Accepting request 817934 from home:gmbr3:Active

- Update to version 1.18: * fix an ugly and ancient security issue with popt failing to drop privileges on alias exec from a SUID/SGID program * perform rudimentary sanity checks when reading in popt config files * collect accumulated misc fixes (memleaks etc) from distros * convert translations to utf-8 encoding * convert old postscript documentation to pdf * dust off ten years worth of autotools sediment * reorganize and clean up the source tree for clarity * remove the obnoxious splint annotations from the sources - popt-alignment-checks.patch removed: contained in upstream - popt-libc-updates.patch changed: to be compatible with new version. OBS-URL: https://build.opensuse.org/request/show/817934 OBS-URL: https://build.opensuse.org/package/show/Base:System/popt?expand=0&rev=54
2020-08-15 23:52:30 +00:00 · 2020-08-15 23:52:30 +00:00 · 65681cb03d
commit 65681cb03d
parent 19398ead91
6 changed files with 54 additions and 231 deletions
--- a/popt-1.16.tar.gz
+++ b/popt-1.16.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:e728ed296fe9f069a0e005003c3d6b2dde3d9cad453422a10d6558616d304cc8
 size 702769
--- a/popt-1.18.tar.gz
+++ b/popt-1.18.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:5159bc03a20b28ce363aa96765f37df99ea4d8850b1ece17d1e6ad5c24fdc5d1
 size 580569
--- a/popt-alignment-checks.patch
+++ b/popt-alignment-checks.patch
@ -1,74 +0,0 @@
 Index: popt-1.16/configure.ac
 ===================================================================
 --- popt-1.16.orig/configure.ac
 +++ popt-1.16/configure.ac
@@ -47,7 +47,7 @@ AC_SYS_LARGEFILE
 AC_ISC_POSIX
 -AC_CHECK_HEADERS(float.h fnmatch.h glob.h langinfo.h libintl.h mcheck.h unistd.h)
 +AC_CHECK_HEADERS(float.h fnmatch.h glob.h langinfo.h libintl.h mcheck.h unistd.h stdalign.h)
 # For some systems we know that we have ld_version scripts.
 # Use it then as default.
 Index: popt-1.16/popt.c
 ===================================================================
 --- popt-1.16.orig/popt.c
 +++ popt-1.16/popt.c
@@ -25,6 +25,15 @@ extern long long int strtoll(const char
 #include "poptint.h"
 +#ifdef HAVE_STDALIGN_H
 +#include <stdalign.h>
 +#define ALIGNOF(x) alignof(x)
 +#elif defined __GNUC__
 +#define ALIGNOF(x) __alignof__(x)
 +#else
 +#define ALIGNOF(x) sizeof(x)
 +#endif
 +
 #ifdef	MYDEBUG
 /*@unchecked@*/
 int _popt_debug = 0;
@@ -977,12 +986,8 @@ static unsigned int seed = 0;
 int poptSaveLongLong(long long * arg, unsigned int argInfo, long long aLongLong)
 {
 -    if (arg == NULL
 -#ifdef	NOTYET
     /* XXX Check alignment, may fail on funky platforms. */
 -     || (((unsigned long long)arg) & (sizeof(*arg)-1))
 -#endif
 -    )
 +    if (arg == NULL || (((unsigned long)arg) & (ALIGNOF(*arg)-1)))
 	return POPT_ERROR_NULLARG;
     if (aLongLong != 0 && LF_ISSET(RANDOM)) {
@@ -1023,7 +1028,7 @@ int poptSaveLongLong(long long * arg, un
 int poptSaveLong(long * arg, unsigned int argInfo, long aLong)
 {
     /* XXX Check alignment, may fail on funky platforms. */
 -    if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1)))
 +    if (arg == NULL || (((unsigned long)arg) & (ALIGNOF(*arg)-1)))
 	return POPT_ERROR_NULLARG;
     if (aLong != 0 && LF_ISSET(RANDOM)) {
@@ -1056,7 +1061,7 @@ int poptSaveLong(long * arg, unsigned in
 int poptSaveInt(/*@null@*/ int * arg, unsigned int argInfo, long aLong)
 {
     /* XXX Check alignment, may fail on funky platforms. */
 -    if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1)))
 +    if (arg == NULL || (((unsigned long)arg) & (ALIGNOF(*arg)-1)))
 	return POPT_ERROR_NULLARG;
     if (aLong != 0 && LF_ISSET(RANDOM)) {
@@ -1089,7 +1094,7 @@ int poptSaveInt(/*@null@*/ int * arg, un
 int poptSaveShort(/*@null@*/ short * arg, unsigned int argInfo, long aLong)
 {
     /* XXX Check alignment, may fail on funky platforms. */
 -    if (arg == NULL || (((unsigned long)arg) & (sizeof(*arg)-1)))
 +    if (arg == NULL || (((unsigned long)arg) & (ALIGNOF(*arg)-1)))
 	return POPT_ERROR_NULLARG;
     if (aLong != 0 && LF_ISSET(RANDOM)) {
--- a/popt-libc-updates.patch
+++ b/popt-libc-updates.patch
@ -1,114 +1,43 @@
 Index: configure.ac
 ===================================================================
--- configure.ac.orig
+--- a/configure.ac
-+++ configure.ac
+++ b/configure.ac
-@@ -21,7 +21,7 @@ AC_SUBST(LT_AGE, 8)
+@@ -9,7 +9,6 @@
- ALL_LINGUAS="cs da de eo es fi fr ga gl hu id is it ja ko lv nb nl pl pt ro ru sk sl sv th tr uk vi wa zh_TW zh_CN"
+ AM_INIT_AUTOMAKE([1.10 foreign -Wall])
- 
+
 AC_PROG_CC_STDC
 -AC_PROG_CC
-+AC_USE_SYSTEM_EXTENSIONS
+ AC_USE_SYSTEM_EXTENSIONS
- 
+ AM_PROG_AR
- AC_PROG_INSTALL
+
- AC_PROG_LIBTOOL
+Index: src/system.h
@@ -40,13 +40,12 @@ else
 fi
 AC_SUBST(TARGET)
 -CFLAGS="$CFLAGS -D_GNU_SOURCE -D_REENTRANT"
 +CFLAGS="$CFLAGS -D_REENTRANT"
 AC_GCC_TRADITIONAL
 AC_SYS_LARGEFILE
 AC_ISC_POSIX
 -AM_C_PROTOTYPES
 AC_CHECK_HEADERS(float.h fnmatch.h glob.h langinfo.h libintl.h mcheck.h unistd.h)
@@ -82,7 +81,7 @@ AC_ARG_ENABLE(build-gcov,
 AC_CHECK_FUNC(setreuid, [], [
     AC_CHECK_LIB(ucb, setreuid, [if echo $LIBS | grep -- -lucb >/dev/null ;then :; else LIBS="$LIBS -lc -lucb" USEUCB=y;fi])
 ])
 -AC_CHECK_FUNCS(getuid geteuid iconv mtrace __secure_getenv setregid stpcpy strerror vasprintf srandom)
 +AC_CHECK_FUNCS(getuid geteuid iconv mtrace __secure_getenv secure_getenv setregid stpcpy strerror vasprintf srandom)
 AM_GNU_GETTEXT([external])
 AM_ICONV_LINK
 Index: system.h
 ===================================================================
--- system.h.orig
+--- a/src/system.h
-+++ system.h
+++ b/src/system.h
-@@ -1,10 +1,9 @@
+@@ -2,9 +2,7 @@
 /**
  * \file popt/system.h
  */
-+#pragma once
+
 -#ifdef HAVE_CONFIG_H
 #include "config.h"
 -#endif
- 
+
- #if defined (__GLIBC__) && defined(__LCLINT__)
+ #include <ctype.h>
- /*@-declundef@*/
+
-@@ -42,6 +41,7 @@ extern __const __int32_t *__ctype_touppe
+@@ -57,6 +55,8 @@
- #include <libc.h>
+ #define getenv(_s)	secure_getenv(_s)
 #elif defined(HAVE___SECURE_GETENV)
 #define	getenv(_s)	__secure_getenv(_s)
 +#else
 +#error neither secure_getenv nor __secure_getenv is available
 #endif
- 
+
 +#pragma GCC visibility push(hidden)
 /*@-incondefs@*/
 /*@mayexit@*/ /*@only@*/ /*@out@*/ /*@unused@*/
 void * xmalloc (size_t size)
@@ -77,6 +77,8 @@ static inline char * stpcpy (char *dest,
 }
 #endif
 +#pragma GCC visibility pop
 +
 /* Memory allocation via macro defs to get meaningful locations from mtrace() */
 #if defined(HAVE_MCHECK_H) && defined(__GNUC__)
 #define	vmefail()	(fprintf(stderr, "virtual memory exhausted.\n"), exit(EXIT_FAILURE), NULL)
@@ -91,8 +93,12 @@ static inline char * stpcpy (char *dest,
 #define	xstrdup(_str)	strdup(_str)
 #endif  /* defined(HAVE_MCHECK_H) && defined(__GNUC__) */
 -#if defined(HAVE___SECURE_GETENV) && !defined(__LCLINT__)
 -#define	getenv(_s)	__secure_getenv(_s)
 +#ifndef HAVE_SECURE_GETENV
 +#  ifdef HAVE___SECURE_GETENV
 +#    define secure_getenv __secure_getenv
 +#  else
 +#    error neither secure_getenv nor __secure_getenv is available
 +#  endif
 #endif
 #if !defined(__GNUC__) && !defined(__attribute__)
-Index: Makefile.am
+
 Index: src/popt.c
 ===================================================================
--- Makefile.am.orig
+--- a/src/popt.c
-+++ Makefile.am
+++ b/src/popt.c
@@ -14,7 +14,7 @@ EXTRA_DIST = config.rpath lookup3.c auto
 SUBDIRS = po . auto
 -AM_CPPFLAGS = -I. -I$(top_srcdir)
 +AM_CPPFLAGS = -include $(top_srcdir)/system.h -I. -I$(top_srcdir)
 noinst_HEADERS = poptint.h system.h
@@ -37,7 +37,7 @@ noinst_SCRIPTS = testit.sh
 TESTS_ENVIRONMENT = \
 test1="$(top_builddir)/test1"
 -TESTS = $(top_srcdir)/testit.sh
 +TESTS = testit.sh
 include_HEADERS = popt.h
 Index: popt.c
 ===================================================================
 --- popt.c.orig
 +++ popt.c
@@ -197,7 +197,7 @@ poptContext poptGetContext(const char *
     con->execAbsolute = 1;
     con->arg_strip = NULL;
@ -144,10 +73,10 @@ Index: popt.c
       default:
 	return POPT_("unknown error");
     }
-Index: poptconfig.c
+Index: src/poptconfig.c
 ===================================================================
--- poptconfig.c.orig
+--- a/src/poptconfig.c
-+++ poptconfig.c
+++ b/src/poptconfig.c
@@ -540,7 +540,7 @@ int poptReadDefaultConfig(poptContext co
     if (rc) goto exit;
 #endif
@ -157,43 +86,3 @@ Index: poptconfig.c
 	char * fn = malloc(strlen(home) + 20);
 	if (fn != NULL) {
 	    (void) stpcpy(stpcpy(fn, home), "/.popt");
 Index: poptint.h
 ===================================================================
 --- poptint.h.orig
 +++ poptint.h
@@ -11,6 +11,8 @@
 #include <stdint.h>
 +#pragma GCC visibility push(hidden)
 +
 /**
  * Wrapper to free(3), hides const compilation noise, permit NULL, return NULL.
  * @param p		memory to free
@@ -149,6 +151,8 @@ struct poptContext_s {
     pbm_set * arg_strip;
 };
 +#pragma GCC visibility pop
 +
 #if defined(POPT_fprintf)
 #define	POPT_dgettext	dgettext
 #else
@@ -182,6 +186,8 @@ extern char *nl_langinfo (nl_item __item
 #endif
 #endif
 +#pragma GCC visibility push(hidden)
 +
 #if defined(HAVE_DCGETTEXT) && !defined(__LCLINT__)
 char *POPT_dgettext(const char * dom, const char * str)
 	/*@*/;
@@ -200,6 +206,8 @@ const char *POPT_next_char (/*@returned@
 #endif
 +#pragma GCC visibility pop
 +
 #if defined(ENABLE_NLS) && defined(HAVE_LIBINTL_H)
 #include <libintl.h>
 #endif
--- a/popt.changes
+++ b/popt.changes
@ -1,3 +1,18 @@
 -------------------------------------------------------------------
 Fri Jun 26 15:22:02 UTC 2020 - Callum Farmer <callumjfarmer13@gmail.com>
 - Update to version 1.18:
  * fix an ugly and ancient security issue with popt failing to drop privileges on alias exec from a SUID/SGID program
  * perform rudimentary sanity checks when reading in popt config files
  * collect accumulated misc fixes (memleaks etc) from distros
  * convert translations to utf-8 encoding
  * convert old postscript documentation to pdf
  * dust off ten years worth of autotools sediment
  * reorganize and clean up the source tree for clarity
  * remove the obnoxious splint annotations from the sources
 - popt-alignment-checks.patch removed: contained in upstream
 - popt-libc-updates.patch changed: to be compatible with new version.
 -------------------------------------------------------------------
 Mon Feb 10 12:53:55 UTC 2020 - Adrian Schröter <adrian@suse.de>
--- a/popt.spec
+++ b/popt.spec
@ -17,7 +17,7 @@
 Name:           popt
-Version:        1.16
+Version:        1.18
 Release:        0
 #!BuildIgnore:  rpmlint-Factory
 Summary:        A C library for parsing command line parameters
@ -26,13 +26,12 @@ Group:          Development/Libraries/C and C++
 URL:            http://www.rpm.org/
 #CVS-Clone:	-d :pserver:anonymous@rpm5.org:/cvs co popt
-Source:         http://ftp.rpm.org/mirror/popt/popt-%{version}.tar.gz
+Source:         http://ftp.rpm.org/popt/releases/popt-1.x/popt-%{version}.tar.gz
 Source2:        baselibs.conf
 Patch:          popt-libc-updates.patch
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Patch0:         popt-libc-updates.patch
 Patch1:         popt-alignment-checks.patch
 %description
 Popt is a C library for parsing command line parameters.  Popt was
@ -70,23 +69,17 @@ for developing programs which use the popt C library. It contains the
 API documentation of the popt library, too.
 %prep
-%setup -q
+%autosetup -p1
 %patch0
 %patch1 -p1
 %build
 autoreconf -fiv
 %configure --disable-static
-make %{?_smp_mflags}
+%make_build
 %install
-make install DESTDIR="%buildroot"
+%make_install
 rm %{buildroot}%{_libdir}/libpopt.la
 %if "%{_libdir}" != "%{_prefix}/lib"
 install -d -m755 %{buildroot}/%{_libdir}/pkgconfig
 mv %{buildroot}%{_prefix}/lib/pkgconfig/%{name}.pc %{buildroot}/%{_libdir}/pkgconfig/%{name}.pc
 %endif
 %find_lang %{name}