Sync from SUSE:SLFO:Main file revision 20359537aa30df4012c84361f10a59ef

2025-03-26 11:07:43 +01:00
parent 7848f8e7ae
commit ea88ae3534
6 changed files with 87 additions and 10 deletions
--- a/boo1237209.patch
+++ b/boo1237209.patch
@@ -0,0 +1,22 @@
+From b3384a1fbfa1fee99986e5750ab8e700de4f24ad Mon Sep 17 00:00:00 2001
+From: Christos Zoulas <christos@zoulas.com>
+Date: Thu, 5 Dec 2024 18:35:40 +0000
+Subject: [PATCH] PR/579: net147: Fix stack overrun.
+
+---
+ src/readelf.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/readelf.c b/src/readelf.c
+index fe4cf5413..d209d86df 100644
+--- a/src/readelf.c
+++ b/src/readelf.c
+@@ -1728,7 +1728,7 @@ dophn_exec(struct magic_set *ms, int clazz, int swap, int fd, off_t off,
+ 	Elf64_Phdr ph64;
+ 	const char *linking_style;
+ 	unsigned char nbuf[NBUFSIZE];
+-	char interp[128];
+	char interp[NBUFSIZE];
+ 	ssize_t bufsize;
+ 	size_t offset, align, need = 0;
+ 	int pie = 0, dynamic = 0;
--- a/file-seccomp-ppc.patch
+++ b/file-seccomp-ppc.patch
@@ -0,0 +1,29 @@
+The glibc does not provide the real value of TCGETS as e.g.
+used by tcgetattr(3). Therefore as a dirty workaround for
+the correct struct termios from ppc specific includes has to
+loaded before including ioctl.h.  Simply to get the the final
+correct value of TCGETS aka _IOR('t', 19, struct termios).
+
+---
+ src/seccomp.c |   11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/src/seccomp.c b/src/seccomp.c
+--- a/src/seccomp.c
+++ b/src/seccomp.c
+@@ -33,9 +33,13 @@ FILE_RCSID("@(#)$File: seccomp.c,v 1.29
+ #if HAVE_LIBSECCOMP
+ #include <seccomp.h> /* libseccomp */
+ #include <sys/prctl.h> /* prctl */
+-#include <sys/ioctl.h>
+ #include <sys/socket.h>
+-#include <termios.h>
+#ifdef __powerpc64__
+# include <asm/termbits.h>
+#else
+# include <termios.h>
+#endif
+#include <sys/ioctl.h>
+ #include <fcntl.h>
+ #include <stdlib.h>
+ #include <errno.h>
--- a/file-seccomp.patch
+++ b/file-seccomp.patch
@@ -11,25 +11,24 @@ export GLIBC_TUNABLES=glibc.mem.decorate_maps=1
 make check
 ```

+Remove the dumb prctl allow rule as for glibc malloc the prctl PR_SET_VMA
+with flag PR_SET_VMA_ANON_NAME is already allowed
+
 Signed-off-by: Werner Fink <werner@suse.de>
+
 ---
- src/seccomp.c | 3 +++
- 1 file changed, 3 insertions(+)
+ src/seccomp.c |    2 ++
+ 1 file changed, 2 insertions(+)

 diff --git a/src/seccomp.c b/src/seccomp.c
-index ce824330..8a2c8a4c 100644
 --- a/src/seccomp.c
 +++ b/src/seccomp.c
-@@ -80,6 +80,9 @@ enable_sandbox(void)
+@@ -80,6 +80,8 @@ enable_sandbox(void)
 	if (ctx == NULL)
 		return -1;
 
-+	ALLOW_RULE(prctl);
 +	ALLOW_RULE(getrandom);
 +	ALLOW_RULE(rseq);
 	ALLOW_RULE(access);
 	ALLOW_RULE(brk);
 	ALLOW_RULE(close);
-- 
-2.43.0
-
--- a/file.changes
+++ b/file.changes
@@ -1,3 +1,24 @@
+-------------------------------------------------------------------
+Wed Mar 19 09:31:52 UTC 2025 - Dr. Werner Fink <werner@suse.de>
+
+- Change patch file-seccomp.patch
+  * Remove the dumb prctl allow rule as for glibc malloc the prctl
+    PR_SET_VMA with flag PR_SET_VMA_ANON_NAME is already allowed
+- Require at build zlib-devel to enable direct uncompresion of
+  zip'ed files as well
+
+-------------------------------------------------------------------
+Tue Mar 18 10:40:11 UTC 2025 - Dr. Werner Fink <werner@suse.de>
+
+- Add patch file-seccomp-ppc.patch
+  * Minimal patch to work around of wrong provide of used TCGETS 
+
+-------------------------------------------------------------------
+Fri Feb 21 07:27:07 UTC 2025 - Dr. Werner Fink <werner@suse.de>
+
+- Add patch boo1237209.patch temporary
+  * Fix stack overrun (boo#1237209)
+
 -------------------------------------------------------------------
 Thu Nov 28 10:51:57 UTC 2024 - Dr. Werner Fink <werner@suse.de>

--- a/file.spec
+++ b/file.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package file
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,9 @@
 Name:           file
 BuildRequires:  bash >= 4.0
 BuildRequires:  libtool
+BuildRequires:  lzlib-devel
 BuildRequires:  pkgconfig(bzip2)
+BuildRequires:  pkgconfig(liblz4)
 BuildRequires:  pkgconfig(liblzma)
 BuildRequires:  pkgconfig(libseccomp)
 BuildRequires:  pkgconfig(libzstd)
@@ -63,7 +65,9 @@ Patch31:        file-5.19-biorad.dif
 Patch32:        file-5.19-clicfs.dif
 Patch37:        file-secure_getenv.patch
 Patch39:        file-5.28-btrfs-image.dif
+Patch42:        boo1237209.patch
 Patch43:        file-seccomp.patch
+Patch44:        file-seccomp-ppc.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %global         _sysconfdir /etc
 %global         magicdir    %{_datadir}/file
@@ -127,7 +131,9 @@ to develop applications that require the magic "file" interface.
 %patch -P 37 -p1 -b .getenv
 %patch -P 39 -p1 -b .btrfs
 %patch -P 0 -b .0
+%patch -P 42 -p1
 %patch -P 43 -p1 -b .seccomp
+%patch -P 44 -p1 -b .ppc
 test -s src/magic.h.in || cp -p src/magic.h src/magic.h.in
 rm -fv src/magic.h

--- a/python-magic.spec
+++ b/python-magic.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package python-magic
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed