diff --git a/fix-glibc-gets.patch b/fix-glibc-gets.patch deleted file mode 100644 index c8aa138..0000000 --- a/fix-glibc-gets.patch +++ /dev/null @@ -1,80 +0,0 @@ ->From 66712c23388e93e5c518ebc8515140fa0c807348 Mon Sep 17 00:00:00 2001 -From: Eric Blake -Date: Thu, 29 Mar 2012 13:30:41 -0600 -Subject: [PATCH] stdio: don't assume gets any more - -Gnulib intentionally does not have a gets module, and now that C11 -and glibc have dropped it, we should be more proactive about warning -any user on a platform that still has a declaration of this dangerous -interface. ---- - lib/stdio.in.h | 12 +++++++----- - m4/stdio_h.m4 | 4 ++-- - m4/warn-on-use.m4 | 4 ++-- - 3 files changed, 11 insertions(+), 9 deletions(-) - -diff --git a/lib/stdio.in.h b/lib/stdio.in.h -index 57e93ba..6ab9c8b 100644 ---- a/lib/stdio.in.h -+++ b/lib/stdio.in.h -@@ -176,10 +176,12 @@ _GL_WARN_ON_USE (fflush, "fflush is not always POSIX compliant - " - #endif - - /* It is very rare that the developer ever has full control of stdin, -- so any use of gets warrants an unconditional warning. Assume it is -- always declared, since it is required by C89. */ -+ so any use of gets warrants an unconditional warning; besides, C11 -+ removed it. */ - #undef gets -+#if HAVE_RAW_DECL_GETS - _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); -+#endif - - #if @GNULIB_FOPEN@ - # if @REPLACE_FOPEN@ -@@ -902,9 +904,9 @@ _GL_WARN_ON_USE (snprintf, "snprintf is unportable - " - # endif - #endif - --/* Some people would argue that sprintf should be handled like gets -- (for example, OpenBSD issues a link warning for both functions), -- since both can cause security holes due to buffer overruns. -+/* Some people would argue that all sprintf uses should be warned about -+ (for example, OpenBSD issues a link warning for it), -+ since it can cause security holes due to buffer overruns. - However, we believe that sprintf can be used safely, and is more - efficient than snprintf in those safe cases; and as proof of our - belief, we use sprintf in several gnulib modules. So this header -diff --git a/m4/stdio_h.m4 b/m4/stdio_h.m4 -index 7f3ae56..990c616 100644 ---- a/m4/stdio_h.m4 -+++ b/m4/stdio_h.m4 -@@ -34,9 +34,9 @@ AC_DEFUN([gl_STDIO_H], - - dnl Check for declarations of anything we want to poison if the - dnl corresponding gnulib module is not in use, and which is not -- dnl guaranteed by C89. -+ dnl guaranteed by both C89 and C11. - gl_WARN_ON_USE_PREPARE([[#include -- ]], [dprintf fpurge fseeko ftello getdelim getline popen renameat -+ ]], [dprintf fpurge fseeko ftello getdelim getline gets popen renameat - snprintf tmpfile vdprintf vsnprintf]) - ]) - -diff --git a/m4/warn-on-use.m4 b/m4/warn-on-use.m4 -index e0d0f27..4b07efb 100644 ---- a/m4/warn-on-use.m4 -+++ b/m4/warn-on-use.m4 -@@ -18,8 +18,8 @@ dnl with or without modifications, as long as this notice is preserved. - # some systems declare functions in the wrong header, then INCLUDES - # should do likewise. - # --# If you assume C89, then it is generally safe to assume declarations --# for functions declared in that standard (such as gets) without -+# It is generally safe to assume declarations for functions declared -+# in the intersection of C89 and C11 (such as printf) without - # needing gl_WARN_ON_USE_PREPARE. - AC_DEFUN([gl_WARN_ON_USE_PREPARE], - [ --- -1.7.11.2 diff --git a/sharutils-4.11.1.tar.bz2 b/sharutils-4.11.1.tar.bz2 deleted file mode 100644 index b9c23ff..0000000 Binary files a/sharutils-4.11.1.tar.bz2 and /dev/null differ diff --git a/sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch b/sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch new file mode 100644 index 0000000..10460af --- /dev/null +++ b/sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch @@ -0,0 +1,87 @@ +From 851a240296ad2ec2a5f67e84d284d3bf7882745e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Mon, 15 Dec 2014 11:20:32 +0100 +Subject: [PATCH] Pass compilation with -Werror=format-security +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + + + +Signed-off-by: Petr Písař +--- + libopts/genshell.h | 2 +- + src/shar-opts.h | 2 +- + src/unshar-opts.h | 2 +- + src/uudecode-opts.h | 2 +- + src/uuencode-opts.h | 2 +- + 5 