[gentoo-commits] repo/gentoo:master commit in: sys-devel/bc/files/, sys-devel/bc/ - gentoo-commits

From:	Mike Frysinger <vapier@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: sys-devel/bc/files/, sys-devel/bc/
Date:	Mon, 17 Sep 2018 23:23:49
Message-Id:	`1537226615.e490601874fe785c7632e6571a3a1d8f43404622.vapier@gentoo`

1

commit:     e490601874fe785c7632e6571a3a1d8f43404622

2

Author:     Mike Frysinger <vapier <AT> chromium <DOT> org>

3

AuthorDate: Mon Sep 17 23:19:15 2018 +0000

4

Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>

5

CommitDate: Mon Sep 17 23:23:35 2018 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e4906018

7

8

sys-devel/bc: add support for --sandbox & USE=forced-sandbox

9

10

The dc tool has an ! command which allows for arbitrary system() calls

11

which is not ideal for processing arbitrary user scripts.  First add

12

support for a --sandbox flag at runtime (like sed/gawk gnu tools),

13

then add a USE=forced-sandbox option so people can lock it down.

14

15

The patches have been sent to upstream, but considering how slow the

16

bc project tends to move, and their lack of a project site/git repo,

17

going to merge this now and just wait for upstream feedback.

18

19

 sys-devel/bc/bc-1.07.1-r2.ebuild           |  65 ++++++++++++++++

20

 sys-devel/bc/files/bc-1.07.1-sandbox.patch | 121 +++++++++++++++++++++++++++++

21

 sys-devel/bc/metadata.xml                  |   3 +

22

 3 files changed, 189 insertions(+)

23

24

diff --git a/sys-devel/bc/bc-1.07.1-r2.ebuild b/sys-devel/bc/bc-1.07.1-r2.ebuild

25

new file mode 100644

26

index 00000000000..78cc0f0805f

27

--- /dev/null

28

+++ b/sys-devel/bc/bc-1.07.1-r2.ebuild

29

@@ -0,0 +1,65 @@

30

+# Copyright 1999-2018 Gentoo Foundation

31

+# Distributed under the terms of the GNU General Public License v2

32

+

33

+EAPI="6"

34

+

35

+inherit flag-o-matic toolchain-funcs

36

+

37

+DESCRIPTION="Handy console-based calculator utility"

38

+HOMEPAGE="https://www.gnu.org/software/bc/bc.html"

39

+SRC_URI="mirror://gnu/bc/${P}.tar.gz"

40

+

41

+LICENSE="GPL-2 LGPL-2.1"

42

+SLOT="0"

43

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"

44

+IUSE="forced-sandbox libedit readline static"

45

+

46

+RDEPEND="

47

+	!readline? ( libedit? ( dev-libs/libedit:= ) )

48

+	readline? (

49

+		>=sys-libs/readline-4.1:0=

50

+		>=sys-libs/ncurses-5.2:=

51

+	)

52

+"

53

+DEPEND="

54

+	${RDEPEND}

55

+	sys-apps/ed

56

+	sys-devel/flex

57

+	virtual/yacc

58

+"

59

+

60

+PATCHES=(

61

+	"${FILESDIR}/${PN}-1.07.1-sandbox.patch"

62

+)

63

+

64

+src_prepare() {

65

+	default

66

+

67

+	# A patch to make this into a configure option has been sent upstream,

68

+	# but lets avoid regenerating all the autotools just for this.

69

+	if use forced-sandbox ; then

70

+		sed -i '/dc_sandbox_enabled = 0/s:0:1:' dc/dc.c || die

71

+	fi

72

+}

73

+

74

+src_configure() {

75

+	local myconf=(

76

+		$(use_with readline)

77

+	)

78

+	if use readline ; then

79

+		myconf+=( --without-libedit )

80

+	else

81

+		myconf+=( $(use_with libedit) )

82

+	fi

83

+	use static && append-ldflags -static

84

+

85

+	econf "${myconf[@]}"

86

+

87

+	# Do not regen docs -- configure produces a small fragment that includes

88

+	# the version info which causes all pages to regen (newer file). #554774

89

+	touch -r doc doc/*

90

+}

91

+

92

+src_compile() {

93

+	emake AR="$(tc-getAR)"

94

+}

95

96

diff --git a/sys-devel/bc/files/bc-1.07.1-sandbox.patch b/sys-devel/bc/files/bc-1.07.1-sandbox.patch

97

new file mode 100644

98

index 00000000000..ec5c406645b

99

--- /dev/null

100

+++ b/sys-devel/bc/files/bc-1.07.1-sandbox.patch

101

@@ -0,0 +1,121 @@

102

+this has been sent upstream, but they don't have a mailing list or project site

103

+to link to.  oh well.

104

+

105

+From e641584767c3c7cc1ff544805acc2562fc56cda9 Mon Sep 17 00:00:00 2001

106

+From: Mike Frysinger <vapier@××××××××.org>

107

+Date: Mon, 17 Sep 2018 18:57:57 -0400

108

+Subject: [PATCH 1/2] dc: add a --sandbox option

109

+

110

+Other GNU projects (like sed & gawk) have a --sandbox flag whereby

111

+access to files and system() are disabled.  This allows people to

112

+run arbitrary scripts without worrying about them "escaping" and

113

+executing arbitrary commands on the system.

114

+---

115

+ dc/dc.c     | 9 ++++++++-

116

+ dc/dc.h     | 3 +++

117

+ dc/misc.c   | 6 ++++++

118

+ doc/dc.1    | 5 +++++

119

+ doc/dc.texi | 4 ++++

120

+ 5 files changed, 26 insertions(+), 1 deletion(-)

121

+

122

+diff --git a/dc/dc.c b/dc/dc.c

123

+index 6a2bb2639235..592a76be71da 100644

124

+--- a/dc/dc.c

125

++++ b/dc/dc.c

126

+@@ -54,6 +54,7 @@

127

+ #endif

128

+

129

+ const char *progname;	/* basename of program invocation */

130

++int dc_sandbox_enabled;	/* whether sandbox mode is enabled */

131

+

132

+ static void

133

+ bug_report_info DC_DECLVOID()

134

+@@ -80,6 +81,7 @@ usage DC_DECLARG((f))

135

+ Usage: %s [OPTION] [file ...]\n\

136

+   -e, --expression=EXPR    evaluate expression\n\

137

+   -f, --file=FILE          evaluate contents of file\n\

138

++  -S, --sandbox            disable the ! (system) command\n\

139

+   -h, --help               display this help and exit\n\

140

+   -V, --version            output version information and exit\n\

141

+ \n\

142

+@@ -252,6 +254,7 @@ main DC_DECLARG((argc, argv))

143

+ 	static struct option const long_opts[] = {

144

+ 		{"expression", required_argument, NULL, 'e'},

145

+ 		{"file", required_argument, NULL, 'f'},

146

++		{"sandbox", no_argument, NULL, 'S'},

147

+ 		{"help", no_argument, NULL, 'h'},

148

+ 		{"version", no_argument, NULL, 'V'},

149

+ 		{NULL, 0, NULL, 0}

150

+@@ -260,12 +263,13 @@ main DC_DECLARG((argc, argv))

151

+ 	int c;

152

+

153

+ 	progname = r1bindex(*argv, '/');

154

++	dc_sandbox_enabled = 0;

155

+ 	dc_math_init();

156

+ 	dc_string_init();

157

+ 	dc_register_init();

158

+ 	dc_array_init();

159

+

160

+-	while ((c = getopt_long(argc, argv, "hVe:f:", long_opts, (int *)0)) != EOF) {

161

++	while ((c = getopt_long(argc, argv, "hVe:f:S", long_opts, (int *)0)) != EOF) {

162

+ 		switch (c) {

163

+ 		case 'e':

164

+ 			{	dc_data string = dc_makestring(optarg, strlen(optarg));

165

+@@ -279,6 +283,9 @@ main DC_DECLARG((argc, argv))

166

+ 			try_file(optarg);

167

+ 			did_eval = 1;

168

+ 			break;

169

++		case 'S':

170

++			dc_sandbox_enabled = 1;

171

++			break;

172

+ 		case 'h':

173

+ 			usage(stdout);

174

+ 			return flush_okay();

175

+diff --git a/dc/dc.h b/dc/dc.h

176

+index 6a871ad612a5..a148df467a92 100644

177

+--- a/dc/dc.h

178

++++ b/dc/dc.h

179

+@@ -76,4 +76,7 @@ typedef struct {

180

+ /* This is dc's only global variable: */

181

+ extern const char *progname;	/* basename of program invocation */

182

+

183

++/* Whether to run in sandbox mode. */

184

++extern int dc_sandbox_enabled;

185

++

186

+ #endif /* not DC_DEFS_H */

187

+diff --git a/dc/misc.c b/dc/misc.c

188

+index cd23602fce32..115be90b03bf 100644

189

+--- a/dc/misc.c

190

++++ b/dc/misc.c

191

+@@ -131,6 +131,12 @@ dc_system DC_DECLARG((s))

192

+ 	char *tmpstr;

193

+ 	size_t len;

194

+

195

++	if (dc_sandbox_enabled) {

196

++		fprintf(stderr, "%s: ! command disabled in sandbox mode\n",

197

++				progname);

198

++		exit(EXIT_FAILURE);

199

++	}

200

++

201

+ 	p = strchr(s, '\n');

202

+ 	if (p != NULL) {

203

+ 		len = (size_t) (p - s);

204

+diff --git a/doc/dc.1 b/doc/dc.1

205

+index 1c666493e00a..7c4b6fffd616 100644

206

+--- a/doc/dc.1

207

++++ b/doc/dc.1

208

+@@ -84,6 +84,11 @@ to the set of commands to be run while processing the input.

209

+ Add the commands contained in the file

210

+ .I script-file

211

+ to the set of commands to be run while processing the input.

212

++.TP

213

++.B -S

214

++.TP

215

++.B --sandbox

216

++Run in sandbox mode where access to \fB!\fR for the system function.

217

+ .PP

218

+ If any command-line parameters remain after processing the above,

219

+ these parameters are interpreted as the names of input files to

220

+--

221

+2.17.1

222

+

223

224

diff --git a/sys-devel/bc/metadata.xml b/sys-devel/bc/metadata.xml

225

index 56c12441305..5bdfef6846f 100644

226

--- a/sys-devel/bc/metadata.xml

227

+++ b/sys-devel/bc/metadata.xml

228

@@ -5,4 +5,7 @@

229

 	<email>base-system@g.o</email>

230

 	<name>Gentoo Base System</name>

231

 </maintainer>

232

+<use>

233

+	<flag name="forced-sandbox">Always enable --sandbox mode for simpler/secure runtime (disables the ! command in dc)</flag>

234

+</use>

235

 </pkgmetadata>

1	commit: e490601874fe785c7632e6571a3a1d8f43404622
2	Author: Mike Frysinger <vapier <AT> chromium <DOT> org>
3	AuthorDate: Mon Sep 17 23:19:15 2018 +0000
4	Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org>
5	CommitDate: Mon Sep 17 23:23:35 2018 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e4906018
7
8	sys-devel/bc: add support for --sandbox & USE=forced-sandbox
9
10	The dc tool has an ! command which allows for arbitrary system() calls
11	which is not ideal for processing arbitrary user scripts. First add
12	support for a --sandbox flag at runtime (like sed/gawk gnu tools),
13	then add a USE=forced-sandbox option so people can lock it down.
14
15	The patches have been sent to upstream, but considering how slow the
16	bc project tends to move, and their lack of a project site/git repo,
17	going to merge this now and just wait for upstream feedback.
18
19	sys-devel/bc/bc-1.07.1-r2.ebuild \| 65 ++++++++++++++++
20	sys-devel/bc/files/bc-1.07.1-sandbox.patch \| 121 +++++++++++++++++++++++++++++
21	sys-devel/bc/metadata.xml \| 3 +
22	3 files changed, 189 insertions(+)
23
24	diff --git a/sys-devel/bc/bc-1.07.1-r2.ebuild b/sys-devel/bc/bc-1.07.1-r2.ebuild
25	new file mode 100644
26	index 00000000000..78cc0f0805f
27	--- /dev/null
28	+++ b/sys-devel/bc/bc-1.07.1-r2.ebuild
29	@@ -0,0 +1,65 @@
30	+# Copyright 1999-2018 Gentoo Foundation
31	+# Distributed under the terms of the GNU General Public License v2
32	+
33	+EAPI="6"
34	+
35	+inherit flag-o-matic toolchain-funcs
36	+
37	+DESCRIPTION="Handy console-based calculator utility"
38	+HOMEPAGE="https://www.gnu.org/software/bc/bc.html"
39	+SRC_URI="mirror://gnu/bc/${P}.tar.gz"
40	+
41	+LICENSE="GPL-2 LGPL-2.1"
42	+SLOT="0"
43	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
44	+IUSE="forced-sandbox libedit readline static"
45	+
46	+RDEPEND="
47	+ !readline? ( libedit? ( dev-libs/libedit:= ) )
48	+ readline? (
49	+ >=sys-libs/readline-4.1:0=
50	+ >=sys-libs/ncurses-5.2:=
51	+ )
52	+"
53	+DEPEND="
54	+ ${RDEPEND}
55	+ sys-apps/ed
56	+ sys-devel/flex
57	+ virtual/yacc
58	+"
59	+
60	+PATCHES=(
61	+ "${FILESDIR}/${PN}-1.07.1-sandbox.patch"
62	+)
63	+
64	+src_prepare() {
65	+ default
66	+
67	+ # A patch to make this into a configure option has been sent upstream,
68	+ # but lets avoid regenerating all the autotools just for this.
69	+ if use forced-sandbox ; then
70	+ sed -i '/dc_sandbox_enabled = 0/s:0:1:' dc/dc.c \|\| die
71	+ fi
72	+}
73	+
74	+src_configure() {
75	+ local myconf=(
76	+ $(use_with readline)
77	+ )
78	+ if use readline ; then
79	+ myconf+=( --without-libedit )
80	+ else
81	+ myconf+=( $(use_with libedit) )
82	+ fi
83	+ use static && append-ldflags -static
84	+
85	+ econf "${myconf[@]}"
86	+
87	+ # Do not regen docs -- configure produces a small fragment that includes
88	+ # the version info which causes all pages to regen (newer file). #554774
89	+ touch -r doc doc/*
90	+}
91	+
92	+src_compile() {
93	+ emake AR="$(tc-getAR)"
94	+}
95
96	diff --git a/sys-devel/bc/files/bc-1.07.1-sandbox.patch b/sys-devel/bc/files/bc-1.07.1-sandbox.patch
97	new file mode 100644
98	index 00000000000..ec5c406645b
99	--- /dev/null
100	+++ b/sys-devel/bc/files/bc-1.07.1-sandbox.patch
101	@@ -0,0 +1,121 @@
102	+this has been sent upstream, but they don't have a mailing list or project site
103	+to link to. oh well.
104	+
105	+From e641584767c3c7cc1ff544805acc2562fc56cda9 Mon Sep 17 00:00:00 2001
106	+From: Mike Frysinger <vapier@××××××××.org>
107	+Date: Mon, 17 Sep 2018 18:57:57 -0400
108	+Subject: [PATCH 1/2] dc: add a --sandbox option
109	+
110	+Other GNU projects (like sed & gawk) have a --sandbox flag whereby
111	+access to files and system() are disabled. This allows people to
112	+run arbitrary scripts without worrying about them "escaping" and
113	+executing arbitrary commands on the system.
114	+---
115	+ dc/dc.c \| 9 ++++++++-
116	+ dc/dc.h \| 3 +++
117	+ dc/misc.c \| 6 ++++++
