Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Andreas K. Hüttel" <dilfridge@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: dev-libs/boost/files/, dev-libs/boost/
Date: Tue, 22 Dec 2020 21:22:44
Message-Id: 1608672147.e56515f4c40646457042b106fdf6131a9b585038.dilfridge@gentoo
1 commit: e56515f4c40646457042b106fdf6131a9b585038
2 Author: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
3 AuthorDate: Tue Dec 22 21:22:08 2020 +0000
4 Commit: Andreas K. Hüttel <dilfridge <AT> gentoo <DOT> org>
5 CommitDate: Tue Dec 22 21:22:27 2020 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e56515f4
7
8 dev-libs/boost: Revbump for CVE-2012-2677
9
10 Bug: https://bugs.gentoo.org/620468
11 Package-Manager: Portage-3.0.9, Repoman-3.0.2
12 Signed-off-by: Andreas K. Hüttel <dilfridge <AT> gentoo.org>
13
14 dev-libs/boost/boost-1.74.0-r2.ebuild | 359 +++++++++++++++++++++
15 .../boost/files/boost-1.74-CVE-2012-2677.patch | 125 +++++++
16 2 files changed, 484 insertions(+)
17
18 diff --git a/dev-libs/boost/boost-1.74.0-r2.ebuild b/dev-libs/boost/boost-1.74.0-r2.ebuild
19 new file mode 100644
20 index 00000000000..de5aba9c7e6
21 --- /dev/null
22 +++ b/dev-libs/boost/boost-1.74.0-r2.ebuild
23 @@ -0,0 +1,359 @@
24 +# Copyright 1999-2020 Gentoo Authors
25 +# Distributed under the terms of the GNU General Public License v2
26 +
27 +EAPI=7
28 +
29 +PYTHON_COMPAT=( python3_{6,7,8,9} )
30 +
31 +inherit flag-o-matic multiprocessing python-r1 toolchain-funcs multilib-minimal
32 +
33 +MY_PV="$(ver_rs 1- _)"
34 +MAJOR_V="$(ver_cut 1-2)"
35 +
36 +DESCRIPTION="Boost Libraries for C++"
37 +HOMEPAGE="https://www.boost.org/"
38 +SRC_URI="https://dl.bintray.com/boostorg/release/${PV}/source/boost_${MY_PV}.tar.bz2"
39 +
40 +LICENSE="Boost-1.0"
41 +SLOT="0/${PV}" # ${PV} instead ${MAJOR_V} due to bug 486122
42 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~ppc-aix ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x86-solaris ~x86-winnt"
43 +IUSE="bzip2 context debug doc icu lzma +nls mpi numpy python static-libs +threads tools zlib zstd"
44 +REQUIRED_USE="
45 + mpi? ( threads )
46 + python? ( ${PYTHON_REQUIRED_USE} )"
47 +
48 +# the tests will never fail because these are not intended as sanity
49 +# tests at all. They are more a way for upstream to check their own code
50 +# on new compilers. Since they would either be completely unreliable
51 +# (failing for no good reason) or completely useless (never failing)
52 +# there is no point in having them in the ebuild to begin with.