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/libopts/genshell.h b/libopts/genshell.h +index 1c18735..0a69bc2 100644 +--- a/libopts/genshell.h ++++ b/libopts/genshell.h +@@ -168,7 +168,7 @@ extern tOptions genshelloptOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +diff --git a/src/shar-opts.h b/src/shar-opts.h +index 64f2f12..a32b69d 100644 +--- a/src/shar-opts.h ++++ b/src/shar-opts.h +@@ -374,7 +374,7 @@ extern tOptions sharOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +diff --git a/src/unshar-opts.h b/src/unshar-opts.h +index ae697af..19e8be7 100644 +--- a/src/unshar-opts.h ++++ b/src/unshar-opts.h +@@ -211,7 +211,7 @@ extern tOptions unsharOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +diff --git a/src/uudecode-opts.h b/src/uudecode-opts.h +index d457488..fd11a20 100644 +--- a/src/uudecode-opts.h ++++ b/src/uudecode-opts.h +@@ -189,7 +189,7 @@ extern tOptions uudecodeOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +diff --git a/src/uuencode-opts.h b/src/uuencode-opts.h +index 7c7ed78..41352ea 100644 +--- a/src/uuencode-opts.h ++++ b/src/uuencode-opts.h +@@ -185,7 +185,7 @@ extern tOptions uuencodeOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +-- +1.9.3 + diff --git a/sharutils-4.15.2-Do-not-include-lib-md5.c-into-src-shar.c.patch b/sharutils-4.15.2-Do-not-include-lib-md5.c-into-src-shar.c.patch new file mode 100644 index 0000000..19f77cc --- /dev/null +++ b/sharutils-4.15.2-Do-not-include-lib-md5.c-into-src-shar.c.patch @@ -0,0 +1,39 @@ +From 4c47a36fb6e2e4349995376cee063bb37d4e68e3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Thu, 23 Jan 2020 15:57:05 +0100 +Subject: [PATCH 2/2] Do not include lib/md5.c into src/shar.c +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +lib/md5.o is part of libgnu.a that is linked to shar. There is no +point in linking md5.o twice into shar executable. Moreover SuSE +reports that this triggers a linking error with GCC 10: + +/usr/lib64/gcc/x86_64-suse-linux/9/../../../../x86_64-suse-linux/bin/ld: +../lib/libgnu.a(md5.o): in function `md5_stream': +[ 30s] md5.c:(.text+0x15d): multiple definition of `md5_stream'; +shar.o:shar.c:(.text+0x28): first defined here + + + +Signed-off-by: Petr Písař +--- + src/shar.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/shar.c b/src/shar.c +index 11cbada..6d7ed1d 100644 +--- a/src/shar.c ++++ b/src/shar.c +@@ -53,7 +53,6 @@ static const char cright_years_z[] = + + #include "inttostr.h" + #include "liballoca.h" +-#include "md5.c" + #include "md5.h" + #include "quotearg.h" + #include "xalloc.h" +-- +2.21.1 + diff --git a/sharutils-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch b/sharutils-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch new file mode 100644 index 0000000..bf9d583 --- /dev/null +++ b/sharutils-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch @@ -0,0 +1,58 @@ +From 1067cdba6d08f2a765cb0ea371189a5b703eb4db Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Thu, 22 Feb 2018 16:39:43 +0100 +Subject: [PATCH] Fix a heap-buffer-overflow in find_archive() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +rw_buffer has allocated rw_base_size bytes. But subsequend fgets() in +find_archive() reads up-to BUFSIZ bytes. + +On my system, BUFSIZ is 8192. rw_base_size is usually equaled to +a memory page size, 4096 on my system. Thus find_archive() can write +beyonded allocated memmory for rw_buffer array: + +$ valgrind -- ./unshar /tmp/id\:000000\,sig\:06\,src\:000005+000030\,op\:splice\,rep\:4 +==30582== Memcheck, a memory error detector +==30582== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. +==30582== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info +==30582== Command: ./unshar /tmp/id:000000,sig:06,src:000005+000030,op:splice,rep:4 +==30582== +==30582== Invalid write of size 1 +==30582== at 0x4EAB480: _IO_getline_info (in /usr/lib64/libc-2.27.so) +==30582== by 0x4EB47C2: fgets_unlocked (in /usr/lib64/libc-2.27.so) +==30582== by 0x10BF60: fgets_unlocked (stdio2.h:320) +==30582== by 0x10BF60: find_archive (unshar.c:243) +==30582== by 0x10BF60: unshar_file (unshar.c:379) +==30582== by 0x10BCCC: validate_fname (unshar-opts.c:604) +==30582== by 0x10BCCC: main (unshar-opts.c:639) +==30582== Address 0x523a790 is 0 