diff options
author | Marius Bakke <mbakke@fastmail.com> | 2017-08-26 15:15:49 +0200 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2017-08-26 15:15:49 +0200 |
commit | 72e2815d18ad688b0a16ce3b3efba1172423cec4 (patch) | |
tree | b3d6aa01aec86a7f224e15d97a40b64de4e5cdb8 /gnu/packages/patches | |
parent | c20cd0d24d9b5e8a47b864db9799e0992ffd44b9 (diff) | |
parent | 2f837cf7fe100b0584fb02cf8f19d4cfb4e14d88 (diff) | |
download | gnu-guix-72e2815d18ad688b0a16ce3b3efba1172423cec4.tar gnu-guix-72e2815d18ad688b0a16ce3b3efba1172423cec4.tar.gz |
Merge branch 'core-updates'
Diffstat (limited to 'gnu/packages/patches')
61 files changed, 1925 insertions, 2328 deletions
diff --git a/gnu/packages/patches/ath9k-htc-firmware-binutils.patch b/gnu/packages/patches/ath9k-htc-firmware-binutils.patch index aa253e135f..7bb5d77dba 100644 --- a/gnu/packages/patches/ath9k-htc-firmware-binutils.patch +++ b/gnu/packages/patches/ath9k-htc-firmware-binutils.patch @@ -5,9 +5,6 @@ Not applying the first patch (apparently) leads to miscompiled firmware, and loading it fails with a "Target is unresponsive" message from the 'ath9k_htc' module. -The final hunk, applied to 'gas/config/tc-xtensa.c', is copied from the -upstream file 'local/patches/binutils-2.27_fixup.patch'. - From dbca73446265ce01b8e11462c3346b25953e3399 Mon Sep 17 00:00:00 2001 From: Sujith Manoharan <c_manoha@qca.qualcomm.com> Date: Mon, 7 Jan 2013 15:59:53 +0530 @@ -28969,20 +28966,3 @@ index 30f4f41..fe9b051 100644 #define XCHAL_MAX_INSTRUCTION_SIZE 3 -- 1.8.1 - -diff --git a/gas/config/tc-xtensa.c b/gas/config/tc-xtensa.c -index d062044..ca261ae 100644 ---- a/gas/config/tc-xtensa.c -+++ b/gas/config/tc-xtensa.c -@@ -2228,7 +2228,7 @@ xg_reverse_shift_count (char **cnt_argp) - cnt_arg = *cnt_argp; - - /* replace the argument with "31-(argument)" */ -- new_arg = concat ("31-(", cnt_argp, ")", (char *) NULL); -+ new_arg = concat ("31-(", cnt_arg, ")", (char *) NULL); - - free (cnt_arg); - *cnt_argp = new_arg; --- -2.10.1 - diff --git a/gnu/packages/patches/binutils-mips-bash-bug.patch b/gnu/packages/patches/binutils-mips-bash-bug.patch deleted file mode 100644 index 08d3a79749..0000000000 --- a/gnu/packages/patches/binutils-mips-bash-bug.patch +++ /dev/null @@ -1,22 +0,0 @@ -Bash 4.2.0(1)-release, which we use during bootstrap, does not yield the -"x" case in: - - case x"$EMULATION_NAME" in x) ;; *) ;; esac - -when 'EMULATION_NAME' is undefined. Bash 4.3.30(1)-release doesn't have this -problem. Work around it. - -This Bash bug was fixed -in <http://ftp.gnu.org/gnu/bash/bash-4.2-patches/bash42-007>. - ---- a/ld/emulparams/elf32bmipn32-defs.sh -+++ b/ld/emulparams/elf32bmipn32-defs.sh -@@ -13,7 +13,7 @@ LITTLE_OUTPUT_FORMAT="elf32-littlemips" - TEMPLATE_NAME=elf32 - EXTRA_EM_FILE=mipself - --case x"$EMULATION_NAME" in -+case "x$EMULATION_NAME" in - xelf32*n32*) ELFSIZE=32 ;; - xelf64*) ELFSIZE=64 ;; - x) ;; diff --git a/gnu/packages/patches/coreutils-cut-huge-range-test.patch b/gnu/packages/patches/coreutils-cut-huge-range-test.patch index 0be2cef2b8..e3a0ef28eb 100644 --- a/gnu/packages/patches/coreutils-cut-huge-range-test.patch +++ b/gnu/packages/patches/coreutils-cut-huge-range-test.patch @@ -1,22 +1,33 @@ This patch fixes 100% reproducible test failures on arm-linux-gnueabihf in our -the build environment chroot, as reported at <https://bugs.gnu.org/26253>. -It is a followup to this upstream patch: +the build environment chroot, as reported at <https://bugs.gnu.org/26253>, +and now on x86_64-linux-gnu as well. It is a variant of this upstream patch: - commit 28803c8a3144d5d4363cdbd148bbe067af1a67c2 - Author: Pádraig Brady <P@draigBrady.com> - Date: Fri Mar 3 00:25:54 2017 -0800 + commit f5422009389678680dba9ff4ecb7d33632ee3383 + Author: Ludovic Courtès <ludo@gnu.org> + Date: Mon Mar 27 20:34:39 2017 -0700 - tests: avoid a spurious failure on older debian + tests: avoid false ulimit failure on some systems + + * tests/misc/cut-huge-range.sh: On some systems returns_ may + use more memory, so incorporate that in the determination + of the ulimit value to use. Noticed on ARMv7 with bash-4.4.12, + and x86_64 with bash-4.2.37. + Fixes http://bugs.gnu.org/26253 ... which appeared to be insufficient. +diff --git a/tests/misc/cut-huge-range.sh b/tests/misc/cut-huge-range.sh +index 6b3c5b6ed..55b7b640e 100755 --- a/tests/misc/cut-huge-range.sh +++ b/tests/misc/cut-huge-range.sh -@@ -22,6 +22,7 @@ getlimits_ +@@ -20,9 +20,9 @@ + print_ver_ cut + getlimits_ - vm=$(get_min_ulimit_v_ cut -b1 /dev/null) \ +-vm=$(get_min_ulimit_v_ cut -b1 /dev/null) \ ++vm=$(get_min_ulimit_v_ sh -c 'cut -b1 /dev/null') \ || skip_ "this shell lacks ulimit support" -+vm=$(($vm + $(getconf PAGESIZE))) # avoid spurious failures + vm=$(($vm + 1000)) # avoid spurious failures # sed script to subtract one from the input. # Each input line should consist of a positive decimal number. diff --git a/gnu/packages/patches/coreutils-fix-cross-compilation.patch b/gnu/packages/patches/coreutils-fix-cross-compilation.patch deleted file mode 100644 index 3f0d35c33e..0000000000 --- a/gnu/packages/patches/coreutils-fix-cross-compilation.patch +++ /dev/null @@ -1,15 +0,0 @@ -Coreutils fails to cross compile for other platforms because cu_install_program -is not being evaluated properly. This patch fixes it. -See <https://lists.gnu.org/archive/html/coreutils/2017-01/msg00039.html> ---- a/Makefile.in -+++ b/Makefile.in -@@ -5023,7 +5023,7 @@ pr = progs-readme - @CROSS_COMPILING_FALSE@cu_install_program = src/ginstall - - # Use the just-built 'ginstall', when not cross-compiling. --@CROSS_COMPILING_TRUE@cu_install_program = @INSTALL_PROGRAM@ -+@CROSS_COMPILING_TRUE@cu_install_program := @INSTALL@ - info_TEXINFOS = doc/coreutils.texi - doc_coreutils_TEXINFOS = \ - doc/perm.texi \ - diff --git a/gnu/packages/patches/eudev-conflicting-declaration.patch b/gnu/packages/patches/eudev-conflicting-declaration.patch deleted file mode 100644 index f5399e20d3..0000000000 --- a/gnu/packages/patches/eudev-conflicting-declaration.patch +++ /dev/null @@ -1,31 +0,0 @@ -Fix build failure due to conflicting declaration of -keyboard_lookup_key() in gperf-3.1: - -https://bugs.gentoo.org/show_bug.cgi?id=604864 - -Patch copied from upstream source repository: - -https://github.com/gentoo/eudev/commit/5bab4d8de0dcbb8e2e7d4d5125b4aea1652a0d60 - -From 5bab4d8de0dcbb8e2e7d4d5125b4aea1652a0d60 Mon Sep 17 00:00:00 2001 -From: "Anthony G. Basile" <blueness@gentoo.org> -Date: Thu, 5 Jan 2017 16:21:17 -0500 -Subject: [PATCH] src/udev/udev-builtin-keyboard.c: fix build with gperf 3.1 - -Signed-off-by: Anthony G. Basile <blueness@gentoo.org> ---- - src/udev/udev-builtin-keyboard.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/src/udev/udev-builtin-keyboard.c b/src/udev/udev-builtin-keyboard.c -index 73171c3..fad3520 100644 ---- a/src/udev/udev-builtin-keyboard.c -+++ b/src/udev/udev-builtin-keyboard.c -@@ -28,7 +28,6 @@ - - #include "udev.h" - --static const struct key *keyboard_lookup_key(const char *str, unsigned len); - #include "keyboard-keys-from-name.h" - #include "keyboard-keys-to-name.h" - diff --git a/gnu/packages/patches/expat-CVE-2016-0718-fix-regression.patch b/gnu/packages/patches/expat-CVE-2016-0718-fix-regression.patch deleted file mode 100644 index b489401fea..0000000000 --- a/gnu/packages/patches/expat-CVE-2016-0718-fix-regression.patch +++ /dev/null @@ -1,35 +0,0 @@ -Fix regression caused by fix for CVE-2016-0718 when building with -DXML_UNICODE. - -Discussion: - -https://sourceforge.net/p/expat/bugs/539/ - -Patch copied from upstream source repository: - -https://sourceforge.net/p/expat/code_git/ci/af507cef2c93cb8d40062a0abe43a4f4e9158fb2/ - -From af507cef2c93cb8d40062a0abe43a4f4e9158fb2 Mon Sep 17 00:00:00 2001 -From: Sebastian Pipping <sebastian@pipping.org> -Date: Sun, 17 Jul 2016 20:22:29 +0200 -Subject: [PATCH 1/2] Fix regression bug #539 (needs -DXML_UNICODE) - -Thanks to Andy Wang and Karl Waclawek! ---- - expat/lib/xmlparse.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c -index b308e67..0d5dd7b 100644 ---- a/lib/xmlparse.c -+++ b/lib/xmlparse.c -@@ -2468,7 +2468,7 @@ doContent(XML_Parser parser, - &fromPtr, rawNameEnd, - (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1); - convLen = (int)(toPtr - (XML_Char *)tag->buf); -- if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) { -+ if ((fromPtr >= rawNameEnd) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) { - tag->name.strLen = convLen; - break; - } --- -2.10.0 diff --git a/gnu/packages/patches/findutils-gnulib-multi-core.patch b/gnu/packages/patches/findutils-gnulib-multi-core.patch new file mode 100644 index 0000000000..5a37f4f1f9 --- /dev/null +++ b/gnu/packages/patches/findutils-gnulib-multi-core.patch @@ -0,0 +1,294 @@ +This patch fixes performance problems on multi-core machines +as reported at <https://bugs.gnu.org/26441>. + +See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib +by Bruno Haible <bruno@clisp.org>. + +diff --git a/tests/test-lock.c b/tests/test-lock.c +index a992f64..fb18dee 100644 +--- a/tests/test-lock.c ++++ b/tests/test-lock.c +@@ -1,5 +1,5 @@ + /* Test of locking in multithreaded situations. +- Copyright (C) 2005, 2008-2015 Free Software Foundation, Inc. ++ Copyright (C) 2005, 2008-2017 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -50,6 +50,28 @@ + Uncomment this to see if the operating system has a fair scheduler. */ + #define EXPLICIT_YIELD 1 + ++/* Whether to use 'volatile' on some variables that communicate information ++ between threads. If set to 0, a semaphore or a lock is used to protect ++ these variables. If set to 1, 'volatile' is used; this is theoretically ++ equivalent but can lead to much slower execution (e.g. 30x slower total ++ run time on a 40-core machine), because 'volatile' does not imply any ++ synchronization/communication between different CPUs. */ ++#define USE_VOLATILE 0 ++ ++#if USE_POSIX_THREADS && HAVE_SEMAPHORE_H ++/* Whether to use a semaphore to communicate information between threads. ++ If set to 0, a lock is used. If set to 1, a semaphore is used. ++ Uncomment this to reduce the dependencies of this test. */ ++# define USE_SEMAPHORE 1 ++/* Mac OS X provides only named semaphores (sem_open); its facility for ++ unnamed semaphores (sem_init) does not work. */ ++# if defined __APPLE__ && defined __MACH__ ++# define USE_NAMED_SEMAPHORE 1 ++# else ++# define USE_UNNAMED_SEMAPHORE 1 ++# endif ++#endif ++ + /* Whether to print debugging messages. */ + #define ENABLE_DEBUGGING 0 + +@@ -90,6 +112,12 @@ + + #include "glthread/thread.h" + #include "glthread/yield.h" ++#if USE_SEMAPHORE ++# include <errno.h> ++# include <fcntl.h> ++# include <semaphore.h> ++# include <unistd.h> ++#endif + + #if ENABLE_DEBUGGING + # define dbgprintf printf +@@ -103,6 +131,132 @@ + # define yield() + #endif + ++#if USE_VOLATILE ++struct atomic_int { ++ volatile int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ return ai->value; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ ai->value = new_value; ++} ++#elif USE_SEMAPHORE ++/* This atomic_int implementation can only support the values 0 and 1. ++ It is initially 0 and can be set to 1 only once. */ ++# if USE_UNNAMED_SEMAPHORE ++struct atomic_int { ++ sem_t semaphore; ++}; ++#define atomic_int_semaphore(ai) (&(ai)->semaphore) ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ sem_init (&ai->semaphore, 0, 0); ++} ++# endif ++# if USE_NAMED_SEMAPHORE ++struct atomic_int { ++ sem_t *semaphore; ++}; ++#define atomic_int_semaphore(ai) ((ai)->semaphore) ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ sem_t *s; ++ unsigned int count; ++ for (count = 0; ; count++) ++ { ++ char name[80]; ++ /* Use getpid() in the name, so that different processes running at the ++ same time will not interfere. Use ai in the name, so that different ++ atomic_int in the same process will not interfere. Use a count in ++ the name, so that even in the (unlikely) case that a semaphore with ++ the specified name already exists, we can try a different name. */ ++ sprintf (name, "test-lock-%lu-%p-%u", ++ (unsigned long) getpid (), ai, count); ++ s = sem_open (name, O_CREAT | O_EXCL, 0600, 0); ++ if (s == SEM_FAILED) ++ { ++ if (errno == EEXIST) ++ /* Retry with a different name. */ ++ continue; ++ else ++ { ++ perror ("sem_open failed"); ++ abort (); ++ } ++ } ++ else ++ { ++ /* Try not to leave a semaphore hanging around on the file system ++ eternally, if we can avoid it. */ ++ sem_unlink (name); ++ break; ++ } ++ } ++ ai->semaphore = s; ++} ++# endif ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ if (sem_trywait (atomic_int_semaphore (ai)) == 0) ++ { ++ if (sem_post (atomic_int_semaphore (ai))) ++ abort (); ++ return 1; ++ } ++ else if (errno == EAGAIN) ++ return 0; ++ else ++ abort (); ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ if (new_value == 0) ++ /* It's already initialized with 0. */ ++ return; ++ /* To set the value 1: */ ++ if (sem_post (atomic_int_semaphore (ai))) ++ abort (); ++} ++#else ++struct atomic_int { ++ gl_lock_define (, lock) ++ int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ gl_lock_init (ai->lock); ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ gl_lock_lock (ai->lock); ++ int ret = ai->value; ++ gl_lock_unlock (ai->lock); ++ return ret; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ gl_lock_lock (ai->lock); ++ ai->value = new_value; ++ gl_lock_unlock (ai->lock); ++} ++#endif ++ + #define ACCOUNT_COUNT 4 + + static int account[ACCOUNT_COUNT]; +@@ -170,12 +324,12 @@ lock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int lock_checker_done; ++static struct atomic_int lock_checker_done; + + static void * + lock_checker_thread (void *arg) + { +- while (!lock_checker_done) ++ while (get_atomic_int_value (&lock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_lock_lock (my_lock); +@@ -200,7 +354,8 @@ test_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- lock_checker_done = 0; ++ init_atomic_int (&lock_checker_done); ++ set_atomic_int_value (&lock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (lock_checker_thread, NULL); +@@ -210,7 +365,7 @@ test_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- lock_checker_done = 1; ++ set_atomic_int_value (&lock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } +@@ -254,12 +409,12 @@ rwlock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int rwlock_checker_done; ++static struct atomic_int rwlock_checker_done; + + static void * + rwlock_checker_thread (void *arg) + { +- while (!rwlock_checker_done) ++ while (get_atomic_int_value (&rwlock_checker_done) == 0) + { + dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ()); + gl_rwlock_rdlock (my_rwlock); +@@ -284,7 +439,8 @@ test_rwlock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- rwlock_checker_done = 0; ++ init_atomic_int (&rwlock_checker_done); ++ set_atomic_int_value (&rwlock_checker_done, 0); + + /* Spawn the threads. */ + for (i = 0; i < THREAD_COUNT; i++) +@@ -295,7 +451,7 @@ test_rwlock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- rwlock_checker_done = 1; ++ set_atomic_int_value (&rwlock_checker_done, 1); + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (checkerthreads[i], NULL); + check_accounts (); +@@ -356,12 +512,12 @@ reclock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int reclock_checker_done; ++static struct atomic_int reclock_checker_done; + + static void * + reclock_checker_thread (void *arg) + { +- while (!reclock_checker_done) ++ while (get_atomic_int_value (&reclock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_recursive_lock_lock (my_reclock); +@@ -386,7 +542,8 @@ test_recursive_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- reclock_checker_done = 0; ++ init_atomic_int (&reclock_checker_done); ++ set_atomic_int_value (&reclock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (reclock_checker_thread, NULL); +@@ -396,7 +553,7 @@ test_recursive_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- reclock_checker_done = 1; ++ set_atomic_int_value (&reclock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } diff --git a/gnu/packages/patches/fontconfig-charwidth-symbol-conflict.patch b/gnu/packages/patches/fontconfig-charwidth-symbol-conflict.patch deleted file mode 100644 index 8ebe33bc6c..0000000000 --- a/gnu/packages/patches/fontconfig-charwidth-symbol-conflict.patch +++ /dev/null @@ -1,82 +0,0 @@ -The first patch is copied from the upstream source repository: - -https://cgit.freedesktop.org/fontconfig/commit/?id=1ab5258f7c2abfafcd63a760ca08bf93591912da - -The second patch is adapted from a message to from the OpenEmbedded mailing list: - -http://lists.openembedded.org/pipermail/openembedded-core/2016-December/130213.html - -From 1ab5258f7c2abfafcd63a760ca08bf93591912da Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Wed, 14 Dec 2016 16:11:05 -0800 -Subject: Avoid conflicts with integer width macros from TS 18661-1:2014 - -glibc 2.25+ has now defined these macros in <limits.h> -https://sourceware.org/git/?p=glibc.git;a=commit;h=5b17fd0da62bf923cb61d1bb7b08cf2e1f1f9c1a - -Create an alias for FC_CHAR_WIDTH for ABI compatibility - -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -diff --git a/fontconfig/fontconfig.h b/fontconfig/fontconfig.h -index 5c72b22..070a557 100644 ---- a/fontconfig/fontconfig.h -+++ b/fontconfig/fontconfig.h -@@ -128,7 +128,8 @@ typedef int FcBool; - #define FC_USER_CACHE_FILE ".fonts.cache-" FC_CACHE_VERSION - - /* Adjust outline rasterizer */ --#define FC_CHAR_WIDTH "charwidth" /* Int */ -+#define FC_CHARWIDTH "charwidth" /* Int */ -+#define FC_CHAR_WIDTH FC_CHARWIDTH - #define FC_CHAR_HEIGHT "charheight"/* Int */ - #define FC_MATRIX "matrix" /* FcMatrix */ - -diff --git a/src/fcobjs.h b/src/fcobjs.h -index 1fc4f65..d27864b 100644 ---- a/src/fcobjs.h -+++ b/src/fcobjs.h -@@ -51,7 +51,7 @@ FC_OBJECT (DPI, FcTypeDouble, NULL) - FC_OBJECT (RGBA, FcTypeInteger, NULL) - FC_OBJECT (SCALE, FcTypeDouble, NULL) - FC_OBJECT (MINSPACE, FcTypeBool, NULL) --FC_OBJECT (CHAR_WIDTH, FcTypeInteger, NULL) -+FC_OBJECT (CHARWIDTH, FcTypeInteger, NULL) - FC_OBJECT (CHAR_HEIGHT, FcTypeInteger, NULL) - FC_OBJECT (MATRIX, FcTypeMatrix, NULL) - FC_OBJECT (CHARSET, FcTypeCharSet, FcCompareCharSet) --- -cgit v0.10.2 - -From 20cddc824c6501c2082cac41b162c34cd5fcc530 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem at gmail.com> -Date: Sun, 11 Dec 2016 14:32:00 -0800 -Subject: [PATCH] Avoid conflicts with integer width macros from TS - 18661-1:2014 - -glibc 2.25+ has now defined these macros in <limits.h> -https://sourceware.org/git/?p=glibc.git;a=commit;h=5b17fd0da62bf923cb61d1bb7b08cf2e1f1f9c1a - -Signed-off-by: Khem Raj <raj.khem at gmail.com> ---- -Upstream-Status: Submitted - - fontconfig/fontconfig.h | 2 +- - src/fcobjs.h | 2 +- - src/fcobjshash.gperf | 2 +- - src/fcobjshash.h | 2 +- - 4 files changed, 4 insertions(+), 4 deletions(-) - -Index: fontconfig-2.12.1/src/fcobjshash.h -=================================================================== ---- fontconfig-2.12.1.orig/src/fcobjshash.h -+++ fontconfig-2.12.1/src/fcobjshash.h -@@ -284,7 +284,7 @@ FcObjectTypeLookup (register const char - {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str43,FC_CHARSET_OBJECT}, - {-1}, - #line 47 "fcobjshash.gperf" -- {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str45,FC_CHAR_WIDTH_OBJECT}, -+ {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str45,FC_CHARWIDTH_OBJECT}, - #line 48 "fcobjshash.gperf" - {(int)(long)&((struct FcObjectTypeNamePool_t *)0)->FcObjectTypeNamePool_str46,FC_CHAR_HEIGHT_OBJECT}, - #line 55 "fcobjshash.gperf" diff --git a/gnu/packages/patches/fontconfig-path-max.patch b/gnu/packages/patches/fontconfig-path-max.patch deleted file mode 100644 index e12f60ef00..0000000000 --- a/gnu/packages/patches/fontconfig-path-max.patch +++ /dev/null @@ -1,124 +0,0 @@ -This patch fix the build on GNU/Hurd, due to PATH_MAX isn't defined. - -The patch was adapted from upstream source repository: -'<https://cgit.freedesktop.org/fontconfig/commit/?id=abdb6d658e1a16410dd1c964e365a3ebd5039e7c>' -Commit: abdb6d658e1a16410dd1c964e365a3ebd5039e7c - ---- - src/fcdefault.c | 34 +++++++++++++++++++++++++++------- - src/fcint.h | 6 ++++++ - src/fcstat.c | 12 +++++++++++- - 3 files changed, 44 insertions(+), 8 deletions(-) - -diff --git a/src/fcdefault.c b/src/fcdefault.c -index 6647a8f..5afd7ec 100644 ---- a/src/fcdefault.c -+++ b/src/fcdefault.c -@@ -148,17 +148,34 @@ retry: - prgname = FcStrdup (""); - #else - # if defined (HAVE_GETEXECNAME) -- const char *p = getexecname (); -+ char *p = FcStrdup(getexecname ()); - # elif defined (HAVE_READLINK) -- char buf[PATH_MAX + 1]; -- int len; -+ size_t size = FC_PATH_MAX; - char *p = NULL; - -- len = readlink ("/proc/self/exe", buf, sizeof (buf) - 1); -- if (len != -1) -+ while (1) - { -- buf[len] = '\0'; -- p = buf; -+ char *buf = malloc (size); -+ ssize_t len; -+ -+ if (!buf) -+ break; -+ -+ len = readlink ("/proc/self/exe", buf, size - 1); -+ if (len < 0) -+ { -+ free (buf); -+ break; -+ } -+ if (len < size - 1) -+ { -+ buf[len] = 0; -+ p = buf; -+ break; -+ } -+ -+ free (buf); -+ size *= 2; - } - # else - char *p = NULL; -@@ -176,6 +193,9 @@ retry: - - if (!prgname) - prgname = FcStrdup (""); -+ -+ if (p) -+ free (p); - #endif - - if (!fc_atomic_ptr_cmpexch (&default_prgname, NULL, prgname)) { -diff --git a/src/fcint.h b/src/fcint.h -index ac911ad..dad34c5 100644 ---- a/src/fcint.h -+++ b/src/fcint.h -@@ -70,6 +70,12 @@ extern pfnSHGetFolderPathA pSHGetFolderPathA; - # define FC_DIR_SEPARATOR_S "/" - #endif - -+#ifdef PATH_MAX -+#define FC_PATH_MAX PATH_MAX -+#else -+#define FC_PATH_MAX 128 -+#endif -+ - #if __GNUC__ >= 4 - #define FC_UNUSED __attribute__((unused)) - #else -diff --git a/src/fcstat.c b/src/fcstat.c -index 1734fa4..f6e1aaa 100644 ---- a/src/fcstat.c -+++ b/src/fcstat.c -@@ -278,8 +278,13 @@ FcDirChecksum (const FcChar8 *dir, time_t *checksum) - { - #endif - struct stat statb; -- char f[PATH_MAX + 1]; -+ char *f = malloc (len + 1 + dlen + 1); - -+ if (!f) -+ { -+ ret = -1; -+ goto bail; -+ } - memcpy (f, dir, len); - f[len] = FC_DIR_SEPARATOR; - memcpy (&f[len + 1], files[n]->d_name, dlen); -@@ -287,11 +292,16 @@ FcDirChecksum (const FcChar8 *dir, time_t *checksum) - if (lstat (f, &statb) < 0) - { - ret = -1; -+ free (f); - goto bail; - } - if (S_ISDIR (statb.st_mode)) -+ { -+ free (f); - goto bail; -+ } - -+ free (f); - dtype = statb.st_mode; - #ifdef HAVE_STRUCT_DIRENT_D_TYPE - } --- -2.11.0 - diff --git a/gnu/packages/patches/freetype-CVE-2017-8105.patch b/gnu/packages/patches/freetype-CVE-2017-8105.patch deleted file mode 100644 index 1891c4ab5f..0000000000 --- a/gnu/packages/patches/freetype-CVE-2017-8105.patch +++ /dev/null @@ -1,56 +0,0 @@ -Fix CVE-2017-8105: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8105 -https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 - -Patch copied from upstream source repository: - -https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 - -From f958c48ee431bef8d4d466b40c9cb2d4dbcb7791 Mon Sep 17 00:00:00 2001 -From: Werner Lemberg <wl@gnu.org> -Date: Fri, 24 Mar 2017 09:15:10 +0100 -Subject: [PATCH] [psaux] Better protect `flex' handling. - -Reported as - - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935 - -* src/psaux/t1decode.c (t1_decoder_parse_charstrings) -<callothersubr>: Since there is not a single flex operator but a -series of subroutine calls, malformed fonts can call arbitrary other -operators after the start of a flex, possibly adding points. For -this reason we have to check the available number of points before -inserting a point. ---- - ChangeLog | 15 +++++++++++++++ - src/psaux/t1decode.c | 9 +++++++++ - 2 files changed, 24 insertions(+) - -diff --git a/src/psaux/t1decode.c b/src/psaux/t1decode.c -index af7b465e..7dd45135 100644 ---- a/src/psaux/t1decode.c -+++ b/src/psaux/t1decode.c -@@ -780,10 +780,19 @@ - /* point without adding any point to the outline */ - idx = decoder->num_flex_vectors++; - if ( idx > 0 && idx < 7 ) -+ { -+ /* in malformed fonts it is possible to have other */ -+ /* opcodes in the middle of a flex (which don't */ -+ /* increase `num_flex_vectors'); we thus have to */ -+ /* check whether we can add a point */ -+ if ( FT_SET_ERROR( t1_builder_check_points( builder, 1 ) ) ) -+ goto Syntax_Error; -+ - t1_builder_add_point( builder, - x, - y, - (FT_Byte)( idx == 3 || idx == 6 ) ); -+ } - } - break; - --- -2.12.2 - diff --git a/gnu/packages/patches/freetype-CVE-2017-8287.patch b/gnu/packages/patches/freetype-CVE-2017-8287.patch deleted file mode 100644 index d1145a87ee..0000000000 --- a/gnu/packages/patches/freetype-CVE-2017-8287.patch +++ /dev/null @@ -1,44 +0,0 @@ -Fix CVE-2017-8287: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287 -https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 - -Patch copied from upstream source repository: -https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0 - -From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001 -From: Werner Lemberg <wl@gnu.org> -Date: Sun, 26 Mar 2017 08:32:09 +0200 -Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety - guard. - -Reported as - - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 ---- - ChangeLog | 8 ++++++++ - src/psaux/psobjs.c | 8 ++++++++ - 2 files changed, 16 insertions(+) - -diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c -index d18e821a..0baf8368 100644 ---- a/src/psaux/psobjs.c -+++ b/src/psaux/psobjs.c -@@ -1718,6 +1718,14 @@ - first = outline->n_contours <= 1 - ? 0 : outline->contours[outline->n_contours - 2] + 1; - -+ /* in malformed fonts it can happen that a contour was started */ -+ /* but no points were added */ -+ if ( outline->n_contours && first == outline->n_points ) -+ { -+ outline->n_contours--; -+ return; -+ } -+ - /* We must not include the last point in the path if it */ - /* is located on the first point. */ - if ( outline->n_points > 1 ) --- -2.12.2 - diff --git a/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch b/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch new file mode 100644 index 0000000000..74b10c4a44 --- /dev/null +++ b/gnu/packages/patches/gcc-asan-powerpc-missing-include.patch @@ -0,0 +1,20 @@ +Add missing include that triggers a build failure on PowerPC: + + ../../../../gcc-5.4.0/libsanitizer/asan/asan_linux.cc: In function ‘bool __asan::AsanInterceptsSignal(int)’: + ../../../../gcc-5.4.0/libsanitizer/asan/asan_linux.cc:222:20: error: ‘SIGSEGV’ was not declared in this scope + return signum == SIGSEGV && common_flags()->handle_segv; + ^ +From <https://patchwork.ozlabs.org/patch/725596/>. + +diff --git a/libsanitizer/asan/asan_linux.cc b/libsanitizer/asan/asan_linux.cc +index c504168..59087b9 100644 +--- a/libsanitizer/asan/asan_linux.cc ++++ b/libsanitizer/asan/asan_linux.cc +@@ -29,6 +29,7 @@ + #include <dlfcn.h> + #include <fcntl.h> + #include <pthread.h> ++#include <signal.h> + #include <stdio.h> + #include <unistd.h> + #include <unwind.h> diff --git a/gnu/packages/patches/gettext-gnulib-multi-core.patch b/gnu/packages/patches/gettext-gnulib-multi-core.patch new file mode 100644 index 0000000000..5ccdbe4ca1 --- /dev/null +++ b/gnu/packages/patches/gettext-gnulib-multi-core.patch @@ -0,0 +1,178 @@ +This patch fixes performance problems on multi-core machines +as reported at <https://bugs.gnu.org/26441>. + +See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib +by Bruno Haible <bruno@clisp.org>. + +diff --git a/gettext-tools/gnulib-tests/test-lock.c b/gettext-tools/gnulib-tests/test-lock.c +index cb734b4e6..aa6de2739 100644 +--- a/gettext-tools/gnulib-tests/test-lock.c ++++ b/gettext-tools/gnulib-tests/test-lock.c +@@ -50,6 +50,13 @@ + Uncomment this to see if the operating system has a fair scheduler. */ + #define EXPLICIT_YIELD 1 + ++/* Whether to use 'volatile' on some variables that communicate information ++ between threads. If set to 0, a lock is used to protect these variables. ++ If set to 1, 'volatile' is used; this is theoretically equivalent but can ++ lead to much slower execution (e.g. 30x slower total run time on a 40-core ++ machine. */ ++#define USE_VOLATILE 0 ++ + /* Whether to print debugging messages. */ + #define ENABLE_DEBUGGING 0 + +@@ -103,6 +110,51 @@ + # define yield() + #endif + ++#if USE_VOLATILE ++struct atomic_int { ++ volatile int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ return ai->value; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ ai->value = new_value; ++} ++#else ++struct atomic_int { ++ gl_lock_define (, lock) ++ int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ gl_lock_init (ai->lock); ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ gl_lock_lock (ai->lock); ++ int ret = ai->value; ++ gl_lock_unlock (ai->lock); ++ return ret; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ gl_lock_lock (ai->lock); ++ ai->value = new_value; ++ gl_lock_unlock (ai->lock); ++} ++#endif ++ + #define ACCOUNT_COUNT 4 + + static int account[ACCOUNT_COUNT]; +@@ -170,12 +222,12 @@ lock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int lock_checker_done; ++static struct atomic_int lock_checker_done; + + static void * + lock_checker_thread (void *arg) + { +- while (!lock_checker_done) ++ while (get_atomic_int_value (&lock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_lock_lock (my_lock); +@@ -200,7 +252,8 @@ test_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- lock_checker_done = 0; ++ init_atomic_int (&lock_checker_done); ++ set_atomic_int_value (&lock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (lock_checker_thread, NULL); +@@ -210,7 +263,7 @@ test_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- lock_checker_done = 1; ++ set_atomic_int_value (&lock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } +@@ -254,12 +307,12 @@ rwlock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int rwlock_checker_done; ++static struct atomic_int rwlock_checker_done; + + static void * + rwlock_checker_thread (void *arg) + { +- while (!rwlock_checker_done) ++ while (get_atomic_int_value (&rwlock_checker_done) == 0) + { + dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ()); + gl_rwlock_rdlock (my_rwlock); +@@ -284,7 +337,8 @@ test_rwlock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- rwlock_checker_done = 0; ++ init_atomic_int (&rwlock_checker_done); ++ set_atomic_int_value (&rwlock_checker_done, 0); + + /* Spawn the threads. */ + for (i = 0; i < THREAD_COUNT; i++) +@@ -295,7 +349,7 @@ test_rwlock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- rwlock_checker_done = 1; ++ set_atomic_int_value (&rwlock_checker_done, 1); + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (checkerthreads[i], NULL); + check_accounts (); +@@ -356,12 +410,12 @@ reclock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int reclock_checker_done; ++static struct atomic_int reclock_checker_done; + + static void * + reclock_checker_thread (void *arg) + { +- while (!reclock_checker_done) ++ while (get_atomic_int_value (&reclock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_recursive_lock_lock (my_reclock); +@@ -386,7 +440,8 @@ test_recursive_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- reclock_checker_done = 0; ++ init_atomic_int (&reclock_checker_done); ++ set_atomic_int_value (&reclock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (reclock_checker_thread, NULL); +@@ -396,7 +451,7 @@ test_recursive_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- reclock_checker_done = 1; ++ set_atomic_int_value (&reclock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } diff --git a/gnu/packages/patches/gettext-multi-core.patch b/gnu/packages/patches/gettext-multi-core.patch new file mode 100644 index 0000000000..31a378cfd0 --- /dev/null +++ b/gnu/packages/patches/gettext-multi-core.patch @@ -0,0 +1,185 @@ +This patch fixes performance problems on multi-core machines +as reported at <https://bugs.gnu.org/26441>. + +See commit 1afbcb06fded2a427b761dd1615b1e48e1e853cc in Gettext +by Bruno Haible <bruno@clisp.org>. + +diff --git a/gettext-runtime/tests/test-lock.c b/gettext-runtime/tests/test-lock.c +index d279d1d60..51cec3d6b 100644 +--- a/gettext-runtime/tests/test-lock.c ++++ b/gettext-runtime/tests/test-lock.c +@@ -1,5 +1,5 @@ + /* Test of locking in multithreaded situations. +- Copyright (C) 2005, 2008-2016 Free Software Foundation, Inc. ++ Copyright (C) 2005, 2008-2017 Free Software Foundation, Inc. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU Lesser General Public License as published by +@@ -50,6 +50,13 @@ + Uncomment this to see if the operating system has a fair scheduler. */ + #define EXPLICIT_YIELD 1 + ++/* Whether to use 'volatile' on some variables that communicate information ++ between threads. If set to 0, a lock is used to protect these variables. ++ If set to 1, 'volatile' is used; this is theoretically equivalent but can ++ lead to much slower execution (e.g. 30x slower total run time on a 40-core ++ machine. */ ++#define USE_VOLATILE 0 ++ + /* Whether to print debugging messages. */ + #define ENABLE_DEBUGGING 0 + +@@ -214,6 +221,51 @@ static inline void * gl_thread_self_pointer (void) + # define yield() + #endif + ++#if USE_VOLATILE ++struct atomic_int { ++ volatile int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ return ai->value; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ ai->value = new_value; ++} ++#else ++struct atomic_int { ++ gl_lock_define (, lock) ++ int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ gl_lock_init (ai->lock); ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ gl_lock_lock (ai->lock); ++ int ret = ai->value; ++ gl_lock_unlock (ai->lock); ++ return ret; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ gl_lock_lock (ai->lock); ++ ai->value = new_value; ++ gl_lock_unlock (ai->lock); ++} ++#endif ++ + #define ACCOUNT_COUNT 4 + + static int account[ACCOUNT_COUNT]; +@@ -281,12 +333,12 @@ lock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int lock_checker_done; ++static struct atomic_int lock_checker_done; + + static void * + lock_checker_thread (void *arg) + { +- while (!lock_checker_done) ++ while (get_atomic_int_value (&lock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_lock_lock (my_lock); +@@ -311,7 +363,8 @@ test_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- lock_checker_done = 0; ++ init_atomic_int (&lock_checker_done); ++ set_atomic_int_value (&lock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (lock_checker_thread, NULL); +@@ -321,7 +374,7 @@ test_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- lock_checker_done = 1; ++ set_atomic_int_value (&lock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } +@@ -365,12 +418,12 @@ rwlock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int rwlock_checker_done; ++static struct atomic_int rwlock_checker_done; + + static void * + rwlock_checker_thread (void *arg) + { +- while (!rwlock_checker_done) ++ while (get_atomic_int_value (&rwlock_checker_done) == 0) + { + dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ()); + gl_rwlock_rdlock (my_rwlock); +@@ -395,7 +448,8 @@ test_rwlock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- rwlock_checker_done = 0; ++ init_atomic_int (&rwlock_checker_done); ++ set_atomic_int_value (&rwlock_checker_done, 0); + + /* Spawn the threads. */ + for (i = 0; i < THREAD_COUNT; i++) +@@ -406,7 +460,7 @@ test_rwlock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- rwlock_checker_done = 1; ++ set_atomic_int_value (&rwlock_checker_done, 1); + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (checkerthreads[i], NULL); + check_accounts (); +@@ -467,12 +521,12 @@ reclock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int reclock_checker_done; ++static struct atomic_int reclock_checker_done; + + static void * + reclock_checker_thread (void *arg) + { +- while (!reclock_checker_done) ++ while (get_atomic_int_value (&reclock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_recursive_lock_lock (my_reclock); +@@ -497,7 +551,8 @@ test_recursive_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- reclock_checker_done = 0; ++ init_atomic_int (&reclock_checker_done); ++ set_atomic_int_value (&reclock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (reclock_checker_thread, NULL); +@@ -507,7 +562,7 @@ test_recursive_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- reclock_checker_done = 1; ++ set_atomic_int_value (&reclock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } diff --git a/gnu/packages/patches/ghostscript-CVE-2013-5653.patch b/gnu/packages/patches/ghostscript-CVE-2013-5653.patch deleted file mode 100644 index 622266b176..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2013-5653.patch +++ /dev/null @@ -1,85 +0,0 @@ -The following patch was adapted for GNU Ghostscript -by Mark H Weaver <mhw@netris.org> based on: - -http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=ab109aaeb3ddba59518b036fb288402a65cf7ce8 - -From ab109aaeb3ddba59518b036fb288402a65cf7ce8 Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Sat, 5 Mar 2016 14:56:03 -0800 -Subject: [PATCH] Bug 694724: Have filenameforall and getenv honor SAFER - ---- - Resource/Init/gs_init.ps | 2 ++ - psi/zfile.c | 36 ++++++++++++++++++++---------------- - 2 files changed, 22 insertions(+), 16 deletions(-) - -diff --git a/Resource/Init/gs_init.ps b/Resource/Init/gs_init.ps -index fa33d88..99888ac 100644 ---- a/Resource/Init/gs_init.ps -+++ b/Resource/Init/gs_init.ps -@@ -2018,6 +2018,7 @@ readonly def - - /.locksafe { - .locksafe_userparams -+ systemdict /getenv {pop //false} put - % setpagedevice has the side effect of clearing the page, but - % we will just document that. Using setpagedevice keeps the device - % properties and pagedevice .LockSafetyParams in agreement even -@@ -2036,6 +2037,7 @@ readonly def - %% - /.locksafeglobal { - .locksafe_userparams -+ systemdict /getenv {pop //false} put - % setpagedevice has the side effect of clearing the page, but - % we will just document that. Using setpagedevice keeps the device - % properties and pagedevice .LockSafetyParams in agreement even -diff --git a/psi/zfile.c b/psi/zfile.c -index 320ecd5..0b9f299 100644 ---- a/psi/zfile.c -+++ b/psi/zfile.c -@@ -371,22 +371,26 @@ file_continue(i_ctx_t *i_ctx_p) - - if (len < devlen) - return_error(e_rangecheck); /* not even room for device len */ -- memcpy((char *)pscratch->value.bytes, iodev->dname, devlen); -- code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen, -- len - devlen); -- if (code == ~(uint) 0) { /* all done */ -- esp -= 5; /* pop proc, pfen, devlen, iodev , mark */ -- return o_pop_estack; -- } else if (code > len) /* overran string */ -- return_error(e_rangecheck); -- else { -- push(1); -- ref_assign(op, pscratch); -- r_set_size(op, code + devlen); -- push_op_estack(file_continue); /* come again */ -- *++esp = pscratch[2]; /* proc */ -- return o_push_estack; -- } -+ -+ do { -+ memcpy((char *)pscratch->value.bytes, iodev->dname, devlen); -+ code = iodev->procs.enumerate_next(pfen, (char *)pscratch->value.bytes + devlen, -+ len - devlen); -+ if (code == ~(uint) 0) { /* all done */ -+ esp -= 5; /* pop proc, pfen, devlen, iodev , mark */ -+ return o_pop_estack; -+ } else if (code > len) /* overran string */ -+ return_error(e_rangecheck); -+ else if (iodev != iodev_default(imemory) -+ || (check_file_permissions_reduced(i_ctx_p, (char *)pscratch->value.bytes, code + devlen, "PermitFileReading")) == 0) { -+ push(1); -+ ref_assign(op, pscratch); -+ r_set_size(op, code + devlen); -+ push_op_estack(file_continue); /* come again */ -+ *++esp = pscratch[2]; /* proc */ -+ return o_push_estack; -+ } -+ } while(1); - } - /* Cleanup procedure for enumerating files */ - static int --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2015-3228.patch b/gnu/packages/patches/ghostscript-CVE-2015-3228.patch deleted file mode 100644 index c19fdb1d43..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2015-3228.patch +++ /dev/null @@ -1,32 +0,0 @@ -The file names in the upstream patch below were modified to apply to GNU -ghostscript. - -From 0c0b0859ae1aba64861599f0e7f74f143f305932 Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Tue, 7 Jul 2015 16:57:41 +0100 -Subject: [PATCH] Bug 696041: sanity check for memory allocation. - -In gs_heap_alloc_bytes(), add a sanity check to ensure we don't overflow the -variable holding the actual number of bytes we allocate. - -No cluster differences ---- - gs/base/gsmalloc.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/base/gsmalloc.c b/base/gsmalloc.c -index 624552d..cad79c2 100644 ---- a/base/gsmalloc.c -+++ b/base/gsmalloc.c -@@ -178,7 +178,7 @@ gs_heap_alloc_bytes(gs_memory_t * mem, uint size, client_name_t cname) - } else { - uint added = size + sizeof(gs_malloc_block_t); - -- if (mmem->limit - added < mmem->used) -+ if (added <= size || mmem->limit - added < mmem->used) - set_msg("exceeded limit"); - else if ((ptr = (byte *) Memento_label(malloc(added), cname)) == 0) - set_msg("failed"); --- -2.4.6 - diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7976.patch b/gnu/packages/patches/ghostscript-CVE-2016-7976.patch deleted file mode 100644 index 0a09f89016..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2016-7976.patch +++ /dev/null @@ -1,185 +0,0 @@ -The following patch was adapted for GNU Ghostscript -by Mark H Weaver <mhw@netris.org> based on: - -http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=6d444c273da5499a4cd72f21cb6d4c9a5256807d - -From 6d444c273da5499a4cd72f21cb6d4c9a5256807d Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Wed, 5 Oct 2016 09:55:55 +0100 -Subject: [PATCH] Bug 697178: Add a file permissions callback - -For the rare occasions when the graphics library directly opens a file -(currently for reading), this allows us to apply any restrictions on -file access normally applied in the interpteter. ---- - base/gsicc_manage.c | 10 ++++++---- - base/gslibctx.c | 12 +++++++++++- - base/gslibctx.h | 7 +++++++ - psi/imain.c | 2 ++ - psi/int.mak | 2 +- - psi/zfile.c | 19 +++++++++++++++++++ - psi/zfile.h | 7 +++++++ - 7 files changed, 53 insertions(+), 6 deletions(-) - -diff --git a/base/gsicc_manage.c b/base/gsicc_manage.c -index 931c2a6..e9c09c3 100644 ---- a/base/gsicc_manage.c -+++ b/base/gsicc_manage.c -@@ -1028,10 +1028,12 @@ gsicc_open_search(const char* pname, int namelen, gs_memory_t *mem_gc, - } - - /* First just try it like it is */ -- str = sfopen(pname, "rb", mem_gc); -- if (str != NULL) { -- *strp = str; -- return 0; -+ if (gs_check_file_permission(mem_gc, pname, namelen, "r") >= 0) { -+ str = sfopen(pname, "rb", mem_gc); -+ if (str != NULL) { -+ *strp = str; -+ return 0; -+ } - } - - /* If that fails, try %rom% */ /* FIXME: Not sure this is needed or correct */ -diff --git a/base/gslibctx.c b/base/gslibctx.c -index eaa0458..37ce1ca 100644 ---- a/base/gslibctx.c -+++ b/base/gslibctx.c -@@ -121,7 +121,7 @@ int gs_lib_ctx_init( gs_memory_t *mem ) - mem->gs_lib_ctx = NULL; - return -1; - } -- -+ pio->client_check_file_permission = NULL; - gp_get_realtime(pio->real_time_0); - - return 0; -@@ -262,3 +262,13 @@ void errflush(const gs_memory_t *mem) - fflush(mem->gs_lib_ctx->fstderr); - /* else nothing to flush */ - } -+ -+int -+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission) -+{ -+ int code = 0; -+ if (mem->gs_lib_ctx->client_check_file_permission != NULL) { -+ code = mem->gs_lib_ctx->client_check_file_permission(mem, fname, len, permission); -+ } -+ return code; -+} -diff --git a/base/gslibctx.h b/base/gslibctx.h -index 7a4e110..020e2d9 100644 ---- a/base/gslibctx.h -+++ b/base/gslibctx.h -@@ -32,6 +32,9 @@ typedef struct gs_fapi_server_s gs_fapi_server; - # define gs_font_dir_DEFINED - typedef struct gs_font_dir_s gs_font_dir; - #endif -+ -+typedef int (*client_check_file_permission_t) (gs_memory_t *mem, const char *fname, const int len, const char *permission); -+ - typedef struct gs_lib_ctx_s - { - gs_memory_t *memory; /* mem->gs_lib_ctx->memory == mem */ -@@ -59,6 +62,7 @@ typedef struct gs_lib_ctx_s - bool dict_auto_expand; /* ps dictionary: false level 1 true level 2 or 3 */ - /* A table of local copies of the IODevices */ - struct gx_io_device_s **io_device_table; -+ client_check_file_permission_t client_check_file_permission; - /* Define the default value of AccurateScreens that affects setscreen - and setcolorscreen. */ - bool screen_accurate_screens; -@@ -108,6 +112,9 @@ int - void gs_lib_ctx_set_icc_directory(const gs_memory_t *mem_gc, const char* pname, - int dir_namelen); - -+int -+gs_check_file_permission (gs_memory_t *mem, const char *fname, const int len, const char *permission); -+ - #define IS_LIBCTX_STDOUT(mem, f) (f == mem->gs_lib_ctx->fstdout) - #define IS_LIBCTX_STDERR(mem, f) (f == mem->gs_lib_ctx->fstderr) - -diff --git a/psi/imain.c b/psi/imain.c -index 9a9bb5d..6874128 100644 ---- a/psi/imain.c -+++ b/psi/imain.c -@@ -57,6 +57,7 @@ - #include "ivmspace.h" - #include "idisp.h" /* for setting display device callback */ - #include "iplugin.h" -+#include "zfile.h" - - #ifdef PACIFY_VALGRIND - #include "valgrind.h" -@@ -215,6 +216,7 @@ gs_main_init1(gs_main_instance * minst) - "the_gs_name_table"); - if (code < 0) - return code; -+ mem->gs_lib_ctx->client_check_file_permission = z_check_file_permissions; - } - code = obj_init(&minst->i_ctx_p, &idmem); /* requires name_init */ - if (code < 0) -diff --git a/psi/int.mak b/psi/int.mak -index 4654afc..bb30d51 100644 ---- a/psi/int.mak -+++ b/psi/int.mak -@@ -1868,7 +1868,7 @@ $(PSOBJ)imain.$(OBJ) : $(PSSRC)imain.c $(GH) $(memory__h) $(string__h)\ - $(ialloc_h) $(iconf_h) $(idebug_h) $(idict_h) $(idisp_h) $(iinit_h)\ - $(iname_h) $(interp_h) $(iplugin_h) $(isave_h) $(iscan_h) $(ivmspace_h)\ - $(iinit_h) $(main_h) $(oper_h) $(ostack_h)\ -- $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) -+ $(sfilter_h) $(store_h) $(stream_h) $(strimpl_h) $(zfile_h) - $(PSCC) $(PSO_)imain.$(OBJ) $(C_) $(PSSRC)imain.c - - #****** $(CCINT) interp.c -diff --git a/psi/zfile.c b/psi/zfile.c -index 2c6c958..2f27f82 100644 ---- a/psi/zfile.c -+++ b/psi/zfile.c -@@ -197,6 +197,25 @@ check_file_permissions(i_ctx_t *i_ctx_p, const char *fname, int len, - return check_file_permissions_reduced(i_ctx_p, fname_reduced, rlen, permitgroup); - } - -+/* z_check_file_permissions: see zfile.h for explanation -+ */ -+int -+z_check_file_permissions(gs_memory_t *mem, const char *fname, const int len, const char *permission) -+{ -+ i_ctx_t *i_ctx_p = get_minst_from_memory(mem)->i_ctx_p; -+ gs_parsed_file_name_t pname; -+ const char *permitgroup = permission[0] == 'r' ? "PermitFileReading" : "PermitFileWriting"; -+ int code = gs_parse_file_name(&pname, fname, len, imemory); -+ if (code < 0) -+ return code; -+ -+ if (pname.iodev && i_ctx_p->LockFilePermissions && strcmp(pname.iodev->dname, "%pipe%") == 0) -+ return e_invalidfileaccess; -+ -+ code = check_file_permissions(i_ctx_p, fname, len, permitgroup); -+ return code; -+} -+ - /* <name_string> <access_string> file <file> */ - int /* exported for zsysvm.c */ - zfile(i_ctx_t *i_ctx_p) -diff --git a/psi/zfile.h b/psi/zfile.h -index fdf1373..a9399c7 100644 ---- a/psi/zfile.h -+++ b/psi/zfile.h -@@ -22,4 +22,11 @@ - int zopen_file(i_ctx_t *i_ctx_p, const gs_parsed_file_name_t *pfn, - const char *file_access, stream **ps, gs_memory_t *mem); - -+/* z_check_file_permissions: a callback (via mem->gs_lib_ctx->client_check_file_permission) -+ * to allow applying the above permissions checks when opening file(s) from -+ * the graphics library -+ */ -+int -+z_check_file_permissions(gs_memory_t *mem, const char *fname, -+ const int len, const char *permission); - #endif --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7978.patch b/gnu/packages/patches/ghostscript-CVE-2016-7978.patch deleted file mode 100644 index 81cb26e9ed..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2016-7978.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 6f749c0c44e7b9e09737b9f29edf29925a34f0cf Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Wed, 5 Oct 2016 09:59:25 +0100 -Subject: [PATCH] Bug 697179: Reference count device icc profile - -when copying a device ---- - base/gsdevice.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/base/gsdevice.c b/base/gsdevice.c -index 778106f..aea986a 100644 ---- a/base/gsdevice.c -+++ b/base/gsdevice.c -@@ -614,6 +614,7 @@ gx_device_init(gx_device * dev, const gx_device * proto, gs_memory_t * mem, - dev->memory = mem; - dev->retained = !internal; - rc_init(dev, mem, (internal ? 0 : 1)); -+ rc_increment(dev->icc_struct); - } - - void --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2016-7979.patch b/gnu/packages/patches/ghostscript-CVE-2016-7979.patch deleted file mode 100644 index a557adfdea..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2016-7979.patch +++ /dev/null @@ -1,48 +0,0 @@ -The following patch was adapted for GNU Ghostscript -by Mark H Weaver <mhw@netris.org> based on: - -http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=875a0095f37626a721c7ff57d606a0f95af03913 - -From 875a0095f37626a721c7ff57d606a0f95af03913 Mon Sep 17 00:00:00 2001 -From: Ken Sharp <ken.sharp@artifex.com> -Date: Wed, 5 Oct 2016 10:10:58 +0100 -Subject: [PATCH] DSC parser - validate parameters - -Bug #697190 ".initialize_dsc_parser doesn't validate the parameter is a dict type before using it." - -Regardless of any security implications, its simply wrong for a PostScript -operator not to validate its parameter(s). - -No differences expected. ---- - psi/zdscpars.c | 13 +++++++++---- - 1 file changed, 9 insertions(+), 4 deletions(-) - -diff --git a/psi/zdscpars.c b/psi/zdscpars.c -index c05e154..9b4b605 100644 ---- a/psi/zdscpars.c -+++ b/psi/zdscpars.c -@@ -150,11 +150,16 @@ zinitialize_dsc_parser(i_ctx_t *i_ctx_p) - ref local_ref; - int code; - os_ptr const op = osp; -- dict * const pdict = op->value.pdict; -- gs_memory_t * const mem = (gs_memory_t *)dict_memory(pdict); -- dsc_data_t * const data = -- gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init"); -+ dict *pdict; -+ gs_memory_t *mem; -+ dsc_data_t *data; - -+ check_read_type(*op, t_dictionary); -+ -+ pdict = op->value.pdict; -+ mem = (gs_memory_t *)dict_memory(pdict); -+ -+ data = gs_alloc_struct(mem, dsc_data_t, &st_dsc_data_t, "DSC parser init"); - if (!data) - return_error(e_VMerror); - data->document_level = 0; --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2016-8602.patch b/gnu/packages/patches/ghostscript-CVE-2016-8602.patch deleted file mode 100644 index aaf20b6c6c..0000000000 --- a/gnu/packages/patches/ghostscript-CVE-2016-8602.patch +++ /dev/null @@ -1,47 +0,0 @@ -The following patch was adapted for GNU Ghostscript -by Mark H Weaver <mhw@netris.org> based on: - -http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78 - -From f5c7555c30393e64ec1f5ab0dfae5b55b3b3fc78 Mon Sep 17 00:00:00 2001 -From: Chris Liddell <chris.liddell@artifex.com> -Date: Sat, 8 Oct 2016 16:10:27 +0100 -Subject: [PATCH] Bug 697203: check for sufficient params in .sethalftone5 - -and param types ---- - psi/zht2.c | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/psi/zht2.c b/psi/zht2.c -index fb4a264..dfa27a4 100644 ---- a/psi/zht2.c -+++ b/psi/zht2.c -@@ -82,14 +82,22 @@ zsethalftone5(i_ctx_t *i_ctx_p) - gs_memory_t *mem; - uint edepth = ref_stack_count(&e_stack); - int npop = 2; -- int dict_enum = dict_first(op); -+ int dict_enum; - ref rvalue[2]; - int cname, colorant_number; - byte * pname; - uint name_size; - int halftonetype, type = 0; - gs_state *pgs = igs; -- int space_index = r_space_index(op - 1); -+ int space_index; -+ -+ if (ref_stack_count(&o_stack) < 2) -+ return_error(e_stackunderflow); -+ check_type(*op, t_dictionary); -+ check_type(*(op - 1), t_dictionary); -+ -+ dict_enum = dict_first(op); -+ space_index = r_space_index(op - 1); - - mem = (gs_memory_t *) idmemory->spaces_indexed[space_index]; - --- -2.9.1 - diff --git a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch index db80b6ddec..d38bd593c0 100644 --- a/gnu/packages/patches/ghostscript-CVE-2017-8291.patch +++ b/gnu/packages/patches/ghostscript-CVE-2017-8291.patch @@ -1,15 +1,60 @@ Fix CVE-2017-8291: -https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8291 +https://bugs.ghostscript.com/show_bug.cgi?id=697799 +https://bugs.ghostscript.com/show_bug.cgi?id=697808 (duplicate) +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8291 -This patch is adapted from these two Artifex Ghostscript commits by Leo -Famulari <leo@famulari.name>: +Patches copied from upstream source repository: -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d;hp=4f83478c88c2e05d6e8d79ca4557eb039354d2f3 -https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3;hp=5603e8fc3e59c435318877efe627967ee6baebb8 +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4f83478c88c2e05d6e8d79ca4557eb039354d2f3 +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=04b37bbce174eed24edec7ad5b920eb93db4d47d +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e +https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad + +From 4f83478c88c2e05d6e8d79ca4557eb039354d2f3 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Thu, 27 Apr 2017 13:03:33 +0100 +Subject: [PATCH] Bug 697799: have .eqproc check its parameters + +The Ghostscript custom operator .eqproc was not check the number or type of +the parameters it was given. +--- + psi/zmisc3.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/psi/zmisc3.c b/psi/zmisc3.c +index 54b304246..37293ff4b 100644 +--- a/psi/zmisc3.c ++++ b/psi/zmisc3.c +@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p) + ref2_t stack[MAX_DEPTH + 1]; + ref2_t *top = stack; + ++ if (ref_stack_count(&o_stack) < 2) ++ return_error(gs_error_stackunderflow); ++ if (!r_is_array(op - 1) || !r_is_array(op)) { ++ return_error(gs_error_typecheck); ++ } ++ + make_array(&stack[0].proc1, 0, 1, op - 1); + make_array(&stack[0].proc2, 0, 1, op); + for (;;) { +-- +2.13.0 + +From 04b37bbce174eed24edec7ad5b920eb93db4d47d Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Thu, 27 Apr 2017 13:21:31 +0100 +Subject: [PATCH] Bug 697799: have .rsdparams check its parameters + +The Ghostscript internal operator .rsdparams wasn't checking the number or +type of the operands it was being passed. Do so. +--- + psi/zfrsd.c | 22 +++++++++++++++------- + 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/psi/zfrsd.c b/psi/zfrsd.c -index fb4bce9..2629afa 100644 +index 191107d8a..950588d69 100644 --- a/psi/zfrsd.c +++ b/psi/zfrsd.c @@ -49,13 +49,20 @@ zrsdparams(i_ctx_t *i_ctx_p) @@ -24,9 +69,9 @@ index fb4bce9..2629afa 100644 + int code = 0; + + if (ref_stack_count(&o_stack) < 1) -+ return_error(e_stackunderflow); ++ return_error(gs_error_stackunderflow); + if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) { -+ return_error(e_typecheck); ++ return_error(gs_error_typecheck); + } make_empty_array(&empty_array, a_readonly); @@ -35,15 +80,15 @@ index fb4bce9..2629afa 100644 + && dict_find_string(op, "Filter", &pFilter) > 0) { if (!r_is_array(pFilter)) { if (!r_has_type(pFilter, t_name)) - return_error(e_typecheck); + return_error(gs_error_typecheck); @@ -94,12 +101,13 @@ zrsdparams(i_ctx_t *i_ctx_p) - return_error(e_typecheck); + return_error(gs_error_typecheck); } } - code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); + if (r_has_type(op, t_dictionary)) + code = dict_int_param(op, "Intent", 0, 3, 0, &Intent); - if (code < 0 && code != e_rangecheck) /* out-of-range int is ok, use 0 */ + if (code < 0 && code != gs_error_rangecheck) /* out-of-range int is ok, use 0 */ return code; - if ((code = dict_bool_param(op, "AsyncRead", false, &AsyncRead)) < 0 - ) @@ -54,20 +99,97 @@ index fb4bce9..2629afa 100644 push(1); op[-1] = *pFilter; if (pDecodeParms) +-- +2.13.0 + +From 57f20719e1cfaea77b67cb26e26de7fe4d7f9b2e Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Wed, 3 May 2017 12:05:45 +0100 +Subject: [PATCH] Bug 697846: revision to commit 4f83478c88 (.eqproc) + +When using the "DELAYBIND" feature, it turns out that .eqproc can be called with +parameters that are not both procedures. In this case, it turns out, the +expectation is for the operator to return 'false', rather than throw an error. +--- + psi/zmisc3.