53 +RESTRICT="test"
54 +
55 +RDEPEND="
56 + !app-admin/eselect-boost
57 + !dev-libs/boost-numpy
58 + !<dev-libs/leatherman-1.12.0-r1
59 + bzip2? ( app-arch/bzip2:=[${MULTILIB_USEDEP}] )
60 + icu? ( >=dev-libs/icu-3.6:=[${MULTILIB_USEDEP}] )
61 + !icu? ( virtual/libiconv[${MULTILIB_USEDEP}] )
62 + lzma? ( app-arch/xz-utils:=[${MULTILIB_USEDEP}] )
63 + mpi? ( >=virtual/mpi-2.0-r4[${MULTILIB_USEDEP},cxx,threads] )
64 + python? (
65 + ${PYTHON_DEPS}
66 + numpy? ( $(python_gen_cond_dep 'dev-python/numpy[${PYTHON_USEDEP}]' -3) )
67 + )
68 + zlib? ( sys-libs/zlib:=[${MULTILIB_USEDEP}] )
69 + zstd? ( app-arch/zstd:=[${MULTILIB_USEDEP}] )"
70 +DEPEND="${RDEPEND}"
71 +BDEPEND="=dev-util/boost-build-${MAJOR_V}*"
72 +
73 +S="${WORKDIR}/${PN}_${MY_PV}"
74 +
75 +PATCHES=(
76 + "${FILESDIR}"/${PN}-1.71.0-disable_icu_rpath.patch
77 + "${FILESDIR}"/${PN}-1.71.0-context-x32.patch
78 + "${FILESDIR}"/${PN}-1.71.0-build-auto_index-tool.patch
79 + # upstream unresponsive to pull request
80 + # https://github.com/boostorg/python/pull/286
81 + "${FILESDIR}"/${PN}-1.73-boost-python-cleanup.patch
82 + # Boost.MPI's __init__.py doesn't work on Py3
83 + "${FILESDIR}"/${PN}-1.73-boost-mpi-python-PEP-328.patch
84 + # Remove annoying #pragma message
85 + "${FILESDIR}"/${PN}-1.73-property-tree-include.patch
86 + "${FILESDIR}"/${PN}-1.74-CVE-2012-2677.patch
87 +)
88 +
89 +python_bindings_needed() {
90 + multilib_is_native_abi && use python
91 +}
92 +
93 +tools_needed() {
94 + multilib_is_native_abi && use tools
95 +}
96 +
97 +create_user-config.jam() {
98 + local user_config_jam="${BUILD_DIR}"/user-config.jam
99 + if [[ -s ${user_config_jam} ]]; then
100 + einfo "${user_config_jam} already exists, skipping configuration"
101 + return
102 + else
103 + einfo "Creating configuration in ${user_config_jam}"
104 + fi
105 +
106 + local compiler compiler_version compiler_executable="$(tc-getCXX)"
107 + if [[ ${CHOST} == *-darwin* ]]; then
108 + compiler="darwin"
109 + compiler_version="$(gcc-fullversion)"
110 + else
111 + compiler="gcc"
112 + compiler_version="$(gcc-version)"
113 + fi
114 +
115 + if use mpi; then
116 + local mpi_configuration="using mpi ;"
117 + fi
118 +
119 + cat > "${user_config_jam}" <<- __EOF__ || die
120 + using ${compiler} : ${compiler_version} : ${compiler_executable} : <cflags>"${CFLAGS}" <cxxflags>"${CXXFLAGS}" <linkflags>"${LDFLAGS}" ;
121 + ${mpi_configuration}
122 + __EOF__
123 +
124 + if python_bindings_needed; then
125 + append_to_user_config() {
126 + local py_config
127 + if tc-is-cross-compiler; then
128 + py_config="using python : ${EPYTHON#python} : : ${ESYSROOT}/usr/include/${EPYTHON} : ${ESYSROOT}/usr/$(get_libdir) ;"
129 + else
130 + py_config="using python : ${EPYTHON#python} : ${PYTHON} : $(python_get_includedir) ;"
131 + fi
132 + echo "${py_config}" >> "${user_config_jam}" || die
133 + }
134 + python_foreach_impl append_to_user_config
135 + fi
136 +
137 + if python_bindings_needed && use numpy; then
138 + einfo "Enabling support for NumPy extensions in Boost.Python"
139 + else
140 + einfo "Disabling support for NumPy extensions in Boost.Python"
141 +
142 + # Boost.Build does not allow for disabling of numpy
143 + # extensions, thereby leading to automagic numpy
144 + # https://github.com/boostorg/python/issues/111#issuecomment-280447482
145 + sed \
146 + -e 's/\[ unless \[ python\.numpy \] : <build>no \]/<build>no/g' \
147 + -i "${BUILD_DIR}"/libs/python/build/Jamfile || die
148 + fi
149 +}
150 +
151 +pkg_setup() {
152 + # Bail out on unsupported build configuration, bug #456792
153 + if [[ -f "${EROOT}"/etc/site-config.jam ]]; then
154 + if ! grep -q 'gentoo\(debug\|release\)' "${EROOT}"/etc/site-config.jam; then
155 + eerror "You are using custom ${EROOT}/etc/site-config.jam without defined gentoorelease/gentoodebug targets."
156 + eerror "Boost can not be built in such configuration."
157 + eerror "Please, either remove this file or add targets from ${EROOT}/usr/share/boost-build/site-config.jam to it."
158 + die "Unsupported target in ${EROOT}/etc/site-config.jam"
159 + fi
160 + fi
161 +}
162 +
163 +src_prepare() {
164 + default
165 + multilib_copy_sources
166 +}
167 +
168 +ejam() {
169 + create_user-config.jam
170 +
171 + local b2_opts=( "--user-config=${BUILD_DIR}/user-config.jam" )
172 + if python_bindings_needed; then
173 + append_to_b2_opts() {
174 + b2_opts+=( python="${EPYTHON#python}" )
175 + }
176 + python_foreach_impl append_to_b2_opts
177 + else
178 + b2_opts+=( --without-python )
179 + fi
180 + b2_opts+=( "$@" )
181 +
182 + echo b2 "${b2_opts[@]}" >&2
183 + b2 "${b2_opts[@]}"
184 +}
185 +
186 +src_configure() {
187 + # Workaround for too many parallel processes requested, bug #506064
188 + [[ "$(makeopts_jobs)" -gt 64 ]] && MAKEOPTS="${MAKEOPTS} -j64"
189 +
190 + OPTIONS=(
191 + $(usex debug gentoodebug gentoorelease)
192 + "-j$(makeopts_jobs)"
193 + -q
194 + -d+2
195 + pch=off
196 + $(usex icu "-sICU_PATH=${ESYSROOT}/usr" '--disable-icu boost.locale.icu=off')
197 + $(usex mpi '' '--without-mpi')
198 + $(usex nls '' '--without-locale')
199 + $(usex context '' '--without-context --without-coroutine --without-fiber')
200 + $(usex threads '' '--without-thread')
201 + --without-stacktrace
202 + --boost-build="${BROOT}"/usr/share/boost-build
203 + --prefix="${ED}/usr"
204 + --layout=system
205 + # CMake has issues working with multiple python impls,
206 + # disable cmake config generation for the time being
207 + # https://github.com/boostorg/python/issues/262#issuecomment-483069294
208 + --no-cmake-config
209 + # building with threading=single is currently not possible
210 + # https://svn.boost.org/trac/boost/ticket/7105
211 + threading=multi
212 + link=$(usex static-libs shared,static shared)
213 + # this seems to be the only way to disable compression algorithms
214 + # https://www.boost.org/doc/libs/1_70_0/libs/iostreams/doc/installation.html#boost-build
215 + -sNO_BZIP2=$(usex bzip2 0 1)
216 + -sNO_LZMA=$(usex lzma 0 1)
217 + -sNO_ZLIB=$(usex zlib 0 1)
218 + -sNO_ZSTD=$(usex zstd 0 1)
219 + )
220 +
221 + if [[ ${CHOST} == *-darwin* ]]; then
222 + # We need to add the prefix, and in two cases this exceeds, so prepare
223 + # for the largest possible space allocation.
