pool/libical
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 582201 from home:jengelh:branches:ical3

Browse Source 
- Update to new upstream release 3.0.3

OBS-URL: https://build.opensuse.org/request/show/582201
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libical?expand=0&rev=47
This commit is contained in:
Adam Majer 2018-03-05 10:12:44 +00:00 committed by Git OBS Bridge
parent 3bc8bea59f
commit 91dfbdaa2d
11 changed files with 36 additions and 330 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
0001-build-ICU-must-appear-as-Requires-in-pkgconfig.patch
View File

@ -1,43 +0,0 @@
From 101a29ef57341a786012eb07dcfcec5c597f4493 Mon Sep 17 00:00:00 2001
X-Backport: Rediff for 2.0.0
From: Jan Engelhardt <jengelh@inai.de>
Date: Mon, 3 Oct 2016 10:25:00 +0200
Subject: [PATCH] build: ICU must appear as Requires in pkgconfig
References: https://github.com/libical/libical/pull/244
libical.pc specifies -licu-i18n in its Libs: field,
but no Requires: icu-i18n. As a result, the automatic dependency
generator in Linux distributions won't see the ICU requirement,
won't install it, and builds of secondary software fails.
$ gcc icalthing.c `pkg-config libical --cflags --libs`
[...]
gcc: error: /usr/lib64/libicuuc.so: No such file or directory
Move ICU from Libs to Requires, so the dependency scanner can do its
job. Specifically move it to Requires.private, since specifying -licu*
is not normally needed when libical is a shared library since it
already has it recorded in the ELF.
---
libical.pc.in | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
Index: libical-2.0.0/libical.pc.in
===================================================================
--- libical-2.0.0.orig/libical.pc.in
+++ libical-2.0.0/libical.pc.in
@@ -2,11 +2,11 @@ prefix=@prefix@
exec_prefix=@exec_prefix@
libdir=@libdir@
includedir=@includedir@
-threadslib=@PTHREAD_LIBS@
-iculib=@ICU_LIBRARIES@ @ICU_I18N_LIBRARIES@
Name: libical
Description: An implementation of basic iCAL protocols
Version: @VERSION@
-Libs: -L${libdir} -lical -licalss -licalvcal ${threadslib} ${iculib}
+Libs: -L${libdir} -lical -licalss -licalvcal
+Libs.private: @PTHREAD_LIBS@
+Requires.private: icu-i18n
Cflags: -I${includedir}

4
baselibs.conf
View File

@ -1,3 +1 @@
libical2
obsoletes "libical-<targettype> <= <version>"
provides "libical2-<targettype> = <version>"
libical3

3
libical-2.0.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:654c11f759c19237be39f6ad401d917e5a05f36f1736385ed958e60cf21456da
size 699099

3
libical-3.0.3.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:5b91eb8ad2d2dcada39d2f81d5e3ac15895823611dc7df91df39a35586f39241
size 866624

27
libical-boo1015964-use-after-free.patch
View File

@ -1,27 +0,0 @@
From 6b9438d746cec6e4e632d78c5244f4be6314d1c9 Mon Sep 17 00:00:00 2001
From: Allen Winter <allen.winter@kdab.com>
Date: Sun, 28 May 2017 12:51:10 -0400
Subject: [PATCH] icaltypes.c - icalreqstattype_from_string(), copy the
reqstattype's debug string into its own memory in the ring buffer.
Issue#253
---
src/libical/icaltypes.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libical/icaltypes.c b/src/libical/icaltypes.c
index 70c50d29..85c33545 100644
--- a/src/libical/icaltypes.c
+++ b/src/libical/icaltypes.c
@@ -140,7 +140,7 @@ struct icalreqstattype icalreqstattype_from_string(const char *str)
p2 = strchr(p1 + 1, ';');
if (p2 != 0 && *p2 != 0) {
- stat.debug = p2 + 1;
+ stat.debug = icalmemory_tmp_copy(p2 + 1);
}
return stat;
--
2.12.3

26
libical-boo986631-check-prev-char.patch
View File

@ -1,26 +0,0 @@
From 04d84749e53db08c71ed0ce8b6ba5c11082743cd Mon Sep 17 00:00:00 2001
From: Ken Murchison <murch@andrew.cmu.edu>
Date: Fri, 2 Dec 2016 14:14:03 -0500
Subject: [PATCH] icalparser.c: make sure we have a prev_char before checking
it
---
src/libical/icalparser.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libical/icalparser.c b/src/libical/icalparser.c
index 9d332375..2735c9ac 100644
--- a/src/libical/icalparser.c
+++ b/src/libical/icalparser.c
@@ -148,7 +148,7 @@ static char *parser_get_next_char(char c, char *str, int qm)
char prev_char = 0;
while (next_char != 0) {
- if (prev_char != '\\') {
+ if (prev_char && prev_char != '\\') {
if (qm == 1 && next_char == '"') {
/* Encountered a quote, toggle quote mode */
quote_mode = !quote_mode;
--
2.12.3

