Accepting request 817934 from home:gmbr3:Active

- Update to version 1.18: * fix an ugly and ancient security issue with popt failing to drop privileges on alias exec from a SUID/SGID program * perform rudimentary sanity checks when reading in popt config files * collect accumulated misc fixes (memleaks etc) from distros * convert translations to utf-8 encoding * convert old postscript documentation to pdf * dust off ten years worth of autotools sediment * reorganize and clean up the source tree for clarity * remove the obnoxious splint annotations from the sources - popt-alignment-checks.patch removed: contained in upstream - popt-libc-updates.patch changed: to be compatible with new version. OBS-URL: https://build.opensuse.org/request/show/817934 OBS-URL: https://build.opensuse.org/package/show/Base:System/popt?expand=0&rev=54
2020-08-15 23:52:30 +00:00 · 2020-08-15 23:52:30 +00:00 · 65681cb03d
commit 65681cb03d
parent 19398ead91
6 changed files with 54 additions and 231 deletions
--- a/popt-1.16.tar.gz
+++ b/popt-1.16.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e728ed296fe9f069a0e005003c3d6b2dde3d9cad453422a10d6558616d304cc8
-size 702769
--- a/popt-1.18.tar.gz
+++ b/popt-1.18.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5159bc03a20b28ce363aa96765f37df99ea4d8850b1ece17d1e6ad5c24fdc5d1
+size 580569
--- a/popt-alignment-checks.patch
+++ b/popt-alignment-checks.patch
@ -1,74 +0,0 @@
-Index: popt-1.16/configure.ac
-===================================================================
--- popt-1.16.orig/configure.ac
-+++ popt-1.16/configure.ac
-@@ -47,7 +47,7 @@ AC_SYS_LARGEFILE
- 
- AC_ISC_POSIX
- 
-AC_CHECK_HEADERS(float.h fnmatch.h glob.h langinfo.h libintl.h mcheck.h unistd.h)
-+AC_CHECK_HEADERS(float.h fnmatch.h glob.h langinfo.h libintl.h mcheck.h unistd.h stdalign.h)
- 
- # For some systems we know that we have ld_version scripts.
- # Use it then as default.
-Index: popt-1.16/popt.c
-===================================================================
--- popt-1.16.orig/popt.c
-+++ popt-1.16/popt.c
-@@ -25,6 +25,15 @@ extern long long int strtoll(const char
- 
- #include "poptint.h"
- 
-+#ifdef HAVE_STDALIGN_H
-+#include <stdalign.h>
-+#define ALIGNOF(x) alignof(x)
-+#elif defined __GNUC__
-+#define ALIGNOF(x) __alignof__(x)
-+#else
-+#define ALIGNOF(x) sizeof(x)
-+#endif
-+
- #ifdef	MYDEBUG
- /*@unchecked@*/
- int _popt_debug = 0;
-@@ -977,12 +986,8 @@ static unsigned int seed = 0;
- 
- int poptSaveLongLong(long long * arg, unsigned int argInfo, long long aLongLong)
- {
-    if (arg == NULL
-#ifdef	NOTYET
-     /* XXX Check alignment, may fail on funky platforms. */
-     || (((unsigned long long)arg) & (sizeof(*arg)-1))
-#endif
-    )
-+    if (arg == NULL || (((unsigned long)arg) & (ALIGNOF(*arg)-1)))
- 	return POPT_ERROR_NULLARG;
- 
-     if (aLongLong != 0 && LF_ISSET(RANDOM)) {
-@@ -1023,7 +1028,7 @@ int poptSaveLongLong(long long * arg, un
- int poptSaveLong(long * arg, unsigned int argInfo, long aLong)
- {
-     /* XXX Check alignment, may fail on funky platforms. */
-    if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1)))
-+    if (arg == NULL || (((unsigned long)arg) & (ALIGNOF(*arg)-1)))
- 	return POPT_ERROR_NULLARG;
- 
-     if (aLong != 0 && LF_ISSET(RANDOM)) {
-@@ -1056,7 +1061,7 @@ int poptSaveLong(long * arg, unsigned in
- int poptSaveInt(/*@null@*/ int * arg, unsigned int argInfo, long aLong)
- {
-     /* XXX Check alignment, may fail on funky platforms. */
-    if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1)))
-+    if (arg == NULL || (((unsigned long)arg) & (ALIGNOF(*arg)-1)))
- 	return POPT_ERROR_NULLARG;
- 
-     if (aLong != 0 && LF_ISSET(RANDOM)) {
-@@ -1089,7 +1094,7 @@ int poptSaveInt(/*@null@*/ int * arg, un
- int poptSaveShort(/*@null@*/ short * arg, unsigned int argInfo, long aLong)
- {
-     /* XXX Check alignment, may fail on funky platforms. */
-    if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1)))
-+    if (arg == NULL || (((unsigned long)arg) & (ALIGNOF(*arg)-1)))
- 	return POPT_ERROR_NULLARG;
- 
-     if (aLong != 0 && LF_ISSET(RANDOM)) {
--- a/popt-libc-updates.patch
+++ b/popt-libc-updates.patch
@ -1,114 +1,43 @@
 Index: configure.ac
 ===================================================================
--- configure.ac.orig
-+++ configure.ac
-@@ -21,7 +21,7 @@ AC_SUBST(LT_AGE, 8)
- ALL_LINGUAS="cs da de eo es fi fr ga gl hu id is it ja ko lv nb nl pl pt ro ru sk sl sv th tr uk vi wa zh_TW zh_CN"
- 
+--- a/configure.ac
+++ b/configure.ac
+@@ -9,7 +9,6 @@
+ AM_INIT_AUTOMAKE([1.10 foreign -Wall])
+
 AC_PROG_CC_STDC
 -AC_PROG_CC
-+AC_USE_SYSTEM_EXTENSIONS
- 
- AC_PROG_INSTALL
- AC_PROG_LIBTOOL
-@@ -40,13 +40,12 @@ else
- fi
- AC_SUBST(TARGET)
- 
-CFLAGS="$CFLAGS -D_GNU_SOURCE -D_REENTRANT"
-+CFLAGS="$CFLAGS -D_REENTRANT"
- 
- AC_GCC_TRADITIONAL
- AC_SYS_LARGEFILE
- 
- AC_ISC_POSIX
-AM_C_PROTOTYPES
- 
- AC_CHECK_HEADERS(float.h fnmatch.h glob.h langinfo.h libintl.h mcheck.h unistd.h)
- 
-@@ -82,7 +81,7 @@ AC_ARG_ENABLE(build-gcov,
- AC_CHECK_FUNC(setreuid, [], [
-     AC_CHECK_LIB(ucb, setreuid, [if echo $LIBS | grep -- -lucb >/dev/null ;then :; else LIBS="$LIBS -lc -lucb" USEUCB=y;fi])
- ])
-AC_CHECK_FUNCS(getuid geteuid iconv mtrace __secure_getenv setregid stpcpy strerror vasprintf srandom)
