Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Thomas Deutschmann <whissi@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-devel/patch/files/, sys-devel/patch/
Date: Fri, 16 Aug 2019 12:40:38
Message-Id: 1565959222.b4e5bfd9d4c04c2f942bbecce62e4394d827de16.whissi@gentoo
1 commit: b4e5bfd9d4c04c2f942bbecce62e4394d827de16
2 Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3 AuthorDate: Fri Aug 16 12:38:46 2019 +0000
4 Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5 CommitDate: Fri Aug 16 12:40:22 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b4e5bfd9
7
8 sys-devel/patch: rev bump to add some patches
9
10 Bug: https://bugs.gentoo.org/690136
11 Package-Manager: Portage-2.3.71, Repoman-2.3.17
12 Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
13
14 ...lid-memory-access-in-context-format-diffs.patch | 26 +++++
15 .../files/patch-2.7.6-CVE-2018-1000156-fix1.patch | 102 +++++++++++++++++++
16 .../files/patch-2.7.6-CVE-2018-1000156-fix2.patch | 37 +++++++
17 .../patch/files/patch-2.7.6-CVE-2019-13636.patch | 108 +++++++++++++++++++++
18 .../patch/files/patch-2.7.6-CVE-2019-13638.patch | 38 ++++++++
19 ...hen-RLIMIT_NOFILE-is-set-to-RLIM_INFINITY.patch | 89 +++++++++++++++++
20 sys-devel/patch/patch-2.7.6-r4.ebuild | 46 +++++++++
21 7 files changed, 446 insertions(+)
22
23 diff --git a/sys-devel/patch/files/patch-2.7.6-Avoid-invalid-memory-access-in-context-format-diffs.patch b/sys-devel/patch/files/patch-2.7.6-Avoid-invalid-memory-access-in-context-format-diffs.patch
24 new file mode 100644
25 index 00000000000..5eef875b85d
26 --- /dev/null
27 +++ b/sys-devel/patch/files/patch-2.7.6-Avoid-invalid-memory-access-in-context-format-diffs.patch
28 @@ -0,0 +1,26 @@
29 +From 15b158db3ae11cb835f2eb8d2eb48e09d1a4af48 Mon Sep 17 00:00:00 2001
30 +From: Andreas Gruenbacher <agruen@×××.org>
31 +Date: Mon, 15 Jul 2019 19:10:02 +0200
32 +Subject: Avoid invalid memory access in context format diffs
33 +
34 +* src/pch.c (another_hunk): Avoid invalid memory access in context format
35 +diffs.
36 +---
37 + src/pch.c | 1 +
38 + 1 file changed, 1 insertion(+)
39 +
40 +diff --git a/src/pch.c b/src/pch.c
41 +index a500ad9..cb54e03 100644
42 +--- a/src/pch.c
43 ++++ b/src/pch.c
44 +@@ -1328,6 +1328,7 @@ another_hunk (enum diff difftype, bool rev)
45 + ptrn_prefix_context = context;
46 + ptrn_suffix_context = context;
47 + if (repl_beginning
48 ++ || p_end <= 0
49 + || (p_end
50 + != p_ptrn_lines + 1 + (p_Char[p_end - 1] == '\n')))
51 + {
52 +--
53 +cgit v1.0-41-gc330
54 +
55
56 diff --git a/sys-devel/patch/files/patch-2.7.6-CVE-2018-1000156-fix1.patch b/sys-devel/patch/files/patch-2.7.6-CVE-2018-1000156-fix1.patch
57 new file mode 100644
58 index 00000000000..d2492f59317
59 --- /dev/null
60 +++ b/sys-devel/patch/files/patch-2.7.6-CVE-2018-1000156-fix1.patch
61 @@ -0,0 +1,102 @@
62 +From 19599883ffb6a450d2884f081f8ecf68edbed7ee Mon Sep 17 00:00:00 2001
63 +From: Jean Delvare <jdelvare@××××.de>
64 +Date: Thu, 3 May 2018 14:31:55 +0200
65 +Subject: Don't leak temporary file on failed ed-style patch
66 +
67 +Now that we write ed-style patches to a temporary file before we
68 +apply them, we need to ensure that the temporary file is removed
69 +before we leave, even on fatal error.
70 +
71 +* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local
72 + tmpname. Don't unlink the file directly, instead tag it for removal
73 + at exit time.
74 +* src/patch.c (cleanup): Unlink TMPEDNAME at exit.
75 +
76 +This closes bug #53820:
77 +https://savannah.gnu.org/bugs/index.php?53820
78 +
79 +Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
80 +---
81 + src/common.h | 2 ++
82 + src/patch.c | 1 +
83 + src/pch.c | 11 +++++------
84 + 3 files changed, 8 insertions(+), 6 deletions(-)
85 +
86 +diff --git a/src/common.h b/src/common.h
87 +index 904a3f8..53c5e32 100644
88 +--- a/src/common.h
89 ++++ b/src/common.h
90 +@@ -94,10 +94,12 @@ XTERN char const *origsuff;
91 + XTERN char const * TMPINNAME;
92 + XTERN char const * TMPOUTNAME;
93 + XTERN char const * TMPPATNAME;
94 ++XTERN char const * TMPEDNAME;
95 +
96 + XTERN bool TMPINNAME_needs_removal;
97 + XTERN bool TMPOUTNAME_needs_removal;
98 + XTERN bool TMPPATNAME_needs_removal;
99 ++XTERN bool TMPEDNAME_needs_removal;
100 +
101 + #ifdef DEBUGGING
102 + XTERN int debug;
103 +diff --git a/src/patch.c b/src/patch.c
104 +index 3fcaec5..9146597 100644
105 +--- a/src/patch.c
106 ++++ b/src/patch.c
107 +@@ -2003,6 +2003,7 @@ cleanup (void)
108 + remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal);
109 + remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
110 + remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal);
111 ++ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal);
112 + remove_if_needed (TMPREJNAME, &TMPREJNAME_needs_removal);
113 + output_files (NULL);
114 + }
115 +diff --git a/src/pch.c b/src/pch.c
116 +index 79a3c99..1bb3153 100644
117 +--- a/src/pch.c
118 ++++ b/src/pch.c
119 +@@ -2392,7 +2392,6 @@ do_ed_script (char const *inname, char c
120 + file_offset beginning_of_this_line;
121 + size_t chars_read;
122 + FILE *tmpfp = 0;
123 +- char const *tmpname;
124 + int tmpfd;
125 + pid_t pid;
126 +
127 +@@ -2404,12 +2403,13 @@ do_ed_script (char const *inname, char const *outname,
128 + invalid commands and treats the next line as a new command, which
129 + can lead to arbitrary command execution. */
130 +
131 +- tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0);
132 ++ tmpfd = make_tempfile (&TMPEDNAME, 'e', NULL, O_RDWR | O_BINARY, 0);
133 + if (tmpfd == -1)
134 +- pfatal ("Can't create temporary file %s", quotearg (tmpname));
135 ++ pfatal ("Can't create temporary file %s", quotearg (TMPEDNAME));
136 ++ TMPEDNAME_needs_removal = true;
137 + tmpfp = fdopen (tmpfd, "w+b");
138 + if (! tmpfp)
139 +- pfatal ("Can't open stream for file %s", quotearg (tmpname));
140 ++ pfatal ("Can't open stream for file %s", quotearg (TMPEDNAME));
141 + }
142 +
143 + for (;;) {
144 +@@ -2449,7 +2449,7 @@ do_ed_script (char const *inname, char c
145 + write_fatal ();
146 +
147 + if (lseek (tmpfd, 0, SEEK_SET) == -1)
148 +- pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
149 ++ pfatal ("Can't rewind to the beginning of file %s", quotearg (TMPEDNAME));
150 +
151 + if (! dry_run && ! skip_rest_of_patch) {
152 + int exclusive = *outname_needs_removal ? 0 : O_EXCL;
153 +@@ -2482,7 +2482,6 @@ do_ed_script (char const *inname, char c
154 + }
155 +
156 + fclose (tmpfp);
157 +- safe_unlink (tmpname);
158 +
159 + if (ofp)
160 + {
161 +--
162 +cgit v1.0-41-gc330
163 +
164
165 diff --git a/sys-devel/patch/files/patch-2.7.6-CVE-2018-1000156-fix2.patch b/sys-devel/patch/files/patch-2.7.6-CVE-2018-1000156-fix2.patch
166 new file mode 100644
167 index 00000000000..7b74ff06c4b
168 --- /dev/null
169 +++ b/sys-devel/patch/files/patch-2.7.6-CVE-2018-1000156-fix2.patch
170 @@ -0,0 +1,37 @@
171 +From 369dcccdfa6336e5a873d6d63705cfbe04c55727 Mon Sep 17 00:00:00 2001
172 +From: Jean Delvare <jdelvare@××××.de>
173 +Date: Mon, 7 May 2018 15:14:45 +0200
174 +Subject: Don't leak temporary file on failed multi-file ed-style patch
175 +
176 +The previous fix worked fine with single-file ed-style patches, but
177 +would still leak temporary files in the case of multi-file ed-style
178 +patch. Fix that case as well, and extend the test case to check for
179 +it.