26
libical-boo986631-read-past-end.patch
View File

@ -1,26 +0,0 @@
From 38757abb495ea6cb40faa5418052278bf75040f7 Mon Sep 17 00:00:00 2001
From: Ken Murchison <murch@andrew.cmu.edu>
Date: Fri, 2 Dec 2016 14:13:22 -0500
Subject: [PATCH] icaltime.c: don't read past end of string (can't check
str[19] if length is 16)
---
src/libical/icaltime.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/libical/icaltime.c b/src/libical/icaltime.c
index ca647633..4077ce75 100644
--- a/src/libical/icaltime.c
+++ b/src/libical/icaltime.c
@@ -445,7 +445,7 @@ struct icaltimetype icaltime_from_string(const char *str)
tt.is_utc = 0;
tt.is_date = 0;
} else if ((size == 16) || (size == 20)) { /* UTC time, ends in 'Z' */
- if ((str[15] != 'Z') && (str[19] != 'Z'))
+ if ((str[size-1] != 'Z'))
goto FAIL;
tt.is_utc = 1;
--
2.12.3

100
libical-parser-sanity-check.patch
View File

@ -1,100 +0,0 @@
From 53e68ff6e2133c54ff44df53e8b75ef21125fb3d Mon Sep 17 00:00:00 2001
From: Ken Murchison <murch@andrew.cmu.edu>
Date: Tue, 13 Dec 2016 16:22:42 -0500
Subject: [PATCH] icalparser.c: sanity check VALUE parameter against what is
allowed
Backported by Mike Gorse <mgorse@suse.com>
---
src/libical/icalparser.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 67 insertions(+), 2 deletions(-)
diff --git a/src/libical/icalparser.c b/src/libical/icalparser.c
index 998bc96d..62e3a401 100644
--- a/src/libical/icalparser.c
+++ b/src/libical/icalparser.c
@@ -1023,6 +1023,12 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
/* If it is a VALUE parameter, set the kind of value */
if (icalparameter_isa(param) == ICAL_VALUE_PARAMETER) {
+ const char unknown_type[] =
+ "Got a VALUE parameter with an unknown type";
+ const char illegal_type[] =
+ "Got a VALUE parameter with an illegal type for property";
+ const char *value_err = NULL;
+
value_kind =
(icalvalue_kind)icalparameter_value_to_value_kind(
icalparameter_get_value(param));
@@ -1033,8 +1039,66 @@ icalcomponent *icalparser_add_line(icalparser *parser, char *line)
parameter ( it was not one of the defined
values ), so reset the value_kind */
- insert_error(tail, str,
- "Got a VALUE parameter with an unknown type",
+ value_err = unknown_type;
+ }
+ else if (value_kind !=
+ icalproperty_kind_to_value_kind(icalproperty_isa(prop))) {
+ /* VALUE parameter type does not match default type
+ for this property (check for allowed alternate types) */
+
+ switch (prop_kind) {
+ case ICAL_ATTACH_PROPERTY:
+ /* Accept BINARY */
+ if (value_kind != ICAL_BINARY_VALUE)
+ value_err = illegal_type;
+ break;
+
+ case ICAL_DTEND_PROPERTY:
+ case ICAL_DUE_PROPERTY:
+ case ICAL_DTSTART_PROPERTY:
+ case ICAL_EXDATE_PROPERTY:
+ case ICAL_RECURRENCEID_PROPERTY:
+ /* Accept DATE */
+ if (value_kind != ICAL_DATE_VALUE)
+ value_err = illegal_type;
+ break;
+
+ case ICAL_GEO_PROPERTY:
+ /* Accept FLOAT (but change to GEO) */
+ if (value_kind != ICAL_FLOAT_VALUE)
+ value_err = illegal_type;
+ else value_kind = ICAL_GEO_VALUE;
+ break;
+
+ case ICAL_RDATE_PROPERTY:
+ /* Accept DATE or PERIOD */
+ if (value_kind != ICAL_DATE_VALUE &&
+ value_kind != ICAL_PERIOD_VALUE)
+ value_err = illegal_type;
+ break;
+
+ case ICAL_TRIGGER_PROPERTY:
+ /* Accept DATE-TIME */
+ if (value_kind != ICAL_DATETIME_VALUE)
+ value_err = illegal_type;
+ break;
+
+ case ICAL_X_PROPERTY:
+ /* Accept ANY value type */
+ break;
+
+ default:
+ /* ONLY default type is allowed */
+ value_err = illegal_type;
+ break;
+ }
+ }
+
+ if (value_err != NULL) {
+ /* Ooops, unknown/illegal VALUE parameter,
+ so reset the value_kind */
+
+ insert_error(tail, str, value_err,
ICAL_XLICERRORTYPE_PARAMETERVALUEPARSEERROR);
value_kind = icalproperty_kind_to_value_kind(icalproperty_isa(prop));
--
2.12.3

