Accepting request 1135742 from home:dirkmueller:Factory

- update to 0.60.8.1:
  * Fix memory leak in suggestion code introduced in 0.60.8.
  * Various documentation fixes.
  * Fix various warnings when compiling with -Wall.
  * Fix two buffer overflows found by Google’s OSS-Fuzz.
  * Other minor updates.
- drop aspell-CVE-2019-25051.patch (upstream)

- defining ncurses_wide library for configure to enable wide
- changed dict- and data-dir back to /usr/{%lib} because dictionary
- add ncurses-devel BuildRequires.
   * Updated to Gettext 0.16.1, Libtool 1.5.22, Automake 1.10,
   * Complain if more than one file is specified when checking
     files using the `aspell check' command, rather than ignoring
- removed virtual package dependency
- fix file list
- fix libdir usage
    * see more details in /usr/share/doc/packages/aspell/README
- libtoolize to build

OBS-URL: https://build.opensuse.org/request/show/1135742
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/aspell?expand=0&rev=48
This commit is contained in:
Petr Gajdos 2024-01-02 11:32:40 +00:00 committed by Git OBS Bridge
parent 9547333b3a
commit 52fd9b2a63
7 changed files with 34 additions and 111 deletions

BIN
aspell-0.60.8.1.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEABECAAYFAmWCJzkACgkQttnQzDizJ9ew/gCbBqdvWXclNZ2hIECBBGYXMdS/
OeYAnRwaGNBAZ5lPa1YleoVMfZewi2k/
=NgBu
-----END PGP SIGNATURE-----

BIN
aspell-0.60.8.tar.gz (Stored with Git LFS)

Binary file not shown.

View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iEYEABECAAYFAl2iVDoACgkQttnQzDizJ9ekcACfWDC/8lwAPGiRtC+mTjSXc0Nx
4xoAn24YScVIJ8Zk5yQ7lZ1fFX9Z8sMb
=k99I
-----END PGP SIGNATURE-----

View File

@ -1,86 +0,0 @@
diff --git a/common/objstack.hpp b/common/objstack.hpp
index 3997bf7..bd97ccd 100644
--- a/common/objstack.hpp
+++ b/common/objstack.hpp
@@ -5,6 +5,7 @@
#include "parm_string.hpp"
#include <stdlib.h>
#include <assert.h>
+#include <stddef.h>
namespace acommon {
@@ -26,6 +27,12 @@ class ObjStack
byte * temp_end;
void setup_chunk();
void new_chunk();
+ bool will_overflow(size_t sz) const {
+ return offsetof(Node,data) + sz > chunk_size;
+ }
+ void check_size(size_t sz) {
+ assert(!will_overflow(sz));
+ }
ObjStack(const ObjStack &);
void operator=(const ObjStack &);
@@ -56,7 +63,7 @@ class ObjStack
void * alloc_bottom(size_t size) {
byte * tmp = bottom;
bottom += size;
- if (bottom > top) {new_chunk(); tmp = bottom; bottom += size;}
+ if (bottom > top) {check_size(size); new_chunk(); tmp = bottom; bottom += size;}
return tmp;
}
// This alloc_bottom will insure that the object is aligned based on the
@@ -66,7 +73,7 @@ class ObjStack
align_bottom(align);
byte * tmp = bottom;
bottom += size;
- if (bottom > top) {new_chunk(); goto loop;}
+ if (bottom > top) {check_size(size); new_chunk(); goto loop;}
return tmp;
}
char * dup_bottom(ParmString str) {
@@ -79,7 +86,7 @@ class ObjStack
// always be aligned as such.
void * alloc_top(size_t size) {
top -= size;
- if (top < bottom) {new_chunk(); top -= size;}
+ if (top < bottom) {check_size(size); new_chunk(); top -= size;}
return top;
}
// This alloc_top will insure that the object is aligned based on
@@ -88,7 +95,7 @@ class ObjStack
{loop:
top -= size;
align_top(align);
- if (top < bottom) {new_chunk(); goto loop;}
+ if (top < bottom) {check_size(size); new_chunk(); goto loop;}
return top;
}
char * dup_top(ParmString str) {
@@ -117,6 +124,7 @@ class ObjStack
void * alloc_temp(size_t size) {
temp_end = bottom + size;
if (temp_end > top) {
+ check_size(size);
new_chunk();
temp_end = bottom + size;
}
@@ -131,6 +139,7 @@ class ObjStack
} else {
size_t s = temp_end - bottom;
byte * p = bottom;
+ check_size(size);
new_chunk();
memcpy(bottom, p, s);
temp_end = bottom + size;
@@ -150,6 +159,7 @@ class ObjStack
} else {
size_t s = temp_end - bottom;
byte * p = bottom;
+ check_size(size);
new_chunk();
memcpy(bottom, p, s);
temp_end = bottom + size;

View File

@ -1,3 +1,14 @@
-------------------------------------------------------------------
Sat Dec 30 10:26:00 UTC 2023 - Dirk Müller <dmueller@suse.com>
- update to 0.60.8.1:
* Fix memory leak in suggestion code introduced in 0.60.8.
* Various documentation fixes.
* Fix various warnings when compiling with -Wall.
* Fix two buffer overflows found by Googles OSS-Fuzz.
* Other minor updates.
- drop aspell-CVE-2019-25051.patch (upstream)
-------------------------------------------------------------------
Thu Jul 7 12:28:47 UTC 2022 - Marcus Meissner <meissner@suse.com>

View File

@ -1,7 +1,7 @@
#
# spec file for package aspell
#
# Copyright (c) 2022 SUSE LLC
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,7 +17,7 @@
Name: aspell
Version: 0.60.8
Version: 0.60.8.1
Release: 0
Summary: A Spell Checker
License: GFDL-1.1-or-later AND LGPL-2.1-only AND HPND AND SUSE-BSD-Mark-Modifications
@ -31,8 +31,6 @@ Source100: baselibs.conf
Patch0: aspell-strict-aliasing.patch
# PATCH-FIX-OPENSUSE aspell-quotes.patch lmichnovic@suse.cz -- Fix command execution in script "run-with-aspell"
Patch1: aspell-quotes.patch
# CVE-2019-25051 [bsc#1188576], heap-buffer-overflow in acommon:ObjStack:dup_top
Patch2: aspell-CVE-2019-25051.patch
BuildRequires: fdupes
BuildRequires: gcc-c++
BuildRequires: libtool