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + diff --git a/psi/zmisc3.c b/psi/zmisc3.c -index 54b3042..0d357f1 100644 +index 37293ff4b..3f01d39a3 100644 --- a/psi/zmisc3.c +++ b/psi/zmisc3.c -@@ -56,6 +56,12 @@ zeqproc(i_ctx_t *i_ctx_p) - ref2_t stack[MAX_DEPTH + 1]; - ref2_t *top = stack; +@@ -38,6 +38,15 @@ zcliprestore(i_ctx_t *i_ctx_p) + return gs_cliprestore(igs); + } -+ if (ref_stack_count(&o_stack) < 2) -+ return_error(e_stackunderflow); -+ if (!r_is_array(op - 1) || !r_is_array(op)) { -+ return_error(e_typecheck); -+ } ++static inline bool ++eqproc_check_type(ref *r) ++{ ++ return r_has_type(r, t_array) ++ || r_has_type(r, t_mixedarray) ++ || r_has_type(r, t_shortarray) ++ || r_has_type(r, t_oparray); ++} + + /* <proc1> <proc2> .eqproc <bool> */ + /* + * Test whether two procedures are equal to depth 10. +@@ -58,8 +67,10 @@ zeqproc(i_ctx_t *i_ctx_p) + + if (ref_stack_count(&o_stack) < 2) + return_error(gs_error_stackunderflow); +- if (!r_is_array(op - 1) || !r_is_array(op)) { +- return_error(gs_error_typecheck); ++ if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) { ++ make_false(op - 1); ++ pop(1); ++ return 0; + } + make_array(&stack[0].proc1, 0, 1, op - 1); - make_array(&stack[0].proc2, 0, 1, op); - for (;;) { +-- +2.13.0 + +From ccfd2c75ac9be4cbd369e4cbdd40ba11a0c7bdad Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Thu, 11 May 2017 14:07:48 +0100 +Subject: [PATCH] Bug 697892: fix check for op stack underflow. + +In the original fix, I used the wrong method to check for stack underflow, this +is using the correct method. +--- + psi/zfrsd.c | 3 +-- + psi/zmisc3.c | 3 +-- + 2 files changed, 2 insertions(+), 4 deletions(-) + +diff --git a/psi/zfrsd.c b/psi/zfrsd.c +index 950588d69..9c035b96d 100644 +--- a/psi/zfrsd.c ++++ b/psi/zfrsd.c +@@ -54,8 +54,7 @@ zrsdparams(i_ctx_t *i_ctx_p) + uint i; + int code = 0; + +- if (ref_stack_count(&o_stack) < 1) +- return_error(gs_error_stackunderflow); ++ check_op(1); + if (!r_has_type(op, t_dictionary) && !r_has_type(op, t_null)) { + return_error(gs_error_typecheck); + } +diff --git a/psi/zmisc3.c b/psi/zmisc3.c +index 3f01d39a3..43803b55b 100644 +--- a/psi/zmisc3.c ++++ b/psi/zmisc3.c +@@ -65,8 +65,7 @@ zeqproc(i_ctx_t *i_ctx_p) + ref2_t stack[MAX_DEPTH + 1]; + ref2_t *top = stack; + +- if (ref_stack_count(&o_stack) < 2) +- return_error(gs_error_stackunderflow); ++ check_op(2); + if (!eqproc_check_type(op -1) || !eqproc_check_type(op)) { + make_false(op - 1); + pop(1); +-- +2.13.0 + diff --git a/gnu/packages/patches/ghostscript-no-header-creationdate.patch b/gnu/packages/patches/ghostscript-no-header-creationdate.patch new file mode 100644 index 0000000000..92ddbdade0 --- /dev/null +++ b/gnu/packages/patches/ghostscript-no-header-creationdate.patch @@ -0,0 +1,22 @@ +This patch makes emission of /CreationDate and /ModDate headers optional. + +If the environment variable GS_GENERATE_UUIDS is set to "0" or "no", it will +not write out the "/ID" field (if that's permissible). + +Upstream does not want to do this. + +See: https://bugs.ghostscript.com/show_bug.cgi?id=698208 +diff --git a/orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c b/bb/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c +index 0fb067e..b342e2c 100644 +--- orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c ++++ gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c +@@ -305,6 +305,9 @@ pdf_initialize_ids(gx_device_pdf * pdev) + * date and time, rather than (for example) %%CreationDate from the + * PostScript file. We think this is wrong, but we do the same. + */ ++ if (!getenv("GS_GENERATE_UUIDS") || ++ (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 && ++ strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0)) + { + struct tm tms; + time_t t; diff --git a/gnu/packages/patches/ghostscript-no-header-id.patch b/gnu/packages/patches/ghostscript-no-header-id.patch new file mode 100644 index 0000000000..19b71aadb5 --- /dev/null +++ b/gnu/packages/patches/ghostscript-no-header-id.patch @@ -0,0 +1,57 @@ +This patch makes the "/ID" field optional. + +If the environment variable GS_GENERATE_UUIDS is set to "0" or "no", it will +not write out the "/ID" field (if that's permissible). + +Upstream does not want to do this. + +See: https://bugs.ghostscript.com/show_bug.cgi?id=698208 +diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c +--- orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c 2017-07-09 23:30:28.960479189 +0200 ++++ gnu-ghostscript-9.14.0/devices/vector/gdevpdf.c 2017-07-09 23:34:34.306524488 +0200 +@@ -1580,8 +1580,11 @@ + * +1 for the linearisation dict and +1 for the primary hint stream. + */ + linear_params->FirsttrailerOffset = gp_ftell_64(linear_params->Lin_File.file); +- gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R/ID[%s%s]/Prev %d>>\nstartxref\r\n0\n%%%%EOF\n \n", +- linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber, fileID, fileID, 0); ++ gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R", ++ linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber); ++ if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 && strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) /* ID is mandatory when encrypting */ ++ gs_sprintf(LDict, "/ID[%s%s]", fileID, fileID); ++ gs_sprintf(LDict, "/Prev %d>>\nstartxref\r\n0\n%%%%EOF\n \n", 0); + fwrite(LDict, strlen(LDict), 1, linear_params->Lin_File.file); + + /* Write document catalog (Part 4) */ +@@ -2102,8 +2105,11 @@ + * in the missing values. + */ + code = gp_fseek_64(linear_params->sfile, linear_params->FirsttrailerOffset, SEEK_SET); +- gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R/ID[%s%s]/Prev %"PRId64">>\nstartxref\r\n0\n%%%%EOF\n", +- linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber, fileID, fileID, mainxref); ++ gs_sprintf(LDict, "\ntrailer\n<</Size %ld/Info %d 0 R/Root %d 0 R", ++ linear_params->LastResource + 3, pdev->ResourceUsage[linear_params->Info_id].NewObjectNumber, pdev->ResourceUsage[linear_params->Catalog_id].NewObjectNumber); ++ if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 || strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) /* ID is mandatory when encrypting */ ++ gs_sprintf(LDict, "/ID[%s%s]", fileID, fileID); ++ gs_sprintf(LDict, "/Prev %"PRId64">>\nstartxref\r\n0\n%%%%EOF\n", mainxref); + fwrite(LDict, strlen(LDict), 1, linear_params->sfile); + + code = gp_fseek_64(linear_params->sfile, pdev->ResourceUsage[HintStreamObj].LinearisedOffset, SEEK_SET); +@@ -2674,10 +2680,12 @@ + stream_puts(s, "trailer\n"); + pprintld3(s, "<< /Size %ld /Root %ld 0 R /Info %ld 0 R\n", + pdev->next_id, Catalog_id, Info_id); +- stream_puts(s, "/ID ["); +- psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0); +- psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0); +- stream_puts(s, "]\n"); ++ if (pdev->OwnerPassword.size > 0 || !(!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 || strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0))) { /* ID is mandatory when encrypting */ ++ stream_puts(s, "/ID ["); ++ psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0); ++ psdf_write_string(pdev->strm, pdev->fileID, sizeof(pdev->fileID), 0); ++ stream_puts(s, "]\n"); ++ } + if (pdev->OwnerPassword.size > 0) { + pprintld1(s, "/Encrypt %ld 0 R ", Encrypt_id); + } +Nur in gnu-ghostscript-9.14.0/devices/vector: gdevpdf.c.orig. diff --git a/gnu/packages/patches/ghostscript-no-header-uuid.patch b/gnu/packages/patches/ghostscript-no-header-uuid.patch new file mode 100644 index 0000000000..473531220c --- /dev/null +++ b/gnu/packages/patches/ghostscript-no-header-uuid.patch @@ -0,0 +1,50 @@ +This patch makes the UUIDs in the XMP header optional, depending on the +setting of the environment variable GS_GENERATE_UUIDS. + +If the environment variable GS_GENERATE_UUIDS is set to "0" or "no", it will +not write out the Document UUID field and also will write the Instance ID +field value as "". + +Upstream does not want to do this. + +See: https://bugs.ghostscript.com/show_bug.cgi?id=698208 +diff -ur orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c aa/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c +--- orig/gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c 2017-07-09 23:30:28.960479189 +0200 ++++ gnu-ghostscript-9.14.0/devices/vector/gdevpdfe.c 2017-07-10 01:04:12.252478276 +0200 +@@ -617,7 +617,7 @@ + return code; + + /* PDF/A XMP reference recommends setting UUID to empty. If not empty must be a URI */ +- if (pdev->PDFA != 0) ++ if (pdev->PDFA != 0 || (getenv("GS_GENERATE_UUIDS") && (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") == 0 || strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") == 0))) + instance_uuid[0] = 0x00; + + cre_date_time_len = pdf_get_docinfo_item(pdev, "/CreationDate", cre_date_time, sizeof(cre_date_time)); +@@ -719,15 +719,18 @@ + pdf_xml_tag_close(s, "rdf:Description"); + pdf_xml_newline(s); + +- pdf_xml_tag_open_beg(s, "rdf:Description"); +- pdf_xml_attribute_name(s, "rdf:about"); +- pdf_xml_attribute_value(s, instance_uuid); +- pdf_xml_attribute_name(s, "xmlns:xapMM"); +- pdf_xml_attribute_value(s, "http://ns.adobe.com/xap/1.0/mm/"); +- pdf_xml_attribute_name(s, "xapMM:DocumentID"); +- pdf_xml_attribute_value(s, document_uuid); +- pdf_xml_tag_end_empty(s); +- pdf_xml_newline(s); ++ if (!getenv("GS_GENERATE_UUIDS") || (strcasecmp(getenv("GS_GENERATE_UUIDS"), "0") != 0 && strcasecmp(getenv("GS_GENERATE_UUIDS"), "no") != 0)) ++ { ++ pdf_xml_tag_open_beg(s, "rdf:Description"); ++ pdf_xml_attribute_name(s, "rdf:about"); ++ pdf_xml_attribute_value(s, instance_uuid); ++ pdf_xml_attribute_name(s, "xmlns:xapMM"); ++ pdf_xml_attribute_value(s, "http://ns.adobe.com/xap/1.0/mm/"); ++ pdf_xml_attribute_name(s, "xapMM:DocumentID"); ++ pdf_xml_attribute_value(s, document_uuid); ++ pdf_xml_tag_end_empty(s); ++ pdf_xml_newline(s); ++ } + + pdf_xml_tag_open_beg(s, "rdf:Description"); + pdf_xml_attribute_name(s, "rdf:about"); diff --git a/gnu/packages/patches/ghostscript-runpath.patch b/gnu/packages/patches/ghostscript-runpath.patch index c7dcfd4529..9f161e45b3 100644 --- a/gnu/packages/patches/ghostscript-runpath.patch +++ b/gnu/packages/patches/ghostscript-runpath.patch @@ -1,17 +1,18 @@ -This patch adds $(libdir) to the RUNPATH of 'gsc' and 'gsx'. - ---- gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:45.386957927 +0200 -+++ gnu-ghostscript-9.14.0/base/unix-dll.mak 2015-04-05 15:12:49.222982359 +0200 -@@ -91,11 +91,11 @@ $(GS_SO_MAJOR): $(GS_SO_MAJOR_MINOR) +diff --git a/base/unix-dll.mak b/base/unix-dll.mak +index 9d57a99..36ef1ff 100644 +--- a/base/unix-dll.mak ++++ b/base/unix-dll.mak +@@ -171,11 +171,11 @@ gpdl-so-links-subtarget: $(GPDL_SO) $(UNIX_DLL_MAK) $(MAKEDIRS) # Build the small Ghostscript loaders, with Gtk+ and without - $(GSSOC_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER) + $(GSSOC_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS) $(GLCC) -g -o $(GSSOC_XE) $(PSSRC)dxmainc.c \ - -L$(BINDIR) -l$(GS_SO_BASE) + -L$(BINDIR) -l$(GS_SO_BASE) -Wl,-rpath=$(libdir) - $(GSSOX_XE): $(GS_SO) $(PSSRC)$(SOC_LOADER) + $(GSSOX_XE): gs-so-links-subtarget $(PSSRC)$(SOC_LOADER) $(UNIX_DLL_MAK) $(MAKEDIRS) $(GLCC) -g $(SOC_CFLAGS) -o $(GSSOX_XE) $(PSSRC)$(SOC_LOADER) \ - -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) + -L$(BINDIR) -l$(GS_SO_BASE) $(SOC_LIBS) -Wl,-rpath=$(libdir) - # ------------------------- Recursive make targets ------------------------- # + $(PCLSOC_XE): gpcl6-so-links-subtarget $(PLSRC)$(REALMAIN_SRC).c $(UNIX_DLL_MAK) $(MAKEDIRS) + $(GLCC) -g -o $(PCLSOC_XE) $(PLSRC)$(REALMAIN_SRC).c -L$(BINDIR) -l$(PCL_SO_BASE) diff --git a/gnu/packages/patches/grep-gnulib-lock.patch b/gnu/packages/patches/grep-gnulib-lock.patch new file mode 100644 index 0000000000..68c33f1031 --- /dev/null +++ b/gnu/packages/patches/grep-gnulib-lock.patch @@ -0,0 +1,32 @@ +This patch fix error on 'gnulib' library required to build +'grep' package on GNU/Hurd. +The patch was adapted from upstream source repository: +'<http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commit;h=4084b3a1094372b960ce4a97634e08f4538c8bdd>' + +Commit: 4084b3a1094372b960ce4a97634e08f4538c8bdd + +diff --git a/lib/glthread/lock.c b/lib/glthread/lock.c +index 061562b..afc86f4 100644 +--- a/lib/glthread/lock.c ++++ b/lib/glthread/lock.c +@@ -30,7 +30,7 @@ + + /* ------------------------- gl_rwlock_t datatype ------------------------- */ + +-# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (__GNU_LIBRARY__ > 1)) ++# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (defined PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP && (__GNU_LIBRARY__ > 1))) + + # ifdef PTHREAD_RWLOCK_INITIALIZER + +diff --git a/lib/glthread/lock.h b/lib/glthread/lock.h +index ec16d39..67932aa 100644 +--- a/lib/glthread/lock.h ++++ b/lib/glthread/lock.h +@@ -179,7 +179,7 @@ typedef pthread_mutex_t gl_lock_t; + + /* ------------------------- gl_rwlock_t datatype ------------------------- */ + +-# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (__GNU_LIBRARY__ > 1)) ++# if HAVE_PTHREAD_RWLOCK && (HAVE_PTHREAD_RWLOCK_RDLOCK_PREFER_WRITER || (defined PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP && (__GNU_LIBRARY__ > 1))) + + # ifdef PTHREAD_RWLOCK_INITIALIZER diff --git a/gnu/packages/patches/groff-source-date-epoch.patch b/gnu/packages/patches/groff-source-date-epoch.patch new file mode 100644 index 0000000000..53c590b049 --- /dev/null +++ b/gnu/packages/patches/groff-source-date-epoch.patch @@ -0,0 +1,299 @@ +Adds support for the environment variable SOURCE_DATE_EPOCH. + +See: https://sources.debian.net/patches/groff/1.22.3-9/source-date-epoch.patch/ + +From abc23bc9245e18468817f2838361c3a08f7521e2 Mon Sep 17 00:00:00 2001 +From: Colin Watson <cjwatson@debian.org> +Date: Thu, 5 Nov 2015 11:47:34 +0000 +Subject: Implement `SOURCE_DATE_EPOCH' for reproducible builds. + +Author: Colin Watson <cjwatson@debian.org> +Forwarded: yes +Last-Update: 2015-11-05 + +Patch-Name: source-date-epoch.patch +--- + doc/groff.texinfo | 6 +++++ + src/devices/grohtml/grohtml.man | 7 ++++++ + src/devices/grohtml/post-html.cpp | 5 ++-- + src/devices/gropdf/gropdf.man | 7 ++++++ + src/devices/gropdf/gropdf.pl | 3 ++- + src/devices/grops/grops.man | 7 ++++++ + src/devices/grops/ps.cpp | 3 ++- + src/include/curtime.h | 23 ++++++++++++++++++ + src/libs/libgroff/Makefile.sub | 2 ++ + src/libs/libgroff/curtime.cpp | 51 +++++++++++++++++++++++++++++++++++++++ + src/roff/troff/input.cpp | 3 ++- + 11 files changed, 112 insertions(+), 5 deletions(-) + create mode 100644 src/include/curtime.h + create mode 100644 src/libs/libgroff/curtime.cpp + +diff --git a/doc/groff.texinfo b/doc/groff.texinfo +index 066b5274..1d3c7a9f 100644 +--- a/doc/groff.texinfo ++++ b/doc/groff.texinfo +@@ -1453,6 +1453,12 @@ default directory (on Unix and GNU/Linux systems, this is usually + @item GROFF_TYPESETTER + @tindex GROFF_TYPESETTER@r{, environment variable} + The default output device. ++ ++@item SOURCE_DATE_EPOCH ++@tindex SOURCE_DATE_EPOCH@r{, environment variable} ++A timestamp (expressed as seconds since the Unix epoch) to use in place of ++the current time when initializing time-based built-in registers such as ++@code{\n[seconds]}. + @end table + + Note that MS-DOS and MS-Windows ports of @code{groff} use semi-colons, +diff --git a/src/devices/grohtml/grohtml.man b/src/devices/grohtml/grohtml.man +index 51eae224..4be4abbc 100644 +--- a/src/devices/grohtml/grohtml.man ++++ b/src/devices/grohtml/grohtml.man +@@ -419,6 +419,13 @@ and + for more details. + . + . ++.TP ++.SM ++.B SOURCE_DATE_EPOCH ++A timestamp (expressed as seconds since the Unix epoch) to use as the ++creation timestamp in place of the current time. ++. ++. + .\" -------------------------------------------------------------------- + .SH BUGS + .\" -------------------------------------------------------------------- +diff --git a/src/devices/grohtml/post-html.cpp b/src/devices/grohtml/post-html.cpp +index fefbf014..b5fc5167 100644 +--- a/src/devices/grohtml/post-html.cpp ++++ b/src/devices/grohtml/post-html.cpp +@@ -28,6 +28,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ + #include "html.h" + #include "html-text.h" + #include "html-table.h" ++#include "curtime.h" + + #include <time.h> + +@@ -5013,7 +5014,7 @@ void html_printer::do_file_components (void) + .put_string(Version_string) + .end_comment(); + +- t = time(0); ++ t = current_time(); + html.begin_comment("CreationDate: ") + .put_string(ctime(&t), strlen(ctime(&t))-1) + .end_comment(); +@@ -5126,7 +5127,7 @@ html_printer::~html_printer() + .put_string(Version_string) + .end_comment(); + +- t = time(0); ++ t = current_time(); + html.begin_comment("CreationDate: ") + .put_string(ctime(&t), strlen(ctime(&t))-1) + .end_comment(); +diff --git a/src/devices/gropdf/gropdf.man b/src/devices/gropdf/gropdf.man +index 3bbace6a..cc0c82f1 100644 +--- a/src/devices/gropdf/gropdf.man ++++ b/src/devices/gropdf/gropdf.man +@@ -1029,6 +1029,13 @@ and + for more details. + . + . ++.TP ++.SM ++.B SOURCE_DATE_EPOCH ++A timestamp (expressed as seconds since the Unix epoch) to use as the ++creation timestamp in place of the current time. ++. ++. + .\" -------------------------------------------------------------------- + .SH FILES + .\" -------------------------------------------------------------------- +diff --git a/src/devices/gropdf/gropdf.pl b/src/devices/gropdf/gropdf.pl +index 035d1238..c25c4c67 100644 +--- a/src/devices/gropdf/gropdf.pl ++++ b/src/devices/gropdf/gropdf.pl +@@ -239,13 +239,14 @@ elsif (exists($ppsz{$papersz})) + @defaultmb=@mediabox=(0,0,$ppsz{$papersz}->[0],$ppsz{$papersz}->[1]); + } + +-my (@dt)=localtime(time); ++my (@dt)=localtime($ENV{SOURCE_DATE_EPOCH} || time); + my $dt=PDFDate(\@dt); + + my %info=('Creator' => "(groff version $cfg{GROFF_VERSION})", + 'Producer' => "(gropdf version $cfg{GROFF_VERSION})", + 'ModDate' => "($dt)", + 'CreationDate' => "($dt)"); ++ + while (<>) + { + chomp; +diff --git a/src/devices/grops/grops.man b/src/devices/grops/grops.man +index 99fb7486..272c2d18 100644 +--- a/src/devices/grops/grops.man ++++ b/src/devices/grops/grops.man +@@ -1419,6 +1419,13 @@ and + for more details. + . + . ++.TP ++.SM ++.B SOURCE_DATE_EPOCH ++A timestamp (expressed as seconds since the Unix epoch) to use as the ++creation timestamp in place of the current time. ++. ++. + .\" -------------------------------------------------------------------- + .SH FILES + .\" -------------------------------------------------------------------- +diff --git a/src/devices/grops/ps.cpp b/src/devices/grops/ps.cpp +index 745a503b..03e65372 100644 +--- a/src/devices/grops/ps.cpp ++++ b/src/devices/grops/ps.cpp +@@ -28,6 +28,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ + #include "cset.h" + #include "nonposix.h" + #include "paper.h" ++#include "curtime.h" + + #include "ps.h" + #include <time.h> +@@ -1390,7 +1391,7 @@ ps_printer::~ps_printer() + #else + time_t + #endif +- t = time(0); ++ t = current_time(); + fputs(ctime(&t), out.get_file()); + } + for (font_pointer_list *f = font_list; f; f = f->next) { +diff --git a/src/include/curtime.h b/src/include/curtime.h +new file mode 100644 +index 00000000..a4105196 +--- /dev/null ++++ b/src/include/curtime.h +@@ -0,0 +1,23 @@ ++/* Copyright (C) 2015 Free Software Foundation, Inc. ++ ++This file is part of groff. ++ ++groff is free software; you can redistribute it and/or modify it under ++the terms of the GNU General Public License as published by the Free ++Software Foundation, either version 2 of the License, or ++(at your option) any later version. ++ ++groff is distributed in the hope that it will be useful, but WITHOUT ANY ++WARRANTY; without even the implied warranty of MERCHANTABILITY or ++FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++for more details. ++ ++The GNU General Public License version 2 (GPL2) is available in the ++internet at <http://www.gnu.org/licenses/gpl-2.0.txt>. */ ++ ++#ifdef LONG_FOR_TIME_T ++long ++#else ++time_t ++#endif ++current_time(); +diff --git a/src/libs/libgroff/Makefile.sub b/src/libs/libgroff/Makefile.sub +index 840d9934..4cb4937a 100644 +--- a/src/libs/libgroff/Makefile.sub ++++ b/src/libs/libgroff/Makefile.sub +@@ -32,6 +32,7 @@ OBJS=\ + cmap.$(OBJEXT) \ + color.$(OBJEXT) \ + cset.$(OBJEXT) \ ++ curtime.$(OBJEXT) \ + device.$(OBJEXT) \ + errarg.$(OBJEXT) \ + error.