forked from pool/expat
Accepting request 89782 from devel:libraries:c_c++
NOT FOR 12.1, Factory Only. - Hide non public symbols reusing existing win32 API export/imports - annotate malloc/realloc-like functions with attribute alloc_size to catch possible misuses in calling code. (forwarded request 89779 from elvigia) OBS-URL: https://build.opensuse.org/request/show/89782 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/expat?expand=0&rev=26
This commit is contained in:
commit
410364e234
36
expat-alloc-size.patch
Normal file
36
expat-alloc-size.patch
Normal file
@ -0,0 +1,36 @@
|
||||
--- lib/expat.h.orig
|
||||
+++ lib/expat.h
|
||||
@@ -941,9 +941,13 @@ XML_FreeContentModel(XML_Parser parser,
|
||||
|
||||
/* Exposing the memory handling functions used in Expat */
|
||||
XMLPARSEAPI(void *)
|
||||
+XML_ATTR_MALLOC
|
||||
+XML_ATTR_ALLOC_SIZE(2)
|
||||
XML_MemMalloc(XML_Parser parser, size_t size);
|
||||
|
||||
XMLPARSEAPI(void *)
|
||||
+XML_ATTR_MALLOC
|
||||
+XML_ATTR_ALLOC_SIZE(3)
|
||||
XML_MemRealloc(XML_Parser parser, void *ptr, size_t size);
|
||||
|
||||
XMLPARSEAPI(void)
|
||||
--- lib/expat_external.h.orig
|
||||
+++ lib/expat_external.h
|
||||
@@ -74,6 +74,17 @@
|
||||
#define XMLIMPORT
|
||||
#endif
|
||||
|
||||
+#if defined(__GNUC__) && (__GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 96))
|
||||
+#define XML_ATTR_MALLOC __attribute__((__malloc__))
|
||||
+#else
|
||||
+#define XML_ATTR_MALLOC
|
||||
+#endif
|
||||
+
|
||||
+#if defined(__GNUC__) && ((__GNUC__ > 4) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3))
|
||||
+#define XML_ATTR_ALLOC_SIZE(x) __attribute__((__alloc_size__(x)))
|
||||
+#else
|
||||
+#define XML_ATTR_ALLOC_SIZE(x)
|
||||
+#endif
|
||||
|
||||
#define XMLPARSEAPI(type) XMLIMPORT type XMLCALL
|
||||
|
135
expat-visibility.patch
Normal file
135
expat-visibility.patch
Normal file
@ -0,0 +1,135 @@
|
||||
--- /dev/null
|
||||
+++ conftools/visibility.m4
|
||||
@@ -0,0 +1,77 @@
|
||||
+# visibility.m4 serial 4 (gettext-0.18.2)
|
||||
+dnl Copyright (C) 2005, 2008, 2010-2011 Free Software Foundation, Inc.
|
||||
+dnl This file is free software; the Free Software Foundation
|
||||
+dnl gives unlimited permission to copy and/or distribute it,
|
||||
+dnl with or without modifications, as long as this notice is preserved.
|
||||
+
|
||||
+dnl From Bruno Haible.
|
||||
+
|
||||
+dnl Tests whether the compiler supports the command-line option
|
||||
+dnl -fvisibility=hidden and the function and variable attributes
|
||||
+dnl __attribute__((__visibility__("hidden"))) and
|
||||
+dnl __attribute__((__visibility__("default"))).
|
||||
+dnl Does *not* test for __visibility__("protected") - which has tricky
|
||||
+dnl semantics (see the 'vismain' test in glibc) and does not exist e.g. on
|
||||
+dnl MacOS X.
|
||||
+dnl Does *not* test for __visibility__("internal") - which has processor
|
||||
+dnl dependent semantics.
|
||||
+dnl Does *not* test for #pragma GCC visibility push(hidden) - which is
|
||||
+dnl "really only recommended for legacy code".
|
||||
+dnl Set the variable CFLAG_VISIBILITY.
|
||||
+dnl Defines and sets the variable HAVE_VISIBILITY.
