From c76409f6dfe0c5b22a826973cbbf870de12d42f11b5c8c06b887a2f0cf67f604 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Wed, 5 May 2010 20:22:09 +0000 Subject: [PATCH] Accepting request 39394 from Base:System Copy from Base:System/coreutils based on submit request 39394 from user psmt OBS-URL: https://build.opensuse.org/request/show/39394 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/coreutils?expand=0&rev=39 --- coreutils-5.3.0-sbin4su.diff | 10 +++-- coreutils-fix_distcheck.patch | 80 +++++++++++++++++++++++++++++++++++ coreutils-sysinfo.diff | 10 +++-- coreutils.changes | 6 +++ coreutils.spec | 8 ++-- i18n-infloop.diff | 8 ++-- i18n-limfield.diff | 16 ++++--- i18n-monthsort.diff | 8 ++-- i18n-random.diff | 8 ++-- i18n-uninit.diff | 16 ++++--- invalid-ids.diff | 20 +++++---- 11 files changed, 148 insertions(+), 42 deletions(-) create mode 100644 coreutils-fix_distcheck.patch diff --git a/coreutils-5.3.0-sbin4su.diff b/coreutils-5.3.0-sbin4su.diff index c501f62..bf2cc6c 100644 --- a/coreutils-5.3.0-sbin4su.diff +++ b/coreutils-5.3.0-sbin4su.diff @@ -1,6 +1,8 @@ ---- src/su.c -+++ src/su.c -@@ -344,6 +344,117 @@ +Index: src/su.c +=================================================================== +--- src/su.c.orig 2010-05-04 17:29:12.779359204 +0200 ++++ src/su.c 2010-05-04 17:29:12.939359620 +0200 +@@ -467,6 +467,117 @@ correct_password (const struct passwd *p #endif /* !USE_PAM */ } @@ -118,7 +120,7 @@ /* Update `environ' for the new shell based on PW, with SHELL being the value for the SHELL environment variable. */ -@@ -383,6 +494,22 @@ +@@ -506,6 +617,22 @@ modify_environment (const struct passwd DEFAULT_LOGIN_PATH) : getdef_str ("SUPATH", DEFAULT_ROOT_LOGIN_PATH))); diff --git a/coreutils-fix_distcheck.patch b/coreutils-fix_distcheck.patch new file mode 100644 index 0000000..9fc3c8e --- /dev/null +++ b/coreutils-fix_distcheck.patch @@ -0,0 +1,80 @@ +Index: maint.mk +=================================================================== +--- maint.mk.orig 2009-02-18 16:13:19.000000000 +0100 ++++ maint.mk 2010-05-04 17:45:14.515359143 +0200 +@@ -623,14 +623,14 @@ bin=bin-$$$$ + + write_loser = printf '\#!%s\necho $$0: bad path 1>&2; exit 1\n' '$(SHELL)' + +-TMPDIR ?= /tmp +-t=$(TMPDIR)/$(PACKAGE)/test ++tmpdir = $(abs_top_builddir)/tests/torture ++ + pfx=$(t)/i + + # More than once, tainted build and source directory names would + # have caused at least one "make check" test to apply "chmod 700" + # to all directories under $HOME. Make sure it doesn't happen again. +-tp := $(shell echo "$(TMPDIR)/$(PACKAGE)-$$$$") ++tp = $(tmpdir)/taint + t_prefix = $(tp)/a + t_taint = '$(t_prefix) b' + fake_home = $(tp)/home +@@ -648,10 +648,11 @@ taint-distcheck: $(DIST_ARCHIVES) + touch $(fake_home)/f + mkdir -p $(fake_home)/d/e + ls -lR $(fake_home) $(t_prefix) > $(tp)/.ls-before ++ HOME=$(fake_home); export HOME; \ + cd $(t_taint)/$(distdir) \ + && ./configure \ + && $(MAKE) \ +- && HOME=$(fake_home) $(MAKE) check \ ++ && $(MAKE) check \ + && ls -lR $(fake_home) $(t_prefix) > $(tp)/.ls-after \ + && diff $(tp)/.ls-before $(tp)/.ls-after \ + && test -d $(t_prefix) +@@ -670,6 +671,7 @@ endef + # Install, then verify that all binaries and man pages are in place. + # Note that neither the binary, ginstall, nor the ].1 man page is installed. + define my-instcheck ++ echo running my-instcheck; \ + $(MAKE) prefix=$(pfx) install \ + && test ! -f $(pfx)/bin/ginstall \ + && { fail=0; \ +@@ -688,6 +690,7 @@ endef + + define coreutils-path-check + { \ ++ echo running coreutils-path-check; \ + if test -f $(srcdir)/src/true.c; then \ + fail=1; \ + mkdir $(bin) \ +@@ -732,19 +735,20 @@ my-distcheck: $(DIST_ARCHIVES) $(local-c + -rm -rf $(t) + mkdir -p $(t) + GZIP=$(GZIP_ENV) $(AMTAR) -C $(t) -zxf $(distdir).tar.gz +- cd $(t)/$(distdir) \ +- && ./configure --disable-nls \ +- && $(MAKE) CFLAGS='$(warn_cflags)' \ +- AM_MAKEFLAGS='$(null_AM_MAKEFLAGS)' \ +- && $(MAKE) dvi \ +- && $(install-transform-check) \ +- && $(my-instcheck) \ +- && $(coreutils-path-check) \ ++ cd $(t)/$(distdir) \ ++ && ./configure --quiet --enable-gcc-warnings --disable-nls \ ++ && $(MAKE) CFLAGS='$(warn_cflags)' \ ++ AM_MAKEFLAGS='$(null_AM_MAKEFLAGS)' \ ++ && $(MAKE) dvi \ ++ && $(install-transform-check) \ ++ && $(my-instcheck) \ ++ && $(coreutils-path-check) \ + && $(MAKE) distclean + (cd $(t) && mv $(distdir) $(distdir).old \ + && $(AMTAR) -zxf - ) < $(distdir).tar.gz + diff -ur $(t)/$(distdir).old $(t)/$(distdir) + -rm -rf $(t) ++ rmdir $(tmpdir)/$(PACKAGE) $(tmpdir) + @echo "========================"; \ + echo "$(distdir).tar.gz is ready for distribution"; \ + echo "========================" diff --git a/coreutils-sysinfo.diff b/coreutils-sysinfo.diff index d922ee6..3096103 100644 --- a/coreutils-sysinfo.diff +++ b/coreutils-sysinfo.diff @@ -1,6 +1,8 @@ ---- coreutils-5.90/src/uname.c -+++ coreutils-5.90/src/uname.c -@@ -287,6 +287,36 @@ +Index: src/uname.c +=================================================================== +--- src/uname.c.orig 2010-05-04 17:27:48.679359310 +0200 ++++ src/uname.c 2010-05-04 17:29:03.011859260 +0200 +@@ -339,6 +339,36 @@ main (int argc, char **argv) # endif } #endif @@ -37,7 +39,7 @@ if (! (toprint == UINT_MAX && element == unknown)) print_element (element); } -@@ -312,6 +342,18 @@ +@@ -364,6 +394,18 @@ main (int argc, char **argv) element = hardware_platform; } #endif diff --git a/coreutils.changes b/coreutils.changes index f9edc1f..80742bf 100644 --- a/coreutils.changes +++ b/coreutils.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Tue May 4 17:13:37 UTC 2010 - pth@novell.com + +- Fix security bug in distcheck (bnc#564373). +- refresh patches to apply cleanly. + ------------------------------------------------------------------- Tue Mar 2 09:54:10 UTC 2010 - lnussel@suse.de diff --git a/coreutils.spec b/coreutils.spec index 05ba972..1cd5a90 100644 --- a/coreutils.spec +++ b/coreutils.spec @@ -24,7 +24,7 @@ Url: http://www.gnu.org/software/coreutils/ License: GFDLv1.2 ; GPLv2+ ; GPLv3+ Group: System/Base Version: 7.1 -Release: 4 +Release: 5 Provides: fileutils sh-utils stat textutils mktemp Obsoletes: fileutils sh-utils stat textutils mktemp Obsoletes: libselinux <= 1.23.11-3 libselinux-32bit = 9 libselinux-64bit = 9 libselinux-x86 = 9 @@ -50,6 +50,7 @@ Patch22: coreutils-5.3.0-sbin4su.diff Patch23: coreutils-getaddrinfo.diff Patch25: coreutils-cifs-afs.diff Patch26: coreutils-add_ogv.patch +Patch27: coreutils-fix_distcheck.