224 + append-ldflags -Wl,-headerpad_max_install_names
225 + fi
226 +
227 + # Use C++14 globally as of 1.62
228 + append-cxxflags -std=c++14
229 +}
230 +
231 +multilib_src_compile() {
232 + ejam "${OPTIONS[@]}" || die
233 +
234 + if tools_needed; then
235 + pushd tools >/dev/null || die
236 + ejam \
237 + "${OPTIONS[@]}" \
238 + || die "Building of Boost tools failed"
239 + popd >/dev/null || die
240 + fi
241 +}
242 +
243 +multilib_src_install_all() {
244 + if ! use numpy; then
245 + rm -r "${ED}"/usr/include/boost/python/numpy* || die
246 + fi
247 +
248 + if use python; then
249 + if use mpi; then
250 + move_mpi_py_into_sitedir() {
251 + python_moduleinto boost
252 + python_domodule "${S}"/libs/mpi/build/__init__.py
253 +
254 + python_domodule "${ED}"/usr/$(get_libdir)/boost-${EPYTHON}/mpi.so
255 + rm -r "${ED}"/usr/$(get_libdir)/boost-${EPYTHON} || die
256 +
257 + python_optimize
258 + }
259 + python_foreach_impl move_mpi_py_into_sitedir
260 + else
261 + rm -r "${ED}"/usr/include/boost/mpi/python* || die
262 + fi
263 + else
264 + rm -r "${ED}"/usr/include/boost/{python*,mpi/python*,parameter/aux_/python,parameter/python*} || die
265 + fi
266 +
267 + if ! use nls; then
268 + rm -r "${ED}"/usr/include/boost/locale || die
269 + fi
270 +
271 + if ! use context; then
272 + rm -r "${ED}"/usr/include/boost/context || die
273 + rm -r "${ED}"/usr/include/boost/coroutine{,2} || die
274 + rm "${ED}"/usr/include/boost/asio/spawn.hpp || die
275 + fi
276 +
277 + if use doc; then
278 + # find extraneous files that shouldn't be installed
279 + # as part of the documentation and remove them.
280 + find libs/*/* \( -iname 'test' -o -iname 'src' \) -exec rm -rf '{}' + || die
281 + find doc \( -name 'Jamfile.v2' -o -name 'build' -o -name '*.manifest' \) -exec rm -rf '{}' + || die
282 + find tools \( -name 'Jamfile.v2' -o -name 'src' -o -name '*.cpp' -o -name '*.hpp' \) -exec rm -rf '{}' + || die
283 +
284 + docinto html
285 + dodoc *.{htm,html,png,css}
286 + dodoc -r doc libs more tools
287 +
288 + # To avoid broken links
289 + dodoc LICENSE_1_0.txt
290 +
291 + dosym ../../../../include/boost /usr/share/doc/${PF}/html/boost
292 + fi
293 +}
294 +
295 +multilib_src_install() {
296 + ejam \
297 + "${OPTIONS[@]}" \
298 + --includedir="${ED}/usr/include" \
299 + --libdir="${ED}/usr/$(get_libdir)" \
300 + install || die "Installation of Boost libraries failed"
301 +
302 + pushd "${ED}/usr/$(get_libdir)" >/dev/null || die
303 +
304 + local ext=$(get_libname)
305 + if use threads; then
306 + local f
307 + for f in *${ext}; do
308 + dosym ${f} /usr/$(get_libdir)/${f/${ext}/-mt${ext}}
309 + done
310 + fi
311 +
312 + popd >/dev/null || die
313 +
314 + if tools_needed; then
315 + dobin dist/bin/*
316 +
317 + insinto /usr/share
318 + doins -r dist/share/boostbook
319 + fi
320 +
321 + # boost's build system truely sucks for not having a destdir. Because for
322 + # this reason we are forced to build with a prefix that includes the
323 + # DESTROOT, dynamic libraries on Darwin end messed up, referencing the
324 + # DESTROOT instread of the actual EPREFIX. There is no way out of here
325 + # but to do it the dirty way of manually setting the right install_names.
326 + if [[ ${CHOST} == *-darwin* ]]; then
327 + einfo "Working around completely broken build-system(tm)"
328 + local d
329 + for d in "${ED}"/usr/lib/*.dylib; do
330 + if [[ -f ${d} ]]; then
331 + # fix the "soname"
332 + ebegin " correcting install_name of ${d#${ED}}"
333 + install_name_tool -id "/${d#${D}}" "${d}"
334 + eend $?
335 + # fix references to other libs
336 + refs=$(otool -XL "${d}" | \
337 + sed -e '1d' -e 's/^\t//' | \
338 + grep "^libboost_" | \
339 + cut -f1 -d' ')
340 + local r
341 + for r in ${refs}; do
342 + ebegin " correcting reference to ${r}"
343 + install_name_tool -change \
344 + "${r}" \
345 + "${EPREFIX}/usr/lib/${r}" \
346 + "${d}"
347 + eend $?
348 + done
349 + fi
350 + done
351 + fi
352 +}
353 +
354 +pkg_preinst() {
355 + # Yai for having symlinks that are nigh-impossible to remove without
356 + # resorting to dirty hacks like these. Removes lingering symlinks
357 + # from the slotted versions.
358 + local symlink
359 + for symlink in "${EROOT}"/usr/include/boost "${EROOT}"/usr/share/boostbook; do
360 + if [[ -L ${symlink} ]]; then
361 + rm -f "${symlink}" || die
362 + fi
363 + done
364 +
365 + # some ancient installs still have boost cruft lying around
366 + # for unknown reasons, causing havoc for reverse dependencies
367 + # Bug: 607734
368 + rm -rf "${EROOT}"/usr/include/boost-1_[3-5]? || die
369 +}
370 +
371 +pkg_postinst() {
372 + elog "Boost.Regex is *extremely* ABI sensitive. If you get errors such as"
373 + elog
374 + elog " undefined reference to \`boost::re_detail_$(ver_cut 1)0$(ver_cut 2)00::cpp_regex_traits_implementation"
375 + elog " <char>::transform_primary[abi:cxx11](char const*, char const*) const'"
376 + elog
377 + elog "Then you need to recompile Boost and all its reverse dependencies"
378 + elog "using the same toolchain. In general, *every* change of the C++ toolchain"
379 + elog "requires a complete rebuild of the boost-dependent ecosystem."
380 + elog
381 + elog "See for instance https://bugs.gentoo.org/638138"
382 +}
383
384 diff --git a/dev-libs/boost/files/boost-1.74-CVE-2012-2677.patch b/dev-libs/boost/files/boost-1.74-CVE-2012-2677.patch
385 new file mode 100644
386 index 00000000000..ff947f74f1c
387 --- /dev/null
388 +++ b/dev-libs/boost/files/boost-1.74-CVE-2012-2677.patch
389 @@ -0,0 +1,125 @@
390 +https://src.fedoraproject.org/rpms/boost/raw/master/f/boost-1.58.0-pool.patch
391 +https://bugzilla.redhat.com/show_bug.cgi?id=828856
392 +https://bugs.gentoo.org/620468
393 +https://svn.boost.org/trac10/ticket/6701
394 +
395 +Index: boost/pool/pool.hpp
396 +===================================================================
397 +--- a/boost/pool/pool.hpp (revision 78317)
398 ++++ b/boost/pool/pool.hpp (revision 78326)
399 +@@ -27,4 +27,6 @@
400 + #include <boost/pool/poolfwd.hpp>
401 +
402 ++// std::numeric_limits
403 ++#include <boost/limits.hpp>
404 + // boost::integer::static_lcm
405 + #include <boost/integer/common_factor_ct.hpp>
406 +@@ -358,4 +360,11 @@
407 + }
408 +
409 ++ size_type max_chunks() const
410 ++ { //! Calculated maximum number of memory chunks that can be allocated in a single call by this Pool.
411 ++ size_type partition_size = alloc_size();
412 ++ size_type POD_size = integer::static_lcm<sizeof(size_type), sizeof(void *)>::value + sizeof(size_type);
413 ++ return (std::numeric_limits<size_type>::max() - POD_size) / alloc_size();
414 ++ }
415 ++
416 + static void * & nextof(void * const ptr)
417 + { //! \returns Pointer dereferenced.
418 +@@ -377,5 +388,7 @@
419 + //! the first time that object needs to allocate system memory.
420 + //! The default is 32. This parameter may not be 0.
421 +- //! \param nmax_size is the maximum number of chunks to allocate in one block.
422 ++ //! \param nmax_size is the maximum number of chunks to allocate in one block.
423 ++ set_next_size(nnext_size);
424 ++ set_max_size(nmax_size);
425 + }
426 +
427 +@@ -400,7 +413,7 @@
428 + }
429 + void set_next_size(const size_type nnext_size)
430 +- { //! Set number of chunks to request from the system the next time that object needs to allocate system memory. This value should never be set to 0.
431 +- //! \returns nnext_size.
432 +- next_size = start_size = nnext_size;
433 ++ { //! Set number of chunks to request from the system the next time that object needs to allocate system memory. This value should never be set to 0.
434 ++ BOOST_USING_STD_MIN();
435 ++ next_size = start_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(nnext_size, max_chunks());
436 + }
437 + size_type get_max_size() const
438 +@@ -410,5 +423,6 @@
439 + void set_max_size(const size_type nmax_size)
440 + { //! Set max_size.
441 +- max_size = nmax_size;
442 ++ BOOST_USING_STD_MIN();
443 ++ max_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(nmax_size, max_chunks());
444 + }
445 + size_type get_requested_size() const
446 +@@ -713,7 +727,7 @@
447 + BOOST_USING_STD_MIN();
448 + if(!max_size)
449 +- next_size <<= 1;
450 ++ set_next_size(next_size << 1);
451 + else if( next_size*partition_size/requested_size < max_size)
452 +- next_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size*requested_size/ partition_size);
453 ++ set_next_size(min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size * requested_size / partition_size));
454 +
455 + // initialize it,
456 +@@ -753,7 +767,7 @@
457 + BOOST_USING_STD_MIN();
458 + if(!max_size)
459 +- next_size <<= 1;
460 ++ set_next_size(next_size << 1);
461 + else if( next_size*partition_size/requested_size < max_size)
462 +- next_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size*requested_size/ partition_size);
463 ++ set_next_size(min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size * requested_size / partition_size));
464 +
465 + // initialize it,
466 +@@ -797,4 +811,6 @@
467 + //! \returns Address of chunk n if allocated ok.
468 + //! \returns 0 if not enough memory for n chunks.
469 ++ if (n > max_chunks())
470 ++ return 0;
471 +
472 + const size_type partition_size = alloc_size();
473 +@@ -845,7 +861,7 @@
474 + BOOST_USING_STD_MIN();
475 + if(!max_size)
476 +- next_size <<= 1;
477 ++ set_next_size(next_size << 1);
478 + else if( next_size*partition_size/requested_size < max_size)
479 +- next_size = min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size*requested_size/ partition_size);
480 ++ set_next_size(min BOOST_PREVENT_MACRO_SUBSTITUTION(next_size << 1, max_size * requested_size / partition_size));
481 +
482 + // insert it into the list,
483 +Index: libs/pool/test/test_bug_6701.cpp
484 +===================================================================
485 +--- a/libs/pool/test/test_bug_6701.cpp (revision 78326)
486 ++++ b/libs/pool/test/test_bug_6701.cpp (revision 78326)
487 +@@ -0,0 +1,27 @@
488 ++/* Copyright (C) 2012 Étienne Dupuis
489 ++*
490 ++* Use, modification and distribution is subject to the
491 ++* Boost Software License, Version 1.0. (See accompanying
492 ++* file LICENSE_1_0.txt or http://www.boost.org/LICENSE_1_0.txt)
493 ++*/
494 ++
495 ++// Test of bug #6701 (https://svn.boost.org/trac/boost/ticket/6701)
496 ++
497 ++#include <boost/pool/object_pool.hpp>
498 ++#include <boost/limits.hpp>
499 ++
500 ++int main()
501 ++{
502 ++ boost::pool<> p(1024, std::numeric_limits<size_t>::max() / 768);
503 ++
504 ++ void *x = p.malloc();
505 ++ BOOST_ASSERT(!x);
506 ++
507 ++ BOOST_ASSERT(std::numeric_limits<size_t>::max() / 1024 >= p.get_next_size());
508 ++ BOOST_ASSERT(std::numeric_limits<size_t>::max() / 1024 >= p.get_max_size());
509 ++
510 ++ void *y = p.ordered_malloc(std::numeric_limits<size_t>::max() / 768);
511 ++ BOOST_ASSERT(!y);
512 ++
513 ++ return 0;
514 ++}
Report Message
Find on MARC Find on Google Groups