to prevent this warning and ensure the intended result is explicit.
455 +
456 +Closes: #267
457 +Closes: #268
458 +Reference: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19304
459 +--- a/avahi-core/dns.c
460 ++++ b/avahi-core/dns.c
461 +@@ -455,7 +455,7 @@ int avahi_dns_packet_consume_uint32(AvahiDnsPacket *p, uint32_t *ret_v) {
462 + return -1;
463 +
464 + d = (uint8_t*) (AVAHI_DNS_PACKET_DATA(p) + p->rindex);
465 +- *ret_v = (d[0] << 24) | (d[1] << 16) | (d[2] << 8) | d[3];
466 ++ *ret_v = ((uint32_t)d[0] << 24) | ((uint32_t)d[1] << 16) | ((uint32_t)d[2] << 8) | (uint32_t)d[3];
467 + p->rindex += sizeof(uint32_t);
468 +
469 + return 0;
470 +
Report Message
Find on MARC Find on Google Groups