180 +
181 +* src/patch.c (main): Unlink TMPEDNAME if needed before moving to
182 + the next file in a patch.
183 +
184 +This closes bug #53820:
185 +https://savannah.gnu.org/bugs/index.php?53820
186 +
187 +Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
188 +Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch")
189 +---
190 + src/patch.c | 1 +
191 + 2 files changed, 32 insertions(+)
192 +
193 +diff --git a/src/patch.c b/src/patch.c
194 +index 9146597..81c7a02 100644
195 +--- a/src/patch.c
196 ++++ b/src/patch.c
197 +@@ -236,6 +236,7 @@ main (int argc, char **argv)
198 + }
199 + remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
200 + }
201 ++ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal);
202 +
203 + if (! skip_rest_of_patch && ! file_type)
204 + {
205 +--
206 +cgit v1.0-41-gc330
207 +
208
209 diff --git a/sys-devel/patch/files/patch-2.7.6-CVE-2019-13636.patch b/sys-devel/patch/files/patch-2.7.6-CVE-2019-13636.patch
210 new file mode 100644
211 index 00000000000..3515399f073
212 --- /dev/null
213 +++ b/sys-devel/patch/files/patch-2.7.6-CVE-2019-13636.patch
214 @@ -0,0 +1,108 @@
215 +From dce4683cbbe107a95f1f0d45fabc304acfb5d71a Mon Sep 17 00:00:00 2001
216 +From: Andreas Gruenbacher <agruen@×××.org>
217 +Date: Mon, 15 Jul 2019 16:21:48 +0200
218 +Subject: Don't follow symlinks unless --follow-symlinks is given
219 +
220 +* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file,
221 +append_to_file): Unless the --follow-symlinks option is given, open files with
222 +the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing
223 +that consistently for input files.
224 +* src/util.c (create_backup): When creating empty backup files, (re)create them
225 +with O_CREAT | O_EXCL to avoid following symlinks in that case as well.
226 +---
227 + src/inp.c | 12 ++++++++++--
228 + src/util.c | 14 +++++++++++---
229 + 2 files changed, 21 insertions(+), 5 deletions(-)
230 +
231 +diff --git a/src/inp.c b/src/inp.c
232 +index 32d0919..22d7473 100644
233 +--- a/src/inp.c
234 ++++ b/src/inp.c
235 +@@ -238,8 +238,13 @@ plan_a (char const *filename)
236 + {
237 + if (S_ISREG (instat.st_mode))
238 + {
239 +- int ifd = safe_open (filename, O_RDONLY|binary_transput, 0);
240 ++ int flags = O_RDONLY | binary_transput;
241 + size_t buffered = 0, n;
242 ++ int ifd;
243 ++
244 ++ if (! follow_symlinks)
245 ++ flags |= O_NOFOLLOW;
246 ++ ifd = safe_open (filename, flags, 0);
247 + if (ifd < 0)
248 + pfatal ("can't open file %s", quotearg (filename));
249 +
250 +@@ -340,6 +345,7 @@ plan_a (char const *filename)
251 + static void
252 + plan_b (char const *filename)
253 + {
254 ++ int flags = O_RDONLY | binary_transput;
255 + int ifd;
256 + FILE *ifp;
257 + int c;
258 +@@ -353,7 +359,9 @@ plan_b (char const *filename)
259 +
260 + if (instat.st_size == 0)
261 + filename = NULL_DEVICE;
262 +- if ((ifd = safe_open (filename, O_RDONLY | binary_transput, 0)) < 0
263 ++ if (! follow_symlinks)