60
libical-timezone-use-after-free.patch
View File

@ -1,60 +0,0 @@
From 6bcc779a17a2d286e4c3cb958ddf369cc01cb42c Mon Sep 17 00:00:00 2001
From: Allen Winter <allen.winter@kdab.com>
Date: Thu, 15 Dec 2016 18:17:10 -0500
Subject: [PATCH] icaltimezone.c - fix heap-use-after-free caused by
fetch_lat_long_from_string() issue#262
Backported by Mike Gorse <mgorse@suse.com>
---
diff -urp libical-2.0.0.orig/src/libical/icaltimezone.c libical-2.0.0/src/libical/icaltimezone.c
--- libical-2.0.0.orig/src/libical/icaltimezone.c 2015-12-28 15:44:53.000000000 -0600
+++ libical-2.0.0/src/libical/icaltimezone.c 2017-06-19 15:48:27.789017341 -0500
@@ -1520,39 +1520,39 @@ static int fetch_lat_long_from_string(co
/* We need to parse the latitude/longitude co-ordinates and location fields */
sptr = (char *)str;
- while (*sptr != '\t') {
+ while ((*sptr != '\t') && (*sptr != '\0')) {
sptr++;
}
temp = ++sptr;
- while (*sptr != '\t') {
+ while (*sptr != '\t' && *sptr != '\0') {
sptr++;
}
len = (ptrdiff_t) (sptr - temp);
lat = (char *)malloc(len + 1);
lat = strncpy(lat, temp, len);
lat[len] = '\0';
- while (*sptr != '\t') {
+ while ((*sptr != '\t') && (*sptr != '\0')) {
sptr++;
}
loc = ++sptr;
- while (!isspace((int)(*sptr))) {
+ while (!isspace((int)(*sptr)) && (*sptr != '\0')) {
sptr++;
}
- len = (ptrdiff_t) (sptr - loc);
+ len = (ptrdiff_t)(sptr - loc);
location = strncpy(location, loc, len);
location[len] = '\0';
#if defined(sun) && defined(__SVR4)
/* Handle EET, MET and WET in zone_sun.tab. */
if (!strcmp(location, "Europe/")) {
- while (*sptr != '\t') {
+ while ((*sptr != '\t') && (*sptr != '\0')) {
sptr++;
}
loc = ++sptr;
- while (!isspace(*sptr)) {
+ while (!isspace(*sptr) && (*sptr != '\0')) {
sptr++;
}
- len = sptr - loc;
+ len = (ptrdiff_t)(sptr - loc);
location = strncpy(location, loc, len);
location[len] = '\0';
}
Only in libical-2.0.0/src/libical: icaltimezone.c.orig

21
libical.changes
View File

@ -1,3 +1,24 @@
-------------------------------------------------------------------
Sat Mar 3 10:36:33 UTC 2018 - jengelh@inai.de
- Update to new upstream release 3.0.3
* Various changes to the API over 2.x.
* Fixed use-after-free issues and some memory leaks
* More accurate VTIMEZONE generation when using the system time
zone data (when USE_BUILTIN_TZDATA=False)
* icalvalue_new/set_date and icalvalue_new/set_datetime now
enforce DATE and DATE-TIME values respectively.
* draft-ietf-calext-extensions (RFC 7986) support added.
* Parameter values are now en/decoded per RFC 6868.
* Added support for VPATCH component.
- Disable building static libs, nothing seems to be using it.
- Remove 0001-build-ICU-must-appear-as-Requires-in-pkgconfig.patch,
libical-boo986631-read-past-end.patch,
libical-boo986631-check-prev-char.patch,
libical-parser-sanity-check.patch,
libical-timezone-use-after-free.patch,
libical-boo1015964-use-after-free.patch (all are upstream)
-------------------------------------------------------------------
Wed Feb 28 16:35:25 UTC 2018 - dimstar@opensuse.org

