diff options
Diffstat (limited to 'gnu/packages/patches')
21 files changed, 374 insertions, 1472 deletions
diff --git a/gnu/packages/patches/binutils-mips-bash-bug.patch b/gnu/packages/patches/binutils-mips-bash-bug.patch new file mode 100644 index 0000000000..08d3a79749 --- /dev/null +++ b/gnu/packages/patches/binutils-mips-bash-bug.patch @@ -0,0 +1,22 @@ +Bash 4.2.0(1)-release, which we use during bootstrap, does not yield the +"x" case in: + + case x"$EMULATION_NAME" in x) ;; *) ;; esac + +when 'EMULATION_NAME' is undefined. Bash 4.3.30(1)-release doesn't have this +problem. Work around it. + +This Bash bug was fixed +in <http://ftp.gnu.org/gnu/bash/bash-4.2-patches/bash42-007>. + +--- a/ld/emulparams/elf32bmipn32-defs.sh ++++ b/ld/emulparams/elf32bmipn32-defs.sh +@@ -13,7 +13,7 @@ LITTLE_OUTPUT_FORMAT="elf32-littlemips" + TEMPLATE_NAME=elf32 + EXTRA_EM_FILE=mipself + +-case x"$EMULATION_NAME" in ++case "x$EMULATION_NAME" in + xelf32*n32*) ELFSIZE=32 ;; + xelf64*) ELFSIZE=64 ;; + x) ;; diff --git a/gnu/packages/patches/cmake-fix-tests.patch b/gnu/packages/patches/cmake-fix-tests.patch index f59e2cd625..732b0023ab 100644 --- a/gnu/packages/patches/cmake-fix-tests.patch +++ b/gnu/packages/patches/cmake-fix-tests.patch @@ -1,6 +1,17 @@ ---- cmake-3.2.2.orig/Tests/CMakeLists.txt 2015-04-14 01:09:00.000000000 +0800 -+++ cmake-3.2.2/Tests/CMakeLists.txt 2015-04-28 15:02:34.913039742 +0800 -@@ -342,10 +342,12 @@ +From af0a62dadfb3db25880bc653e2e4c97435a604c9 Mon Sep 17 00:00:00 2001 +From: Efraim Flashner <efraim@flashner.co.il> +Date: Mon, 29 Aug 2016 20:07:58 +0300 +Subject: [PATCH] cmake-fix-tests + +--- + Tests/CMakeLists.txt | 83 ++++++++++++++++++++++++++++------------------------ + 1 file changed, 44 insertions(+), 39 deletions(-) + +diff --git a/Tests/CMakeLists.txt b/Tests/CMakeLists.txt +index f21e430..56014a2 100644 +--- a/Tests/CMakeLists.txt ++++ b/Tests/CMakeLists.txt +@@ -416,10 +416,12 @@ if(BUILD_TESTING) endif() # run test for BundleUtilities on supported platforms/compilers @@ -17,7 +28,7 @@ if(NOT "${CMAKE_GENERATOR}" STREQUAL "Watcom WMake") add_test(BundleUtilities ${CMAKE_CTEST_COMMAND} -@@ -2257,16 +2259,17 @@ +@@ -2481,30 +2483,32 @@ ${CMake_BINARY_DIR}/bin/cmake -DDIR=dev -P ${CMake_SOURCE_DIR}/Utilities/Release PASS_REGULAR_EXPRESSION "Could not find executable" FAIL_REGULAR_EXPRESSION "SegFault") @@ -31,6 +42,20 @@ - ) - set_tests_properties(CTestTestUpload PROPERTIES - PASS_REGULAR_EXPRESSION "Upload\\.xml") +- +- configure_file( +- "${CMake_SOURCE_DIR}/Tests/CTestCoverageCollectGCOV/test.cmake.in" +- "${CMake_BINARY_DIR}/Tests/CTestCoverageCollectGCOV/test.cmake" +- @ONLY ESCAPE_QUOTES) +- add_test(CTestCoverageCollectGCOV ${CMAKE_CTEST_COMMAND} +- -C \${CTEST_CONFIGURATION_TYPE} +- -S "${CMake_BINARY_DIR}/Tests/CTestCoverageCollectGCOV/test.cmake" -VV +- --output-log "${CMake_BINARY_DIR}/Tests/CTestCoverageCollectGCOV/testOut.log" +- ) +- set_tests_properties(CTestCoverageCollectGCOV PROPERTIES +- PASS_REGULAR_EXPRESSION +- "PASSED with correct output.*Testing/CoverageInfo/main.cpp.gcov") +- set_property(TEST CTestCoverageCollectGCOV PROPERTY ENVIRONMENT CTEST_PARALLEL_LEVEL=) +# This test requires network connectivity: skip it. +# configure_file( +# "${CMake_SOURCE_DIR}/Tests/CTestTestUpload/test.cmake.in" @@ -42,6 +67,54 @@ +# ) +# set_tests_properties(CTestTestUpload PROPERTIES +# PASS_REGULAR_EXPRESSION "Upload\\.xml") ++ ++# This test times out ++# configure_file( ++# "${CMake_SOURCE_DIR}/Tests/CTestCoverageCollectGCOV/test.cmake.in" ++# "${CMake_BINARY_DIR}/Tests/CTestCoverageCollectGCOV/test.cmake" ++# @ONLY ESCAPE_QUOTES) ++# add_test(CTestCoverageCollectGCOV ${CMAKE_CTEST_COMMAND} ++# -C \${CTEST_CONFIGURATION_TYPE} ++# -S "${CMake_BINARY_DIR}/Tests/CTestCoverageCollectGCOV/test.cmake" -VV ++# --output-log "${CMake_BINARY_DIR}/Tests/CTestCoverageCollectGCOV/testOut.log" ++# ) ++# set_tests_properties(CTestCoverageCollectGCOV PROPERTIES ++# PASS_REGULAR_EXPRESSION ++# "PASSED with correct output.*Testing/CoverageInfo/main.cpp.gcov") ++# set_property(TEST CTestCoverageCollectGCOV PROPERTY ENVIRONMENT CTEST_PARALLEL_LEVEL=) + + configure_file( + "${CMake_SOURCE_DIR}/Tests/CTestTestEmptyBinaryDirectory/test.cmake.in" +@@ -2860,17 +2864,18 @@ ${CMake_BINARY_DIR}/bin/cmake -DDIR=dev -P ${CMake_SOURCE_DIR}/Utilities/Release + set_tests_properties(CTestTestStopTime PROPERTIES + PASS_REGULAR_EXPRESSION "The stop time has been passed") + +- configure_file( +- "${CMake_SOURCE_DIR}/Tests/CTestTestSubdir/test.cmake.in" +- "${CMake_BINARY_DIR}/Tests/CTestTestSubdir/test.cmake" +- @ONLY ESCAPE_QUOTES) +- add_test(CTestTestSubdir ${CMAKE_CTEST_COMMAND} +- -S "${CMake_BINARY_DIR}/Tests/CTestTestSubdir/test.cmake" -V +- --output-log "${CMake_BINARY_DIR}/Tests/CTestTestSubdir/testOutput.log" +- ) +- #make sure all 3 subdirs were added +- set_tests_properties(CTestTestSubdir PROPERTIES +- PASS_REGULAR_EXPRESSION "0 tests failed out of 3") ++# This test fails to build 2 of the 3 tests ++# configure_file( ++# "${CMake_SOURCE_DIR}/Tests/CTestTestSubdir/test.cmake.in" ++# "${CMake_BINARY_DIR}/Tests/CTestTestSubdir/test.cmake" ++# @ONLY ESCAPE_QUOTES) ++# add_test(CTestTestSubdir ${CMAKE_CTEST_COMMAND} ++# -S "${CMake_BINARY_DIR}/Tests/CTestTestSubdir/test.cmake" -V ++# --output-log "${CMake_BINARY_DIR}/Tests/CTestTestSubdir/testOutput.log" ++# ) ++# #make sure all 3 subdirs were added ++# set_tests_properties(CTestTestSubdir PROPERTIES ++# PASS_REGULAR_EXPRESSION "0 tests failed out of 3") configure_file( - "${CMake_SOURCE_DIR}/Tests/CTestCoverageCollectGCOV/test.cmake.in" + "${CMake_SOURCE_DIR}/Tests/CTestTestTimeout/test.cmake.in" +-- +2.9.3 + diff --git a/gnu/packages/patches/expat-CVE-2012-6702-and-CVE-2016-5300.patch b/gnu/packages/patches/expat-CVE-2012-6702-and-CVE-2016-5300.patch deleted file mode 100644 index edc43f84f1..0000000000 --- a/gnu/packages/patches/expat-CVE-2012-6702-and-CVE-2016-5300.patch +++ /dev/null @@ -1,142 +0,0 @@ -Fix CVE-2012-6702 and CVE-2016-5300. - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702 -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300 - -Patch copied from: -https://sources.debian.net/src/expat/2.1.0-6%2Bdeb8u3/debian/patches/cve-2012-6702-plus-cve-2016-5300-v1.patch/ - -From cb31522769d11a375078a073cba94e7176cb48a4 Mon Sep 17 00:00:00 2001 -From: Sebastian Pipping <sebastian@pipping.org> -Date: Wed, 16 Mar 2016 15:30:12 +0100 -Subject: [PATCH] Resolve call to srand, use more entropy (patch version 1.0) - -Squashed backport against vanilla Expat 2.1.1, addressing: -* CVE-2012-6702 -- unanticipated internal calls to srand -* CVE-2016-5300 -- use of too little entropy - -Since commit e3e81a6d9f0885ea02d3979151c358f314bf3d6d -(released with Expat 2.1.0) Expat called srand by itself -from inside generate_hash_secret_salt for an instance -of XML_Parser if XML_SetHashSalt was either (a) not called -for that instance or if (b) salt 0 was passed to XML_SetHashSalt -prior to parsing. That call to srand passed (rather litle) -entropy extracted from the current time as a seed for srand. - -That call to srand (1) broke repeatability for code calling -srand with a non-random seed prior to parsing with Expat, -and (2) resulted in a rather small set of hashing salts in -Expat in total. - -For a short- to mid-term fix, the new approach avoids calling -srand altogether, extracts more entropy out of the clock and -other sources, too. - -For a long term fix, we may want to read sizeof(long) bytes -from a source like getrandom(..) on Linux, and from similar -sources on other supported architectures. - -https://bugzilla.redhat.com/show_bug.cgi?id=1197087 ---- - CMakeLists.txt | 3 +++ - lib/xmlparse.c | 48 +++++++++++++++++++++++++++++++++++++++++------- - 2 files changed, 44 insertions(+), 7 deletions(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 353627e..524d514 100755 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -41,6 +41,9 @@ include_directories(${CMAKE_BINARY_DIR} ${CMAKE_SOURCE_DIR}/lib) - if(MSVC)