$(OBJEXT) \ +@@ -82,6 +83,7 @@ CCSRCS=\ + $(srcdir)/cmap.cpp \ + $(srcdir)/color.cpp \ + $(srcdir)/cset.cpp \ ++ $(srcdir)/curtime.cpp \ + $(srcdir)/device.cpp \ + $(srcdir)/errarg.cpp \ + $(srcdir)/error.cpp \ +diff --git a/src/libs/libgroff/curtime.cpp b/src/libs/libgroff/curtime.cpp +new file mode 100644 +index 00000000..00821b7f +--- /dev/null ++++ b/src/libs/libgroff/curtime.cpp +@@ -0,0 +1,51 @@ ++/* Copyright (C) 2015 Free Software Foundation, Inc. ++ ++This file is part of groff. ++ ++groff is free software; you can redistribute it and/or modify it under ++the terms of the GNU General Public License as published by the Free ++Software Foundation, either version 2 of the License, or ++(at your option) any later version. ++ ++groff is distributed in the hope that it will be useful, but WITHOUT ANY ++WARRANTY; without even the implied warranty of MERCHANTABILITY or ++FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ++for more details. ++ ++The GNU General Public License version 2 (GPL2) is available in the ++internet at <http://www.gnu.org/licenses/gpl-2.0.txt>. */ ++ ++#include <errno.h> ++#include <limits.h> ++#include <stdlib.h> ++#include <string.h> ++#include <time.h> ++ ++#include "errarg.h" ++#include "error.h" ++ ++#ifdef LONG_FOR_TIME_T ++long ++#else ++time_t ++#endif ++current_time() ++{ ++ char *source_date_epoch = getenv("SOURCE_DATE_EPOCH"); ++ ++ if (source_date_epoch) { ++ errno = 0; ++ char *endptr; ++ long epoch = strtol(source_date_epoch, &endptr, 10); ++ ++ if ((errno == ERANGE && (epoch == LONG_MAX || epoch == LONG_MIN)) || ++ (errno != 0 && epoch == 0)) ++ fatal("$SOURCE_DATE_EPOCH: strtol: %1", strerror(errno)); ++ if (endptr == source_date_epoch) ++ fatal("$SOURCE_DATE_EPOCH: no digits found: %1", endptr); ++ if (*endptr != '\0') ++ fatal("$SOURCE_DATE_EPOCH: trailing garbage: %1", endptr); ++ return epoch; ++ } else ++ return time(0); ++} +diff --git a/src/roff/troff/input.cpp b/src/roff/troff/input.cpp +index 9594f074..f7d2c18a 100644 +--- a/src/roff/troff/input.cpp ++++ b/src/roff/troff/input.cpp +@@ -36,6 +36,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. */ + #include "input.h" + #include "defs.h" + #include "unicode.h" ++#include "curtime.h" + + // Needed for getpid() and isatty() + #include "posix.h" +@@ -8138,7 +8139,7 @@ static void init_registers() + #else /* not LONG_FOR_TIME_T */ + time_t + #endif /* not LONG_FOR_TIME_T */ +- t = time(0); ++ t = current_time(); + // Use struct here to work around misfeature in old versions of g++. + struct tm *tt = localtime(&t); + set_number_reg("seconds", int(tt->tm_sec)); diff --git a/gnu/packages/patches/guile-2.2-default-utf8.patch b/gnu/packages/patches/guile-2.2-default-utf8.patch new file mode 100644 index 0000000000..3233388874 --- /dev/null +++ b/gnu/packages/patches/guile-2.2-default-utf8.patch @@ -0,0 +1,78 @@ +This hack makes Guile default to UTF-8. This avoids calls to +`iconv_open'; `iconv_open' tries to open shared objects that aren't +available during bootstrap, so using UTF-8 avoids that (and UTF-8 has +built-in conversions in glibc, too.) + +diff --git a/libguile/bytevectors.c b/libguile/bytevectors.c +index 7cd753009..de92653a4 100644 +--- a/libguile/bytevectors.c ++++ b/libguile/bytevectors.c +@@ -1918,7 +1918,7 @@ utf_encoding_name (char *name, size_t utf_width, SCM endianness) + if (scm_i_is_narrow_string (str)) \ + { \ + err = mem_iconveh (scm_i_string_chars (str), c_strlen, \ +- "ISO-8859-1", c_utf_name, \ ++ "UTF-8", c_utf_name, \ + iconveh_question_mark, NULL, \ + &c_utf, &c_utf_len); \ + if (SCM_UNLIKELY (err)) \ +diff --git a/libguile/ports.c b/libguile/ports.c +index 2a25cd58e..bdaf921ca 100644 +--- a/libguile/ports.c ++++ b/libguile/ports.c +@@ -959,7 +959,9 @@ canonicalize_encoding (const char *enc) + char *ret; + int i; + +- if (!enc || encoding_matches (enc, sym_ISO_8859_1)) ++ if (enc == NULL) ++ return sym_UTF_8; ++ if (encoding_matches (enc, sym_ISO_8859_1)) + return sym_ISO_8859_1; + if (encoding_matches (enc, sym_UTF_8)) + return sym_UTF_8; +@@ -4182,7 +4184,7 @@ scm_init_ports (void) + scm_c_define ("%default-port-conversion-strategy", + scm_make_fluid_with_default (sym_substitute)); + /* Use the locale as the default port encoding. */ +- scm_i_set_default_port_encoding (locale_charset ()); ++ scm_i_set_default_port_encoding ("UTF-8"); + + scm_c_register_extension ("libguile-" SCM_EFFECTIVE_VERSION, + "scm_init_ice_9_ports", +diff --git a/libguile/strings.c b/libguile/strings.c +index 5c49e33d8..0131e6dc8 100644 +--- a/libguile/strings.c ++++ b/libguile/strings.c +@@ -1561,7 +1561,7 @@ scm_i_default_string_failed_conversion_handler (void) + SCM + scm_from_locale_stringn (const char *str, size_t len) + { +- return scm_from_stringn (str, len, locale_charset (), ++ return scm_from_stringn (str, len, "UTF-8", + scm_i_default_string_failed_conversion_handler ()); + } + +@@ -1885,7 +1885,7 @@ char * + scm_to_locale_stringn (SCM str, size_t *lenp) + { + return scm_to_stringn (str, lenp, +- locale_charset (), ++ "UTF-8", + scm_i_default_string_failed_conversion_handler ()); + } + +@@ -2216,11 +2216,11 @@ scm_to_stringn (SCM str, size_t *lenp, const char *encoding, + len = 0; + enc = encoding; + if (enc == NULL) +- enc = "ISO-8859-1"; ++ enc = "UTF-8"; + if (scm_i_is_narrow_string (str)) + { + ret = mem_iconveh (scm_i_string_chars (str), ilen, +- "ISO-8859-1", enc, ++ "UTF-8", enc, + (enum iconv_ilseq_handler) handler, NULL, + &buf, &len); + diff --git a/gnu/packages/patches/guile-relocatable.patch b/gnu/packages/patches/guile-relocatable.patch index 2431495f24..95bddcce88 100644 --- a/gnu/packages/patches/guile-relocatable.patch +++ b/gnu/packages/patches/guile-relocatable.patch @@ -35,11 +35,11 @@ location of the `guile' binary, allowing it to be relocated. + + module_dir = scm_gc_malloc_pointerless (strlen (prefix) + 50, "string"); + strcpy (module_dir, prefix); -+ strcat (module_dir, "/share/guile/2.0"); ++ strcat (module_dir, "/share/guile/" SCM_EFFECTIVE_VERSION); + + ccache_dir = scm_gc_malloc_pointerless (strlen (prefix) + 50, "string"); + strcpy (ccache_dir, prefix); -+ strcat (ccache_dir, "/lib/guile/2.0/ccache"); ++ strcat (ccache_dir, "/lib/guile/" SCM_EFFECTIVE_VERSION "/ccache"); + env = scm_i_mirror_backslashes (getenv ("GUILE_SYSTEM_PATH")); if (env && strcmp (env, "") == 0) diff --git a/gnu/packages/patches/intltool-perl-compatibility.patch b/gnu/packages/patches/intltool-perl-compatibility.patch new file mode 100644 index 0000000000..b895ca7cb9 --- /dev/null +++ b/gnu/packages/patches/intltool-perl-compatibility.patch @@ -0,0 +1,76 @@ +This patch fixes a regex parsing compatibility issue with Perl 5.26.0. +It manifests during the configure phase of at-spi2-core like this: + +------ +Unescaped left brace in regex is illegal here in regex; marked by <-- HERE in m/^(.*)\${ <-- HERE ?([A-Z_]+)}?(.*)$/ at /gnu/store/...-intltool-0.51.0/bin/intltool-update line 1065. +------ + +Copied from Gentoo and MSYS2: + +https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-util/intltool/files/intltool-0.51.0-perl-5.26.patch?id=1105187fc65d8bf643e682fcef39620dcfd9326a +https://github.com/Alexpux/MSYS2-packages/blob/0d3f442553ae4fc8798e32cbf44c4252fa8f3c07/intltool/perl-5.22-compatibility.patch + +#diff -ruN intltool-0.51.0.orig/intltool-update.in intltool-0.51.0/intltool-update.in +#--- intltool-0.51.0.orig/intltool-update.in 2017-06-28 00:47:20.889269294 +0200 +#+++ intltool-0.51.0/intltool-update.in 2017-06-28 00:48:14.592271529 +0200 +#@@ -1068,7 +1068,7 @@ +# my $untouched = $1; +# my $sub = ""; +# # Ignore recursive definitions of variables +#- $sub = $varhash{$2} if defined $varhash{$2} and $varhash{$2} !~ /\${?$2}?/; +#+ $sub = $varhash{$2} if defined $varhash{$2} and $varhash{$2} !~ /\$\{?$2}?/; +# +# return SubstituteVariable ("$untouched$sub$rest"); +# } +--- intltool-0.51.0.orig/intltool-update.in 2015-03-09 02:39:54.000000000 +0100 ++++ intltool-0.51.0.orig/intltool-update.in 2015-06-19 01:52:07.171228154 +0200 +@@ -1062,7 +1062,7 @@ + } + } + +- if ($str =~ /^(.*)\${?([A-Z_]+)}?(.*)$/) ++ if ($str =~ /^(.*)\$\{?([A-Z_]+)}?(.*)$/) + { + my $rest = $3; + my $untouched = $1; +@@ -1068,7 +1068,7 @@ + my $untouched = $1; + my $sub = ""; + # Ignore recursive definitions of variables +- $sub = $varhash{$2} if defined $varhash{$2} and $varhash{$2} !~ /\${?$2}?/; ++ $sub = $varhash{$2} if defined $varhash{$2} and $varhash{$2} !~ /\$\{?$2}?/; + + return SubstituteVariable ("$untouched$sub$rest"); + } +@@ -1190,10 +1190,10 @@ + $name =~ s/\(+$//g; + $version =~ s/\(+$//g; + +- $varhash{"PACKAGE_NAME"} = $name if (not $name =~ /\${?AC_PACKAGE_NAME}?/); +- $varhash{"PACKAGE"} = $name if (not $name =~ /\${?PACKAGE}?/); +- $varhash{"PACKAGE_VERSION"} = $version if (not $name =~ /\${?AC_PACKAGE_VERSION}?/); +- $varhash{"VERSION"} = $version if (not $name =~ /\${?VERSION}?/); ++ $varhash{"PACKAGE_NAME"} = $name if (not $name =~ /\$\{?AC_PACKAGE_NAME}?/); ++ $varhash{"PACKAGE"} = $name if (not $name =~ /\$\{?PACKAGE}?/); ++ $varhash{"PACKAGE_VERSION"} = $version if (not $name =~ /\$\{?AC_PACKAGE_VERSION}?/); ++ $varhash{"VERSION"} = $version if (not $name =~ /\$\{?VERSION}?/); + } + + if ($conf_source =~ /^AC_INIT\(([^,\)]+),([^,\)]+)[,]?([^,\)]+)?/m) +@@ -1219,11 +1219,11 @@ + $version =~ s/\(+$//g; + $bugurl =~ s/\(+$//g if (defined $bugurl); + +- $varhash{"PACKAGE_NAME"} = $name if (not $name =~ /\${?AC_PACKAGE_NAME}?/); +- $varhash{"PACKAGE"} = $name if (not $name =~ /\${?PACKAGE}?/); +- $varhash{"PACKAGE_VERSION"} = $version if (not $name =~ /\${?AC_PACKAGE_VERSION}?/); +- $varhash{"VERSION"} = $version if (not $name =~ /\${?VERSION}?/); +- $varhash{"PACKAGE_BUGREPORT"} = $bugurl if (defined $bugurl and not $bugurl =~ /\${?\w+}?/); ++ $varhash{"PACKAGE_NAME"} = $name if (not $name =~ /\$\{?AC_PACKAGE_NAME}?/); ++ $varhash{"PACKAGE"} = $name if (not $name =~ /\$\{?PACKAGE}?/); ++ $varhash{"PACKAGE_VERSION"} = $version if (not $name =~ /\$\{?AC_PACKAGE_VERSION}?/); ++ $varhash{"VERSION"} = $version if (not $name =~ /\$\{?VERSION}?/); ++ $varhash{"PACKAGE_BUGREPORT"} = $bugurl if (defined $bugurl and not $bugurl =~ /\$\{?\w+}?/); + } + + # \s makes this not work, why? diff --git a/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch b/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch new file mode 100644 index 0000000000..ebbc0635a5 --- /dev/null +++ b/gnu/packages/patches/libffi-3.2.1-complex-alpha.patch @@ -0,0 +1,28 @@ +The patch fixes build failure of form: + ../src/alpha/osf.S:298:2: error: #error "osf.S out of sync with ffi.h" +Upstream fixed the bug in a more invasive way +but didn't have releases since 3.2.1. + +The patch is taken from Gentoo: +https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/libffi/files/libffi-3.2.1-complex_alpha.patch + +--- libffi-3.2.1/src/alpha/osf.S 2015-01-16 10:46:15.000000000 +0100 ++++ libffi-3.2.1/src/alpha/osf.S 2015-01-16 10:46:24.000000000 +0100 +@@ -279,6 +279,7 @@ + .gprel32 $load_64 # FFI_TYPE_SINT64 + .gprel32 $load_none # FFI_TYPE_STRUCT + .gprel32 $load_64 # FFI_TYPE_POINTER ++ .gprel32 $load_none # FFI_TYPE_COMPLEX + + /* Assert that the table above is in sync with ffi.h. */ + +@@ -294,7 +295,8 @@ + || FFI_TYPE_SINT64 != 12 \ + || FFI_TYPE_STRUCT != 13 \ + || FFI_TYPE_POINTER != 14 \ +- || FFI_TYPE_LAST != 14 ++ || FFI_TYPE_COMPLEX != 15 \ ++ || FFI_TYPE_LAST != 15 + #error "osf.S out of sync with ffi.h" + #endif + diff --git a/gnu/packages/patches/libtasn1-CVE-2017-6891.patch b/gnu/packages/patches/libtasn1-CVE-2017-6891.patch deleted file mode 100644 index 1f847ed025..0000000000 --- a/gnu/packages/patches/libtasn1-CVE-2017-6891.patch +++ /dev/null @@ -1,51 +0,0 @@ -Fix CVE-2017-6891: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6891 - -Patch copied from upstream source repository: - -https://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=5520704d075802df25ce4ffccc010ba1641bd484 - -From 5520704d075802df25ce4ffccc010ba1641bd484 Mon Sep 17 00:00:00 2001 -From: Nikos Mavrogiannopoulos <nmav@redhat.com> -Date: Thu, 18 May 2017 18:03:34 +0200 -Subject: [PATCH] asn1_find_node: added safety check on asn1_find_node() - -This prevents a stack overflow in asn1_find_node() which -is triggered by too long variable names in the definitions -files. That means that applications have to deliberately -pass a too long 'name' constant to asn1_write_value() -and friends. Reported by Jakub Jirasek. - -Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> ---- - lib/parser_aux.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/lib/parser_aux.c b/lib/parser_aux.c -index b4a7370..976ab38 100644 ---- a/lib/parser_aux.c -+++ b/lib/parser_aux.c -@@ -120,6 +120,9 @@ asn1_find_node (asn1_node pointer, const char *name) - if (n_end) - { - nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ - memcpy (n, n_start, nsize); - n[nsize] = 0; - n_start = n_end; -@@ -158,6 +161,9 @@ asn1_find_node (asn1_node pointer, const char *name) - if (n_end) - { - nsize = n_end - n_start; -+ if (nsize >= sizeof(n)) -+ return NULL; -+ - memcpy (n, n_start, nsize); - n[nsize] = 0; - n_start = n_end; --- -2.13.0 - diff --git a/gnu/packages/patches/libtiff-CVE-2016-10092.patch b/gnu/packages/patches/libtiff-CVE-2016-10092.patch deleted file mode 100644 index d5fd796169..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10092.patch +++ /dev/null @@ -1,42 +0,0 @@ -Fix CVE-2016-10092: - -http://bugzilla.maptools.org/show_bug.cgi?id=2620 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092 -https://security-tracker.debian.org/tracker/CVE-2016-10092 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: fix readContigStripsIntoBuffer() in -i (ignore) - mode so that the output buffer is correctly incremented to avoid write - outside bounds. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2620 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1178; previous revision: 1.1177 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.47; previous revision: 1.46 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.46 -retrieving revision 1.47 -diff -u -r1.46 -r1.47 ---- libtiff/tools/tiffcrop.c 18 Nov 2016 14:58:46 -0000 1.46 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.46 2016-11-18 14:58:46 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -3698,7 +3698,7 @@ - (unsigned long) strip, (unsigned long)rows); - return 0; - } -- bufp += bytes_read; -+ bufp += stripsize; - } - - return 1; diff --git a/gnu/packages/patches/libtiff-CVE-2016-10093.patch b/gnu/packages/patches/libtiff-CVE-2016-10093.patch deleted file mode 100644 index 5897ec1029..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10093.patch +++ /dev/null @@ -1,53 +0,0 @@ -Fix CVE-2016-10093: - -http://bugzilla.maptools.org/show_bug.cgi?id=2610 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093 -https://security-tracker.debian.org/tracker/CVE-2016-10093 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: fix uint32 underflow/overflow that can cause - heap-based buffer overflow. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2610 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1187; previous revision: 1.1186 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.59; previous revision: 1.58 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.58 -retrieving revision 1.59 -diff -u -r1.58 -r1.59 ---- libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59 -@@ -1163,7 +1163,7 @@ - - static void - cpStripToTile(uint8* out, uint8* in, -- uint32 rows, uint32 cols, int outskew, int inskew) -+ uint32 rows, uint32 cols, int outskew, int64 inskew) - { - while (rows-- > 0) { - uint32 j = cols; -@@ -1320,7 +1320,7 @@ - tdata_t tilebuf; - uint32 imagew = TIFFScanlineSize(in); - uint32 tilew = TIFFTileRowSize(in); -- int iskew = imagew - tilew; -+ int64 iskew = (int64)imagew - (int64)tilew; - uint8* bufp = (uint8*) buf; - uint32 tw, tl; - uint32 row; -@@ -1348,7 +1348,7 @@ - status = 0; - goto done; - } -- if (colb + tilew > imagew) { -+ if (colb > iskew) { - uint32 width = imagew - colb; - uint32 oskew = tilew - width; - cpStripToTile(bufp + colb, diff --git a/gnu/packages/patches/libtiff-CVE-2016-10094.patch b/gnu/packages/patches/libtiff-CVE-2016-10094.patch deleted file mode 100644 index 9018773565..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2016-10094.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2016-10094: - -http://bugzilla.maptools.org/show_bug.cgi?id=2640 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094 -https://security-tracker.debian.org/tracker/CVE-2016-10094 - -2016-12-20 Even Rouault <even.rouault at spatialys.com> - - * tools/tiff2pdf.c: avoid potential heap-based overflow in - t2p_readwrite_pdf_image_tile(). - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2640 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1199; previous revision: 1.1198 -/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c -new revision: 1.101; previous revision: 1.100 - -Index: libtiff/tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.100 -retrieving revision 1.101 -diff -u -r1.100 -r1.101 ---- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100 -+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:28:17 -0000 1.101 -@@ -2895,7 +2895,7 @@ - return(0); - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { -- if (count >= 4) { -+ if (count > 4) { - int retTIFFReadRawTile; - /* Ignore EOI marker of JpegTables */ - _TIFFmemcpy(buffer, jpt, count - 2); diff --git a/gnu/packages/patches/libtiff-CVE-2017-5225.patch b/gnu/packages/patches/libtiff-CVE-2017-5225.patch deleted file mode 100644 index 3158b49360..0000000000 --- a/gnu/packages/patches/libtiff-CVE-2017-5225.patch +++ /dev/null @@ -1,86 +0,0 @@ -Fix CVE-2017-5225 (Heap based buffer overflow in tools/tiffcp): - -http://bugzilla.maptools.org/show_bug.cgi?id=2656 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225 -https://security-tracker.debian.org/tracker/CVE-2017-5225 - -2017-01-11 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: error out cleanly in cpContig2SeparateByRow and - cpSeparate2ContigByRow if BitsPerSample != 8 to avoid heap based -overflow. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2656 and - http://bugzilla.maptools.org/show_bug.cgi?id=2657 - - -less C/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1210; previous revision: 1.1209 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.61; previous revision: 1.60 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.60 -retrieving revision 1.61 -diff -u -r1.60 -r1.61 ---- libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60 -+++ libtiff/tools/tiffcp.c 11 Jan 2017 19:26:14 -0000 1.61 -#@@ -1,4 +1,4 @@ -#-/* $Id: tiffcp.c,v 1.60 2016-12-03 16:50:02 erouault Exp $ */ -#+/* $Id: tiffcp.c,v 1.61 2017-01-11 19:26:14 erouault Exp $ */ -# -# /* -# * Copyright (c) 1988-1997 Sam Leffler -@@ -591,7 +591,7 @@ - static int - tiffcp(TIFF* in, TIFF* out) - { -- uint16 bitspersample, samplesperpixel = 1; -+ uint16 bitspersample = 1, samplesperpixel = 1; - uint16 input_compression, input_photometric = PHOTOMETRIC_MINISBLACK; - copyFunc cf; - uint32 width, length; -@@ -1067,6 +1067,16 @@ - register uint32 n; - uint32 row; - tsample_t s; -+ uint16 bps = 0; -+ -+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps != 8 ) -+ { -+ TIFFError(TIFFFileName(in), -+ "Error, can only handle BitsPerSample=8 in %s", -+ "cpContig2SeparateByRow"); -+ return 0; -+ } - - inbuf = _TIFFmalloc(scanlinesizein); - outbuf = _TIFFmalloc(scanlinesizeout); -@@ -1120,6 +1130,16 @@ - register uint32 n; - uint32 row; - tsample_t s; -+ uint16 bps = 0; -+ -+ (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps != 8 ) -+ { -+ TIFFError(TIFFFileName(in), -+ "Error, can only handle BitsPerSample=8 in %s", -+ "cpSeparate2ContigByRow"); -+ return 0; -+ } - - inbuf = _TIFFmalloc(scanlinesizein); - outbuf = _TIFFmalloc(scanlinesizeout); -@@ -1784,7 +1804,7 @@ - uint32 w, l, tw, tl; - int bychunk; - -- (void) TIFFGetField(in, TIFFTAG_PLANARCONFIG, &shortv); -+ (void) TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &shortv); - if (shortv != config && bitspersample != 8 && samplesperpixel > 1) { - fprintf(stderr, - "%s: Cannot handle different planar configuration w/ bits/sample != 8\n", diff --git a/gnu/packages/patches/libtiff-assertion-failure.patch b/gnu/packages/patches/libtiff-assertion-failure.patch deleted file mode 100644 index ef747fbdd7..0000000000 --- a/gnu/packages/patches/libtiff-assertion-failure.patch +++ /dev/null @@ -1,60 +0,0 @@ -Fix assertion failure in readSeparateTilesIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2605 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: replace assert( (bps % 8) == 0 ) by a non assert -check. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2605 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1188; previous revision: 1.1187 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.60; previous revision: 1.59 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.59 -retrieving revision 1.60 -diff -u -r1.59 -r1.60 ---- libtiff/tools/tiffcp.c 3 Dec 2016 16:40:01 -0000 1.59 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 16:50:02 -0000 1.60 -@@ -45,7 +45,6 @@ - #include <string.h> - - #include <ctype.h> --#include <assert.h> - - #ifdef HAVE_UNISTD_H - # include <unistd.h> -@@ -1393,7 +1392,12 @@ - status = 0; - goto done; - } -- assert( bps % 8 == 0 ); -+ if( (bps % 8) != 0 ) -+ { -+ TIFFError(TIFFFileName(in), "Error, cannot handle BitsPerSample that is not a multiple of 8"); -+ status = 0; -+ goto done; -+ } - bytes_per_sample = bps/8; - - for (row = 0; row < imagelength; row += tl) { -@@ -1584,7 +1588,12 @@ - _TIFFfree(obuf); - return 0; - } -- assert( bps % 8 == 0 ); -+ if( (bps % 8) != 0 ) -+ { -+ TIFFError(TIFFFileName(out), "Error, cannot handle BitsPerSample that is not a multiple of 8"); -+ _TIFFfree(obuf); -+ return 0; -+ } - bytes_per_sample = bps/8; - - for (row = 0; row < imagelength; row += tl) { diff --git a/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch b/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch deleted file mode 100644 index 2a96b68521..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-ojpeg.patch +++ /dev/null @@ -1,63 +0,0 @@ -Fix divide-by-zero in OJPEGDecodeRaw(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2611 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_ojpeg.c: make OJPEGDecode() early exit in case of failure -in - OJPEGPreDecode(). This will avoid a divide by zero, and potential other -issues. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2611 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1177; previous revision: 1.1176 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v <-- libtiff/tif_ojpeg.c -new revision: 1.66; previous revision: 1.65 - -Index: libtiff/libtiff/tif_ojpeg.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_ojpeg.c,v -retrieving revision 1.65 -retrieving revision 1.66 -diff -u -r1.65 -r1.66 ---- libtiff/libtiff/tif_ojpeg.c 4 Sep 2016 21:32:56 -0000 1.65 -+++ libtiff/libtiff/tif_ojpeg.c 3 Dec 2016 11:15:18 -0000 1.66 -@@ -1,4 +1,4 @@ --/* $Id: tif_ojpeg.c,v 1.65 2016-09-04 21:32:56 erouault Exp $ */ -+/* $Id: tif_ojpeg.c,v 1.66 2016-12-03 11:15:18 erouault Exp $ */ - - /* WARNING: The type of JPEG encapsulation defined by the TIFF Version 6.0 - specification is now totally obsolete and deprecated for new applications and -@@ -244,6 +244,7 @@ - - typedef struct { - TIFF* tif; -+ int decoder_ok; - #ifndef LIBJPEG_ENCAP_EXTERNAL - JMP_BUF exit_jmpbuf; - #endif -@@ -722,6 +723,7 @@ - } - sp->write_curstrile++; - } -+ sp->decoder_ok = 1; - return(1); - } - -@@ -784,8 +786,14 @@ - static int - OJPEGDecode(TIFF* tif, uint8* buf, tmsize_t cc, uint16 s) - { -+ static const char module[]="OJPEGDecode"; - OJPEGState* sp=(OJPEGState*)tif->tif_data; - (void)s; -+ if( !sp->decoder_ok ) -+ { -+ TIFFErrorExt(tif->tif_clientdata,module,"Cannot decode: decoder not correctly initialized"); -+ return 0; -+ } - if (sp->libjpeg_jpeg_query_style==0) - { - if (OJPEGDecodeRaw(tif,buf,cc)==0) diff --git a/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch b/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch deleted file mode 100644 index d3f1c2b60e..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-tiffcp.patch +++ /dev/null @@ -1,104 +0,0 @@ -Fix two divide-by-zero bugs in readSeparateTilesIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2597 -http://bugzilla.maptools.org/show_bug.cgi?id=2607 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples -tag is - missing. - Reported by Agostino sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2597 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1183; previous revision: 1.1182 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.57; previous revision: 1.56 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.56 -retrieving revision 1.57 -diff -u -r1.56 -r1.57 ---- libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -1378,7 +1378,7 @@ - uint8* bufp = (uint8*) buf; - uint32 tw, tl; - uint32 row; -- uint16 bps, bytes_per_sample; -+ uint16 bps = 0, bytes_per_sample; - - tilebuf = _TIFFmalloc(tilesize); - if (tilebuf == 0) -@@ -1387,6 +1387,12 @@ - (void) TIFFGetField(in, TIFFTAG_TILEWIDTH, &tw); - (void) TIFFGetField(in, TIFFTAG_TILELENGTH, &tl); - (void) TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps == 0 ) -+ { -+ TIFFError(TIFFFileName(in), "Error, cannot read BitsPerSample"); -+ status = 0; -+ goto done; -+ } - assert( bps % 8 == 0 ); - bytes_per_sample = bps/8; - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid potential division by zero is BitsPerSamples -tag is - missing. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2607 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1186; previous revision: 1.1185 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.58; previous revision: 1.57 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.57 -retrieving revision 1.58 -diff -u -r1.57 -r1.58 ---- libtiff/tools/tiffcp.c 3 Dec 2016 14:42:40 -0000 1.57 -+++ libtiff/tools/tiffcp.c 3 Dec 2016 15:44:15 -0000 1.58 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.57 2016-12-03 14:42:40 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.58 2016-12-03 15:44:15 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -1569,7 +1569,7 @@ - uint8* bufp = (uint8*) buf; - uint32 tl, tw; - uint32 row; -- uint16 bps, bytes_per_sample; -+ uint16 bps = 0, bytes_per_sample; - - obuf = _TIFFmalloc(TIFFTileSize(out)); - if (obuf == NULL) -@@ -1578,6 +1578,12 @@ - (void) TIFFGetField(out, TIFFTAG_TILELENGTH, &tl); - (void) TIFFGetField(out, TIFFTAG_TILEWIDTH, &tw); - (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -+ if( bps == 0 ) -+ { -+ TIFFError(TIFFFileName(out), "Error, cannot read BitsPerSample"); -+ _TIFFfree(obuf); -+ return 0; -+ } - assert( bps % 8 == 0 ); - bytes_per_sample = bps/8; - diff --git a/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch b/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch deleted file mode 100644 index 823293f1cf..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero-tiffcrop.patch +++ /dev/null @@ -1,57 +0,0 @@ -Fix divide-by-zero in readSeparateStripsIntoBuffer(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2619 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: fix integer division by zero when BitsPerSample is -missing. - Reported by Agostina Sarubo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2619 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1180; previous revision: 1.1179 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.49; previous revision: 1.48 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.48 -retrieving revision 1.49 -diff -u -r1.48 -r1.49 ---- libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 13:00:04 -0000 1.49 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.49 2016-12-03 13:00:04 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -1164,7 +1164,7 @@ - tdata_t obuf; - - (void) TIFFGetFieldDefaulted(out, TIFFTAG_ROWSPERSTRIP, &rowsperstrip); -- (void) TIFFGetField(out, TIFFTAG_BITSPERSAMPLE, &bps); -+ (void) TIFFGetFieldDefaulted(out, TIFFTAG_BITSPERSAMPLE, &bps); - bytes_per_sample = (bps + 7) / 8; - if( width == 0 || - (uint32)bps * (uint32)spp > TIFF_UINT32_MAX / width || -@@ -4760,7 +4760,7 @@ - int i, bytes_per_sample, bytes_per_pixel, shift_width, result = 1; - uint32 j; - int32 bytes_read = 0; -- uint16 bps, planar; -+ uint16 bps = 0, planar; - uint32 nstrips; - uint32 strips_per_sample; - uint32 src_rowsize, dst_rowsize, rows_processed, rps; -@@ -4780,7 +4780,7 @@ - } - - memset (srcbuffs, '\0', sizeof(srcbuffs)); -- TIFFGetField(in, TIFFTAG_BITSPERSAMPLE, &bps); -+ TIFFGetFieldDefaulted(in, TIFFTAG_BITSPERSAMPLE, &bps); - TIFFGetFieldDefaulted(in, TIFFTAG_PLANARCONFIG, &planar); - TIFFGetFieldDefaulted(in, TIFFTAG_ROWSPERSTRIP, &rps); - if (rps > length) diff --git a/gnu/packages/patches/libtiff-divide-by-zero.patch b/gnu/packages/patches/libtiff-divide-by-zero.patch deleted file mode 100644 index 6dbd4666cd..0000000000 --- a/gnu/packages/patches/libtiff-divide-by-zero.patch +++ /dev/null @@ -1,67 +0,0 @@ -Fix an integer overflow in TIFFReadEncodedStrip() that led to division-by-zero: - -http://bugzilla.maptools.org/show_bug.cgi?id=2596 - -2016-12-02 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_read.c, libtiff/tiffiop.h: fix uint32 overflow in - TIFFReadEncodedStrip() that caused an integer division by zero. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2596 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1173; previous revision: 1.1172 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v <-- libtiff/tif_read.c -new revision: 1.50; previous revision: 1.49 -/cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v <-- libtiff/tiffiop.h -new revision: 1.90; previous revision: 1.89 - -Index: libtiff/libtiff/tif_read.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_read.c,v -retrieving revision 1.49 -retrieving revision 1.50 -diff -u -r1.49 -r1.50 ---- libtiff/libtiff/tif_read.c 10 Jul 2016 18:00:21 -0000 1.49 -+++ libtiff/libtiff/tif_read.c 2 Dec 2016 21:56:56 -0000 1.50 -@@ -1,4 +1,4 @@ --/* $Id: tif_read.c,v 1.49 2016-07-10 18:00:21 erouault Exp $ */ -+/* $Id: tif_read.c,v 1.50 2016-12-02 21:56:56 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -346,7 +346,7 @@ - rowsperstrip=td->td_rowsperstrip; - if (rowsperstrip>td->td_imagelength) - rowsperstrip=td->td_imagelength; -- stripsperplane=((td->td_imagelength+rowsperstrip-1)/rowsperstrip); -+ stripsperplane= TIFFhowmany_32_maxuint_compat(td->td_imagelength, rowsperstrip); - stripinplane=(strip%stripsperplane); - plane=(uint16)(strip/stripsperplane); - rows=td->td_imagelength-stripinplane*rowsperstrip; -Index: libtiff/libtiff/tiffiop.h -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tiffiop.h,v -retrieving revision 1.89 -retrieving revision 1.90 -diff -u -r1.89 -r1.90 ---- libtiff/libtiff/tiffiop.h 23 Jan 2016 21:20:34 -0000 1.89 -+++ libtiff/libtiff/tiffiop.h 2 Dec 2016 21:56:56 -0000 1.90 -@@ -1,4 +1,4 @@ --/* $Id: tiffiop.h,v 1.89 2016-01-23 21:20:34 erouault Exp $ */ -+/* $Id: tiffiop.h,v 1.90 2016-12-02 21:56:56 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -250,6 +250,10 @@ - #define TIFFhowmany_32(x, y) (((uint32)x < (0xffffffff - (uint32)(y-1))) ? \ - ((((uint32)(x))+(((uint32)(y))-1))/((uint32)(y))) : \ - 0U) -+/* Variant of TIFFhowmany_32() that doesn't return 0 if x close to MAXUINT. */ -+/* Caution: TIFFhowmany_32_maxuint_compat(x,y)*y might overflow */ -+#define TIFFhowmany_32_maxuint_compat(x, y) \ -+ (((uint32)(x) / (uint32)(y)) + ((((uint32)(x) % (uint32)(y)) != 0) ? 1 : 0)) - #define TIFFhowmany8_32(x) (((x)&0x07)?((uint32)(x)>>3)+1:(uint32)(x)>>3) - #define TIFFroundup_32(x, y) (TIFFhowmany_32(x,y)*(y)) - #define TIFFhowmany_64(x, y) ((((uint64)(x))+(((uint64)(y))-1))/((uint64)(y))) diff --git a/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch b/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch deleted file mode 100644 index 2d5e23586d..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-pixarlog-luv.patch +++ /dev/null @@ -1,131 +0,0 @@ -Fix heap-based buffer overflow in _TIFFmemcpy(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2604 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_pixarlog.c, libtiff/tif_luv.c: fix heap-based buffer - overflow on generation of PixarLog / LUV compressed files, with - ColorMap, TransferFunction attached and nasty plays with bitspersample. - The fix for LUV has not been tested, but suffers from the same kind - of issue of PixarLog. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2604 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1175; previous revision: 1.1174 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v <-- libtiff/tif_luv.c -new revision: 1.44; previous revision: 1.43 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v <-- -libtiff/tif_pixarlog.c -new revision: 1.49; previous revision: 1.48 - -Index: libtiff/libtiff/tif_luv.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_luv.c,v -retrieving revision 1.43 -retrieving revision 1.44 -diff -u -r1.43 -r1.44 ---- libtiff/libtiff/tif_luv.c 4 Sep 2016 21:32:56 -0000 1.43 -+++ libtiff/libtiff/tif_luv.c 2 Dec 2016 23:05:51 -0000 1.44 -@@ -1,4 +1,4 @@ --/* $Id: tif_luv.c,v 1.43 2016-09-04 21:32:56 erouault Exp $ */ -+/* $Id: tif_luv.c,v 1.44 2016-12-02 23:05:51 erouault Exp $ */ - - /* - * Copyright (c) 1997 Greg Ward Larson -@@ -158,6 +158,7 @@ - typedef struct logLuvState LogLuvState; - - struct logLuvState { -+ int encoder_state; /* 1 if encoder correctly initialized */ - int user_datafmt; /* user data format */ - int encode_meth; /* encoding method */ - int pixel_size; /* bytes per pixel */ -@@ -1552,6 +1553,7 @@ - td->td_photometric, "must be either LogLUV or LogL"); - break; - } -+ sp->encoder_state = 1; - return (1); - notsupported: - TIFFErrorExt(tif->tif_clientdata, module, -@@ -1563,19 +1565,27 @@ - static void - LogLuvClose(TIFF* tif) - { -+ LogLuvState* sp = (LogLuvState*) tif->tif_data; - TIFFDirectory *td = &tif->tif_dir; - -+ assert(sp != 0); - /* - * For consistency, we always want to write out the same - * bitspersample and sampleformat for our TIFF file, - * regardless of the data format being used by the application. - * Since this routine is called after tags have been set but - * before they have been recorded in the file, we reset them here. -+ * Note: this is really a nasty approach. See PixarLogClose - */ -- td->td_samplesperpixel = -- (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3; -- td->td_bitspersample = 16; -- td->td_sampleformat = SAMPLEFORMAT_INT; -+ if( sp->encoder_state ) -+ { -+ /* See PixarLogClose. Might avoid issues with tags whose size depends -+ * on those below, but not completely sure this is enough. */ -+ td->td_samplesperpixel = -+ (td->td_photometric == PHOTOMETRIC_LOGL) ? 1 : 3; -+ td->td_bitspersample = 16; -+ td->td_sampleformat = SAMPLEFORMAT_INT; -+ } - } - - static void -Index: libtiff/libtiff/tif_pixarlog.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_pixarlog.c,v -retrieving revision 1.48 -retrieving revision 1.49 -diff -u -r1.48 -r1.49 ---- libtiff/libtiff/tif_pixarlog.c 23 Sep 2016 22:12:18 -0000 1.48 -+++ libtiff/libtiff/tif_pixarlog.c 2 Dec 2016 23:05:51 -0000 1.49 -@@ -1,4 +1,4 @@ --/* $Id: tif_pixarlog.c,v 1.48 2016-09-23 22:12:18 erouault Exp $ */ -+/* $Id: tif_pixarlog.c,v 1.49 2016-12-02 23:05:51 erouault Exp $ */ - - /* - * Copyright (c) 1996-1997 Sam Leffler -@@ -1233,8 +1233,10 @@ - static void - PixarLogClose(TIFF* tif) - { -+ PixarLogState* sp = (PixarLogState*) tif->tif_data; - TIFFDirectory *td = &tif->tif_dir; - -+ assert(sp != 0); - /* In a really sneaky (and really incorrect, and untruthful, and - * troublesome, and error-prone) maneuver that completely goes against - * the spirit of TIFF, and breaks TIFF, on close, we covertly -@@ -1243,8 +1245,19 @@ - * readers that don't know about PixarLog, or how to set - * the PIXARLOGDATFMT pseudo-tag. - */ -- td->td_bitspersample = 8; -- td->td_sampleformat = SAMPLEFORMAT_UINT; -+ -+ if (sp->state&PLSTATE_INIT) { -+ /* We test the state to avoid an issue such as in -+ * http://bugzilla.maptools.org/show_bug.cgi?id=2604 -+ * What appends in that case is that the bitspersample is 1 and -+ * a TransferFunction is set. The size of the TransferFunction -+ * depends on 1<<bitspersample. So if we increase it, an access -+ * out of the buffer will happen at directory flushing. -+ * Another option would be to clear those targs. -+ */ -+ td->td_bitspersample = 8; -+ td->td_sampleformat = SAMPLEFORMAT_UINT; -+ } - } - - static void diff --git a/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch b/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch deleted file mode 100644 index 68889b121b..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tif-dirread.patch +++ /dev/null @@ -1,132 +0,0 @@ -Fix heap-based buffer overflow in TIFFFillStrip(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2608 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * libtiff/tif_dirread.c: modify ChopUpSingleUncompressedStrip() to - instanciate compute ntrips as TIFFhowmany_32(td->td_imagelength, -rowsperstrip), - instead of a logic based on the total size of data. Which is faulty is - the total size of data is not sufficient to fill the whole image, and -thus - results in reading outside of the StripByCounts/StripOffsets arrays -when - using TIFFReadScanline(). - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2608. - - * libtiff/tif_strip.c: revert the change in TIFFNumberOfStrips() done - for http://bugzilla.maptools.org/show_bug.cgi?id=2587 / CVE-2016-9273 -since - the above change is a better fix that makes it unnecessary. - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1176; previous revision: 1.1175 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v <-- -libtiff/tif_dirread.c -new revision: 1.205; previous revision: 1.204 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v <-- libtiff/tif_strip.c -new revision: 1.38; previous revision: 1.37 - -Index: libtiff/libtiff/tif_dirread.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dirread.c,v -retrieving revision 1.204 -retrieving revision 1.205 -diff -u -r1.204 -r1.205 ---- libtiff/libtiff/tif_dirread.c 16 Nov 2016 15:14:15 -0000 1.204 -+++ libtiff/libtiff/tif_dirread.c 3 Dec 2016 11:02:15 -0000 1.205 -@@ -1,4 +1,4 @@ --/* $Id: tif_dirread.c,v 1.204 2016-11-16 15:14:15 erouault Exp $ */ -+/* $Id: tif_dirread.c,v 1.205 2016-12-03 11:02:15 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -5502,8 +5502,7 @@ - uint64 rowblockbytes; - uint64 stripbytes; - uint32 strip; -- uint64 nstrips64; -- uint32 nstrips32; -+ uint32 nstrips; - uint32 rowsperstrip; - uint64* newcounts; - uint64* newoffsets; -@@ -5534,18 +5533,17 @@ - return; - - /* -- * never increase the number of strips in an image -+ * never increase the number of rows per strip - */ - if (rowsperstrip >= td->td_rowsperstrip) - return; -- nstrips64 = TIFFhowmany_64(bytecount, stripbytes); -- if ((nstrips64==0)||(nstrips64>0xFFFFFFFF)) /* something is wonky, do nothing. */ -- return; -- nstrips32 = (uint32)nstrips64; -+ nstrips = TIFFhowmany_32(td->td_imagelength, rowsperstrip); -+ if( nstrips == 0 ) -+ return; - -- newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64), -+ newcounts = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), - "for chopped \"StripByteCounts\" array"); -- newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips32, sizeof (uint64), -+ newoffsets = (uint64*) _TIFFCheckMalloc(tif, nstrips, sizeof (uint64), - "for chopped \"StripOffsets\" array"); - if (newcounts == NULL || newoffsets == NULL) { - /* -@@ -5562,18 +5560,18 @@ - * Fill the strip information arrays with new bytecounts and offsets - * that reflect the broken-up format. - */ -- for (strip = 0; strip < nstrips32; strip++) { -+ for (strip = 0; strip < nstrips; strip++) { - if (stripbytes > bytecount) - stripbytes = bytecount; - newcounts[strip] = stripbytes; -- newoffsets[strip] = offset; -+ newoffsets[strip] = stripbytes ? offset : 0; - offset += stripbytes; - bytecount -= stripbytes; - } - /* - * Replace old single strip info with multi-strip info. - */ -- td->td_stripsperimage = td->td_nstrips = nstrips32; -+ td->td_stripsperimage = td->td_nstrips = nstrips; - TIFFSetField(tif, TIFFTAG_ROWSPERSTRIP, rowsperstrip); - - _TIFFfree(td->td_stripbytecount); -Index: libtiff/libtiff/tif_strip.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_strip.c,v -retrieving revision 1.37 -retrieving revision 1.38 -diff -u -r1.37 -r1.38 ---- libtiff/libtiff/tif_strip.c 9 Nov 2016 23:00:49 -0000 1.37 -+++ libtiff/libtiff/tif_strip.c 3 Dec 2016 11:02:15 -0000 1.38 -@@ -1,4 +1,4 @@ --/* $Id: tif_strip.c,v 1.37 2016-11-09 23:00:49 erouault Exp $ */ -+/* $Id: tif_strip.c,v 1.38 2016-12-03 11:02:15 erouault Exp $ */ - - /* - * Copyright (c) 1991-1997 Sam Leffler -@@ -63,15 +63,6 @@ - TIFFDirectory *td = &tif->tif_dir; - uint32 nstrips; - -- /* If the value was already computed and store in td_nstrips, then return it, -- since ChopUpSingleUncompressedStrip might have altered and resized the -- since the td_stripbytecount and td_stripoffset arrays to the new value -- after the initial affectation of td_nstrips = TIFFNumberOfStrips() in -- tif_dirread.c ~line 3612. -- See http://bugzilla.maptools.org/show_bug.cgi?id=2587 */ -- if( td->td_nstrips ) -- return td->td_nstrips; -- - nstrips = (td->td_rowsperstrip == (uint32) -1 ? 1 : - TIFFhowmany_32(td->td_imagelength, td->td_rowsperstrip)); - if (td->td_planarconfig == PLANARCONFIG_SEPARATE) diff --git a/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch b/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch deleted file mode 100644 index f0fef08bf3..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tiffcp.patch +++ /dev/null @@ -1,67 +0,0 @@ -Fix heap buffer overflow in tiffcp when parsing number of inks: - -http://bugzilla.maptools.org/show_bug.cgi?id=2599 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tif_dir.c: when TIFFGetField(, TIFFTAG_NUMBEROFINKS, ) is -called, - limit the return number of inks to SamplesPerPixel, so that code that -parses - ink names doesn't go past the end of the buffer. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1184; previous revision: 1.1183 -/cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v <-- libtiff/tif_dir.c -new revision: 1.128; previous revision: 1.127 - -Index: libtiff/libtiff/tif_dir.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/libtiff/tif_dir.c,v -retrieving revision 1.127 -retrieving revision 1.128 -diff -u -r1.127 -r1.128 ---- libtiff/libtiff/tif_dir.c 25 Oct 2016 21:35:15 -0000 1.127 -+++ libtiff/libtiff/tif_dir.c 3 Dec 2016 15:30:31 -0000 1.128 -@@ -1,4 +1,4 @@ --/* $Id: tif_dir.c,v 1.127 2016-10-25 21:35:15 erouault Exp $ */ -+/* $Id: tif_dir.c,v 1.128 2016-12-03 15:30:31 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -854,6 +854,32 @@ - if( fip == NULL ) /* cannot happen since TIFFGetField() already checks it */ - return 0; - -+ if( tag == TIFFTAG_NUMBEROFINKS ) -+ { -+ int i; -+ for (i = 0; i < td->td_customValueCount; i++) { -+ uint16 val; -+ TIFFTagValue *tv = td->td_customValues + i; -+ if (tv->info->field_tag != tag) -+ continue; -+ val = *(uint16 *)tv->value; -+ /* Truncate to SamplesPerPixel, since the */ -+ /* setting code for INKNAMES assume that there are SamplesPerPixel */ -+ /* inknames. */ -+ /* Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2599 */ -+ if( val > td->td_samplesperpixel ) -+ { -+ TIFFWarningExt(tif->tif_clientdata,"_TIFFVGetField", -+ "Truncating NumberOfInks from %u to %u", -+ val, td->td_samplesperpixel); -+ val = td->td_samplesperpixel; -+ } -+ *va_arg(ap, uint16*) = val; -+ return 1; -+ } -+ return 0; -+ } -+ - /* - * We want to force the custom code to be used for custom - * fields even if the tag happens to match a well known diff --git a/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch b/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch deleted file mode 100644 index 8166c55758..0000000000 --- a/gnu/packages/patches/libtiff-heap-overflow-tiffcrop.patch +++ /dev/null @@ -1,60 +0,0 @@ -Fix heap-based buffer overflow in combineSeparateSamples16bits(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2621 - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcrop.c: add 3 extra bytes at end of strip buffer in - readSeparateStripsIntoBuffer() to avoid read outside of heap allocated -buffer. - Reported by Agostina Sarubo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2621 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1179; previous revision: 1.1178 -/cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v <-- tools/tiffcrop.c -new revision: 1.48; previous revision: 1.47 - -Index: libtiff/tools/tiffcrop.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcrop.c,v -retrieving revision 1.47 -retrieving revision 1.48 -diff -u -r1.47 -r1.48 ---- libtiff/tools/tiffcrop.c 3 Dec 2016 11:35:56 -0000 1.47 -+++ libtiff/tools/tiffcrop.c 3 Dec 2016 12:19:32 -0000 1.48 -@@ -1,4 +1,4 @@ --/* $Id: tiffcrop.c,v 1.47 2016-12-03 11:35:56 erouault Exp $ */ -+/* $Id: tiffcrop.c,v 1.48 2016-12-03 12:19:32 erouault Exp $ */ - - /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of - * the image data through additional options listed below -@@ -4815,10 +4815,17 @@ - nstrips = TIFFNumberOfStrips(in); - strips_per_sample = nstrips /spp; - -+ /* Add 3 padding bytes for combineSeparateSamples32bits */ -+ if( (size_t) stripsize > 0xFFFFFFFFU - 3U ) -+ { -+ TIFFError("readSeparateStripsIntoBuffer", "Integer overflow when calculating buffer size."); -+ exit(-1); -+ } -+ - for (s = 0; (s < spp) && (s < MAX_SAMPLES); s++) - { - srcbuffs[s] = NULL; -- buff = _TIFFmalloc(stripsize); -+ buff = _TIFFmalloc(stripsize + 3); - if (!buff) - { - TIFFError ("readSeparateStripsIntoBuffer", -@@ -4827,6 +4834,9 @@ - _TIFFfree (srcbuffs[i]); - return 0; - } -+ buff[stripsize] = 0; -+ buff[stripsize+1] = 0; -+ buff[stripsize+2] = 0; - srcbuffs[s] = buff; - } - diff --git a/gnu/packages/patches/libtiff-invalid-read.patch b/gnu/packages/patches/libtiff-invalid-read.patch deleted file mode 100644 index 92742d8757..0000000000 --- a/gnu/packages/patches/libtiff-invalid-read.patch +++ /dev/null @@ -1,64 +0,0 @@ -Fix invalid read in t2p_writeproc(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2639 - -2016-12-20 Even Rouault <even.rouault at spatialys.com> - - * tools/tiff2pdf.c: avoid potential invalid memory read in - t2p_writeproc. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2639 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1198; previous revision: 1.1197 -/cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v <-- tools/tiff2pdf.c -new revision: 1.100; previous revision: 1.99 - -Index: libtiff/tools/tiff2pdf.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiff2pdf.c,v -retrieving revision 1.99 -retrieving revision 1.100 -diff -u -r1.99 -r1.100 ---- libtiff/tools/tiff2pdf.c 20 Dec 2016 17:13:26 -0000 1.99 -+++ libtiff/tools/tiff2pdf.c 20 Dec 2016 17:24:35 -0000 1.100 -@@ -2896,6 +2896,7 @@ - } - if(TIFFGetField(input, TIFFTAG_JPEGTABLES, &count, &jpt) != 0) { - if (count >= 4) { -+ int retTIFFReadRawTile; - /* Ignore EOI marker of JpegTables */ - _TIFFmemcpy(buffer, jpt, count - 2); - bufferoffset += count - 2; -@@ -2903,22 +2904,23 @@ - table_end[0] = buffer[bufferoffset-2]; - table_end[1] = buffer[bufferoffset-1]; - xuint32 = bufferoffset; -- bufferoffset -= 2; -- bufferoffset += TIFFReadRawTile( -+ bufferoffset -= 2; -+ retTIFFReadRawTile= TIFFReadRawTile( - input, - tile, - (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), - -1); -+ if( retTIFFReadRawTile < 0 ) -+ { -+ _TIFFfree(buffer); -+ t2p->t2p_error = T2P_ERR_ERROR; -+ return(0); -+ } -+ bufferoffset += retTIFFReadRawTile; - /* Overwrite SOI marker of image scan with previously */ - /* saved end of JpegTables */ - buffer[xuint32-2]=table_end[0]; - buffer[xuint32-1]=table_end[1]; -- } else { -- bufferoffset += TIFFReadRawTile( -- input, -- tile, -- (tdata_t) &(((unsigned char*)buffer)[bufferoffset]), -- -1); - } - } - t2pWriteFile(output, (tdata_t) buffer, bufferoffset); diff --git a/gnu/packages/patches/libtiff-null-dereference.patch b/gnu/packages/patches/libtiff-null-dereference.patch deleted file mode 100644 index 8c6345b804..0000000000 --- a/gnu/packages/patches/libtiff-null-dereference.patch +++ /dev/null @@ -1,42 +0,0 @@ -Fix NULL pointer dereference in TIFFReadRawData(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2594 - - -2016-12-03 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffinfo.c: fix null pointer dereference in -r mode when - * the -image has - no StripByteCount tag. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2594 - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1182; previous revision: 1.1181 -/cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v <-- tools/tiffinfo.c -new revision: 1.26; previous revision: 1.25 - -Index: libtiff/tools/tiffinfo.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffinfo.c,v -retrieving revision 1.25 -retrieving revision 1.26 -diff -u -r1.25 -r1.26 ---- libtiff/tools/tiffinfo.c 12 Nov 2016 20:06:05 -0000 1.25 -+++ libtiff/tools/tiffinfo.c 3 Dec 2016 14:18:49 -0000 1.26 -@@ -1,4 +1,4 @@ --/* $Id: tiffinfo.c,v 1.25 2016-11-12 20:06:05 bfriesen Exp $ */ -+/* $Id: tiffinfo.c,v 1.26 2016-12-03 14:18:49 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -417,7 +417,7 @@ - uint64* stripbc=NULL; - - TIFFGetField(tif, TIFFTAG_STRIPBYTECOUNTS, &stripbc); -- if (nstrips > 0) { -+ if (stripbc != NULL && nstrips > 0) { - uint32 bufsize = (uint32) stripbc[0]; - tdata_t buf = _TIFFmalloc(bufsize); - tstrip_t s; diff --git a/gnu/packages/patches/libtiff-tiffcp-underflow.patch b/gnu/packages/patches/libtiff-tiffcp-underflow.patch deleted file mode 100644 index 5615cbb3e1..0000000000 --- a/gnu/packages/patches/libtiff-tiffcp-underflow.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix a integer underflow in tiffcp that led to heap overflows in -TIFFReverseBits(): - -http://bugzilla.maptools.org/show_bug.cgi?id=2598 - -2016-12-02 Even Rouault <even.rouault at spatialys.com> - - * tools/tiffcp.c: avoid uint32 underflow in cpDecodedStrips that - can cause various issues, such as buffer overflows in the library. - Reported by Agostino Sarubbo. - Fixes http://bugzilla.maptools.org/show_bug.cgi?id=2598 - - -/cvs/maptools/cvsroot/libtiff/ChangeLog,v <-- ChangeLog -new revision: 1.1174; previous revision: 1.1173 -/cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v <-- tools/tiffcp.c -new revision: 1.56; previous revision: 1.55 - -Index: libtiff/tools/tiffcp.c -=================================================================== -RCS file: /cvs/maptools/cvsroot/libtiff/tools/tiffcp.c,v -retrieving revision 1.55 -retrieving revision 1.56 -diff -u -r1.55 -r1.56 ---- libtiff/tools/tiffcp.c 8 Oct 2016 15:54:57 -0000 1.55 -+++ libtiff/tools/tiffcp.c 2 Dec 2016 22:13:32 -0000 1.56 -@@ -1,4 +1,4 @@ --/* $Id: tiffcp.c,v 1.55 2016-10-08 15:54:57 erouault Exp $ */ -+/* $Id: tiffcp.c,v 1.56 2016-12-02 22:13:32 erouault Exp $ */ - - /* - * Copyright (c) 1988-1997 Sam Leffler -@@ -985,7 +985,7 @@ - tstrip_t s, ns = TIFFNumberOfStrips(in); - uint32 row = 0; - _TIFFmemset(buf, 0, stripsize); -- for (s = 0; s < ns; s++) { -+ for (s = 0; s < ns && row < imagelength; s++) { - tsize_t cc = (row + rowsperstrip > imagelength) ? - TIFFVStripSize(in, imagelength - row) : stripsize; - if (TIFFReadEncodedStrip(in, s, buf, cc) < 0 diff --git a/gnu/packages/patches/libunistring-gnulib-multi-core.patch b/gnu/packages/patches/libunistring-gnulib-multi-core.patch new file mode 100644 index 0000000000..709b20c6d2 --- /dev/null +++ b/gnu/packages/patches/libunistring-gnulib-multi-core.patch @@ -0,0 +1,178 @@ +This patch fixes performance problems on multi-core machines +as reported at <https://bugs.gnu.org/26441>. + +See commit 480d374e596a0ee3fed168ab42cd84c313ad3c89 in Gnulib +by Bruno Haible <bruno@clisp.org>. + +diff --git a/tests/test-lock.c b/tests/test-lock.c +index cb734b4e6..aa6de2739 100644 +--- a/tests/test-lock.c ++++ b/tests/test-lock.c +@@ -50,6 +50,13 @@ + Uncomment this to see if the operating system has a fair scheduler. */ + #define EXPLICIT_YIELD 1 + ++/* Whether to use 'volatile' on some variables that communicate information ++ between threads. If set to 0, a lock is used to protect these variables. ++ If set to 1, 'volatile' is used; this is theoretically equivalent but can ++ lead to much slower execution (e.g. 30x slower total run time on a 40-core ++ machine. */ ++#define USE_VOLATILE 0 ++ + /* Whether to print debugging messages. */ + #define ENABLE_DEBUGGING 0 + +@@ -103,6 +110,51 @@ + # define yield() + #endif + ++#if USE_VOLATILE ++struct atomic_int { ++ volatile int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ return ai->value; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ ai->value = new_value; ++} ++#else ++struct atomic_int { ++ gl_lock_define (, lock) ++ int value; ++}; ++static void ++init_atomic_int (struct atomic_int *ai) ++{ ++ gl_lock_init (ai->lock); ++} ++static int ++get_atomic_int_value (struct atomic_int *ai) ++{ ++ gl_lock_lock (ai->lock); ++ int ret = ai->value; ++ gl_lock_unlock (ai->lock); ++ return ret; ++} ++static void ++set_atomic_int_value (struct atomic_int *ai, int new_value) ++{ ++ gl_lock_lock (ai->lock); ++ ai->value = new_value; ++ gl_lock_unlock (ai->lock); ++} ++#endif ++ + #define ACCOUNT_COUNT 4 + + static int account[ACCOUNT_COUNT]; +@@ -170,12 +222,12 @@ lock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int lock_checker_done; ++static struct atomic_int lock_checker_done; + + static void * + lock_checker_thread (void *arg) + { +- while (!lock_checker_done) ++ while (get_atomic_int_value (&lock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_lock_lock (my_lock); +@@ -200,7 +252,8 @@ test_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- lock_checker_done = 0; ++ init_atomic_int (&lock_checker_done); ++ set_atomic_int_value (&lock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (lock_checker_thread, NULL); +@@ -210,7 +263,7 @@ test_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- lock_checker_done = 1; ++ set_atomic_int_value (&lock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } +@@ -254,12 +307,12 @@ rwlock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int rwlock_checker_done; ++static struct atomic_int rwlock_checker_done; + + static void * + rwlock_checker_thread (void *arg) + { +- while (!rwlock_checker_done) ++ while (get_atomic_int_value (&rwlock_checker_done) == 0) + { + dbgprintf ("Checker %p before check rdlock\n", gl_thread_self_pointer ()); + gl_rwlock_rdlock (my_rwlock); +@@ -284,7 +337,8 @@ test_rwlock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- rwlock_checker_done = 0; ++ init_atomic_int (&rwlock_checker_done); ++ set_atomic_int_value (&rwlock_checker_done, 0); + + /* Spawn the threads. */ + for (i = 0; i < THREAD_COUNT; i++) +@@ -295,7 +349,7 @@ test_rwlock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- rwlock_checker_done = 1; ++ set_atomic_int_value (&rwlock_checker_done, 1); + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (checkerthreads[i], NULL); + check_accounts (); +@@ -356,12 +410,12 @@ reclock_mutator_thread (void *arg) + return NULL; + } + +-static volatile int reclock_checker_done; ++static struct atomic_int reclock_checker_done; + + static void * + reclock_checker_thread (void *arg) + { +- while (!reclock_checker_done) ++ while (get_atomic_int_value (&reclock_checker_done) == 0) + { + dbgprintf ("Checker %p before check lock\n", gl_thread_self_pointer ()); + gl_recursive_lock_lock (my_reclock); +@@ -386,7 +440,8 @@ test_recursive_lock (void) + /* Initialization. */ + for (i = 0; i < ACCOUNT_COUNT; i++) + account[i] = 1000; +- reclock_checker_done = 0; ++ init_atomic_int (&reclock_checker_done); ++ set_atomic_int_value (&reclock_checker_done, 0); + + /* Spawn the threads. */ + checkerthread = gl_thread_create (reclock_checker_thread, NULL); +@@ -396,7 +451,7 @@ test_recursive_lock (void) + /* Wait for the threads to terminate. */ + for (i = 0; i < THREAD_COUNT; i++) + gl_thread_join (threads[i], NULL); +- reclock_checker_done = 1; ++ set_atomic_int_value (&reclock_checker_done, 1); + gl_thread_join (checkerthread, NULL); + check_accounts (); + } diff --git a/gnu/packages/patches/mesa-fix-32bit-test-failures.patch b/gnu/packages/patches/mesa-fix-32bit-test-failures.patch deleted file mode 100644 index e21e87cef6..0000000000 --- a/gnu/packages/patches/mesa-fix-32bit-test-failures.patch +++ /dev/null @@ -1,58 +0,0 @@ -Fix a test failure when building for 32 bit architectures: - -http://lists.gnu.org/archive/html/guix-devel/2017-04/msg00381.html - -Patch copied from upstream source repository: - -https://cgit.freedesktop.org/mesa/mesa/commit/?id=61bbb25a080e48a8ca897ba7f6e73cc6a8e9b5b8 - -From 61bbb25a080e48a8ca897ba7f6e73cc6a8e9b5b8 Mon Sep 17 00:00:00 2001 -From: Grazvydas Ignotas <notasas@gmail.com> -Date: Thu, 9 Mar 2017 02:54:53 +0200 -Subject: [PATCH] util/disk_cache: fix size subtraction on 32bit - -Negating size_t on 32bit produces a 32bit result. This was effectively -adding values close to UINT_MAX to the cache size (the files are usually -small) instead of intended subtraction. -Fixes 'make check' disk_cache failures on 32bit. - -Signed-off-by: Grazvydas Ignotas <notasas@gmail.com> -Reviewed-by: Timothy Arceri <tarceri@itsqueeze.com> ---- - src/util/disk_cache.