264 ++ flags |= O_NOFOLLOW;
265 ++ if ((ifd = safe_open (filename, flags, 0)) < 0
266 + || ! (ifp = fdopen (ifd, binary_transput ? "rb" : "r")))
267 + pfatal ("Can't open file %s", quotearg (filename));
268 + if (TMPINNAME_needs_removal)
269 +diff --git a/src/util.c b/src/util.c
270 +index 1cc08ba..fb38307 100644
271 +--- a/src/util.c
272 ++++ b/src/util.c
273 +@@ -393,7 +393,7 @@ create_backup (char const *to, const struct stat *to_st, bool leave_original)
274 +
275 + try_makedirs_errno = ENOENT;
276 + safe_unlink (bakname);
277 +- while ((fd = safe_open (bakname, O_CREAT | O_WRONLY | O_TRUNC, 0666)) < 0)
278 ++ while ((fd = safe_open (bakname, O_CREAT | O_EXCL | O_WRONLY | O_TRUNC, 0666)) < 0)
279 + {
280 + if (errno != try_makedirs_errno)
281 + pfatal ("Can't create file %s", quotearg (bakname));
282 +@@ -584,10 +584,13 @@ create_file (char const *file, int open_flags, mode_t mode,
283 + static void
284 + copy_to_fd (const char *from, int tofd)
285 + {
286 ++ int from_flags = O_RDONLY | O_BINARY;
287 + int fromfd;
288 + ssize_t i;
289 +
290 +- if ((fromfd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0)
291 ++ if (! follow_symlinks)
292 ++ from_flags |= O_NOFOLLOW;
293 ++ if ((fromfd = safe_open (from, from_flags, 0)) < 0)
294 + pfatal ("Can't reopen file %s", quotearg (from));
295 + while ((i = read (fromfd, buf, bufsize)) != 0)
296 + {
297 +@@ -630,6 +633,8 @@ copy_file (char const *from, char const *to, struct stat *tost,
298 + else
299 + {
300 + assert (S_ISREG (mode));
301 ++ if (! follow_symlinks)
302 ++ to_flags |= O_NOFOLLOW;
303 + tofd = create_file (to, O_WRONLY | O_BINARY | to_flags, mode,
304 + to_dir_known_to_exist);
305 + copy_to_fd (from, tofd);
306 +@@ -645,9 +650,12 @@ copy_file (char const *from, char const *to, struct stat *tost,
307 + void
308 + append_to_file (char const *from, char const *to)
309 + {
310 ++ int to_flags = O_WRONLY | O_APPEND | O_BINARY;
311 + int tofd;
312 +
313 +- if ((tofd = safe_open (to, O_WRONLY | O_BINARY | O_APPEND, 0)) < 0)
314 ++ if (! follow_symlinks)
315 ++ to_flags |= O_NOFOLLOW;
316 ++ if ((tofd = safe_open (to, to_flags, 0)) < 0)
317 + pfatal ("Can't reopen file %s", quotearg (to));
318 + copy_to_fd (from, tofd);
319 + if (close (tofd) != 0)
320 +--
321 +cgit v1.0-41-gc330
322 +
323
324 diff --git a/sys-devel/patch/files/patch-2.7.6-CVE-2019-13638.patch b/sys-devel/patch/files/patch-2.7.6-CVE-2019-13638.patch
325 new file mode 100644
326 index 00000000000..38caff628aa
327 --- /dev/null
328 +++ b/sys-devel/patch/files/patch-2.7.6-CVE-2019-13638.patch
329 @@ -0,0 +1,38 @@
330 +From 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Mon Sep 17 00:00:00 2001
331 +From: Andreas Gruenbacher <agruen@×××.org>
332 +Date: Fri, 6 Apr 2018 19:36:15 +0200
333 +Subject: Invoke ed directly instead of using the shell
334 +
335 +* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
336 +command to avoid quoting vulnerabilities.