- add_definitions(-D_CRT_SECURE_NO_WARNINGS -wd4996)
- endif(MSVC)
-+if(WIN32)
-+ add_definitions(-DCOMPILED_FROM_DSP)
-+endif(WIN32)
-
- set(expat_SRCS
- lib/xmlparse.c
-diff --git a/lib/xmlparse.c b/lib/xmlparse.c -index e308c79..c5f942f 100644 ---- a/lib/xmlparse.c -+++ b/lib/xmlparse.c -@@ -6,7 +6,14 @@ - #include <string.h> /* memset(), memcpy() */ - #include <assert.h> - #include <limits.h> /* UINT_MAX */ --#include <time.h> /* time() */ -+ -+#ifdef COMPILED_FROM_DSP -+#define getpid GetCurrentProcessId -+#else -+#include <sys/time.h> /* gettimeofday() */ -+#include <sys/types.h> /* getpid() */ -+#include <unistd.h> /* getpid() */ -+#endif - - #define XML_BUILDING_EXPAT 1 - -@@ -432,7 +439,7 @@ static ELEMENT_TYPE * - getElementType(XML_Parser parser, const ENCODING *enc, - const char *ptr, const char *end); - --static unsigned long generate_hash_secret_salt(void); -+static unsigned long generate_hash_secret_salt(XML_Parser parser); - static XML_Bool startParsing(XML_Parser parser); - - static XML_Parser -@@ -691,11 +698,38 @@ static const XML_Char implicitContext[] = { - }; - - static unsigned long --generate_hash_secret_salt(void) -+gather_time_entropy(void) - { -- unsigned int seed = time(NULL) % UINT_MAX; -- srand(seed); -- return rand(); -+#ifdef COMPILED_FROM_DSP -+ FILETIME ft; -+ GetSystemTimeAsFileTime(&ft); /* never fails */ -+ return ft.dwHighDateTime ^ ft.dwLowDateTime; -+#else -+ struct timeval tv; -+ int gettimeofday_res; -+ -+ gettimeofday_res = gettimeofday(&tv, NULL); -+ assert (gettimeofday_res == 0); -+ -+ /* Microseconds time is <20 bits entropy */ -+ return tv.tv_usec; -+#endif -+} -+ -+static unsigned long -+generate_hash_secret_salt(XML_Parser parser) -+{ -+ /* Process ID is 0 bits entropy if attacker has local access -+ * XML_Parser address is few bits of entropy if attacker has local access */ -+ const unsigned long entropy = -+ gather_time_entropy() ^ getpid() ^ (unsigned long)parser; -+ -+ /* Factors are 2^31-1 and 2^61-1 (Mersenne primes M31 and M61) */ -+ if (sizeof(unsigned long) == 4) { -+ return entropy * 2147483647; -+ } else { -+ return entropy * 2305843009213693951; -+ } - } - - static XML_Bool /* only valid for root parser */ -@@ -703,7 +737,7 @@ startParsing(XML_Parser parser) - { - /* hash functions must be initialized before setContext() is called */ - if (hash_secret_salt == 0) -- hash_secret_salt = generate_hash_secret_salt(); -+ hash_secret_salt = generate_hash_secret_salt(parser); - if (ns) { - /* implicit context only set for root parser, since child - parsers (i.e. external entity parsers) will inherit it --- -2.8.2 - diff --git a/gnu/packages/patches/expat-CVE-2015-1283-refix.patch b/gnu/packages/patches/expat-CVE-2015-1283-refix.patch deleted file mode 100644 index fc8d6291f5..0000000000 --- a/gnu/packages/patches/expat-CVE-2015-1283-refix.patch +++ /dev/null @@ -1,39 +0,0 @@ -Follow-up upstream fix for CVE-2015-1283 to not rely on undefined -behavior. - -Adapted from a patch from Debian (found in Debian package version -2.1.0-6+deb8u2) to apply to upstream code: - -https://sources.debian.net/src/expat/2.1.0-6%2Bdeb8u2/debian/patches/CVE-2015-1283-refix.patch/ - ---- - lib/xmlparse.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/lib/xmlparse.c b/lib/xmlparse.c -index 0f6f4cd..5c70c17 100644 ---- a/lib/xmlparse.c -+++ b/lib/xmlparse.c -@@ -1727,7 +1727,8 @@ XML_GetBuffer(XML_Parser parser, int len) - } - - if (len > bufferLim - bufferEnd) { -- int neededSize = len + (int)(bufferEnd - bufferPtr); -+ /* Do not invoke signed arithmetic overflow: */ -+ int neededSize = (int) ((unsigned)len + (unsigned)(bufferEnd - bufferPtr)); - if (neededSize < 0) { - errorCode = XML_ERROR_NO_MEMORY; - return NULL; -@@ -1759,7 +1760,8 @@ XML_GetBuffer(XML_Parser parser, int len) - if (bufferSize == 0) - bufferSize = INIT_BUFFER_SIZE; - do { -- bufferSize *= 2; -+ /* Do not invoke signed arithmetic overflow: */ -+ bufferSize = (int) (2U * (unsigned) bufferSize); - } while (bufferSize < neededSize && bufferSize > 0); - if (bufferSize <= 0) { - errorCode = XML_ERROR_NO_MEMORY; --- -2.8.3 - diff --git a/gnu/packages/patches/expat-CVE-2016-0718.patch b/gnu/packages/patches/expat-CVE-2016-0718.patch deleted file mode 100644 index 22436c20cc..0000000000 --- a/gnu/packages/patches/expat-CVE-2016-0718.patch +++ /dev/null @@ -1,761 +0,0 @@ -Fix CVE-2016-0718. - -Copied from Debian, as found in Debian package version 2.1.0-6+deb8u2. - -https://sources.debian.net/src/expat/2.1.0-6%2Bdeb8u2/debian/patches/CVE-2016-0718-v2-2-1.patch/ - -From cdfcb1b5c95e93b00ae9e9d25708b4a3bee72c15 Mon Sep 17 00:00:00 2001 -From: Sebastian Pipping <sebastian@pipping.org> -Date: Mon, 2 May 2016 00:02:44 +0200 -Subject: [PATCH] Address CVE-2016-0718 (/patch/ version 2.2.1) - -* Out of bounds memory access when doing text conversion on malformed input -* Integer overflow related to memory allocation - -Reported by Gustavo Grieco - -Patch credits go to -* Christian Heimes -* Karl Waclawek -* Gustavo Grieco -* Sebastian Pipping -* Pascal Cuoq ---- - expat/lib/xmlparse.c | 34 +++++++++----- - expat/lib/xmltok.c | 115 +++++++++++++++++++++++++++++++++++------------- - expat/lib/xmltok.h | 10 ++++- - expat/lib/xmltok_impl.c | 62 +++++++++++++------------- - 4 files changed, 146 insertions(+), 75 deletions(-) - -diff --git a/lib/xmlparse.c b/lib/xmlparse.c -index e308c79..13e080d 100644 ---- a/lib/xmlparse.c -+++ b/lib/xmlparse.c -@@ -2436,11 +2436,11 @@ doContent(XML_Parser parser, - for (;;) { - int bufSize; - int convLen; -- XmlConvert(enc, -+ const enum XML_Convert_Result convert_res = XmlConvert(enc, - &fromPtr, rawNameEnd, - (ICHAR **)&toPtr, (ICHAR *)tag->bufEnd - 1); - convLen = (int)(toPtr - (XML_Char *)tag->buf); -- if (fromPtr == rawNameEnd) { -+ if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) { - tag->name.strLen = convLen; - break; - } -@@ -2661,11 +2661,11 @@ doContent(XML_Parser parser, - if (MUST_CONVERT(enc, s)) { - for (;;) { - ICHAR *dataPtr = (ICHAR *)dataBuf; -- XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); -+ const enum XML_Convert_Result convert_res = XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); - *eventEndPP = s; - charDataHandler(handlerArg, dataBuf, - (int)(dataPtr - (ICHAR *)dataBuf)); -- if (s == next) -+ if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) - break; - *eventPP = s; - } -@@ -3269,11 +3269,11 @@ doCdataSection(XML_Parser parser, - if (MUST_CONVERT(enc, s)) { - for (;;) { - ICHAR *dataPtr = (ICHAR *)dataBuf; -- XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); -+ const enum XML_Convert_Result convert_res = XmlConvert(enc, &s, next, &dataPtr, (ICHAR *)dataBufEnd); - *eventEndPP = next; - charDataHandler(handlerArg, dataBuf, - (int)(dataPtr - (ICHAR *)dataBuf)); -- if (s == next) -+ if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) - break; - *eventPP = s; - } -@@ -5350,6 +5350,7 @@ reportDefault(XML_Parser parser, const ENCODING *enc, - const char *s, const char *end) - { - if (MUST_CONVERT(enc, s)) { -+ enum XML_Convert_Result convert_res; - const char **eventPP; - const char **eventEndPP; - if (enc == encoding) { -@@ -5362,11 +5363,11 @@ reportDefault(XML_Parser parser, const ENCODING *enc, - } - do { - ICHAR *dataPtr = (ICHAR *)dataBuf; -- XmlConvert(enc, &s, end, &dataPtr, (ICHAR *)dataBufEnd); -+ convert_res = XmlConvert(enc, &s, end, &dataPtr, (ICHAR *)dataBufEnd); - *eventEndPP = s; - defaultHandler(handlerArg, dataBuf, (int)(dataPtr - (ICHAR *)dataBuf)); - *eventPP = s; -- } while (s != end); -+ } while ((convert_res != XML_CONVERT_COMPLETED) && (convert_res != XML_CONVERT_INPUT_INCOMPLETE)); - } - else - defaultHandler(handlerArg, (XML_Char *)s, (int)((XML_Char *)end - (XML_Char *)s)); -@@ -6169,8 +6170,8 @@ poolAppend(STRING_POOL *pool, const ENCODING *enc, - if (!pool->ptr && !poolGrow(pool)) - return NULL; - for (;;) { -- XmlConvert(enc, &ptr, end, (ICHAR **)&(pool->ptr), (ICHAR *)pool->end); -- if (ptr == end) -+ const enum XML_Convert_Result convert_res = XmlConvert(enc, &ptr, end, (ICHAR **)&(pool->ptr), (ICHAR *)pool->end); -+ if ((convert_res == XML_CONVERT_COMPLETED) || (convert_res == XML_CONVERT_INPUT_INCOMPLETE)) - break; - if (!poolGrow(pool)) - return NULL; -@@ -6254,8 +6255,13 @@ poolGrow(STRING_POOL *pool) - } - } - if (pool->blocks && pool->start == pool->blocks->s) { -- int blockSize = (int)(pool->end - pool->start)*2; -- BLOCK *temp = (BLOCK *) -+ BLOCK *temp; -+ int blockSize = (int)((unsigned)(pool->end - pool->start)*2U); -+ -+ if (blockSize < 0) -+ return XML_FALSE; -+ -+ temp = (BLOCK *) - pool->mem->realloc_fcn(pool->blocks, - (offsetof(BLOCK, s) - + blockSize * sizeof(XML_Char))); -@@ -6270,6 +6276,10 @@ poolGrow(STRING_POOL *pool) - else { - BLOCK *tem; - int blockSize = (int)(pool->end - pool->start); -+ -+ if (blockSize < 0) -+ return XML_FALSE; -+ - if (blockSize < INIT_BLOCK_SIZE) - blockSize = INIT_BLOCK_SIZE; - else -diff --git a/lib/xmltok.c b/lib/xmltok.c -index bf09dfc..cb98ce1 100644 ---- a/lib/xmltok.c -+++ b/lib/xmltok.c -@@ -318,39 +318,55 @@ enum { /* UTF8_cvalN is value of masked first byte of N byte sequence */ - UTF8_cval4 = 0xf0 - }; - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - utf8_toUtf8(const ENCODING *enc, - const char **fromP, const char *fromLim, - char **toP, const char *toLim) - { -+ enum XML_Convert_Result res = XML_CONVERT_COMPLETED; - char *to; - const char *from; - if (fromLim - *fromP > toLim - *toP) { - /* Avoid copying partial characters. */ -+ res = XML_CONVERT_OUTPUT_EXHAUSTED; - for (fromLim = *fromP + (toLim - *toP); fromLim > *fromP; fromLim--) - if (((unsigned char)fromLim[-1] & 0xc0) != 0x80) - break; - } -- for (to = *toP, from = *fromP; from != fromLim; from++, to++) -+ for (to = *toP, from = *fromP; (from < fromLim) && (to < toLim); from++, to++) - *to = *from; - *fromP = from; - *toP = to; -+ -+ if ((to == toLim) && (from < fromLim)) -+ return XML_CONVERT_OUTPUT_EXHAUSTED; -+ else -+ return res; - } - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - utf8_toUtf16(const ENCODING *enc, - const char **fromP, const char *fromLim, - unsigned short **toP, const unsigned short *toLim) - { -+ enum XML_Convert_Result res = XML_CONVERT_COMPLETED; - unsigned short *to = *toP; - const char *from = *fromP; -- while (from != fromLim && to != toLim) { -+ while (from < fromLim && to < toLim) { - switch (((struct normal_encoding *)enc)->type[(unsigned char)*from]) { - case BT_LEAD2: -+ if (fromLim - from < 2) { -+ res = XML_CONVERT_INPUT_INCOMPLETE; -+ break; -+ } - *to++ = (unsigned short)(((from[0] & 0x1f) << 6) | (from[1] & 0x3f)); - from += 2; - break; - case BT_LEAD3: -+ if (fromLim - from < 3) { -+ res = XML_CONVERT_INPUT_INCOMPLETE; -+ break; -+ } - *to++ = (unsigned short)(((from[0] & 0xf) << 12) - | ((from[1] & 0x3f) << 6) | (from[2] & 0x3f)); - from += 3; -@@ -358,8 +374,14 @@ utf8_toUtf16(const ENCODING *enc, - case BT_LEAD4: - { - unsigned long n; -- if (to + 1 == toLim) -+ if (toLim - to < 2) { -+ res = XML_CONVERT_OUTPUT_EXHAUSTED; - goto after; -+ } -+ if (fromLim - from < 4) { -+ res = XML_CONVERT_INPUT_INCOMPLETE; -+ goto after; -+ } - n = ((from[0] & 0x7) << 18) | ((from[1] & 0x3f) << 12) - | ((from[2] & 0x3f) << 6) | (from[3] & 0x3f); - n -= 0x10000; -@@ -377,6 +399,7 @@ utf8_toUtf16(const ENCODING *enc, - after: - *fromP = from; - *toP = to; -+ return res; - } - - #ifdef XML_NS -@@ -425,7 +448,7 @@ static const struct normal_encoding internal_utf8_encoding = { - STANDARD_VTABLE(sb_) NORMAL_VTABLE(utf8_) - }; - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - latin1_toUtf8(const ENCODING *enc, - const char **fromP, const char *fromLim, - char **toP, const char *toLim) -@@ -433,30 +456,35 @@ latin1_toUtf8(const ENCODING *enc, - for (;;) { - unsigned char c; - if (*fromP == fromLim) -- break; -+ return XML_CONVERT_COMPLETED; - c = (unsigned char)**fromP; - if (c & 0x80) { - if (toLim - *toP < 2) -- break; -+ return XML_CONVERT_OUTPUT_EXHAUSTED; - *(*toP)++ = (char)((c >> 6) | UTF8_cval2); - *(*toP)++ = (char)((c & 0x3f) | 0x80); - (*fromP)++; - } - else { - if (*toP == toLim) -- break; -+ return XML_CONVERT_OUTPUT_EXHAUSTED; - *(*toP)++ = *(*fromP)++; - } - } - } - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - latin1_toUtf16(const ENCODING *enc, - const char **fromP, const char *fromLim, - unsigned short **toP, const unsigned short *toLim) - { -- while (*fromP != fromLim && *toP != toLim) -+ while (*fromP < fromLim && *toP < toLim) - *(*toP)++ = (unsigned char)*(*fromP)++; -+ -+ if ((*toP == toLim) && (*fromP < fromLim)) -+ return XML_CONVERT_OUTPUT_EXHAUSTED; -+ else -+ return XML_CONVERT_COMPLETED; - } - - #ifdef XML_NS -@@ -483,13 +511,18 @@ static const struct normal_encoding latin1_encoding = { - STANDARD_VTABLE(sb_) - }; - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - ascii_toUtf8(const ENCODING *enc, - const char **fromP, const char *fromLim, - char **toP, const char *toLim) - { -- while (*fromP != fromLim && *toP != toLim) -+ while (*fromP < fromLim && *toP < toLim) - *(*toP)++ = *(*fromP)++; -+ -+ if ((*toP == toLim) && (*fromP < fromLim)) -+ return XML_CONVERT_OUTPUT_EXHAUSTED; -+ else -+ return XML_CONVERT_COMPLETED; - } - - #ifdef XML_NS -@@ -536,13 +569,14 @@ unicode_byte_type(char hi, char lo) - } - - #define DEFINE_UTF16_TO_UTF8(E) \ --static void PTRCALL \ -+static enum XML_Convert_Result PTRCALL \ - E ## toUtf8(const ENCODING *enc, \ - const char **fromP, const char *fromLim, \ - char **toP, const char *toLim) \ - { \ -- const char *from; \ -- for (from = *fromP; from != fromLim; from += 2) { \ -+ const char *from = *fromP; \ -+ fromLim = from + (((fromLim - from) >> 1) << 1); /* shrink to even */ \ -+ for (; from < fromLim; from += 2) { \ - int plane; \ - unsigned char lo2; \ - unsigned char lo = GET_LO(from); \ -@@ -552,7 +586,7 @@ E ## toUtf8(const ENCODING *enc, \ - if (lo < 0x80) { \ - if (*toP == toLim) { \ - *fromP = from; \ -- return; \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ - } \ - *(*toP)++ = lo; \ - break; \ -@@ -562,7 +596,7 @@ E ## toUtf8(const ENCODING *enc, \ - case 0x4: case 0x5: case 0x6: case 0x7: \ - if (toLim - *toP < 2) { \ - *fromP = from; \ -- return; \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ - } \ - *(*toP)++ = ((lo >> 6) | (hi << 2) | UTF8_cval2); \ - *(*toP)++ = ((lo & 0x3f) | 0x80); \ -@@ -570,7 +604,7 @@ E ## toUtf8(const ENCODING *enc, \ - default: \ - if (toLim - *toP < 3) { \ - *fromP = from; \ -- return; \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ - } \ - /* 16 bits divided 4, 6, 6 amongst 3 bytes */ \ - *(*toP)++ = ((hi >> 4) | UTF8_cval3); \ -@@ -580,7 +614,11 @@ E ## toUtf8(const ENCODING *enc, \ - case 0xD8: case 0xD9: case 0xDA: case 0xDB: \ - if (toLim - *toP < 4) { \ - *fromP = from; \ -- return; \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ -+ } \ -+ if (fromLim - from < 4) { \ -+ *fromP = from; \ -+ return XML_CONVERT_INPUT_INCOMPLETE; \ - } \ - plane = (((hi & 0x3) << 2) | ((lo >> 6) & 0x3)) + 1; \ - *(*toP)++ = ((plane >> 2) | UTF8_cval4); \ -@@ -596,20 +634,32 @@ E ## toUtf8(const ENCODING *enc, \ - } \ - } \ - *fromP = from; \ -+ if (from < fromLim) \ -+ return XML_CONVERT_INPUT_INCOMPLETE; \ -+ else \ -+ return XML_CONVERT_COMPLETED; \ - } - - #define DEFINE_UTF16_TO_UTF16(E) \ --static void PTRCALL \ -+static enum XML_Convert_Result PTRCALL \ - E ## toUtf16(const ENCODING *enc, \ - const char **fromP, const char *fromLim, \ - unsigned short **toP, const unsigned short *toLim) \ - { \ -+ enum XML_Convert_Result res = XML_CONVERT_COMPLETED; \ -+ fromLim = *fromP + (((fromLim - *fromP) >> 1) << 1); /* shrink to even */ \ - /* Avoid copying first half only of surrogate */ \ - if (fromLim - *fromP > ((toLim - *toP) << 1) \ -- && (GET_HI(fromLim - 2) & 0xF8) == 0xD8) \ -+ && (GET_HI(fromLim - 2) & 0xF8) == 0xD8) { \ - fromLim -= 2; \ -- for (; *fromP != fromLim && *toP != toLim; *fromP += 2) \ -+ res = XML_CONVERT_INPUT_INCOMPLETE; \ -+ } \ -+ for (; *fromP < fromLim && *toP < toLim; *fromP += 2) \ - *(*toP)++ = (GET_HI(*fromP) << 8) | GET_LO(*fromP); \ -+ if ((*toP == toLim) && (*fromP < fromLim)) \ -+ return XML_CONVERT_OUTPUT_EXHAUSTED; \ -+ else \ -+ return res; \ - } - - #define SET2(ptr, ch) \ -@@ -1288,7 +1338,7 @@ unknown_isInvalid(const ENCODING *enc, const char *p) - return (c & ~0xFFFF) || checkCharRefNumber(c) < 0; - } - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - unknown_toUtf8(const ENCODING *enc, - const char **fromP, const char *fromLim, - char **toP, const char *toLim) -@@ -1299,21 +1349,21 @@ unknown_toUtf8(const ENCODING *enc, - const char *utf8; - int n; - if (*fromP == fromLim) -- break; -+ return XML_CONVERT_COMPLETED; - utf8 = uenc->utf8[(unsigned char)**fromP]; - n = *utf8++; - if (n == 0) { - int c = uenc->convert(uenc->userData, *fromP); - n = XmlUtf8Encode(c, buf); - if (n > toLim - *toP) -- break; -+ return XML_CONVERT_OUTPUT_EXHAUSTED; - utf8 = buf; - *fromP += (AS_NORMAL_ENCODING(enc)->type[(unsigned char)**fromP] - - (BT_LEAD2 - 2)); - } - else { - if (n > toLim - *toP) -- break; -+ return XML_CONVERT_OUTPUT_EXHAUSTED; - (*fromP)++; - } - do { -@@ -1322,13 +1372,13 @@ unknown_toUtf8(const ENCODING *enc, - } - } - --static void PTRCALL -+static enum XML_Convert_Result PTRCALL - unknown_toUtf16(const ENCODING *enc, - const char **fromP, const char *fromLim, - unsigned short **toP, const unsigned short *toLim) - { - const struct unknown_encoding *uenc = AS_UNKNOWN_ENCODING(enc); -- while (*fromP != fromLim && *toP != toLim) { -+ while (*fromP < fromLim && *toP < toLim) { - unsigned short c = uenc->utf16[(unsigned char)**fromP]; - if (c == 0) { - c = (unsigned short) -@@ -1340,6 +1390,11 @@ unknown_toUtf16(const ENCODING *enc, - (*fromP)++; - *(*toP)++ = c; - } -+ -+ if ((*toP == toLim) && (*fromP < fromLim)) -+ return XML_CONVERT_OUTPUT_EXHAUSTED; -+ else -+ return XML_CONVERT_COMPLETED; - } - - ENCODING * -@@ -1503,7 +1558,7 @@ initScan(const ENCODING * const *encodingTable, - { - const ENCODING **encPtr; - -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - encPtr = enc->encPtr; - if (ptr + 1 == end) { -diff --git a/lib/xmltok.h b/lib/xmltok.h -index ca867aa..752007e 100644 ---- a/lib/xmltok.h -+++ b/lib/xmltok.h -@@ -130,6 +130,12 @@ typedef int (PTRCALL *SCANNER)(const ENCODING *, - const char *, - const char **); - -+enum XML_Convert_Result { -+ XML_CONVERT_COMPLETED = 0, -+ XML_CONVERT_INPUT_INCOMPLETE = 1, -+ XML_CONVERT_OUTPUT_EXHAUSTED = 2 /* and therefore potentially input remaining as well */ -+}; -+ - struct encoding { - SCANNER scanners[XML_N_STATES]; - SCANNER literalScanners[XML_N_LITERAL_TYPES]; -@@ -158,12 +164,12 @@ struct encoding { - const char *ptr, - const char *end, - const char **badPtr); -- void (PTRCALL *utf8Convert)(const ENCODING *enc, -+ enum XML_Convert_Result (PTRCALL *utf8Convert)(const ENCODING *enc, - const char **fromP, - const char *fromLim, - char **toP, - const char *toLim); -- void (PTRCALL *utf16Convert)(const ENCODING *enc, -+ enum XML_Convert_Result (PTRCALL *utf16Convert)(const ENCODING *enc, - const char **fromP, - const char *fromLim, - unsigned short **toP, -diff --git a/lib/xmltok_impl.c b/lib/xmltok_impl.c -index 9c2895b..6c5a3ba 100644 ---- a/lib/xmltok_impl.c -+++ b/lib/xmltok_impl.c -@@ -93,13 +93,13 @@ static int PTRCALL - PREFIX(scanComment)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { -- if (ptr != end) { -+ if (ptr < end) { - if (!CHAR_MATCHES(enc, ptr, ASCII_MINUS)) { - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } - ptr += MINBPC(enc); -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - INVALID_CASES(ptr, nextTokPtr) - case BT_MINUS: -@@ -147,7 +147,7 @@ PREFIX(scanDecl)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_PERCNT: - if (ptr + MINBPC(enc) == end) -@@ -233,7 +233,7 @@ PREFIX(scanPi)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_S: case BT_CR: case BT_LF: -@@ -242,7 +242,7 @@ PREFIX(scanPi)(const ENCODING *enc, const char *ptr, - return XML_TOK_INVALID; - } - ptr += MINBPC(enc); -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - INVALID_CASES(ptr, nextTokPtr) - case BT_QUEST: -@@ -305,7 +305,7 @@ static int PTRCALL - PREFIX(cdataSectionTok)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - if (MINBPC(enc) > 1) { - size_t n = end - ptr; -@@ -348,7 +348,7 @@ PREFIX(cdataSectionTok)(const ENCODING *enc, const char *ptr, - ptr += MINBPC(enc); - break; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: \ -@@ -391,11 +391,11 @@ PREFIX(scanEndTag)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_S: case BT_CR: case BT_LF: -- for (ptr += MINBPC(enc); ptr != end; ptr += MINBPC(enc)) { -+ for (ptr += MINBPC(enc); ptr < end; ptr += MINBPC(enc)) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_S: case BT_CR: case BT_LF: - break; -@@ -432,7 +432,7 @@ static int PTRCALL - PREFIX(scanHexCharRef)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { -- if (ptr != end) { -+ if (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_DIGIT: - case BT_HEX: -@@ -441,7 +441,7 @@ PREFIX(scanHexCharRef)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- for (ptr += MINBPC(enc); ptr != end; ptr += MINBPC(enc)) { -+ for (ptr += MINBPC(enc); ptr < end; ptr += MINBPC(enc)) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_DIGIT: - case BT_HEX: -@@ -464,7 +464,7 @@ static int PTRCALL - PREFIX(scanCharRef)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { -- if (ptr != end) { -+ if (ptr < end) { - if (CHAR_MATCHES(enc, ptr, ASCII_x)) - return PREFIX(scanHexCharRef)(enc, ptr + MINBPC(enc), end, nextTokPtr); - switch (BYTE_TYPE(enc, ptr)) { -@@ -474,7 +474,7 @@ PREFIX(scanCharRef)(const ENCODING *enc, const char *ptr, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- for (ptr += MINBPC(enc); ptr != end; ptr += MINBPC(enc)) { -+ for (ptr += MINBPC(enc); ptr < end; ptr += MINBPC(enc)) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_DIGIT: - break; -@@ -506,7 +506,7 @@ PREFIX(scanRef)(const ENCODING *enc, const char *ptr, const char *end, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_SEMI: -@@ -529,7 +529,7 @@ PREFIX(scanAtts)(const ENCODING *enc, const char *ptr, const char *end, - #ifdef XML_NS - int hadColon = 0; - #endif -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - #ifdef XML_NS -@@ -716,7 +716,7 @@ PREFIX(scanLt)(const ENCODING *enc, const char *ptr, const char *end, - hadColon = 0; - #endif - /* we have a start-tag */ -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - #ifdef XML_NS -@@ -740,7 +740,7 @@ PREFIX(scanLt)(const ENCODING *enc, const char *ptr, const char *end, - case BT_S: case BT_CR: case BT_LF: - { - ptr += MINBPC(enc); -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NMSTRT_CASES(enc, ptr, end, nextTokPtr) - case BT_GT: -@@ -785,7 +785,7 @@ static int PTRCALL - PREFIX(contentTok)(const ENCODING *enc, const char *ptr, const char *end, - const char **nextTokPtr) - { -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - if (MINBPC(enc) > 1) { - size_t n = end - ptr; -@@ -832,7 +832,7 @@ PREFIX(contentTok)(const ENCODING *enc, const char *ptr, const char *end, - ptr += MINBPC(enc); - break; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: \ -@@ -895,7 +895,7 @@ PREFIX(scanPercent)(const ENCODING *enc, const char *ptr, const char *end, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_SEMI: -@@ -921,7 +921,7 @@ PREFIX(scanPoundName)(const ENCODING *enc, const char *ptr, const char *end, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_CR: case BT_LF: case BT_S: -@@ -941,7 +941,7 @@ PREFIX(scanLit)(int open, const ENCODING *enc, - const char *ptr, const char *end, - const char **nextTokPtr) - { -- while (ptr != end) { -+ while (ptr < end) { - int t = BYTE_TYPE(enc, ptr); - switch (t) { - INVALID_CASES(ptr, nextTokPtr) -@@ -973,7 +973,7 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end, - const char **nextTokPtr) - { - int tok; -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - if (MINBPC(enc) > 1) { - size_t n = end - ptr; -@@ -1141,7 +1141,7 