|
||||
+
|
||||
+AC_DEFUN([gl_VISIBILITY],
|
||||
+[
|
||||
+ AC_REQUIRE([AC_PROG_CC])
|
||||
+ CFLAG_VISIBILITY=
|
||||
+ HAVE_VISIBILITY=0
|
||||
+ if test -n "$GCC"; then
|
||||
+ dnl First, check whether -Werror can be added to the command line, or
|
||||
+ dnl whether it leads to an error because of some other option that the
|
||||
+ dnl user has put into $CC $CFLAGS $CPPFLAGS.
|
||||
+ AC_MSG_CHECKING([whether the -Werror option is usable])
|
||||
+ AC_CACHE_VAL([gl_cv_cc_vis_werror], [
|
||||
+ gl_save_CFLAGS="$CFLAGS"
|
||||
+ CFLAGS="$CFLAGS -Werror"
|
||||
+ AC_COMPILE_IFELSE(
|
||||
+ [AC_LANG_PROGRAM([[]], [[]])],
|
||||
+ [gl_cv_cc_vis_werror=yes],
|
||||
+ [gl_cv_cc_vis_werror=no])
|
||||
+ CFLAGS="$gl_save_CFLAGS"])
|
||||
+ AC_MSG_RESULT([$gl_cv_cc_vis_werror])
|
||||
+ dnl Now check whether visibility declarations are supported.
|
||||
+ AC_MSG_CHECKING([for simple visibility declarations])
|
||||
+ AC_CACHE_VAL([gl_cv_cc_visibility], [
|
||||
+ gl_save_CFLAGS="$CFLAGS"
|
||||
+ CFLAGS="$CFLAGS -fvisibility=hidden"
|
||||
+ dnl We use the option -Werror and a function dummyfunc, because on some
|
||||
+ dnl platforms (Cygwin 1.7) the use of -fvisibility triggers a warning
|
||||
+ dnl "visibility attribute not supported in this configuration; ignored"
|
||||
+ dnl at the first function definition in every compilation unit, and we
|
||||
+ dnl don't want to use the option in this case.
|
||||
+ if test $gl_cv_cc_vis_werror = yes; then
|
||||
+ CFLAGS="$CFLAGS -Werror"
|
||||
+ fi
|
||||
+ AC_COMPILE_IFELSE(
|
||||
+ [AC_LANG_PROGRAM(
|
||||
+ [[extern __attribute__((__visibility__("hidden"))) int hiddenvar;
|
||||
+ extern __attribute__((__visibility__("default"))) int exportedvar;
|
||||
+ extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void);
|
||||
+ extern __attribute__((__visibility__("default"))) int exportedfunc (void);
|
||||
+ void dummyfunc (void) {}
|
||||
+ ]],
|
||||
+ [[]])],
|
||||
+ [gl_cv_cc_visibility=yes],
|
||||
+ [gl_cv_cc_visibility=no])
|
||||
+ CFLAGS="$gl_save_CFLAGS"])
|
||||
+ AC_MSG_RESULT([$gl_cv_cc_visibility])
|
||||
+ if test $gl_cv_cc_visibility = yes; then
|
||||
+ CFLAG_VISIBILITY="-fvisibility=hidden"
|
||||
+ HAVE_VISIBILITY=1
|
||||
+ fi
|
||||
+ fi
|
||||
+ AC_SUBST([CFLAG_VISIBILITY])
|
||||
+ AC_SUBST([HAVE_VISIBILITY])
|
||||
+ AC_DEFINE_UNQUOTED([HAVE_VISIBILITY], [$HAVE_VISIBILITY],
|
||||
+ [Define to 1 or 0, depending whether the compiler supports simple visibility declarations.])
|
||||
+])
|
||||
--- configure.in.orig
|
||||
+++ configure.in
|
||||
@@ -52,17 +52,20 @@ AC_CONFIG_HEADER(expat_config.h)
|
||||
|
||||
sinclude(conftools/libtool.m4)
|
||||
sinclude(conftools/ac_c_bigendian_cross.m4)
|
||||
-
|
||||
-AC_LIBTOOL_WIN32_DLL
|
||||
-AC_PROG_LIBTOOL
|
||||
+sinclude(conftools/visibility.m4)
|
||||
|
||||
AC_SUBST(LIBCURRENT)
|
||||
AC_SUBST(LIBREVISION)
|
||||
AC_SUBST(LIBAGE)
|
||||
|
||||
dnl Checks for programs.
