diff options
| author |   Tony Vroon <chainsaw@gentoo.org> | 2010-04-25 16:44:23 +0000 |
|---|---|---|
| committer | Tony Vroon <chainsaw@gentoo.org> | 2010-04-25 16:44:23 +0000 |
| commit | a8c3dfe4718b01ac2372e1593ae88d55b7365afb (patch) | |
| tree | 3a162cfb324902d8db456914c0ec6bf4f57d8ab8 /app-arch | |
| parent | Drop ruby19 and jruby so that this version can be stabilized. (diff) | |
| download | gentoo-2-a8c3dfe4718b01ac2372e1593ae88d55b7365afb.tar.gz gentoo-2-a8c3dfe4718b01ac2372e1593ae88d55b7365afb.tar.bz2 gentoo-2-a8c3dfe4718b01ac2372e1593ae88d55b7365afb.zip | |
Glibc built with GCC 4.5 will notice a buffer overflow in the handling of OLD_GNU magic bytes and kill us. Apply a Fedora patch scavenged by Emil Karlson to avoid this happening; closes bug #317139.
(Portage version: 2.2_rc67/cvs/Linux x86_64)
Diffstat (limited to 'app-arch')
| -rw-r--r-- | app-arch/tar/ChangeLog | 10 | ||||
| -rw-r--r-- | app-arch/tar/files/tar-1.23-strncpy.patch | 32 | ||||
| -rw-r--r-- | app-arch/tar/tar-1.23-r1.ebuild | 69 |
3 files changed, 110 insertions, 1 deletions
diff --git a/app-arch/tar/ChangeLog b/app-arch/tar/ChangeLog index 18d82f212691..629a855a6e46 100644 --- a/app-arch/tar/ChangeLog +++ b/app-arch/tar/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for app-arch/tar # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/tar/ChangeLog,v 1.142 2010/03/10 13:55:50 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-arch/tar/ChangeLog,v 1.143 2010/04/25 16:44:23 chainsaw Exp $ + +*tar-1.23-r1 (25 Apr 2010) + + 25 Apr 2010; <chainsaw@gentoo.org> +tar-1.23-r1.ebuild, + +files/tar-1.23-strncpy.patch: + Glibc built with GCC 4.5 will notice a buffer overflow in the handling of + OLD_GNU magic bytes and kill us. Apply a Fedora patch scavenged by Emil + Karlson to avoid this happening; closes bug #317139. *tar-1.23 (10 Mar 2010) diff --git a/app-arch/tar/files/tar-1.23-strncpy.patch b/app-arch/tar/files/tar-1.23-strncpy.patch new file mode 100644 index 000000000000..c4939268c219 --- /dev/null +++ b/app-arch/tar/files/tar-1.23-strncpy.patch @@ -0,0 +1,32 @@ +diff -uNr tar-1.23.ORIG//src/create.c tar-1.23/src/create.c +--- tar-1.23.ORIG//src/create.c 2010-04-25 17:36:03.553606076 +0100 ++++ tar-1.23/src/create.c 2010-04-25 17:36:16.294605862 +0100 +@@ -575,7 +575,10 @@ + GNAME_TO_CHARS (tmpname, header->header.gname); + free (tmpname); + +- strcpy (header->header.magic, OLDGNU_MAGIC); ++ /* OLDGNU_MAGIC is string with 7 chars + NULL */ ++ strncpy (header->header.magic, OLDGNU_MAGIC, sizeof(header->header.magic)); ++ strncpy (header->header.version, OLDGNU_MAGIC+sizeof(header->header.magic), ++ sizeof(header->header.version)); + header->header.typeflag = type; + finish_header (st, header, -1); + +@@ -910,9 +913,13 @@ + break; + + case OLDGNU_FORMAT: +- case GNU_FORMAT: /*FIXME?*/ +- /* Overwrite header->header.magic and header.version in one blow. */ +- strcpy (header->header.magic, OLDGNU_MAGIC); ++ case GNU_FORMAT: ++ /* OLDGNU_MAGIC is string with 7 chars + NULL */ ++ strncpy (header->header.magic, OLDGNU_MAGIC, ++ sizeof(header->header.magic)); ++ strncpy (header->header.version, ++ OLDGNU_MAGIC+sizeof(header->header.magic), ++ sizeof(header->header.version)); + break; + + case POSIX_FORMAT: diff --git a/app-arch/tar/tar-1.23-r1.ebuild b/app-arch/tar/tar-1.23-r1.ebuild new file mode 100644 index 000000000000..03bac74a9a0a --- /dev/null +++ b/app-arch/tar/tar-1.23-r1.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-arch/tar/tar-1.23-r1.ebuild,v 1.1 2010/04/25 16:44:23 chainsaw Exp $ + +inherit flag-o-matic eutils + +DESCRIPTION="Use this to make tarballs :)" +HOMEPAGE="http://www.gnu.org/software/tar/" +SRC_URI="http://ftp.gnu.org/gnu/tar/${P}.tar.bz2 + ftp://alpha.gnu.org/gnu/tar/${P}.tar.bz2 + mirror://gnu/tar/${P}.tar.bz2" + +LICENSE="GPL-3" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="nls static userland_GNU" + +RDEPEND="" +DEPEND="${RDEPEND} + nls? ( >=sys-devel/gettext-0.10.35 )" + +src_unpack() { + unpack ${A} + cd "${S}" + + epatch "${FILESDIR}"/${P}-strncpy.patch #317139 + + if ! use userland_GNU ; then + sed -i \ + -e 's:/backup\.sh:/gbackup.sh:' \ + scripts/{backup,dump-remind,restore}.in \ + || die "sed non-GNU" + fi +} + +src_compile() { + local myconf + use static && append-ldflags -static + use userland_GNU || myconf="--program-prefix=g" + # Work around bug in sandbox #67051 + gl_cv_func_chown_follows_symlink=yes \ + econf \ + --enable-backup-scripts \ + --bindir=/bin \ + --libexecdir=/usr/sbin \ + $(use_enable nls) \ + ${myconf} || die + emake || die "emake failed" +} + +src_install() { + local p="" + use userland_GNU || p=g + + emake DESTDIR="${D}" install || die "make install failed" + + if [[ -z ${p} ]] ; then + # a nasty yet required piece of baggage + exeinto /etc + doexe "${FILESDIR}"/rmt || die + fi + + dodoc AUTHORS ChangeLog* NEWS README* THANKS + newman "${FILESDIR}"/tar.1 ${p}tar.1 + mv "${D}"/usr/sbin/${p}backup{,-tar} + mv "${D}"/usr/sbin/${p}restore{,-tar} + + rm -f "${D}"/usr/$(get_libdir)/charset.alias +} |