summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStephen Shkardoon <ss23@ss23.geek.nz>2023-02-28 04:34:06 +1300
committerSam James <sam@gentoo.org>2023-03-04 07:18:15 +0000
commitee4985333e42e9794fb0f165a857e78af0f363d5 (patch)
treef0696c120e1494f80eee1dfbdb800d2f1f053e60 /net-p2p/rtorrent
parentdev-cpp/doctest: add 2.4.10 (diff)
downloadgentoo-ee4985333e42e9794fb0f165a857e78af0f363d5.tar.gz
gentoo-ee4985333e42e9794fb0f165a857e78af0f363d5.tar.bz2
gentoo-ee4985333e42e9794fb0f165a857e78af0f363d5.zip
net-p2p/rtorrent: Resolve overflow issue on hardened build
Closes: https://bugs.gentoo.org/891995 Signed-off-by: Stephen Shkardoon <ss23@ss23.geek.nz> Closes: https://github.com/gentoo/gentoo/pull/29834 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'net-p2p/rtorrent')
-rw-r--r--net-p2p/rtorrent/files/rtorrent-0.9.8-bgo891995.patch27
-rw-r--r--net-p2p/rtorrent/rtorrent-0.9.8-r2.ebuild74
2 files changed, 101 insertions, 0 deletions
diff --git a/net-p2p/rtorrent/files/rtorrent-0.9.8-bgo891995.patch b/net-p2p/rtorrent/files/rtorrent-0.9.8-bgo891995.patch
new file mode 100644
index 000000000000..943fe64dddc1
--- /dev/null
+++ b/net-p2p/rtorrent/files/rtorrent-0.9.8-bgo891995.patch
@@ -0,0 +1,27 @@
+https://bugs.gentoo.org/891995
+https://github.com/rakshasa/rtorrent/issues/1205
+https://github.com/rakshasa/rtorrent/pull/1169
+
+From 812bba81bc049a5f786282b3654cab294b0ef236 Mon Sep 17 00:00:00 2001
+From: Aleksa Sarai <cyphar@cyphar.com>
+Date: Mon, 20 Jun 2022 19:09:57 +1000
+Subject: [PATCH] utils: lockfile: avoid stack overflow for lockfile buffer
+
+There appears to have been some change on openSUSE (likely some new
+hardening flags for builds, or some glibc hardening) such that incorrect
+buffer handling results in a segfault even if the buffer is never
+overflowed.
+
+Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
+--- a/src/utils/lockfile.cc
++++ b/src/utils/lockfile.cc
+@@ -98,7 +98,8 @@ Lockfile::try_lock() {
+ int pos = ::gethostname(buf, 255);
+
+ if (pos == 0) {
+- ::snprintf(buf + std::strlen(buf), 255, ":+%i\n", ::getpid());
++ ssize_t len = std::strlen(buf);
++ ::snprintf(buf + len, 255 - len, ":+%i\n", ::getpid());
+ int __UNUSED result = ::write(fd, buf, std::strlen(buf));
+ }
+
diff --git a/net-p2p/rtorrent/rtorrent-0.9.8-r2.ebuild b/net-p2p/rtorrent/rtorrent-0.9.8-r2.ebuild
new file mode 100644
index 000000000000..b3161479593e
--- /dev/null
+++ b/net-p2p/rtorrent/rtorrent-0.9.8-r2.ebuild
@@ -0,0 +1,74 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools linux-info systemd
+
+DESCRIPTION="BitTorrent Client using libtorrent"
+HOMEPAGE="https://rakshasa.github.io/rtorrent/"
+SRC_URI="http://rtorrent.net/downloads/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~sparc-solaris ~x64-solaris"
+IUSE="debug selinux test xmlrpc"
+RESTRICT="!test? ( test )"
+
+COMMON_DEPEND="~net-libs/libtorrent-0.13.${PV##*.}
+ >=net-misc/curl-7.19.1
+ sys-libs/ncurses:0=
+ xmlrpc? ( dev-libs/xmlrpc-c:= )"
+RDEPEND="${COMMON_DEPEND}
+ selinux? ( sec-policy/selinux-rtorrent )
+"
+DEPEND="${COMMON_DEPEND}
+ dev-util/cppunit
+ virtual/pkgconfig"
+
+DOCS=( doc/rtorrent.rc )
+
+PATCHES=(
+ "${FILESDIR}/${P}-bgo891995.patch"
+)
+
+pkg_setup() {
+ if ! linux_config_exists || ! linux_chkconfig_present IPV6; then
+ ewarn "rtorrent will not start without IPv6 support in your kernel"
+ ewarn "without further configuration. Please set bind=0.0.0.0 or"
+ ewarn "similar in your rtorrent.rc"
+ ewarn "Upstream bug: https://github.com/rakshasa/rtorrent/issues/732"
+ fi
+}
+
+src_prepare() {
+ default
+
+ # https://github.com/rakshasa/rtorrent/issues/332
+ cp "${FILESDIR}"/rtorrent.1 "${S}"/doc/ || die
+
+ if [[ ${CHOST} != *-darwin* ]]; then
+ # syslibroot is only for macos, change to sysroot for others
+ sed -i 's/Wl,-syslibroot,/Wl,--sysroot,/' "${S}/scripts/common.m4" || die
+ fi
+
+ eautoreconf
+}
+
+src_configure() {
+ default
+
+ # configure needs bash or script bombs out on some null shift, bug #291229
+ CONFIG_SHELL=${BASH} econf \
+ $(use_enable debug) \
+ $(use_with xmlrpc xmlrpc-c)
+}
+
+src_install() {
+ default
+ doman doc/rtorrent.1
+
+ newinitd "${FILESDIR}/rtorrent-r1.init" rtorrent
+ newconfd "${FILESDIR}/rtorrentd.conf" rtorrent
+ systemd_newunit "${FILESDIR}/rtorrentd_at-r1.service" "rtorrentd@.service"
+}