53
libical.spec
View File

@ -16,35 +16,24 @@
#
%define sonum 2
%define sonum 3
Name: libical
Version: 2.0.0
Version: 3.0.3
Release: 0
Summary: An Implementation of Basic iCAL Protocols
License: MPL-1.0 OR LGPL-2.1-only
License: MPL-2.0 OR LGPL-2.1-only
Group: Development/Libraries/C and C++
URL: http://sourceforge.net/projects/freeassociation/
Url: http://sourceforge.net/projects/freeassociation/
#Git-Clone: https://github.com/libical/libical
Source: https://github.com/libical/libical/releases/download/v%{version}/%{name}-%{version}.tar.gz
Source2: baselibs.conf
Patch1: 0001-build-ICU-must-appear-as-Requires-in-pkgconfig.patch
# PATCH-FIX-UPSTREAM libical-boo986631-read-past-end.patch boo#986631 mgorse@suse.com -- fix for reading passed end of string (CVE-2016-5827)
Patch2: libical-boo986631-read-past-end.patch
# PATCH-FIX-UPSTREAM libical-boo986631-check-prev-char.patch boo#986631 mgorse@suse.com -- make sure we have a prev_char before checking it
Patch3: libical-boo986631-check-prev-char.patch
# PATCH-FIX-UPSTREAM libical-parser-sanity-check.patch mgorse@suse.com -- sanity check value parameter against what is allowed.
Patch4: libical-parser-sanity-check.patch
# PATCH-FIX-UPSTREAM libical-timezone-use-after-free.patch mgorse@suse.com -- fix use after free in fetch_lat_long_from_string
Patch5: libical-timezone-use-after-free.patch
# PATCH-FIX-UPSTREAM libical-boo1015964-use-after-free.patch boo#986639 boo#1015984 mgorse@suse.com -- copy reqstattype's debug string into its own memory (CVE-2016-5824 CVE-2016-9584).
Patch6: libical-boo1015964-use-after-free.patch
BuildRequires: cmake >= 2.4
BuildRequires: cmake >= 3.1
BuildRequires: gcc-c++
BuildRequires: pkgconfig
BuildRequires: pkgconfig(icu-i18n)
%description
Libical is an open source implementation of the IETF's iCalendar
Libical is an implementation of the IETF's iCalendar
calendaring and scheduling protocols (RFC 2445, 2446, and 2447). It
parses iCal components and provides a C API for manipulating the
component properties, parameters, and subcomponents.
@ -56,7 +45,7 @@ Provides: %{name} = %{version}
Obsoletes: %{name} < %{version}
%description -n %{name}%{sonum}
Libical is an open source implementation of the IETF's iCalendar
Libical is an implementation of the IETF's iCalendar
calendaring and scheduling protocols (RFC 2445, 2446, and 2447). It
parses iCal components and provides a C API for manipulating the
component properties, parameters, and subcomponents.
@ -67,46 +56,29 @@ Group: Development/Libraries/C and C++
Requires: %{name}%{sonum} = %{version}
%description devel
Libical is an Open Source implementation of the IETF's iCalendar
Calendaring and Scheduling protocols. (RFC 2445, 2446, and 2447). It
parses iCal components and provides a C API for manipulating the
component properties, parameters, and subcomponents.
%package devel-static
Summary: Additional static library for development with libical
Group: Development/Libraries/C and C++
Requires: %{name}-devel = %{version}
%description devel-static
Libical is an Open Source implementation of the IETF's iCalendar
Libical is an implementation of the IETF's iCalendar
Calendaring and Scheduling protocols. (RFC 2445, 2446, and 2447). It
parses iCal components and provides a C API for manipulating the
component properties, parameters, and subcomponents.
%package doc
Summary: Example source code for libical-using programs
Summary: Example source code for programs to use libical
Group: Documentation/Other
%if 0%{?suse_version} >= 1120
BuildArch: noarch
%endif
%description doc
Libical is an open source implementation of the IETF's iCalendar
Libical is an implementation of the IETF's iCalendar
calendaring and scheduling protocols (RFC 2445, 2446, and 2447). It
parses iCal components and provides a C API for manipulating the
component properties, parameters, and subcomponents.
%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%build
%cmake
%cmake -DICAL_GLIB=false -DSHARED_ONLY=true
make -j1
%install
@ -127,9 +99,6 @@ rm examples/CMakeLists.txt
%{_includedir}/libical/
%{_libdir}/cmake/LibIcal/
%files devel-static
%{_libdir}/*.a
%files doc
%doc doc/*.txt
%doc examples/