-+AC_CHECK_FUNCS(getuid geteuid iconv mtrace __secure_getenv secure_getenv setregid stpcpy strerror vasprintf srandom)
- 
- AM_GNU_GETTEXT([external])
- AM_ICONV_LINK
-Index: system.h
+ AC_USE_SYSTEM_EXTENSIONS
+ AM_PROG_AR
+
+Index: src/system.h
 ===================================================================
--- system.h.orig
-+++ system.h
-@@ -1,10 +1,9 @@
- /**
+--- a/src/system.h
+++ b/src/system.h
+@@ -2,9 +2,7 @@
  * \file popt/system.h
  */
-+#pragma once
- 
+
 -#ifdef HAVE_CONFIG_H
 #include "config.h"
 -#endif
- 
- #if defined (__GLIBC__) && defined(__LCLINT__)
- /*@-declundef@*/
-@@ -42,6 +41,7 @@ extern __const __int32_t *__ctype_touppe
- #include <libc.h>
+
+ #include <ctype.h>
+
+@@ -57,6 +55,8 @@
+ #define getenv(_s)	secure_getenv(_s)
+ #elif defined(HAVE___SECURE_GETENV)
+ #define	getenv(_s)	__secure_getenv(_s)
+#else
+#error neither secure_getenv nor __secure_getenv is available
 #endif
- 
-+#pragma GCC visibility push(hidden)
- /*@-incondefs@*/
- /*@mayexit@*/ /*@only@*/ /*@out@*/ /*@unused@*/
- void * xmalloc (size_t size)
-@@ -77,6 +77,8 @@ static inline char * stpcpy (char *dest,
- }
- #endif
- 
-+#pragma GCC visibility pop
-+
- /* Memory allocation via macro defs to get meaningful locations from mtrace() */
- #if defined(HAVE_MCHECK_H) && defined(__GNUC__)
- #define	vmefail()	(fprintf(stderr, "virtual memory exhausted.\n"), exit(EXIT_FAILURE), NULL)
-@@ -91,8 +93,12 @@ static inline char * stpcpy (char *dest,
- #define	xstrdup(_str)	strdup(_str)
- #endif  /* defined(HAVE_MCHECK_H) && defined(__GNUC__) */
- 
-#if defined(HAVE___SECURE_GETENV) && !defined(__LCLINT__)
-#define	getenv(_s)	__secure_getenv(_s)
-+#ifndef HAVE_SECURE_GETENV
-+#  ifdef HAVE___SECURE_GETENV
-+#    define secure_getenv __secure_getenv
-+#  else
-+#    error neither secure_getenv nor __secure_getenv is available
-+#  endif
- #endif
- 
+
 #if !defined(__GNUC__) && !defined(__attribute__)
-Index: Makefile.am
+
+Index: src/popt.c
 ===================================================================
--- Makefile.am.orig
-+++ Makefile.am
-@@ -14,7 +14,7 @@ EXTRA_DIST = config.rpath lookup3.c auto
- 
- SUBDIRS = po . auto
- 
-AM_CPPFLAGS = -I. -I$(top_srcdir)
-+AM_CPPFLAGS = -include $(top_srcdir)/system.h -I. -I$(top_srcdir)
- 
- noinst_HEADERS = poptint.h system.h
- 
-@@ -37,7 +37,7 @@ noinst_SCRIPTS = testit.sh
- TESTS_ENVIRONMENT = \
- test1="$(top_builddir)/test1"
- 
-TESTS = $(top_srcdir)/testit.sh
-+TESTS = testit.sh
- 
- include_HEADERS = popt.h
- 
-Index: popt.c
-===================================================================
--- popt.c.orig
-+++ popt.c
+--- a/src/popt.c
+++ b/src/popt.c
@@ -197,7 +197,7 @@ poptContext poptGetContext(const char *
     con->execAbsolute = 1;
     con->arg_strip = NULL;
@ -144,10 +73,10 @@ Index: popt.c
       default:
 	return POPT_("unknown error");
     }
-Index: poptconfig.c
+Index: src/poptconfig.c
 ===================================================================
--- poptconfig.c.orig
-+++ poptconfig.c
+--- a/src/poptconfig.c
+++ b/src/poptconfig.c
@@ -540,7 +540,7 @@ int poptReadDefaultConfig(poptContext co
     if (rc) goto exit;
 #endif
@ -157,43 +86,3 @@ Index: poptconfig.c
 	char * fn = malloc(strlen(home) + 20);
 	if (fn != NULL) {
 	    (void) stpcpy(stpcpy(fn, home), "/.popt");
-Index: poptint.h
-===================================================================
--- poptint.h.orig
-+++ poptint.h
-@@ -11,6 +11,8 @@
- 
- #include <stdint.h>
- 
-+#pragma GCC visibility push(hidden)
-+
- /**
-  * Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
-  * @param p		memory to free
-@@ -149,6 +151,8 @@ struct poptContext_s {
-     pbm_set * arg_strip;
- };
- 
-+#pragma GCC visibility pop
-+
- #if defined(POPT_fprintf)
- #define	POPT_dgettext	dgettext
- #else
-@@ -182,6 +186,8 @@ extern char *nl_langinfo (nl_item __item
- #endif
- #endif
- 
-+#pragma GCC visibility push(hidden)
-+
- #if defined(HAVE_DCGETTEXT) && !defined(__LCLINT__)
- char *POPT_dgettext(const char * dom, const char * str)
- 	/*@*/;
-@@ -200,6 +206,8 @@ const char *POPT_next_char (/*@returned@
- 
- #endif
- 
-+#pragma GCC visibility pop
-+
- #if defined(ENABLE_NLS) && defined(HAVE_LIBINTL_H)
- #include <libintl.h>
- #endif
--- a/popt.changes
+++ b/popt.changes
@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Fri Jun 26 15:22:02 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com>
+
+- Update to version 1.18:
+  * fix an ugly and ancient security issue with popt failing to drop privileges on alias exec from a SUID/SGID program
+  * perform rudimentary sanity checks when reading in popt config files
+  * collect accumulated misc fixes (memleaks etc) from distros
+  * convert translations to utf-8 encoding
+  * convert old postscript documentation to pdf
+  * dust off ten years worth of autotools sediment
+  * reorganize and clean up the source tree for clarity
+  * remove the obnoxious splint annotations from the sources
+- popt-alignment-checks.patch removed: contained in upstream
+- popt-libc-updates.patch changed: to be compatible with new version.
+
 -------------------------------------------------------------------
 Mon Feb 10 12:53:55 UTC 2020 - Adrian Schröter <adrian@suse.de>