118	+ doc/dc.1 \| 5 +++++
119	+ doc/dc.texi \| 4 ++++
120	+ 5 files changed, 26 insertions(+), 1 deletion(-)
121	+
122	+diff --git a/dc/dc.c b/dc/dc.c
123	+index 6a2bb2639235..592a76be71da 100644
124	+--- a/dc/dc.c
125	++++ b/dc/dc.c
126	+@@ -54,6 +54,7 @@
127	+ #endif
128	+
129	+ const char progname; / basename of program invocation */
130	++int dc_sandbox_enabled; /* whether sandbox mode is enabled */
131	+
132	+ static void
133	+ bug_report_info DC_DECLVOID()
134	+@@ -80,6 +81,7 @@ usage DC_DECLARG((f))
135	+ Usage: %s [OPTION] [file ...]\n\
136	+ -e, --expression=EXPR evaluate expression\n\
137	+ -f, --file=FILE evaluate contents of file\n\
138	++ -S, --sandbox disable the ! (system) command\n\
139	+ -h, --help display this help and exit\n\
140	+ -V, --version output version information and exit\n\
141	+ \n\
142	+@@ -252,6 +254,7 @@ main DC_DECLARG((argc, argv))
143	+ static struct option const long_opts[] = {
144	+ {"expression", required_argument, NULL, 'e'},
145	+ {"file", required_argument, NULL, 'f'},
146	++ {"sandbox", no_argument, NULL, 'S'},
147	+ {"help", no_argument, NULL, 'h'},
148	+ {"version", no_argument, NULL, 'V'},
149	+ {NULL, 0, NULL, 0}
150	+@@ -260,12 +263,13 @@ main DC_DECLARG((argc, argv))
151	+ int c;
152	+
153	+ progname = r1bindex(*argv, '/');
154	++ dc_sandbox_enabled = 0;
155	+ dc_math_init();
156	+ dc_string_init();
157	+ dc_register_init();
158	+ dc_array_init();
159	+
160	+- while ((c = getopt_long(argc, argv, "hVe:f:", long_opts, (int *)0)) != EOF) {
161	++ while ((c = getopt_long(argc, argv, "hVe:f:S", long_opts, (int *)0)) != EOF) {
162	+ switch (c) {
163	+ case 'e':
164	+ { dc_data string = dc_makestring(optarg, strlen(optarg));
165	+@@ -279,6 +283,9 @@ main DC_DECLARG((argc, argv))
166	+ try_file(optarg);
167	+ did_eval = 1;
168	+ break;
169	++ case 'S':
170	++ dc_sandbox_enabled = 1;
171	++ break;
172	+ case 'h':
173	+ usage(stdout);
174	+ return flush_okay();
175	+diff --git a/dc/dc.h b/dc/dc.h
176	+index 6a871ad612a5..a148df467a92 100644
177	+--- a/dc/dc.h
178	++++ b/dc/dc.h
179	+@@ -76,4 +76,7 @@ typedef struct {
180	+ /* This is dc's only global variable: */
181	+ extern const char progname; / basename of program invocation */
182	+
183	++/* Whether to run in sandbox mode. */
184	++extern int dc_sandbox_enabled;
185	++
186	+ #endif /* not DC_DEFS_H */
187	+diff --git a/dc/misc.c b/dc/misc.c
188	+index cd23602fce32..115be90b03bf 100644
189	+--- a/dc/misc.c
190	++++ b/dc/misc.c
191	+@@ -131,6 +131,12 @@ dc_system DC_DECLARG((s))
192	+ char *tmpstr;
193	+ size_t len;
194	+
195	++ if (dc_sandbox_enabled) {
196	++ fprintf(stderr, "%s: ! command disabled in sandbox mode\n",
197	++ progname);
198	++ exit(EXIT_FAILURE);
199	++ }
200	++
201	+ p = strchr(s, '\n');
202	+ if (p != NULL) {
203	+ len = (size_t) (p - s);
204	+diff --git a/doc/dc.1 b/doc/dc.1
205	+index 1c666493e00a..7c4b6fffd616 100644
206	+--- a/doc/dc.1
207	++++ b/doc/dc.1
208	+@@ -84,6 +84,11 @@ to the set of commands to be run while processing the input.
209	+ Add the commands contained in the file
210	+ .I script-file
211	+ to the set of commands to be run while processing the input.
212	++.TP
213	++.B -S
214	++.TP
215	++.B --sandbox
216	++Run in sandbox mode where access to \fB!\fR for the system function.
217	+ .PP
218	+ If any command-line parameters remain after processing the above,
219	+ these parameters are interpreted as the names of input files to
220	+--
221	+2.17.1
222	+
223
224	diff --git a/sys-devel/bc/metadata.xml b/sys-devel/bc/metadata.xml
225	index 56c12441305..5bdfef6846f 100644
226	--- a/sys-devel/bc/metadata.xml
227	+++ b/sys-devel/bc/metadata.xml
228	@@ -5,4 +5,7 @@
229	<email>base-system@g.o</email>
230	<name>Gentoo Base System</name>
231	</maintainer>
232	+<use>
233	+ <flag name="forced-sandbox">Always enable --sandbox mode for simpler/secure runtime (disables the ! command in dc)</flag>
234	+</use>
235	</pkgmetadata>

Gentoo Archives: gentoo-commits