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -110,10 +111,10 @@ Authors: %patch5 %patch6 %patch -%patch8 -p1 +%patch8 %patch11 %patch12 -%patch16 -p1 +%patch16 %patch17 %patch20 %patch21 @@ -121,6 +122,7 @@ Authors: %patch23 -p1 %patch25 %patch26 +%patch27 %build #AUTOPOINT=true autoreconf -fi diff --git a/i18n-infloop.diff b/i18n-infloop.diff index f51a60e..dbfcc29 100644 --- a/i18n-infloop.diff +++ b/i18n-infloop.diff @@ -1,6 +1,8 @@ ---- src/sort.c -+++ src/sort.c -@@ -1838,7 +1838,8 @@ +Index: src/sort.c +=================================================================== +--- src/sort.c.orig 2010-05-04 17:27:49.103359264 +0200 ++++ src/sort.c 2010-05-04 17:28:43.820359291 +0200 +@@ -2540,7 +2540,8 @@ keycompare_mb (const struct line *a, con if (MBLENGTH == (size_t)-2 || MBLENGTH == (size_t)-1) \ STATE = state_bak; \ if (!ignore) \ diff --git a/i18n-limfield.diff b/i18n-limfield.diff index c0f859e..b27c3c9 100644 --- a/i18n-limfield.diff +++ b/i18n-limfield.diff @@ -1,6 +1,8 @@ ---- src/sort.c -+++ src/sort.c -@@ -1627,7 +1627,7 @@ limfield_mb (const struct line *line, co +Index: src/sort.c +=================================================================== +--- src/sort.c.orig 2010-05-04 17:29:12.419359202 +0200 ++++ src/sort.c 2010-05-04 17:29:12.479359419 +0200 +@@ -1731,7 +1731,7 @@ limfield_mb (const struct line *line, co GET_BYTELEN_OF_CHAR (lim, ptr, mblength, state); ptr += mblength; } @@ -9,7 +11,7 @@ { GET_BYTELEN_OF_CHAR (lim, ptr, mblength, state); ptr += mblength; -@@ -1638,11 +1638,6 @@ limfield_mb (const struct line *line, co +@@ -1742,11 +1742,6 @@ limfield_mb (const struct line *line, co { while (ptr < lim && ismbblank (ptr, &mblength)) ptr += mblength; @@ -21,7 +23,7 @@ while (ptr < lim && !ismbblank (ptr, &mblength)) ptr += mblength; } -@@ -1652,20 +1647,19 @@ limfield_mb (const struct line *line, co +@@ -1756,20 +1751,19 @@ limfield_mb (const struct line *line, co /* Make LIM point to the end of (one byte past) the current field. */ if (tab != NULL) { @@ -54,7 +56,7 @@ } else { -@@ -1674,24 +1668,20 @@ limfield_mb (const struct line *line, co +@@ -1778,24 +1772,20 @@ limfield_mb (const struct line *line, co while (newlim < lim && ismbblank (newlim, &mblength)) newlim += mblength; @@ -84,7 +86,7 @@ /* Advance PTR by ECHAR (if possible), but no further than LIM. */ for (i = 0; i < echar; i++) -@@ -1699,9 +1689,9 @@ limfield_mb (const struct line *line, co +@@ -1803,9 +1793,9 @@ limfield_mb (const struct line *line, co GET_BYTELEN_OF_CHAR (lim, ptr, mblength, state); if (ptr + mblength > lim) diff --git a/i18n-monthsort.diff b/i18n-monthsort.diff index da18621..58bf214 100644 --- a/i18n-monthsort.diff +++ b/i18n-monthsort.diff @@ -1,6 +1,8 @@ ---- src/sort.c -+++ src/sort.c -@@ -748,7 +748,7 @@ +Index: src/sort.c +=================================================================== +--- src/sort.c.orig 2010-05-04 17:28:43.820359291 +0200 ++++ src/sort.c 2010-05-04 17:30:44.507859357 +0200 +@@ -1285,7 +1285,7 @@ inittables_mb (void) else { j += mblength; diff --git a/i18n-random.diff b/i18n-random.diff index 255edc2..566e2de 100644 --- a/i18n-random.diff +++ b/i18n-random.diff @@ -1,6 +1,8 @@ ---- src/sort.c -+++ src/sort.c -@@ -2341,7 +2341,10 @@ keycompare_mb (const struct line *a, con +Index: src/sort.c +=================================================================== +--- src/sort.c.orig 2010-05-04 17:29:12.395359111 +0200 ++++ src/sort.c 2010-05-04 17:29:59.979859336 +0200 +@@ -2494,7 +2494,10 @@ keycompare_mb (const struct line *a, con size_t lenb = limb <= textb ? 0 : limb - textb; /* Actually compare the fields. */ diff --git a/i18n-uninit.diff b/i18n-uninit.diff index a093822..8952a0d 100644 --- a/i18n-uninit.diff +++ b/i18n-uninit.diff @@ -1,6 +1,8 @@ ---- src/cut.c -+++ src/cut.c -@@ -869,7 +869,10 @@ +Index: src/cut.c +=================================================================== +--- src/cut.c.orig 2010-05-04 17:27:29.879859350 +0200 ++++ src/cut.c 2010-05-04 17:27:30.131859395 +0200 +@@ -878,7 +878,10 @@ cut_fields_mb (FILE *stream) c = getc (stream); empty_input = (c == EOF); if (c != EOF) @@ -12,9 +14,11 @@ else wc = WEOF; ---- src/expand.c -+++ src/expand.c -@@ -414,7 +414,7 @@ +Index: src/expand.c +=================================================================== +--- src/expand.c.orig 2010-05-04 17:27:29.915859239 +0200 ++++ src/expand.c 2010-05-04 17:27:30.155859324 +0200 +@@ -404,7 +404,7 @@ expand_multibyte (void) for (;;) { /* Input character, or EOF. */ diff --git a/invalid-ids.diff b/invalid-ids.diff index eb52d64..35f435c 100644 --- a/invalid-ids.diff +++ b/invalid-ids.diff @@ -11,11 +11,11 @@ Test cases: Andreas Gruenbacher -Index: coreutils-5.2.1/lib/userspec.c -================================================================================ ---- coreutils-6.9-316-e6f4b/lib/userspec.c -+++ coreutils-6.9-316-e6f4b/lib/userspec.c -@@ -169,7 +169,7 @@ parse_with_separator (char const *spec, +Index: lib/userspec.c +=================================================================== +--- lib/userspec.c.orig 2010-05-04 17:27:48.479359439 +0200 ++++ lib/userspec.c 2010-05-04 17:29:12.439359267 +0200 +@@ -169,7 +169,7 @@ parse_with_separator (char const *spec, { unsigned long int tmp; if (xstrtoul (u, NULL, 10, &tmp, "") == LONGINT_OK @@ -24,7 +24,7 @@ Index: coreutils-5.2.1/lib/userspec.c unum = tmp; else error_msg = E_invalid_user; -@@ -200,7 +200,8 @@ parse_with_separator (char const *spec, +@@ -200,7 +200,8 @@ parse_with_separator (char const *spec, if (grp == NULL) { unsigned long int tmp; @@ -34,9 +34,11 @@ Index: coreutils-5.2.1/lib/userspec.c gnum = tmp; else error_msg = E_invalid_group; ---- coreutils-6.9-316-e6f4b/src/chgrp.c -+++ coreutils-6.9-316-e6f4b/src/chgrp.c -@@ -90,7 +90,7 @@ parse_group (const char *name) +Index: src/chgrp.c +=================================================================== +--- src/chgrp.c.orig 2010-05-04 17:27:48.479359439 +0200 ++++ src/chgrp.c 2010-05-04 17:29:12.443359269 +0200 +@@ -89,7 +89,7 @@ parse_group (const char *name) { unsigned long int tmp; if (! (xstrtoul (name, NULL, 10, &tmp, "") == LONGINT_OK