|
||||
-AC_PROG_CC
|
||||
+AC_PROG_CC_STDC
|
||||
+AC_USE_SYSTEM_EXTENSIONS
|
||||
+AC_SYS_LARGEFILE
|
||||
AC_PROG_INSTALL
|
||||
+gl_VISIBILITY
|
||||
+AC_LIBTOOL_WIN32_DLL
|
||||
+AC_PROG_LIBTOOL
|
||||
|
||||
if test "$GCC" = yes ; then
|
||||
dnl
|
||||
--- lib/expat_external.h.orig
|
||||
+++ lib/expat_external.h
|
||||
@@ -65,6 +65,9 @@
|
||||
#endif
|
||||
#endif /* not defined XML_STATIC */
|
||||
|
||||
+#if HAVE_VISIBILITY
|
||||
+#define XMLIMPORT __attribute__ ((visibility ("default")))
|
||||
+#endif
|
||||
|
||||
/* If we didn't define it above, define it away: */
|
||||
#ifndef XMLIMPORT
|
||||
--- Makefile.in.orig
|
||||
+++ Makefile.in
|
||||
@@ -110,11 +110,11 @@ CPPFLAGS = @CPPFLAGS@ -DHAVE_EXPAT_CONFI
|
||||
CFLAGS = @CFLAGS@
|
||||
CXXFLAGS = @CXXFLAGS@
|
||||
VSNFLAG = -version-info @LIBCURRENT@:@LIBREVISION@:@LIBAGE@
|
||||
-
|
||||
+CFLAG_VISIBILITY = @CFLAG_VISIBILITY@
|
||||
### autoconf this?
|
||||
LTFLAGS = --silent
|
||||
|
||||
-COMPILE = $(CC) $(INCLUDES) $(CFLAGS) $(DEFS) $(CPPFLAGS)
|
||||
+COMPILE = $(CC) $(CFLAG_VISIBILITY) $(INCLUDES) $(CFLAGS) $(DEFS) $(CPPFLAGS)
|
||||
CXXCOMPILE = $(CXX) $(INCLUDES) $(CXXFLAGS) $(DEFS) $(CPPFLAGS)
|
||||
LTCOMPILE = $(LIBTOOL) $(LTFLAGS) --mode=compile $(COMPILE)
|
||||
LINK_LIB = $(LIBTOOL) $(LTFLAGS) --mode=link $(COMPILE) -no-undefined $(VSNFLAG) -rpath $(libdir) $(LDFLAGS) -o $@
|
@ -1,3 +1,10 @@
|
||||
-------------------------------------------------------------------
|
||||
Sun Oct 30 22:03:29 UTC 2011 - crrodriguez@opensuse.org
|
||||
|
||||
- Hide non public symbols reusing existing win32 API export/imports
|
||||
- annotate malloc/realloc-like functions with attribute alloc_size
|
||||
to catch possible misuses in calling code.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Sep 18 17:17:12 UTC 2011 - jengelh@medozas.de
|
||||
|
||||
|
@ -34,6 +34,8 @@ Source1: %{name}faq.html
|
||||
Source2: baselibs.conf
|
||||
Patch0: %{name}-CVE-2009-2625.patch
|
||||
Patch1: %{name}-CVE-2009-3560.patch
|
||||
Patch2: expat-visibility.patch
|
||||
Patch3: expat-alloc-size.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
BuildRequires: gcc-c++
|
||||
|
||||
@ -126,10 +128,13 @@ declaration).
|
||||
%setup -q
|
||||
%patch0
|
||||
%patch1
|
||||
%patch2
|
||||
%patch3
|
||||
cp %{S:1} .
|
||||
rm -f examples/*.dsp
|
||||
|
||||
%build
|
||||
autoreconf
|
||||
%configure --disable-static --with-pic --libdir=/%{_lib}
|
||||
make %{?_smp_mflags}
|
||||
|
||||
@ -142,6 +147,7 @@ mkdir -p $RPM_BUILD_ROOT%{_libdir}
|
||||
%{__rm} -v %{buildroot}/%{_lib}/lib%{name}.so
|
||||
# remove .la file
|
||||
rm -f $RPM_BUILD_ROOT/%{_lib}/libexpat.la
|
||||
nm -C -D %{buildroot}/%{_lib}/libexpat.so.1 | wc -l
|
||||
|
||||
%check
|
||||
make check
|
||||
|
Loading…
Reference in New Issue
Block a user