From b6c5c04c1edf6e8a194acd8d164ecf54817d5ed8669fe0509569ccf903d9d20c Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Mon, 11 Jul 2022 07:48:13 +0000 Subject: [PATCH] - Update to release 1.4.1 OBS-URL: https://build.opensuse.org/package/show/server:monitoring/protobuf-c?expand=0&rev=38 --- 508.patch | 86 ----------------------------------------- protobuf-c-1.4.0.tar.gz | 3 -- protobuf-c-1.4.1.tar.gz | 3 ++ protobuf-c.changes | 8 ++++ protobuf-c.spec | 3 +- 5 files changed, 12 insertions(+), 91 deletions(-) delete mode 100644 508.patch delete mode 100644 protobuf-c-1.4.0.tar.gz create mode 100644 protobuf-c-1.4.1.tar.gz diff --git a/508.patch b/508.patch deleted file mode 100644 index 5c20f1d..0000000 --- a/508.patch +++ /dev/null @@ -1,86 +0,0 @@ -From 6e389ce2c34355d36009a8fb1666bed29fa2d4f4 Mon Sep 17 00:00:00 2001 -From: "Todd C. Miller" -Date: Mon, 6 Jun 2022 13:57:38 -0600 -Subject: [PATCH] Only shift unsigned values to avoid implementation-specific - behavior. This converts the arithmetic shifts to logical shifts. It is based - in part on a stackoverflow answer by John Schultz, - https://stackoverflow.com/questions/4533076/google-protocol-buffers-zigzag-encoding - ---- - protobuf-c/protobuf-c.c | 23 +++++++++++------------ - 1 file changed, 11 insertions(+), 12 deletions(-) - -diff --git a/protobuf-c/protobuf-c.c b/protobuf-c/protobuf-c.c -index ad1bdb1..98052cd 100644 ---- a/protobuf-c/protobuf-c.c -+++ b/protobuf-c/protobuf-c.c -@@ -316,9 +316,8 @@ int32_size(int32_t v) - static inline uint32_t - zigzag32(int32_t v) - { -- // Note: the right-shift must be arithmetic -- // Note: left shift must be unsigned because of overflow -- return ((uint32_t)(v) << 1) ^ (uint32_t)(v >> 31); -+ // Note: Using unsigned types prevents undefined behavior -+ return ((uint32_t)v << 1) ^ -((uint32_t)v >> 31); - } - - /** -@@ -380,9 +379,8 @@ uint64_size(uint64_t v) - static inline uint64_t - zigzag64(int64_t v) - { -- // Note: the right-shift must be arithmetic -- // Note: left shift must be unsigned because of overflow -- return ((uint64_t)(v) << 1) ^ (uint64_t)(v >> 63); -+ // Note: Using unsigned types prevents undefined behavior -+ return ((uint64_t)v << 1) ^ -((uint64_t)v >> 63); - } - - /** -@@ -802,7 +800,8 @@ uint32_pack(uint32_t value, uint8_t *out) - } - - /** -- * Pack a signed 32-bit integer and return the number of bytes written. -+ * Pack a signed 32-bit integer and return the number of bytes written, -+ * passed as unsigned to avoid implementation-specific behavior. - * Negative numbers are encoded as two's complement 64-bit integers. - * - * \param value -@@ -813,14 +812,14 @@ uint32_pack(uint32_t value, uint8_t *out) - * Number of bytes written to `out`. - */ - static inline size_t --int32_pack(int32_t value, uint8_t *out) -+int32_pack(uint32_t value, uint8_t *out) - { -- if (value < 0) { -+ if ((int32_t)value < 0) { - out[0] = value | 0x80; - out[1] = (value >> 7) | 0x80; - out[2] = (value >> 14) | 0x80; - out[3] = (value >> 21) | 0x80; -- out[4] = (value >> 28) | 0x80; -+ out[4] = (value >> 28) | 0xf0; - out[5] = out[6] = out[7] = out[8] = 0xff; - out[9] = 0x01; - return 10; -@@ -2425,7 +2424,7 @@ static inline int32_t - unzigzag32(uint32_t v) - { - // Note: Using unsigned types prevents undefined behavior -- return (int32_t)((v >> 1) ^ (~(v & 1) + 1)); -+ return (int32_t)((v >> 1) ^ -(v & 1)); - } - - static inline uint32_t -@@ -2467,7 +2466,7 @@ static inline int64_t - unzigzag64(uint64_t v) - { - // Note: Using unsigned types prevents undefined behavior -- return (int64_t)((v >> 1) ^ (~(v & 1) + 1)); -+ return (int64_t)((v >> 1) ^ -(v & 1)); - } - - static inline uint64_t diff --git a/protobuf-c-1.4.0.tar.gz b/protobuf-c-1.4.0.tar.gz deleted file mode 100644 index deefc94..0000000 --- a/protobuf-c-1.4.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:26d98ee9bf18a6eba0d3f855ddec31dbe857667d269bc0b6017335572f85bbcb -size 505251 diff --git a/protobuf-c-1.4.1.tar.gz b/protobuf-c-1.4.1.tar.gz new file mode 100644 index 0000000..97b94a9 --- /dev/null +++ b/protobuf-c-1.4.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4cc4facd508172f3e0a4d3a8736225d472418aee35b4ad053384b137b220339f +size 513596 diff --git a/protobuf-c.changes b/protobuf-c.changes index 3568981..df6da9a 100644 --- a/protobuf-c.changes +++ b/protobuf-c.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Jul 11 07:46:47 UTC 2022 - Jan Engelhardt + +- Update to release 1.4.1 + * Fixed unsigned integer overflow (GH#499) + * Avoid shifting signed values (GH#508) +- Remove 508.patch (merged) + ------------------------------------------------------------------- Tue Jul 5 12:38:17 UTC 2022 - Adam Majer diff --git a/protobuf-c.spec b/protobuf-c.spec index bf34fd7..40d703e 100644 --- a/protobuf-c.spec +++ b/protobuf-c.spec @@ -19,14 +19,13 @@ %define sover 1 Name: protobuf-c -Version: 1.4.0 +Version: 1.4.1 Release: 0 Summary: C bindings for Google's Protocol Buffers License: BSD-3-Clause Group: Development/Tools/Other URL: https://github.com/protobuf-c/protobuf-c Source: https://github.com/protobuf-c/protobuf-c/releases/download/v%version/%name-%version.tar.gz -Patch1: 508.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc