From 632fef5edaa0a75c3500e1562f4388aadba6d3f4ccc4e4e8b3c45c965aea93e8 Mon Sep 17 00:00:00 2001
From: Stephan Kulow <coolo@suse.com>
Date: Thu, 12 Mar 2015 08:38:18 +0000
Subject: [PATCH] Accepting request 290262 from
 home:mlin7442:branches:Base:System

added an upstream patch to fix a leftover bug

OBS-URL: https://build.opensuse.org/request/show/290262
OBS-URL: https://build.opensuse.org/package/show/Base:System/gettext-runtime?expand=0&rev=106
---
 ...ck-allocated-size-for-static-segment.patch | 74 +++++++++++++++++++
 gettext-csharp.changes                        |  8 ++
 gettext-csharp.spec                           |  3 +
 gettext-java.changes                          |  8 ++
 gettext-java.spec                             |  3 +
 gettext-runtime-mini.changes                  |  8 ++
 gettext-runtime-mini.spec                     |  3 +
 gettext-runtime.changes                       |  8 ++
 gettext-runtime.spec                          |  3 +
 9 files changed, 118 insertions(+)
 create mode 100644 gettext-check-allocated-size-for-static-segment.patch

diff --git a/gettext-check-allocated-size-for-static-segment.patch b/gettext-check-allocated-size-for-static-segment.patch
new file mode 100644
index 0000000..6d071de
--- /dev/null
+++ b/gettext-check-allocated-size-for-static-segment.patch
@@ -0,0 +1,74 @@
+From 5d3eeaa0d3b7f4f6932bd29d859925a940b69459 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Wed, 11 Mar 2015 16:18:26 +0900
+Subject: [PATCH] msgunfmt: Check allocated size for static segment
+
+Reported by Max Lin in:
+http://lists.gnu.org/archive/html/bug-gettext/2015-03/msg00005.html
+* read-mo.c (get_sysdep_string): Check if the embedded segment
+size is valid, before adding it to the string length.
+---
+ gettext-tools/src/ChangeLog |  8 ++++++++
+ gettext-tools/src/read-mo.c | 11 +++++++----
+ 2 files changed, 15 insertions(+), 4 deletions(-)
+
+--- a/gettext-tools/src/read-mo.c
++++ b/gettext-tools/src/read-mo.c
+@@ -149,6 +149,7 @@ get_sysdep_string (const struct binary_m
+   nls_uint32 s_offset;
+ 
+   /* Compute the length.  */
++  s_offset = get_uint32 (bfp, offset);
+   length = 0;
+   for (i = 4; ; i += 8)
+     {
+@@ -158,9 +159,14 @@ get_sysdep_string (const struct binary_m
+       nls_uint32 ss_length;
+       nls_uint32 ss_offset;
+       size_t ss_end;
++      size_t s_end;
+       size_t n;
+ 
++      s_end = xsum (s_offset, segsize);
++      if (size_overflow_p (s_end) || s_end > bfp->size)
++        error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
+       length += segsize;
++      s_offset += segsize;
+ 
+       if (sysdepref == SEGMENTS_END)
+         break;
+@@ -175,7 +181,7 @@ get_sysdep_string (const struct binary_m
+       ss_end = xsum (ss_offset, ss_length);
+       if (size_overflow_p (ss_end) || ss_end > bfp->size)
+         error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
+-      if (!(ss_length > 0 && bfp->data[ss_offset + ss_length - 1] == '\0'))
++      if (!(ss_length > 0 && bfp->data[ss_end - 1] == '\0'))
+         {
+           char location[30];
+           sprintf (location, "sysdep_segment[%u]", (unsigned int) sysdepref);
+@@ -198,11 +204,8 @@ get_sysdep_string (const struct binary_m
+       nls_uint32 sysdep_segment_offset;
+       nls_uint32 ss_length;
+       nls_uint32 ss_offset;
+-      size_t s_end = xsum (s_offset, segsize);
+       size_t n;
+ 
+-      if (size_overflow_p (s_end) || s_end > bfp->size)
+-        error (EXIT_FAILURE, 0, _("file \"%s\" is truncated"), bfp->filename);
+       memcpy (p, bfp->data + s_offset, segsize);
+       p += segsize;
+       s_offset += segsize;
+--- a/gettext-tools/src/ChangeLog
++++ b/gettext-tools/src/ChangeLog
+@@ -1,3 +1,11 @@
++2015-03-11  Daiki Ueno  <ueno@gnu.org>
++
++    msgunfmt: Check allocated size for static segment
++    Reported by Max Lin in:
++    http://lists.gnu.org/archive/html/bug-gettext/2015-03/msg00005.html
++    * read-mo.c (get_sysdep_string): Check if the embedded segment
++    size is valid, before adding it to the string length.
++
+ 2014-12-24  Daiki Ueno  <ueno@gnu.org>
+ 
+ 	* gettext 0.19.4 released.
diff --git a/gettext-csharp.changes b/gettext-csharp.changes
index 4997e1e..3c575b8 100644
--- a/gettext-csharp.changes
+++ b/gettext-csharp.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Mar 10 07:11:29 UTC 2015 - mlin@suse.com
+
+- Add gettext-check-allocated-size-for-static-segment.patch from upstream
+  * Check if the embedded segment size is valid, before adding it to
+    the string length. Please see
+    http://lists.gnu.org/archive/html/bug-gettext/2015-03/msg00005.html 
+
 -------------------------------------------------------------------
 Tue Jan 27 20:24:49 UTC 2015 - andreas.stieger@gmx.de
 
diff --git a/gettext-csharp.spec b/gettext-csharp.spec
index 4975bf6..f752809 100644
--- a/gettext-csharp.spec
+++ b/gettext-csharp.spec
@@ -47,6 +47,8 @@ Patch2:         gettext-0.12.1-gettextize.patch
 Patch4:         gettext-po-mode.diff
 Patch5:         gettext-initialize_vars.patch
 Patch9:         gettext-needlessly_init_vars.patch
+# PATCH-FIX-UPSTREAM gettext-check-allocated-size-for-static-segment.patch -- mlin@suse.com
+Patch10:        gettext-check-allocated-size-for-static-segment.patch
 
 %description
 Mono with its 'resgen' program uses a design that Microsoft created and
@@ -77,6 +79,7 @@ reliably than 'resgen'.
 %patch4
 %patch5
 %patch9
+%patch10 -p1
 
 %build
 export CFLAGS="%{optflags} -pipe -W -Wall -Dgcc_is_lint"
diff --git a/gettext-java.changes b/gettext-java.changes
index 8200334..c95abd4 100644
--- a/gettext-java.changes
+++ b/gettext-java.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Mar 10 07:10:56 UTC 2015 - mlin@suse.com
+
+- Add gettext-check-allocated-size-for-static-segment.patch from upstream
+  * Check if the embedded segment size is valid, before adding it to
+    the string length. Please see
+    http://lists.gnu.org/archive/html/bug-gettext/2015-03/msg00005.html 
+
 -------------------------------------------------------------------
 Tue Jan 27 20:24:49 UTC 2015 - andreas.stieger@gmx.de
 
diff --git a/gettext-java.spec b/gettext-java.spec
index 1d54f80..3b7454a 100644
--- a/gettext-java.spec
+++ b/gettext-java.spec
@@ -46,6 +46,8 @@ Patch2:         gettext-0.12.1-gettextize.patch
 Patch4:         gettext-po-mode.diff
 Patch5:         gettext-initialize_vars.patch
 Patch9:         gettext-needlessly_init_vars.patch
+# PATCH-FIX-UPSTREAM gettext-check-allocated-size-for-static-segment.patch -- mlin@suse.com
+Patch10:        gettext-check-allocated-size-for-static-segment.patch
 
 %description
 This package includes the tools needed to support message catalogs in
@@ -59,6 +61,7 @@ java+swing.
 %patch4
 %patch5
 %patch9
+%patch10 -p1
 
 %build
 # expect a couple "You should update your `aclocal.m4' by running aclocal."
diff --git a/gettext-runtime-mini.changes b/gettext-runtime-mini.changes
index 2c03c69..f6d38fd 100644
--- a/gettext-runtime-mini.changes
+++ b/gettext-runtime-mini.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Mar 10 07:10:28 UTC 2015 - mlin@suse.com
+
+- Add gettext-check-allocated-size-for-static-segment.patch from upstream
+  * Check if the embedded segment size is valid, before adding it to
+    the string length. Please see
+    http://lists.gnu.org/archive/html/bug-gettext/2015-03/msg00005.html 
+
 -------------------------------------------------------------------
 Tue Jan 27 20:24:49 UTC 2015 - andreas.stieger@gmx.de
 
diff --git a/gettext-runtime-mini.spec b/gettext-runtime-mini.spec
index d0d911e..423634d 100644
--- a/gettext-runtime-mini.spec
+++ b/gettext-runtime-mini.spec
@@ -68,6 +68,8 @@ Patch5:         gettext-initialize_vars.patch
 # PATCH-FIX-OPENSUSE gettext-dont-test-gnulib.patch -- coolo@suse.de 
 Patch6:         gettext-dont-test-gnulib.patch
 Patch9:         gettext-needlessly_init_vars.patch
+# PATCH-FIX-UPSTREAM gettext-check-allocated-size-for-static-segment.patch -- mlin@suse.com
+Patch10:        gettext-check-allocated-size-for-static-segment.patch
 
 %description
 This package contains the intl library as well as tools that ease the
@@ -125,6 +127,7 @@ as well as project examples.
 %patch5
 %patch6 -p1
 %patch9
+%patch10 -p1
 
 %build
 # expect a couple "You should update your `aclocal.m4' by running aclocal."
diff --git a/gettext-runtime.changes b/gettext-runtime.changes
index 2c03c69..0af9c6b 100644
--- a/gettext-runtime.changes
+++ b/gettext-runtime.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Mar 10 07:06:26 UTC 2015 - mlin@suse.com
+
+- Add gettext-check-allocated-size-for-static-segment.patch from upstream
+  * Check if the embedded segment size is valid, before adding it to
+    the string length. Please see
+    http://lists.gnu.org/archive/html/bug-gettext/2015-03/msg00005.html
+
 -------------------------------------------------------------------
 Tue Jan 27 20:24:49 UTC 2015 - andreas.stieger@gmx.de
 
diff --git a/gettext-runtime.spec b/gettext-runtime.spec
index f9d28ff..7f554ff 100644
--- a/gettext-runtime.spec
+++ b/gettext-runtime.spec
@@ -68,6 +68,8 @@ Patch5:         gettext-initialize_vars.patch
 # PATCH-FIX-OPENSUSE gettext-dont-test-gnulib.patch -- coolo@suse.de 
 Patch6:         gettext-dont-test-gnulib.patch
 Patch9:         gettext-needlessly_init_vars.patch
+# PATCH-FIX-UPSTREAM gettext-check-allocated-size-for-static-segment.patch -- mlin@suse.com
+Patch10:        gettext-check-allocated-size-for-static-segment.patch
 
 %description
 This package contains the intl library as well as tools that ease the
@@ -125,6 +127,7 @@ as well as project examples.
 %patch5
 %patch6 -p1
 %patch9
+%patch10 -p1
 
 %build
 # expect a couple "You should update your `aclocal.m4' by running aclocal."