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/util/disk_cache.c b/src/util/disk_cache.c -index 5470688df3..facdcecf7c 100644 ---- a/src/util/disk_cache.c -+++ b/src/util/disk_cache.c -@@ -603,7 +603,7 @@ evict_random_item(struct disk_cache *cache) - free(dir_path); - - if (size) { -- p_atomic_add(cache->size, - size); -+ p_atomic_add(cache->size, - (uint64_t)size); - return; - } - -@@ -624,7 +624,7 @@ evict_random_item(struct disk_cache *cache) - free(dir_path); - - if (size) -- p_atomic_add(cache->size, - size); -+ p_atomic_add(cache->size, - (uint64_t)size); - } - - void -#@@ -646,7 +646,7 @@ disk_cache_remove(struct disk_cache *cache, const cache_key key) -# free(filename); -# -# if (sb.st_size) -#- p_atomic_add(cache->size, - sb.st_size); -#+ p_atomic_add(cache->size, - (uint64_t)sb.st_size); -# } -# -# /* From the zlib docs: --- -2.12.2 - diff --git a/gnu/packages/patches/mesa-skip-disk-cache-test.patch b/gnu/packages/patches/mesa-skip-disk-cache-test.patch index 4377110475..b3f9367fd5 100644 --- a/gnu/packages/patches/mesa-skip-disk-cache-test.patch +++ b/gnu/packages/patches/mesa-skip-disk-cache-test.patch @@ -5,16 +5,15 @@ for now. --- a/src/compiler/glsl/tests/cache_test.c +++ b/src/compiler/glsl/tests/cache_test.c -@@ -137,11 +137,6 @@ +@@ -170,11 +170,6 @@ unsetenv("MESA_GLSL_CACHE_DIR"); unsetenv("XDG_CACHE_HOME"); -- cache = disk_cache_create(); +- cache = disk_cache_create("test", "make_check"); - expect_non_null(cache, "disk_cache_create with no environment variables"); - - disk_cache_destroy(cache); - /* Test with XDG_CACHE_HOME set */ setenv("XDG_CACHE_HOME", CACHE_TEST_TMP "/xdg-cache-home", 1); - cache = disk_cache_create(); - + cache = disk_cache_create("test", "make_check"); diff --git a/gnu/packages/patches/metabat-fix-boost-issue.patch b/gnu/packages/patches/metabat-fix-boost-issue.patch new file mode 100644 index 0000000000..3382d84d66 --- /dev/null +++ b/gnu/packages/patches/metabat-fix-boost-issue.patch @@ -0,0 +1,27 @@ +This patch fixes the issue described at +https://bitbucket.org/berkeleylab/metabat/issues/28/compilation-fail-with-boost-164 + +diff --git a/src/metabat.h b/src/metabat.h +index 32ae94c..2292c04 100644 +--- a/src/metabat.h ++++ b/src/metabat.h +@@ -35,6 +35,7 @@ KSEQ_INIT(gzFile, gzread) + + #include <boost/program_options.hpp> + #include <boost/algorithm/string.hpp> ++#include <boost/serialization/array_wrapper.hpp> + #include <boost/numeric/ublas/matrix.hpp> + #include <boost/math/distributions.hpp> + #include <boost/serialization/serialization.hpp> +diff --git a/src/metabat2.h b/src/metabat2.h +index 60a9998..19fa815 100644 +--- a/src/metabat2.h ++++ b/src/metabat2.h +@@ -41,6 +41,7 @@ KSEQ_INIT(gzFile, gzread) + + #include <boost/program_options.hpp> + #include <boost/algorithm/string.hpp> ++#include <boost/serialization/array_wrapper.hpp> + #include <boost/numeric/ublas/matrix.hpp> + #include <boost/numeric/ublas/matrix_sparse.hpp> + #include <boost/numeric/ublas/matrix_proxy.hpp> diff --git a/gnu/packages/patches/pcre-CVE-2017-7186.patch b/gnu/packages/patches/pcre-CVE-2017-7186.patch new file mode 100644 index 0000000000..d23aa10374 --- /dev/null +++ b/gnu/packages/patches/pcre-CVE-2017-7186.patch @@ -0,0 +1,56 @@ +Patch for <https://nvd.nist.gov/vuln/detail?vulnId=CVE-2017-7186> +from <https://vcs.pcre.org/pcre?view=revision&revision=1688>. + +--- trunk/pcre_internal.h 2016/05/21 13:34:44 1649 ++++ trunk/pcre_internal.h 2017/02/24 17:30:30 1688 +@@ -2772,6 +2772,9 @@ + extern const pcre_uint16 PRIV(ucd_stage2)[]; + extern const pcre_uint32 PRIV(ucp_gentype)[]; + extern const pcre_uint32 PRIV(ucp_gbtable)[]; ++#ifdef COMPILE_PCRE32 ++extern const ucd_record PRIV(dummy_ucd_record)[]; ++#endif + #ifdef SUPPORT_JIT + extern const int PRIV(ucp_typerange)[]; + #endif +@@ -2780,9 +2783,15 @@ + /* UCD access macros */ + + #define UCD_BLOCK_SIZE 128 +-#define GET_UCD(ch) (PRIV(ucd_records) + \ ++#define REAL_GET_UCD(ch) (PRIV(ucd_records) + \ + PRIV(ucd_stage2)[PRIV(ucd_stage1)[(int)(ch) / UCD_BLOCK_SIZE] * \ + UCD_BLOCK_SIZE + (int)(ch) % UCD_BLOCK_SIZE]) ++ ++#ifdef COMPILE_PCRE32 ++#define GET_UCD(ch) ((ch > 0x10ffff)? PRIV(dummy_ucd_record) : REAL_GET_UCD(ch)) ++#else ++#define GET_UCD(ch) REAL_GET_UCD(ch) ++#endif + + #define UCD_CHARTYPE(ch) GET_UCD(ch)->chartype + #define UCD_SCRIPT(ch) GET_UCD(ch)->script + +--- trunk/pcre_ucd.c 2014/06/19 07:51:39 1490 ++++ trunk/pcre_ucd.c 2017/02/24 17:30:30 1688 +@@ -38,6 +38,20 @@ + const pcre_uint32 PRIV(ucd_caseless_sets)[] = {0}; + #else + ++/* If the 32-bit library is run in non-32-bit mode, character values ++greater than 0x10ffff may be encountered. For these we set up a ++special record. */ ++ ++#ifdef COMPILE_PCRE32 ++const ucd_record PRIV(dummy_ucd_record)[] = {{ ++ ucp_Common, /* script */ ++ ucp_Cn, /* type unassigned */ ++ ucp_gbOther, /* grapheme break property */ ++ 0, /* case set */ ++ 0, /* other case */ ++ }}; ++#endif ++ + /* When recompiling tables with a new Unicode version, please check the + types in this structure definition from pcre_internal.h (the actual + field names will be different): diff --git a/gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch b/gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch deleted file mode 100644 index 16f136fb54..0000000000 --- a/gnu/packages/patches/perl-net-ssleay-disable-ede-test.patch +++ /dev/null @@ -1,23 +0,0 @@ -Disable a test that fails with openssl-1.0.2b. - ---- Net-SSLeay-1.68/t/local/33_x509_create_cert.t.orig 2014-06-07 02:01:39.000000000 -0400 -+++ Net-SSLeay-1.68/t/local/33_x509_create_cert.t 2015-06-12 03:38:57.620286888 -0400 -@@ -2,7 +2,7 @@ - - use strict; - use warnings; --use Test::More tests => 123; -+use Test::More tests => 122; - use Net::SSLeay qw/MBSTRING_ASC MBSTRING_UTF8 EVP_PK_RSA EVP_PKT_SIGN EVP_PKT_ENC/; - use File::Spec; - use utf8; -@@ -101,7 +101,8 @@ - like(my $key_pem3 = Net::SSLeay::PEM_get_string_PrivateKey($pk,"password",$alg1), qr/-----BEGIN (ENCRYPTED|RSA) PRIVATE KEY-----/, "PEM_get_string_PrivateKey+passwd+enc_alg"); - - ok(my $alg2 = Net::SSLeay::EVP_get_cipherbyname("DES-EDE3-OFB"), "EVP_get_cipherbyname"); -- like(my $key_pem4 = Net::SSLeay::PEM_get_string_PrivateKey($pk,"password",$alg2), qr/-----BEGIN (ENCRYPTED|RSA) PRIVATE KEY-----/, "PEM_get_string_PrivateKey+passwd+enc_alg"); -+ # This test fails with openssl-1.0.2b -+ #like(my $key_pem4 = Net::SSLeay::PEM_get_string_PrivateKey($pk,"password",$alg2), qr/-----BEGIN (ENCRYPTED|RSA) PRIVATE KEY-----/, "PEM_get_string_PrivateKey+passwd+enc_alg"); - - is(Net::SSLeay::X509_NAME_print_ex($name), "O=Company Name,C=UK,CN=Common name text X509", "X509_NAME_print_ex"); - diff --git a/gnu/packages/patches/perl-no-sys-dirs.patch b/gnu/packages/patches/perl-no-sys-dirs.patch index da91fef3b4..31d53e0353 100644 --- a/gnu/packages/patches/perl-no-sys-dirs.patch +++ b/gnu/packages/patches/perl-no-sys-dirs.patch @@ -1,6 +1,7 @@ Don't look for headers and libraries in "traditional" locations. -Patch from Nixpkgs by Eelco Dolstra <eelco.dolstra@logicblox.com>. +Patch adapted from Nixpkgs, originally by Eelco Dolstra +<eelco.dolstra@logicblox.com>. diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/Configure perl-5.20.0/Configure --- perl-5.20.0-orig/Configure 2014-05-26 15:34:18.000000000 +0200 @@ -185,39 +186,6 @@ diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/hints/linux.sh perl-5.20.0/hints/li case "$plibpth" in '') plibpth=`LANG=C LC_ALL=C $gcc $ccflags $ldflags -print-search-dirs | grep libraries | cut -f2- -d= | tr ':' $trnl | grep -v 'gcc' | sed -e 's:/$::'` -@@ -178,32 +159,6 @@ - ;; - esac - --case "$libc" in --'') --# If you have glibc, then report the version for ./myconfig bug reporting. --# (Configure doesn't need to know the specific version since it just uses --# gcc to load the library for all tests.) --# We don't use __GLIBC__ and __GLIBC_MINOR__ because they --# are insufficiently precise to distinguish things like --# libc-2.0.6 and libc-2.0.7. -- for p in $plibpth -- do -- for trylib in libc.so.6 libc.so -- do -- if $test -e $p/$trylib; then -- libc=`ls -l $p/$trylib | awk '{print $NF}'` -- if $test "X$libc" != X; then -- break -- fi -- fi -- done -- if $test "X$libc" != X; then -- break -- fi -- done -- ;; --esac -- - # Are we using ELF? Thanks to Kenneth Albanowski <kjahds@kjahds.com> - # for this test. - cat >try.c <<'EOM' @@ -367,33 +322,6 @@ ;; esac @@ -252,3 +220,40 @@ diff -ru -x '*~' -x '*.rej' perl-5.20.0-orig/hints/linux.sh perl-5.20.0/hints/li # Linux on Synology. if [ -f /etc/synoinfo.conf -a -d /usr/syno ]; then # Tested on Synology DS213 and DS413 +diff --git a/hints/linux.sh b/hints/linux.sh +index 3f38ea0..97aed11 100644 +--- a/hints/linux.sh ++++ b/hints/linux.sh +@@ -195,32 +195,6 @@ case "$usequadmath" in + ;; + esac + +-case "$libc" in +-'') +-# If you have glibc, then report the version for ./myconfig bug reporting. +-# (Configure doesn't need to know the specific version since it just uses +-# gcc to load the library for all tests.) +-# We don't use __GLIBC__ and __GLIBC_MINOR__ because they +-# are insufficiently precise to distinguish things like +-# libc-2.0.6 and libc-2.0.7. +- for p in $plibpth +- do +- for trylib in libc.so.6 libc.so +- do +- if $test -e $p/$trylib; then +- libc=`ls -l $p/$trylib | awk '{print $NF}'` +- if $test "X$libc" != X; then +- break +- fi +- fi +- done +- if $test "X$libc" != X; then +- break +- fi +- done +- ;; +-esac +- + if ${sh:-/bin/sh} -c exit; then + echo '' + echo 'You appear to have a working bash. Good.' diff --git a/gnu/packages/patches/poppler-CVE-2017-9776.patch b/gnu/packages/patches/poppler-CVE-2017-9776.patch deleted file mode 100644 index 17a2807171..0000000000 --- a/gnu/packages/patches/poppler-CVE-2017-9776.patch +++ /dev/null @@ -1,34 +0,0 @@ -Fix CVE-2017-9776: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776 -https://bugs.freedesktop.org/show_bug.cgi?id=101541 - -Patch copied from upstream source repository: - -https://cgit.freedesktop.org/poppler/poppler/commit/?id=a3a98a6d83dfbf49f565f5aa2d7c07153a7f62fc - -From 55db66c69fd56826b8523710046deab1a8d14ba2 Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Wed, 21 Jun 2017 00:55:20 +0200 -Subject: [PATCH] Fix crash in malformed documents - ---- - poppler/JBIG2Stream.cc | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/poppler/JBIG2Stream.cc b/poppler/JBIG2Stream.cc -index 48535883..d89108c8 100644 ---- a/poppler/JBIG2Stream.cc -+++ b/poppler/JBIG2Stream.cc -@@ -896,7 +896,7 @@ void JBIG2Bitmap::combine(JBIG2Bitmap *bitmap, int x, int y, - oneByte = x0 == ((x1 - 1) & ~7); - - for (yy = y0; yy < y1; ++yy) { -- if (unlikely(y + yy) >= h) -+ if (unlikely((y + yy >= h) || (y + yy < 0))) - continue; - - // one byte per line -- need to mask both left and right side --- -2.13.2 - diff --git a/gnu/packages/patches/poppler-fix-crash-with-broken-documents.patch b/gnu/packages/patches/poppler-fix-crash-with-broken-documents.patch deleted file mode 100644 index 353a16e322..0000000000 --- a/gnu/packages/patches/poppler-fix-crash-with-broken-documents.patch +++ /dev/null @@ -1,61 +0,0 @@ -Copied from: - - https://cgit.freedesktop.org/poppler/poppler/patch/?id=5c9b08a875b07853be6c44e43ff5f7f059df666a - -From 5c9b08a875b07853be6c44e43ff5f7f059df666a Mon Sep 17 00:00:00 2001 -From: Albert Astals Cid <aacid@kde.org> -Date: Sat, 27 May 2017 00:09:17 +0200 -Subject: pdfunite: Fix crash with broken documents - -Sometimes we can't parse pages so check before accessing them - -Thanks to Jiaqi Peng for the report - -Fixes bugs #101153 and #101149 - -diff --git a/utils/pdfunite.cc b/utils/pdfunite.cc -index dfe48bf..c32e201 100644 ---- a/utils/pdfunite.cc -+++ b/utils/pdfunite.cc -@@ -7,7 +7,7 @@ - // Copyright (C) 2011-2015, 2017 Thomas Freitag <Thomas.Freitag@alfa.de> - // Copyright (C) 2012 Arseny Solokha <asolokha@gmx.com> - // Copyright (C) 2012 Fabio D'Urso <fabiodurso@hotmail.it> --// Copyright (C) 2012, 2014 Albert Astals Cid <aacid@kde.org> -+// Copyright (C) 2012, 2014, 2017 Albert Astals Cid <aacid@kde.org> - // Copyright (C) 2013 Adrian Johnson <ajohnson@redneon.com> - // Copyright (C) 2013 Hib Eris <hib@hiberis.nl> - // Copyright (C) 2015 Arthur Stavisky <vovodroid@gmail.com> -@@ -268,15 +268,15 @@ int main (int argc, char *argv[]) - catDict->lookup("OutputIntents", &intents); - catDict->lookupNF("AcroForm", &afObj); - Ref *refPage = docs[0]->getCatalog()->getPageRef(1); -- if (!afObj.isNull()) { -+ if (!afObj.isNull() && refPage) { - docs[0]->markAcroForm(&afObj, yRef, countRef, 0, refPage->num, refPage->num); - } - catDict->lookupNF("OCProperties", &ocObj); -- if (!ocObj.isNull() && ocObj.isDict()) { -+ if (!ocObj.isNull() && ocObj.isDict() && refPage) { - docs[0]->markPageObjects(ocObj.getDict(), yRef, countRef, 0, refPage->num, refPage->num); - } - catDict->lookup("Names", &names); -- if (!names.isNull() && names.isDict()) { -+ if (!names.isNull() && names.isDict() && refPage) { - docs[0]->markPageObjects(names.getDict(), yRef, countRef, 0, refPage->num, refPage->num); - } - if (intents.isArray() && intents.arrayGetLength() > 0) { -@@ -353,6 +353,10 @@ int main (int argc, char *argv[]) - - for (i = 0; i < (int) docs.size(); i++) { - for (j = 1; j <= docs[i]->getNumPages(); j++) { -+ if (!docs[i]->getCatalog()->getPage(j)) { -+ continue; -+ } -+ - PDFRectangle *cropBox = NULL; - if (docs[i]->getCatalog()->getPage(j)->isCropped()) - cropBox = docs[i]->getCatalog()->getPage(j)->getCropBox(); --- -cgit v0.10.2 - diff --git a/gnu/packages/patches/python-file-double-encoding-bug.patch b/gnu/packages/patches/python-file-double-encoding-bug.patch deleted file mode 100644 index bbe825c36a..0000000000 --- a/gnu/packages/patches/python-file-double-encoding-bug.patch +++ /dev/null @@ -1,50 +0,0 @@ -Fix bug that breaks file's Python bindings when using Python 3. This patch -should not be applied when using Python 2. - -Copied from upstream source repository: - -https://github.com/file/file/commit/73e043d2a986234b187a00ed0c8d1f7bf83df372 - -From 73e043d2a986234b187a00ed0c8d1f7bf83df372 Mon Sep 17 00:00:00 2001 -From: Christos Zoulas <christos@zoulas.com> -Date: Tue, 28 Jun 2016 17:10:22 +0000 -Subject: [PATCH] PR/562: Reiner Herrmann: Avoid double encoding with python3 - ---- - python/magic.py | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/python/magic.py b/python/magic.py -index c48f7d5..b0f7a17 100644 ---- a/python/magic.py -+++ b/python/magic.py -@@ -134,7 +134,7 @@ class Magic(object): - if isinstance(r, str): - return r - else: -- return str(r).encode('utf-8') -+ return str(r, 'utf-8') - - def descriptor(self, fd): - """ -@@ -152,7 +152,7 @@ class Magic(object): - if isinstance(r, str): - return r - else: -- return str(r).encode('utf-8') -+ return str(r, 'utf-8') - - def error(self): - """ -@@ -163,7 +163,7 @@ class Magic(object): - if isinstance(e, str): - return e - else: -- return str(e).encode('utf-8') -+ return str(e, 'utf-8') - - def setflags(self, flags): - """ --- -2.10.1 - diff --git a/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch b/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch new file mode 100644 index 0000000000..3db42feac9 --- /dev/null +++ b/gnu/packages/patches/shishi-fix-libgcrypt-detection.patch @@ -0,0 +1,32 @@ +Fix building of Shishi with libgcrypt 1.6 and later. + +Patch copied from Debian: + +https://anonscm.debian.org/cgit/collab-maint/shishi.git/tree/debian/patches/fix_gcrypt_detection.diff?id=948301ae648a542a408da250755aeed58a6e3542 + +Description: Fix autoconf gnutls detection to also accept gcrypt 1.6. +Author: Andreas Metzler <ametzler@debian.org> +Bug-Debian: http://bugs.debian.org/753150 +Origin: vendor +Forwarded: no +Last-Update: 2014-07-18 + +--- shishi-1.0.2.orig/gl/m4/gc.m4 ++++ shishi-1.0.2/gl/m4/gc.m4 +@@ -12,10 +12,12 @@ AC_DEFUN([gl_GC], + if test "$libgcrypt" != no; then + AC_LIB_HAVE_LINKFLAGS([gcrypt], [gpg-error], [ + #include <gcrypt.h> +-/* GCRY_MODULE_ID_USER was added in 1.4.4 and gc-libgcrypt.c +- will fail on startup if we don't have 1.4.4 or later, so +- test for it early. */ +-#if !defined GCRY_MODULE_ID_USER ++/* gc-libgcrypt.c will fail on startup if we don't have libgcrypt 1.4.4 or ++ later, test for it early. by checking for either ++ - GCRY_MODULE_ID_USER which was added in 1.4.4 and dropped in 1.6 or ++ - GCRYPT_VERSION_NUMBER which was added in 1.6. ++ */ ++#if !defined GCRY_MODULE_ID_USER && !defined GCRYPT_VERSION_NUMBER + error too old libgcrypt + #endif + ]) diff --git a/gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch b/gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch deleted file mode 100644 index 3a9ae993f6..0000000000 --- a/gnu/packages/patches/texlive-texmf-CVE-2016-10243.patch +++ /dev/null @@ -1,18 +0,0 @@ -Fix CVE-2016-10243: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10243 - -Patch adapted from upstream commit: - -https://www.tug.org/svn/texlive?view=revision&revision=42605 - ---- trunk/Master/texmf-dist/web2c/texmf.cnf 2016/11/29 23:10:33 42604 -+++ trunk/Master/texmf-dist/web2c/texmf.cnf 2016/11/29 23:27:53 42605 -@@ -568,7 +568,6 @@ extractbb,\ - gregorio,\ - kpsewhich,\ - makeindex,\ --mpost,\ - repstopdf,\ - - % we'd like to allow: diff --git a/gnu/packages/patches/wget-perl-5.26.patch b/gnu/packages/patches/wget-perl-5.26.patch new file mode 100644 index 0000000000..ee3a984daa --- /dev/null +++ b/gnu/packages/patches/wget-perl-5.26.patch @@ -0,0 +1,96 @@ +This upstream commit adjusts tests for Perl 5.26. + +commit 7ffe93cabb181f39ad5091c31ab9f61bd940a55f +Author: Anton Yuzhaninov <citrin+github@citrin.ru> +Date: Wed Apr 5 19:06:42 2017 +0300 + + Fix perl warnings in tests + + * tests/FTPServer.pm: Escape '{' in RE to fix warnings + * tests/FTPTest.pm: Likewise + * tests/HTTPServer.pm: Likewise + * tests/HTTPTest.pm: Likewise + * tests/Test-proxied-https-auth-keepalive.px: Likewise + * tests/Test-proxied-https-auth.px: Likewise + Escape '{' in RE to fix warnings: + Unescaped left brace in regex is deprecated, passed through in regex; + marked by <-- HERE in m/{{ <-- HERE port}}/ + +diff --git a/tests/FTPServer.pm b/tests/FTPServer.pm +index a5185d66..cac80942 100644 +--- a/tests/FTPServer.pm ++++ b/tests/FTPServer.pm +@@ -589,7 +589,7 @@ sub new + foreach my $file (keys %{$self->{_input}}) + { + my $ref = \$self->{_input}{$file}{content}; +- $$ref =~ s/{{port}}/$self->sockport/eg; ++ $$ref =~ s/\Q{{port}}/$self->sockport/eg; + } + + return $self; +diff --git a/tests/FTPTest.pm b/tests/FTPTest.pm +index 50385ad0..0a1c768c 100644 +--- a/tests/FTPTest.pm ++++ b/tests/FTPTest.pm +@@ -53,7 +53,7 @@ sub _substitute_port + { + my $self = shift; + my $ret = shift; +- $ret =~ s/{{port}}/$self->{_server}->sockport/eg; ++ $ret =~ s/\Q{{port}}/$self->{_server}->sockport/eg; + return $ret; + } + +diff --git a/tests/HTTPServer.pm b/tests/HTTPServer.pm +index dd8ec043..78609f65 100644 +--- a/tests/HTTPServer.pm ++++ b/tests/HTTPServer.pm +@@ -310,7 +310,7 @@ sub _substitute_port + { + my $self = shift; + my $ret = shift; +- $ret =~ s/{{port}}/$self->sockport/eg; ++ $ret =~ s/\Q{{port}}/$self->sockport/eg; + return $ret; + } + +diff --git a/tests/HTTPTest.pm b/tests/HTTPTest.pm +index 00f079f8..6225c7f1 100644 +--- a/tests/HTTPTest.pm ++++ b/tests/HTTPTest.pm +@@ -47,7 +47,7 @@ sub _substitute_port + { + my $self = shift; + my $ret = shift; +- $ret =~ s/{{port}}/$self->{_server}->sockport/eg; ++ $ret =~ s/\Q{{port}}/$self->{_server}->sockport/eg; + return $ret; + } + +diff --git a/tests/Test-proxied-https-auth-keepalive.px b/tests/Test-proxied-https-auth-keepalive.px +index 049bebec..2a18ccfd 100755 +--- a/tests/Test-proxied-https-auth-keepalive.px ++++ b/tests/Test-proxied-https-auth-keepalive.px +@@ -153,7 +153,7 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee" + . " --password=Dodgson -e https_proxy=localhost:{{port}}" + . " --no-check-certificate" + . " https://no.such.domain/needs-auth.txt"; +-$cmdline =~ s/{{port}}/$SOCKET->sockport()/e; ++$cmdline =~ s/\Q{{port}}/$SOCKET->sockport()/e; + + if (defined $srcdir) { + $VALGRIND_SUPP_FILE = $srcdir . '/valgrind-suppressions-ssl'; +diff --git a/tests/Test-proxied-https-auth.px b/tests/Test-proxied-https-auth.px +index ce4e736c..878114e7 100755 +--- a/tests/Test-proxied-https-auth.px ++++ b/tests/Test-proxied-https-auth.px +@@ -152,7 +152,7 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee" + . " --password=Dodgson -e https_proxy=localhost:{{port}}" + . " --no-check-certificate" + . " https://no.such.domain/needs-auth.txt"; +-$cmdline =~ s/{{port}}/$SOCKET->sockport()/e; ++$cmdline =~ s/\Q{{port}}/$SOCKET->sockport()/e; + + if (defined $srcdir) { + $VALGRIND_SUPP_FILE = $srcdir . '/valgrind-suppressions-ssl'; |