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end, - *nextTokPtr = ptr; - return XML_TOK_INVALID; - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - CHECK_NAME_CASES(enc, ptr, end, nextTokPtr) - case BT_GT: case BT_RPAR: case BT_COMMA: -@@ -1204,10 +1204,10 @@ PREFIX(attributeValueTok)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { - const char *start; -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - start = ptr; -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: ptr += n; break; -@@ -1262,10 +1262,10 @@ PREFIX(entityValueTok)(const ENCODING *enc, const char *ptr, - const char *end, const char **nextTokPtr) - { - const char *start; -- if (ptr == end) -+ if (ptr >= end) - return XML_TOK_NONE; - start = ptr; -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - #define LEAD_CASE(n) \ - case BT_LEAD ## n: ptr += n; break; -@@ -1326,7 +1326,7 @@ PREFIX(ignoreSectionTok)(const ENCODING *enc, const char *ptr, - end = ptr + n; - } - } -- while (ptr != end) { -+ while (ptr < end) { - switch (BYTE_TYPE(enc, ptr)) { - INVALID_CASES(ptr, nextTokPtr) - case BT_LT: -@@ -1373,7 +1373,7 @@ PREFIX(isPublicId)(const ENCODING *enc, const char *ptr, const char *end, - { - ptr += MINBPC(enc); - end -= MINBPC(enc); -- for (; ptr != end; ptr += MINBPC(enc)) { -+ for (; ptr < end; ptr += MINBPC(enc)) { - switch (BYTE_TYPE(enc, ptr)) { - case BT_DIGIT: - case BT_HEX: -@@ -1760,7 +1760,7 @@ PREFIX(updatePosition)(const ENCODING *enc, - case BT_CR: - pos->lineNumber++; - ptr += MINBPC(enc); -- if (ptr != end && BYTE_TYPE(enc, ptr) == BT_LF) -+ if (ptr < end && BYTE_TYPE(enc, ptr) == BT_LF) - ptr += MINBPC(enc); - pos->columnNumber = (XML_Size)-1; - break; --- -2.8.2 - diff --git a/gnu/packages/patches/flex-CVE-2016-6354.patch b/gnu/packages/patches/flex-CVE-2016-6354.patch new file mode 100644 index 0000000000..1f3cb028d4 --- /dev/null +++ b/gnu/packages/patches/flex-CVE-2016-6354.patch @@ -0,0 +1,30 @@ +Fix CVE-2016-6354 (Buffer overflow in generated code (yy_get_next_buffer). + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6354 +https://security-tracker.debian.org/tracker/CVE-2016-6354 + +Patch copied from upstream source repository: +https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466 + +From a5cbe929ac3255d371e698f62dc256afe7006466 Mon Sep 17 00:00:00 2001 +From: Will Estes <westes575@gmail.com> +Date: Sat, 27 Feb 2016 11:56:05 -0500 +Subject: [PATCH] Fixed incorrect integer type + +--- + src/flex.skl | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/flex.skl b/src/flex.skl +index 36a526a..64f853d 100644 +--- a/src/flex.skl ++++ b/src/flex.skl +@@ -1703,7 +1703,7 @@ int yyFlexLexer::yy_get_next_buffer() + + else + { +- yy_size_t num_to_read = ++ int num_to_read = + YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; + + while ( num_to_read <= 0 ) diff --git a/gnu/packages/patches/fontconfig-CVE-2016-5384.patch b/gnu/packages/patches/fontconfig-CVE-2016-5384.patch deleted file mode 100644 index 617d5afbaf..0000000000 --- a/gnu/packages/patches/fontconfig-CVE-2016-5384.patch +++ /dev/null @@ -1,170 +0,0 @@ -Fix CVE-2016-5384 (double-free resulting in arbitrary code execution): - -<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5384> - -Copied from upstream code repository: - -<https://cgit.freedesktop.org/fontconfig/commit/?id=7a4a5bd7897d216f0794ca9dbce0a4a5c9d14940> - -From 7a4a5bd7897d216f0794ca9dbce0a4a5c9d14940 Mon Sep 17 00:00:00 2001 -From: Tobias Stoeckmann <tobias@stoeckmann.org> -Date: Sat, 25 Jun 2016 19:18:53 +0200 -Subject: Properly validate offsets in cache files. - -The cache files are insufficiently validated. Even though the magic -number at the beginning of the file as well as time stamps are checked, -it is not verified if contained offsets are in legal ranges or are -even pointers. - -The lack of validation allows an attacker to trigger arbitrary free() -calls, which in turn allows double free attacks and therefore arbitrary -code execution. Due to the conversion from offsets into pointers through -macros, this even allows to circumvent ASLR protections. - -This attack vector allows privilege escalation when used with setuid -binaries like fbterm. A user can create ~/.fonts or any other -system-defined user-private font directory, run fc-cache and adjust -cache files in ~/.cache/fontconfig. The execution of setuid binaries will -scan these files and therefore are prone to attacks. - -If it's not about code execution, an endless loop can be created by -letting linked lists become circular linked lists. - -This patch verifies that: - -- The file is not larger than the maximum addressable space, which - basically only affects 32 bit systems. This allows out of boundary - access into unallocated memory. -- Offsets are always positive or zero -- Offsets do not point outside file boundaries -- No pointers are allowed in cache files, every "pointer or offset" - field must be an offset or NULL -- Iterating linked lists must not take longer than the amount of elements - specified. A violation of this rule can break a possible endless loop. - -If one or more of these points are violated, the cache is recreated. -This is current behaviour. - -Even though this patch fixes many issues, the use of mmap() shall be -forbidden in setuid binaries. It is impossible to guarantee with these -checks that a malicious user does not change cache files after -verification. This should be handled in a different patch. - -Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> - -diff --git a/src/fccache.c b/src/fccache.c -index 71e8f03..02ec301 100644 ---- a/src/fccache.c -+++ b/src/fccache.c -@@ -27,6 +27,7 @@ - #include <fcntl.h> - #include <dirent.h> - #include <string.h> -+#include <limits.h> - #include <sys/types.h> - #include <sys/stat.h> - #include <assert.h> -@@ -587,6 +588,82 @@ FcCacheTimeValid (FcConfig *config, FcCache *cache, struct stat *dir_stat) - return cache->checksum == (int) dir_stat->st_mtime && fnano; - } - -+static FcBool -+FcCacheOffsetsValid (FcCache *cache) -+{ -+ char *base = (char *)cache; -+ char *end = base + cache->size; -+ intptr_t *dirs; -+ FcFontSet *fs; -+ int i, j; -+ -+ if (cache->dir < 0 || cache->dir > cache->size - sizeof (intptr_t) || -+ memchr (base + cache->dir, '\0', cache->size - cache->dir) == NULL) -+ return FcFalse; -+ -+ if (cache->dirs < 0 || cache->dirs >= cache->size || -+ cache->dirs_count < 0 || -+ cache->dirs_count > (cache->size - cache->dirs) / sizeof (intptr_t)) -+ return FcFalse; -+ -+ dirs = FcCacheDirs (cache); -+ if (dirs) -+ { -+ for (i = 0; i < cache->dirs_count; i++) -+ { -+ FcChar8 *dir; -+ -+ if (dirs[i] < 0 || -+ dirs[i] > end - (char *) dirs - sizeof (intptr_t)) -+ return FcFalse; -+ -+ dir = FcOffsetToPtr (dirs, dirs[i], FcChar8); -+ if (memchr (dir, '\0', end - (char *) dir) == NULL) -+ return FcFalse; -+ } -+ } -+ -+ if (cache->set < 0 || cache->set > cache->size - sizeof (FcFontSet)) -+ return FcFalse; -+ -+ fs = FcCacheSet (cache); -+ if (fs) -+ { -+ if (fs->nfont > (end - (char *) fs) / sizeof (FcPattern)) -+ return FcFalse; -+ -+ if (fs->fonts != 0 && !FcIsEncodedOffset(fs->fonts)) -+ return FcFalse; -+ -+ for (i = 0; i < fs->nfont; i++) -+ { -+ FcPattern *font = FcFontSetFont (fs, i); -+ FcPatternElt *e; -+ FcValueListPtr l; -+ -+ if ((char *) font < base || -+ (char *) font > end - sizeof (FcFontSet) || -+ font->elts_offset < 0 || -+ font->elts_offset > end - (char *) font || -+ font->num > (end - (char *) font - font->elts_offset) / sizeof (FcPatternElt)) -+ return FcFalse; -+ -+ -+ e = FcPatternElts(font); -+ if (e->values != 0 && !FcIsEncodedOffset(e->values)) -+ return FcFalse; -+ -+ for (j = font->num, l = FcPatternEltValues(e); j >= 0 && l; j--, l = FcValueListNext(l)) -+ if (l->next != NULL && !FcIsEncodedOffset(l->next)) -+ break; -+ if (j < 0) -+ return FcFalse; -+ } -+ } -+ -+ return FcTrue; -+} -+ - /* - * Map a cache file into memory - */ -@@ -596,7 +673,8 @@ FcDirCacheMapFd (FcConfig *config, int fd, struct stat *fd_stat, struct stat *di - FcCache *cache; - FcBool allocated = FcFalse; - -- if (fd_stat->st_size < (int) sizeof (FcCache)) -+ if (fd_stat->st_size > INTPTR_MAX || -+ fd_stat->st_size < (int) sizeof (FcCache)) - return NULL; - cache = FcCacheFindByStat (fd_stat); - if (cache) -@@ -652,6 +730,7 @@ FcDirCacheMapFd (FcConfig *config, int fd, struct stat *fd_stat, struct stat *di - if (cache->magic != FC_CACHE_MAGIC_MMAP || - cache->version < FC_CACHE_VERSION_NUMBER || - cache->size != (intptr_t) fd_stat->st_size || -+ !FcCacheOffsetsValid (cache) || - !FcCacheTimeValid (config, cache, dir_stat) || - !FcCacheInsert (cache, fd_stat)) - { --- -cgit v0.10.2 - diff --git a/gnu/packages/patches/gawk-fts-test.patch b/gnu/packages/patches/gawk-fts-test.patch deleted file mode 100644 index de1f5c431c..0000000000 --- a/gnu/packages/patches/gawk-fts-test.patch +++ /dev/null @@ -1,51 +0,0 @@ -This is upstream commit c9a018c. We have observed random failures of -this test on i686 that seem related to load. - -2015-05-21 Arnold D. Robbins <arnold@skeeve.com> - - * fts.awk: Really remove atime from the output. - This avoids spurious failures on heavily loaded systems. - -diff --git a/test/fts.awk b/test/fts.awk -index b1df060..dea5b68 100644 ---- a/test/fts.awk -+++ b/test/fts.awk -@@ -50,6 +50,11 @@ function sort_traverse(data, sorted, i) - { - asorti(data, sorted) - for (i = 1; i in sorted; i++) { -+ # 5/2015: skip for atime, since there can -+ # occasionally be small differences. -+ if (sorted[i] == "atime") -+ continue -+ - indent() - printf("%s --> %s\n", sorted[i], data[sorted[i]]) > output - } -@@ -63,17 +68,20 @@ function traverse(data, i) - printf("%s:\n", i) > output - - Level++ -- if (("mtime" in data[i]) && ! isarray(data[i][mtime])) { -+ if (("mtime" in data[i]) && ! isarray(data[i]["mtime"])) { - sort_traverse(data[i]) - } else { - traverse(data[i]) - } - Level-- -- } else if (data[i] != "atime") { -- # 4/2015: skip for atime, since there can -- # occasionally be small differences. -- indent() -- printf("%s --> %s\n", i, data[i]) > output -+# } else { -+# JUNK = 1 -+# if (i != "atime") { -+# # 4/2015: skip for atime, since there can -+# # occasionally be small differences. -+# indent() -+# printf("%s --> %s\n", i, data[i]) > output -+# } - } - } - } diff --git a/gnu/packages/patches/gcc-arm-bug-71399.patch b/gnu/packages/patches/gcc-arm-bug-71399.patch new file mode 100644 index 0000000000..6f04fece0e --- /dev/null +++ b/gnu/packages/patches/gcc-arm-bug-71399.patch @@ -0,0 +1,55 @@ +Revert the following commit to work around a bootstrap comparison failure on +ARMv7, as reported at <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71399>. + +commit f6ab85b7049a03962ea98924d00802da357a1ad3 +Author: renlin <renlin@138bc75d-0d04-0410-961f-82ee72b054a4> +Date: Wed Dec 2 14:06:31 2015 +0000 + + [PR67383][ARM][4.9]Backport of "Allow any register for DImode values in Thumb2" + + This partially fix PR67383. It allows the reload more flexibility to choose + spilling pseudo registers. + + + gcc/ChangeLog: + + 2015-12-02 Renlin Li <renlin.li@arm.com> + + Backport from mainline. + 2014-04-22 Ramana Radhakrishnan <ramana.radhakrishnan@arm.com> + + * config/arm/arm.c (arm_hard_regno_mode_ok): Loosen + restrictions on core registers for DImode values in Thumb2. + + + git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-4_9-branch@231177 138bc75d-0d04-0410-961f-82ee72b054a4 + +diff --git a/gcc/config/arm/arm.c b/gcc/config/arm/arm.c +index 8ba6060..d9028a1 100644 +--- b/gcc/config/arm/arm.c ++++ a/gcc/config/arm/arm.c +@@ -22624,19 +22624,12 @@ + } + + /* We allow almost any value to be stored in the general registers. +- Restrict doubleword quantities to even register pairs in ARM state +- so that we can use ldrd. Do not allow very large Neon structure +- opaque modes in general registers; they would use too many. */ ++ Restrict doubleword quantities to even register pairs so that we can ++ use ldrd. Do not allow very large Neon structure opaque modes in ++ general registers; they would use too many. */ + if (regno <= LAST_ARM_REGNUM) +- { +- if (ARM_NUM_REGS (mode) > 4) +- return FALSE; +- +- if (TARGET_THUMB2) +- return TRUE; +- +- return !(TARGET_LDRD && GET_MODE_SIZE (mode) > 4 && (regno & 1) != 0); +- } ++ return !(TARGET_LDRD && GET_MODE_SIZE (mode) > 4 && (regno & 1) != 0) ++ && ARM_NUM_REGS (mode) <= 4; + + if (regno == FRAME_POINTER_REGNUM + || regno == ARG_POINTER_REGNUM) diff --git a/gnu/packages/patches/guile-relocatable.patch b/gnu/packages/patches/guile-relocatable.patch index 077394cdde..2431495f24 100644 --- a/gnu/packages/patches/guile-relocatable.patch +++ b/gnu/packages/patches/guile-relocatable.patch @@ -1,8 +1,6 @@ This patch changes Guile to use a default search path relative to the location of the `guile' binary, allowing it to be relocated. -diff --git a/libguile/load.c b/libguile/load.c -index af2ca45..19dd338 100644 --- a/libguile/load.c +++ b/libguile/load.c @@ -26,6 +26,7 @@ @@ -12,8 +10,8 @@ index af2ca45..19dd338 100644 +#include <libgen.h> #include "libguile/_scm.h" - #include "libguile/private-gc.h" /* scm_getenv_int */ -@@ -255,6 +256,32 @@ scm_init_load_path () + #include "libguile/alist.h" +@@ -325,6 +326,32 @@ SCM cpath = SCM_EOL; #ifdef SCM_LIBRARY_DIR @@ -43,10 +41,10 @@ index af2ca45..19dd338 100644 + strcpy (ccache_dir, prefix); + strcat (ccache_dir, "/lib/guile/2.0/ccache"); + - env = getenv ("GUILE_SYSTEM_PATH"); + env = scm_i_mirror_backslashes (getenv ("GUILE_SYSTEM_PATH")); if (env && strcmp (env, "") == 0) /* special-case interpret system-path=="" as meaning no system path instead -@@ -263,10 +290,7 @@ scm_init_load_path () +@@ -333,10 +360,7 @@ else if (env) path = scm_parse_path (scm_from_locale_string (env), path); else @@ -56,9 +54,9 @@ index af2ca45..19dd338 100644 - scm_from_locale_string (SCM_PKGDATA_DIR)); + path = scm_list_1 (scm_from_locale_string (module_dir)); - env = getenv ("GUILE_SYSTEM_COMPILED_PATH"); + env = scm_i_mirror_backslashes (getenv ("GUILE_SYSTEM_COMPILED_PATH")); if (env && strcmp (env, "") == 0) -@@ -276,8 +300,7 @@ scm_init_load_path () +@@ -346,8 +370,7 @@ cpath = scm_parse_path (scm_from_locale_string (env), cpath); else { diff --git a/gnu/packages/patches/linux-pam-no-setfsuid.patch b/gnu/packages/patches/linux-pam-no-setfsuid.patch new file mode 100644 index 0000000000..f92fbc057a --- /dev/null +++ b/gnu/packages/patches/linux-pam-no-setfsuid.patch @@ -0,0 +1,75 @@ +On systems without 'setfsuid', use 'setreuid' instead. + +The patch originates from the Debian project for GNU/Hurd. +Authors: Steve Langasek <vorlon@debian.org> +Upstream status: A ticket was opened to request apply the patch, +ticket: 'https://fedorahosted.org/linux-pam/ticket/64'. + +--- Linux-PAM-1.2.1/libpam/pam_modutil_priv.c 2015-03-24 06:02:32.000000000 -0600 ++++ pam_modutil_priv-mod.c 2016-09-20 13:36:53.150663205 -0500 +@@ -14,7 +14,9 @@ + #include <syslog.h> + #include <pwd.h> + #include <grp.h> ++#ifdef HAVE_SYS_FSUID_H + #include <sys/fsuid.h> ++#endif /* HAVE_SYS_FSUID_H */ + + /* + * Two setfsuid() calls in a row are necessary to check +@@ -22,17 +24,55 @@ + */ + static int change_uid(uid_t uid, uid_t *save) + { ++#ifdef HAVE_SYS_FSUID_H + uid_t tmp = setfsuid(uid); + if (save) + *save = tmp; + return (uid_t) setfsuid(uid) == uid ? 0 : -1; ++#else ++ uid_t euid = geteuid(); ++ uid_t ruid = getuid(); ++ if (save) ++ *save = ruid; ++ if (ruid == uid && uid != 0) ++ if (setreuid(euid, uid)) ++ return -1; ++ else { ++ setreuid(0, -1); ++ if (setreuid(-1, uid)) { ++ setreuid(-1, 0); ++ setreuid(0, -1); ++ if (setreuid(-1, uid)) ++ return -1; ++ } ++ } ++#endif + } + static int change_gid(gid_t gid, gid_t *save) + { ++#ifdef HAVE_SYS_FSUID_H + gid_t tmp = setfsgid(gid); + if (save) + *save = tmp; + return (gid_t) setfsgid(gid) == gid ? 