--- a/popt.spec
+++ b/popt.spec
@ -17,7 +17,7 @@


 Name:           popt
-Version:        1.16
+Version:        1.18
 Release:        0
 #!BuildIgnore:  rpmlint-Factory
 Summary:        A C library for parsing command line parameters
@ -26,13 +26,12 @@ Group:          Development/Libraries/C and C++
 URL:            http://www.rpm.org/

 #CVS-Clone:	-d :pserver:anonymous@rpm5.org:/cvs co popt
-Source:         http://ftp.rpm.org/mirror/popt/popt-%{version}.tar.gz
+Source:         http://ftp.rpm.org/popt/releases/popt-1.x/popt-%{version}.tar.gz
 Source2:        baselibs.conf
+Patch:          popt-libc-updates.patch
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
-Patch0:         popt-libc-updates.patch
-Patch1:         popt-alignment-checks.patch

 %description
 Popt is a C library for parsing command line parameters.  Popt was
@ -70,23 +69,17 @@ for developing programs which use the popt C library. It contains the
 API documentation of the popt library, too.

 %prep
-%setup -q
-%patch0
-%patch1 -p1
+%autosetup -p1

 %build
 autoreconf -fiv
 %configure --disable-static
-make %{?_smp_mflags}
+%make_build

 %install
-make install DESTDIR="%buildroot"
+%make_install
 rm %{buildroot}%{_libdir}/libpopt.la

-%if "%{_libdir}" != "%{_prefix}/lib"
-install -d -m755 %{buildroot}/%{_libdir}/pkgconfig
-mv %{buildroot}%{_prefix}/lib/pkgconfig/%{name}.pc %{buildroot}/%{_libdir}/pkgconfig/%{name}.pc
-%endif

 %find_lang %{name}