337 +---
338 + src/pch.c | 6 ++----
339 + 1 file changed, 2 insertions(+), 4 deletions(-)
340 +
341 +diff --git a/src/pch.c b/src/pch.c
342 +index 4fd5a05..16e001a 100644
343 +--- a/src/pch.c
344 ++++ b/src/pch.c
345 +@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char const *outname,
346 + *outname_needs_removal = true;
347 + copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
348 + }
349 +- sprintf (buf, "%s %s%s", editor_program,
350 +- verbosity == VERBOSE ? "" : "- ",
351 +- outname);
352 + fflush (stdout);
353 +
354 + pid = fork();
355 +@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char const *outname,
356 + else if (pid == 0)
357 + {
358 + dup2 (tmpfd, 0);
359 +- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
360 ++ assert (outname[0] != '!' && outname[0] != '-');
361 ++ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
362 + _exit (2);
363 + }
364 + else
365 +--
366 +cgit v1.0-41-gc330
367 +
368
369 diff --git a/sys-devel/patch/files/patch-2.7.6-Do-not-crash-when-RLIMIT_NOFILE-is-set-to-RLIM_INFINITY.patch b/sys-devel/patch/files/patch-2.7.6-Do-not-crash-when-RLIMIT_NOFILE-is-set-to-RLIM_INFINITY.patch
370 new file mode 100644
371 index 00000000000..961e5786138
372 --- /dev/null
373 +++ b/sys-devel/patch/files/patch-2.7.6-Do-not-crash-when-RLIMIT_NOFILE-is-set-to-RLIM_INFINITY.patch
374 @@ -0,0 +1,89 @@
375 +From 61d7788b83b302207a67b82786f4fd79e3538f30 Mon Sep 17 00:00:00 2001
376 +From: Andreas Gruenbacher <agruen@×××.org>
377 +Date: Thu, 27 Jun 2019 11:10:43 +0200
378 +Subject: Don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY
379 +
380 +* src/safe.c (min_cached_fds): Define minimum number of cached dir file
381 +descriptors.
382 +(max_cached_fds): Change type to rlim_t to allow storing RLIM_INFINITY.
383 +(init_dirfd_cache): Set max_cached_fds to RLIM_INFINITY when RLIMIT_NOFILE is
384 +RLIM_INFINITY. Set the initial hash table size to min_cached_fds, independent
385 +of RLIMIT_NOFILE: patches commonly only affect one or a few files, so a small
386 +hash table will usually suffice; if needed, the hash table will grow.
387 +(insert_cached_dirfd): Don't shrink the cache when max_cached_fds is
388 +RLIM_INFINITY.
389 +---
390 + src/safe.c | 36 +++++++++++++++++++++++-------------
391 + 1 file changed, 23 insertions(+), 13 deletions(-)
392 +
393 +diff --git a/src/safe.c b/src/safe.c
394 +index 5a7202f..f147b0e 100644
395 +--- a/src/safe.c
396 ++++ b/src/safe.c
397 +@@ -67,7 +67,8 @@ struct cached_dirfd {
398 + };
399 +
400 + static Hash_table *cached_dirfds = NULL;
401 +-static size_t max_cached_fds;
402 ++static rlim_t min_cached_fds = 8;
403 ++static rlim_t max_cached_fds;
404 + LIST_HEAD (lru_list);
405 +
406 + static size_t hash_cached_dirfd (const void *entry, size_t table_size)
407 +@@ -98,11 +99,17 @@ static void init_dirfd_cache (void)
408 + {
409 + struct rlimit nofile;
410 +
411 +- max_cached_fds = 8;
412 + if (getrlimit (RLIMIT_NOFILE, &nofile) == 0)
413 +- max_cached_fds = MAX (nofile.rlim_cur / 4, max_cached_fds);
414 ++ {
415 ++ if (nofile.rlim_cur == RLIM_INFINITY)
416 ++ max_cached_fds = RLIM_INFINITY;
417 ++ else
418 ++ max_cached_fds = MAX (nofile.rlim_cur / 4, min_cached_fds);
419 ++ }
420 ++ else
421 ++ max_cached_fds = min_cached_fds;
422 +
423 +- cached_dirfds = hash_initialize (max_cached_fds,
424 ++ cached_dirfds = hash_initialize (min_cached_fds,
425 + NULL,
426 + hash_cached_dirfd,
427 + compare_cached_dirfds,
428 +@@ -148,20 +155,23 @@ static void insert_cached_dirfd (struct cached_dirfd *entry, int keepfd)
429 + if (cached_dirfds == NULL)
430 + init_dirfd_cache ();
431 +
432 +- /* Trim off the least recently used entries */
433 +- while (hash_get_n_entries (cached_dirfds) >= max_cached_fds)
434 ++ if (max_cached_fds != RLIM_INFINITY)
435 + {
436 +- struct cached_dirfd *last =
437 +- list_entry (lru_list.prev, struct cached_dirfd, lru_link);
438 +- if (&last->lru_link == &lru_list)
439 +- break;
440 +- if (last->fd == keepfd)
441 ++ /* Trim off the least recently used entries */
442 ++ while (hash_get_n_entries (cached_dirfds) >= max_cached_fds)
443 + {
444 +- last = list_entry (last->lru_link.prev, struct cached_dirfd, lru_link);
445 ++ struct cached_dirfd *last =
446 ++ list_entry (lru_list.prev, struct cached_dirfd, lru_link);
447 + if (&last->lru_link == &lru_list)
448 + break;
449 ++ if (last->fd == keepfd)
450 ++ {
451 ++ last = list_entry (last->lru_link.prev, struct cached_dirfd, lru_link);
452 ++ if (&last->lru_link == &lru_list)
453 ++ break;
454 ++ }
455 ++ remove_cached_dirfd (last);
456 + }
457 +- remove_cached_dirfd (last);
458 + }
459 +
460 + /* Only insert if the parent still exists. */
461 +--
462 +cgit v1.0-41-gc330
463 +
464
465 diff --git a/sys-devel/patch/patch-2.7.6-r4.ebuild b/sys-devel/patch/patch-2.7.6-r4.ebuild
466 new file mode 100644
467 index 00000000000..cce90dd296d
468 --- /dev/null
469 +++ b/sys-devel/patch/patch-2.7.6-r4.ebuild
470 @@ -0,0 +1,46 @@
471 +# Copyright 1999-2019 Gentoo Authors
472 +# Distributed under the terms of the GNU General Public License v2
473 +
474 +EAPI="7"
475 +
476 +inherit flag-o-matic
477 +
478 +DESCRIPTION="Utility to apply diffs to files"
479 +HOMEPAGE="https://www.gnu.org/software/patch/patch.html"
480 +SRC_URI="mirror://gnu/patch/${P}.tar.xz"
481 +
482 +LICENSE="GPL-3+"
483 +SLOT="0"
484 +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
485 +IUSE="static test xattr"
486 +
487 +RDEPEND="xattr? ( sys-apps/attr )"
488 +DEPEND="${RDEPEND}
489 + test? ( sys-apps/ed )"
490 +
491 +PATCHES=(
492 + "${FILESDIR}"/${P}-fix-test-suite.patch
493 + "${FILESDIR}"/${PN}-2.7.6-fix-error-handling-with-git-style-patches.patch
494 + "${FILESDIR}"/${PN}-2.7.6-CVE-2018-6951.patch
495 + "${FILESDIR}"/${PN}-2.7.6-allow-input-files-to-be-missing-for-ed-style-patches.patch
496 + "${FILESDIR}"/${PN}-2.7.6-CVE-2018-1000156.patch
497 + "${FILESDIR}"/${PN}-2.7.6-CVE-2018-6952.patch
498 + "${FILESDIR}"/${PN}-2.7.6-Do-not-crash-when-RLIMIT_NOFILE-is-set-to-RLIM_INFINITY.patch
499 + "${FILESDIR}"/${PN}-2.7.6-CVE-2018-1000156-fix1.patch
500 + "${FILESDIR}"/${PN}-2.7.6-CVE-2018-1000156-fix2.patch
501 + "${FILESDIR}"/${PN}-2.7.6-CVE-2019-13636.patch
502 + "${FILESDIR}"/${PN}-2.7.6-CVE-2019-13638.patch
503 + "${FILESDIR}"/${PN}-2.7.6-Avoid-invalid-memory-access-in-context-format-diffs.patch
504 +)
505 +
506 +src_configure() {
507 + use static && append-ldflags -static
508 +
509 + local myeconfargs=(
510 + $(use_enable xattr)
511 + --program-prefix="$(use userland_BSD && echo g)"
512 + )
513 + # Do not let $ED mess up the search for `ed` 470210.
514 + ac_cv_path_ED=$(type -P ed) \
515 + econf "${myeconfargs[@]}"
516 +}
Report Message
Find on MARC Find on Google Groups