0 : -1; ++#else ++ gid_t egid = getegid(); ++ gid_t rgid = getgid(); ++ if (save) ++ *save = rgid; ++ if (rgid == gid) ++ if (setregid(egid, gid)) ++ return -1; ++ else { ++ setregid(0, -1); ++ if (setregid(-1, gid)) { ++ setregid(-1, 0); ++ setregid(0, -1); ++ if (setregid(-1, gid)) ++ return -1; ++ } ++ } ++#endif + } + + static int cleanup(struct pam_modutil_privs *p) diff --git a/gnu/packages/patches/perl-CVE-2015-8607.patch b/gnu/packages/patches/perl-CVE-2015-8607.patch deleted file mode 100644 index 4c25d41740..0000000000 --- a/gnu/packages/patches/perl-CVE-2015-8607.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 3a629609084d147838368262171b923f0770e564 Mon Sep 17 00:00:00 2001 -From: Tony Cook <tony@develop-help.com> -Date: Tue, 15 Dec 2015 10:56:54 +1100 -Subject: ensure File::Spec::canonpath() preserves taint - -Previously the unix specific XS implementation of canonpath() would -return an untainted path when supplied a tainted path. - -For the empty string case, newSVpvs() already sets taint as needed on -its result. - -This issue was assigned CVE-2015-8607. - -Bug: https://rt.perl.org/Ticket/Display.html?id=126862 -Bug-Debian: https://bugs.debian.org/810719 -Origin: upstream -Patch-Name: fixes/CVE-2015-8607_file_spec_taint_fix.diff ---- - dist/PathTools/Cwd.xs | 1 + - dist/PathTools/t/taint.t | 19 ++++++++++++++++++- - 2 files changed, 19 insertions(+), 1 deletion(-) - -diff --git a/dist/PathTools/Cwd.xs b/dist/PathTools/Cwd.xs -index 9d4dcf0..3d018dc 100644 ---- a/dist/PathTools/Cwd.xs -+++ b/dist/PathTools/Cwd.xs -@@ -535,6 +535,7 @@ THX_unix_canonpath(pTHX_ SV *path) - *o = 0; - SvPOK_on(retval); - SvCUR_set(retval, o - SvPVX(retval)); -+ SvTAINT(retval); - return retval; - } - -diff --git a/dist/PathTools/t/taint.t b/dist/PathTools/t/taint.t -index 309b3e5..48f8c5b 100644 ---- a/dist/PathTools/t/taint.t -+++ b/dist/PathTools/t/taint.t -@@ -12,7 +12,7 @@ use Test::More; - BEGIN { - plan( - ${^TAINT} -- ? (tests => 17) -+ ? (tests => 21) - : (skip_all => "A perl without taint support") - ); - } -@@ -34,3 +34,20 @@ foreach my $func (@Functions) { - - # Previous versions of Cwd tainted $^O - is !tainted($^O), 1, "\$^O should not be tainted"; -+ -+{ -+ # [perl #126862] canonpath() loses taint -+ my $tainted = substr($ENV{PATH}, 0, 0); -+ # yes, getcwd()'s result should be tainted, and is tested above -+ # but be sure -+ ok tainted(File::Spec->canonpath($tainted . Cwd::getcwd)), -+ "canonpath() keeps taint on non-empty string"; -+ ok tainted(File::Spec->canonpath($tainted)), -+ "canonpath() keeps taint on empty string"; -+ -+ (Cwd::getcwd() =~ /^(.*)/); -+ my $untainted = $1; -+ ok !tainted($untainted), "make sure our untainted value is untainted"; -+ ok !tainted(File::Spec->canonpath($untainted)), -+ "canonpath() doesn't add taint to untainted string"; -+} diff --git a/gnu/packages/patches/perl-CVE-2016-2381.patch b/gnu/packages/patches/perl-CVE-2016-2381.patch deleted file mode 100644 index 99d1944a5d..0000000000 --- a/gnu/packages/patches/perl-CVE-2016-2381.patch +++ /dev/null @@ -1,116 +0,0 @@ -Fix CVE-2016-2381 (ambiguous handling of duplicated environment variables). - -Copied from upstream: -http://perl5.git.perl.org/perl.git/commit/ae37b791a73a9e78dedb89fb2429d2628cf58076 - -References: -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381 -http://www.nntp.perl.org/group/perl.perl5.porters/2016/03/msg234747.html -https://security-tracker.debian.org/tracker/CVE-2016-2381 - ---- - -From 1237ea93fb2475a5ae576d5ee1358a5bb4ebe426 Mon Sep 17 00:00:00 2001 -From: Tony Cook <tony@develop-help.com> -Date: Wed, 27 Jan 2016 11:52:15 +1100 -Subject: remove duplicate environment variables from environ - -If we see duplicate environment variables while iterating over -environ[]: - -a) make sure we use the same value in %ENV that getenv() returns. - -Previously on a duplicate, %ENV would have the last entry for the name -from environ[], but a typical getenv() would return the first entry. - -Rather than assuming all getenv() implementations return the first entry -explicitly call getenv() to ensure they agree. - -b) remove duplicate entries from environ - -Previously if there was a duplicate definition for a name in environ[] -setting that name in %ENV could result in an unsafe value being passed -to a child process, so ensure environ[] has no duplicates. - -Patch-Name: fixes/CVE-2016-2381_duplicate_env.diff ---- - perl.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++-- - 1 file changed, 49 insertions(+), 2 deletions(-) - -diff --git a/perl.c b/perl.c -index 67d32ce..26aeb91 100644 ---- a/perl.c -+++ b/perl.c -@@ -4277,23 +4277,70 @@ S_init_postdump_symbols(pTHX_ int argc, char **argv, char **env) - } - if (env) { - char *s, *old_var; -+ STRLEN nlen; - SV *sv; -+ HV *dups = newHV(); -+ - for (; *env; env++) { - old_var = *env; - - if (!(s = strchr(old_var,'=')) || s == old_var) - continue; -+ nlen = s - old_var; - - #if defined(MSDOS) && !defined(DJGPP) - *s = '\0'; - (void)strupr(old_var); - *s = '='; - #endif -- sv = newSVpv(s+1, 0); -- (void)hv_store(hv, old_var, s - old_var, sv, 0); -+ if (hv_exists(hv, old_var, nlen)) { -+ const char *name = savepvn(old_var, nlen); -+ -+ /* make sure we use the same value as getenv(), otherwise code that -+ uses getenv() (like setlocale()) might see a different value to %ENV -+ */ -+ sv = newSVpv(PerlEnv_getenv(name), 0); -+ -+ /* keep a count of the dups of this name so we can de-dup environ later */ -+ if (hv_exists(dups, name, nlen)) -+ ++SvIVX(*hv_fetch(dups, name, nlen, 0)); -+ else -+ (void)hv_store(dups, name, nlen, newSViv(1), 0); -+ -+ Safefree(name); -+ } -+ else { -+ sv = newSVpv(s+1, 0); -+ } -+ (void)hv_store(hv, old_var, nlen, sv, 0); - if (env_is_not_environ) - mg_set(sv); - } -+ if (HvKEYS(dups)) { -+ /* environ has some duplicate definitions, remove them */ -+ HE *entry; -+ hv_iterinit(dups); -+ while ((entry = hv_iternext_flags(dups, 0))) { -+ STRLEN nlen; -+ const char *name = HePV(entry, nlen); -+ IV count = SvIV(HeVAL(entry)); -+ IV i; -+ SV **valp = hv_fetch(hv, name, nlen, 0); -+ -+ assert(valp); -+ -+ /* try to remove any duplicate names, depending on the -+ * implementation used in my_setenv() the iteration might -+ * not be necessary, but let's be safe. -+ */ -+ for (i = 0; i < count; ++i) -+ my_setenv(name, 0); -+ -+ /* and set it back to the value we set $ENV{name} to */ -+ my_setenv(name, SvPV_nolen(*valp)); -+ } -+ } -+ SvREFCNT_dec_NN(dups); - } - #endif /* USE_ENVIRON_ARRAY */ - #endif /* !PERL_MICRO */ diff --git a/gnu/packages/patches/perl-no-build-time.patch b/gnu/packages/patches/perl-no-build-time.patch deleted file mode 100644 index 5d78e8f462..0000000000 --- a/gnu/packages/patches/perl-no-build-time.patch +++ /dev/null @@ -1,26 +0,0 @@ -Do not record the configuration and build time so that builds can be -reproduced bit-for-bit. - ---- perl-5.22.0/Configure 1970-01-01 01:00:00.000000000 +0100 -+++ perl-5.22.0/Configure 2015-12-13 00:14:43.148165080 +0100 -@@ -3834,6 +3817,7 @@ esac - - : who configured the system - cf_time=`LC_ALL=C; LANGUAGE=C; export LC_ALL; export LANGUAGE; $date 2>&1` -+cf_time='Thu Jan 1 00:00:01 UTC 1970' - case "$cf_by" in - "") - cf_by=`(logname) 2>/dev/null` - ---- perl-5.22.0/perl.c 2015-12-13 00:25:30.269156627 +0100 -+++ perl-5.22.0/perl.c 2015-12-13 00:25:38.265218175 +0100 -@@ -1795,7 +1795,7 @@ S_Internals_V(pTHX_ CV *cv) - PUSHs(Perl_newSVpvn_flags(aTHX_ non_bincompat_options, - sizeof(non_bincompat_options) - 1, SVs_TEMP)); - --#ifdef __DATE__ -+#if 0 - # ifdef __TIME__ - PUSHs(Perl_newSVpvn_flags(aTHX_ - STR_WITH_LEN("Compiled at " __DATE__ " " __TIME__), - diff --git a/gnu/packages/patches/perl-reproducible-build-date.patch b/gnu/packages/patches/perl-reproducible-build-date.patch new file mode 100644 index 0000000000..bf0d4b8f6d --- /dev/null +++ b/gnu/packages/patches/perl-reproducible-build-date.patch @@ -0,0 +1,50 @@ +Don't encode the current timestamp. + +This affects the output of `perl -V`, specifically the message "Compiled +at [...]". + +The 'cf_time' and 'cf_by' values show up in 'config.h' and +in 'Config_heavy.pl'. + +Use the output of 'uname -s' instead of 'uname -a' to avoid recording +the kernel version ('uname -o' leads to directory names like +'x86_64-gnulinux' instead of 'x86_64-linux', which might cause breakage +down the road.) + +diff --git a/perl.c b/perl.c +index 228a0d8..ed38313 100644 +--- a/perl.c ++++ b/perl.c +@@ -1825,6 +1825,7 @@ S_Internals_V(pTHX_ CV *cv) + PUSHs(Perl_newSVpvn_flags(aTHX_ non_bincompat_options, + sizeof(non_bincompat_options) - 1, SVs_TEMP)); + ++#define PERL_BUILD_DATE "Jan 1 1970 00:00:00" + #ifndef PERL_BUILD_DATE + # ifdef __DATE__ + # ifdef __TIME__ + +--- a/Configure 1970-01-01 01:00:00.000000000 +0100 ++++ b/Configure 2016-10-01 14:47:20.017319739 +0200 +@@ -3276,7 +3276,7 @@ $eunicefix tr + : Try to determine whether config.sh was made on this system + case "$config_sh" in + '') +-myuname=`$uname -a 2>/dev/null` ++myuname=`$uname -s 2>/dev/null` + $test -z "$myuname" && myuname=`hostname 2>/dev/null` + # Downcase everything to avoid ambiguity. + # Remove slashes and single quotes so we can use parts of this in +@@ -3845,10 +3845,10 @@ + . ./posthint.sh + + : who configured the system +-cf_time=`LC_ALL=C; LANGUAGE=C; export LC_ALL; export LANGUAGE; $date 2>&1` ++cf_time="1970-01-01" + case "$cf_by" in + "") +- cf_by=`(logname) 2>/dev/null` ++ cf_by="guix" + case "$cf_by" in + "") + cf_by=`(whoami) 2>/dev/null` diff --git a/gnu/packages/patches/perl-source-date-epoch.patch b/gnu/packages/patches/perl-source-date-epoch.patch deleted file mode 100644 index 37330c9537..0000000000 --- a/gnu/packages/patches/perl-source-date-epoch.patch +++ /dev/null @@ -1,19 +0,0 @@ -Adapted from <https://bugs.debian.org/801621>. -Make Pod::Man honor the SOURCE_DATE_EPOCH environment variable. - ---- perl-5.22.0/cpan/podlators/lib/Pod/Man.pm 2015-12-12 22:33:03.321787590 +0100 -+++ perl-5.22.0/cpan/podlators/lib/Pod/Man.pm 2015-12-12 22:36:33.367361338 +0100 -@@ -884,7 +884,12 @@ sub devise_date { - my ($self) = @_; - my $input = $self->source_filename; - my $time; -- if ($input) { -+ -+ if (defined($ENV{SOURCE_DATE_EPOCH}) && -+ $ENV{SOURCE_DATE_EPOCH} !~ /\D/) { -+ $time = $ENV{SOURCE_DATE_EPOCH}; -+ } -+ elsif ($input) { - $time = (stat $input)[9] || time; - } else { - $time = time; diff --git a/gnu/packages/patches/procps-non-linux.patch b/gnu/packages/patches/procps-non-linux.patch deleted file mode 100644 index 9d369aeb2c..0000000000 --- a/gnu/packages/patches/procps-non-linux.patch +++ /dev/null @@ -1,40 +0,0 @@ -From aa9bd38d0a6fe53aff7f78fb2d9f61e55677c7b5 Mon Sep 17 00:00:00 2001 -From: Craig Small <csmall@enc.com.au> -Date: Sun, 17 Apr 2016 09:09:41 +1000 -Subject: [PATCH] tests: Conditionally add prctl to test process - -prctl was already bypassed on Cygwin systems. This extends to -non-Linux systems such as kFreeBSD and Hurd. - ---- - lib/test_process.c | 4 ++-- - 2 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/lib/test_process.c b/lib/test_process.c -index 6e652ed..6a4776c 100644 ---- a/lib/test_process.c -+++ b/lib/test_process.c -@@ -21,7 +21,9 @@ - #include <stdlib.h> - #include <unistd.h> - #include <signal.h> -+#ifdef __linux__ - #include <sys/prctl.h> -+#endif - #include "c.h" - - #define DEFAULT_SLEEPTIME 300 -@@ -78,8 +80,10 @@ - sigaction(SIGUSR1, &signal_action, NULL); - sigaction(SIGUSR2, &signal_action, NULL); - -+#ifdef __linux__ - /* set process name */ - prctl(PR_SET_NAME, MY_NAME, NULL, NULL, NULL); -+#endif - - while (sleep_time > 0) { - sleep_time = sleep(sleep_time); --- -2.8.2 - diff --git a/gnu/packages/patches/python-3.4-fix-tests.patch b/gnu/packages/patches/python-3.4-fix-tests.patch new file mode 100644 index 0000000000..d1f8138e79 --- /dev/null +++ b/gnu/packages/patches/python-3.4-fix-tests.patch @@ -0,0 +1,12 @@ +--- Lib/test/test_posixpath.py 2014-03-01 05:46:56.984311000 +0100 ++++ Lib/test/test_posixpath.py 2014-03-07 00:59:20.888311000 +0100 +@@ -319,7 +319,11 @@ + del env['HOME'] + home = pwd.getpwuid(os.getuid()).pw_dir + # $HOME can end with a trailing /, so strip it (see #17809) +- self.assertEqual(posixpath.expanduser("~"), home.rstrip("/")) ++ # The Guix builders have '/' as a home directory, so ++ # home.rstrip("/") will be an empty string and the test will ++ # fail. Let's just disable it since it does not really make ++ # sense with such a bizarre setup. ++ # self.assertEqual(posixpath.expanduser("~"), home.rstrip("/")) diff --git a/gnu/packages/patches/python-3.5-fix-tests.patch b/gnu/packages/patches/python-3.5-fix-tests.patch new file mode 100644 index 0000000000..46d2a84efb --- /dev/null +++ b/gnu/packages/patches/python-3.5-fix-tests.patch @@ -0,0 +1,46 @@ +Additional test fixes which affect Python 3.5 (and presumably later) but not +prior revisions of Python. + +--- Lib/test/test_pathlib.py 2014-03-01 03:02:36.088311000 +0100 ++++ Lib/test/test_pathlib.py 2014-03-01 04:56:37.768311000 +0100 +@@ -1986,8 +1986,9 @@ + expect = set() if not support.fs_is_case_insensitive(BASE) else given + self.assertEqual(given, expect) + self.assertEqual(set(p.rglob("FILEd*")), set()) + ++ @unittest.skipIf(True, "Guix builder home is '/' which causes trouble for these tests") + def test_expanduser(self): + P = self.cls + support.import_module('pwd') + import pwd +--- Lib/test/test_tarfile.py 2016-02-24 19:22:52.597208055 +0000 ++++ Lib/test/test_tarfile.py 2016-02-24 20:50:48.941950135 +0000 +@@ -2305,11 +2305,14 @@ + try: + import pwd, grp + except ImportError: + return False +- if pwd.getpwuid(0)[0] != 'root': +- return False +- if grp.getgrgid(0)[0] != 'root': ++ try: ++ if pwd.getpwuid(0)[0] != 'root': ++ return False ++ if grp.getgrgid(0)[0] != 'root': ++ return False ++ except KeyError: + return False + return True + + +--- Lib/test/test_asyncio/test_base_events.py ++++ Lib/test/test_asyncio/test_base_events.py +@@ -142,6 +142,8 @@ class BaseEventTests(test_utils.TestCase): + (INET, STREAM, TCP, '', ('1.2.3.4', 1)), + base_events._ipaddr_info('1.2.3.4', b'1', INET, STREAM, TCP)) + ++ @unittest.skipUnless(support.is_resource_enabled('network'), ++ 'network is not enabled') + def test_getaddrinfo_servname(self): + INET = socket.AF_INET + STREAM = socket.SOCK_STREAM diff --git a/gnu/packages/patches/python-disable-ssl-test.patch b/gnu/packages/patches/python-disable-ssl-test.patch deleted file mode 100644 index e351c77505..0000000000 --- a/gnu/packages/patches/python-disable-ssl-test.patch +++ /dev/null @@ -1,12 +0,0 @@ -Disable a test that fails with openssl-1.0.2b. - ---- Lib/test/test_ssl.py.orig 2015-02-25 06:27:45.000000000 -0500 -+++ Lib/test/test_ssl.py 2015-06-12 03:14:09.395212502 -0400 -@@ -2718,6 +2718,7 @@ - chatty=True, connectionchatty=True) - self.assertIs(stats['compression'], None) - -+ @unittest.skipIf(True, "openssl 1.0.2b complains: dh key too small") - def test_dh_params(self): - # Check we can get a connection with ephemeral Diffie-Hellman - context = ssl.SSLContext(ssl.PROTOCOL_TLSv1) diff --git a/gnu/packages/patches/python-fix-tests.patch b/gnu/packages/patches/python-fix-tests.patch index 82c19980f9..e093307c51 100644 --- a/gnu/packages/patches/python-fix-tests.patch +++ b/gnu/packages/patches/python-fix-tests.patch @@ -20,21 +20,6 @@ http://bugs.python.org/issue20868 . def test_tarfile_root_owner(self): tmpdir, tmpdir2, base_name = self._create_files() ---- Lib/test/test_posixpath.py 2014-03-01 05:46:56.984311000 +0100 -+++ Lib/test/test_posixpath.py 2014-03-07 00:59:20.888311000 +0100 -@@ -319,7 +319,11 @@ - del env['HOME'] - home = pwd.getpwuid(os.getuid()).pw_dir - # $HOME can end with a trailing /, so strip it (see #17809) -- self.assertEqual(posixpath.expanduser("~"), home.rstrip("/")) -+ # The Guix builders have '/' as a home directory, so -+ # home.rstrip("/") will be an empty string and the test will -+ # fail. Let's just disable it since it does not really make -+ # sense with such a bizarre setup. -+ # self.assertEqual(posixpath.expanduser("~"), home.rstrip("/")) - - def test_normpath(self): - self.assertEqual(posixpath.normpath(""), ".") --- Lib/test/test_socket.py.orig 2014-03-02 22:14:12.264311000 +0100 +++ Lib/test/test_socket.py 2014-03-21 03:50:45.660311000 +0100 @@ -819,6 +819,8 @@ |