bytes after a block of size 4,096 alloc'd +==30582== at 0x4C2DBBB: malloc (vg_replace_malloc.c:299) +==30582== by 0x10C670: init_unshar (unshar.c:450) +==30582== by 0x10BC55: main (unshar-opts.c:630) + +This was reported in +. + +Signed-off-by: Petr Písař +--- + src/unshar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/unshar.c b/src/unshar.c +index 80bc3a9..0fc3773 100644 +--- a/src/unshar.c ++++ b/src/unshar.c +@@ -240,7 +240,7 @@ find_archive (char const * name, FILE * file, off_t start) + off_t position = ftello (file); + + /* Read next line, fail if no more and no previous process. */ +- if (!fgets (rw_buffer, BUFSIZ, file)) ++ if (!fgets (rw_buffer, rw_base_size, file)) + { + if (!start) + error (0, 0, _("Found no shell commands in %s"), name); +-- +2.13.6 + diff --git a/sharutils-4.15.2-Fix-building-with-GCC-10.patch b/sharutils-4.15.2-Fix-building-with-GCC-10.patch new file mode 100644 index 0000000..c423fe1 --- /dev/null +++ b/sharutils-4.15.2-Fix-building-with-GCC-10.patch @@ -0,0 +1,97 @@ +From ec4ceb632abc0d54061269bc779459e13172f264 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Thu, 23 Jan 2020 15:42:41 +0100 +Subject: [PATCH 1/2] Fix building with GCC 10 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC 10 defaults to -fno-common that results into errors on multiple +global variable definitions: + +/usr/lib64/gcc/x86_64-suse-linux/9/../../../../x86_64-suse-linux/bin/ld: +shar-opts.o:(.data.rel.ro.local+0x0): multiple definition of +`program_name'; shar.o:(.rodata+0x10): first defined here + +This patch fixes it by changing the definitions in header files into extern +declarations. + + + +Signed-off-by: Petr Písař +--- + src/shar-opts.h | 2 +- + src/shar-std.def | 2 +- + src/unshar-opts.h | 2 +- + src/uudecode-opts.h | 2 +- + src/uuencode-opts.h | 2 +- + 5 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/shar-opts.h b/src/shar-opts.h +index 75dcae2..5055d1c 100644 +--- a/src/shar-opts.h ++++ b/src/shar-opts.h +@@ -352,7 +352,7 @@ extern "C" { + * global exported definitions + */ + #include "local.h" +-char const * const program_name; ++extern char const * const program_name; + + extern bool initialization_done; + extern int optidx; +diff --git a/src/shar-std.def b/src/shar-std.def +index ed06b77..a28f61c 100644 +--- a/src/shar-std.def ++++ b/src/shar-std.def +@@ -41,7 +41,7 @@ no-misuse-usage; + usage-message; + die-code; + +-export = '#include "local.h"'"\nchar const * const program_name;"; ++export = '#include "local.h"'"\nextern char const * const program_name;"; + + #shell + echo "include = 'char const * const program_name = \"${progname}\";';" +diff --git a/src/unshar-opts.h b/src/unshar-opts.h +index 2c3febe..9ebe2fc 100644 +--- a/src/unshar-opts.h ++++ b/src/unshar-opts.h +@@ -192,7 +192,7 @@ extern "C" { + extern size_t separator_str_len; + + #include "local.h" +-char const * const program_name; ++extern char const * const program_name; + + + /* * * * * * +diff --git a/src/uudecode-opts.h b/src/uudecode-opts.h +index 29b3b5c..5494289 100644 +--- a/src/uudecode-opts.h ++++ b/src/uudecode-opts.h +@@ -170,7 +170,7 @@ extern "C" { + * global exported definitions + */ + #include "local.h" +-char const * const program_name; ++extern char const * const program_name; + + + /* * * * * * +diff --git a/src/uuencode-opts.h b/src/uuencode-opts.h +index e71c9b8..d6ec03e 100644 +--- a/src/uuencode-opts.h ++++ b/src/uuencode-opts.h +@@ -166,7 +166,7 @@ extern "C" { + * global exported definitions + */ + #include "local.h" +-char const * const program_name; ++extern char const * const program_name; + + + /* * * * * * +-- +2.21.1 + diff --git a/sharutils-4.15.2-fflush-adjust-to-glibc-2.28-libio.h-removal.patch b/sharutils-4.15.2-fflush-adjust-to-glibc-2.28-libio.h-removal.patch new file mode 100644 index 0000000..78e6564 --- /dev/null +++ b/sharutils-4.15.2-fflush-adjust-to-glibc-2.28-libio.h-removal.patch @@ -0,0 +1,178 @@ +From 0e2f412eeec2e1f7f5743ea23c62bdf98bf4102c Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Thu, 8 Mar 2018 16:42:45 -0800 +Subject: [PATCH] fflush: adjust to glibc 2.28 libio.h removal +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Petr Písař: Ported to sharutils-4.15.2 from: + +commit 4af4a4a71827c0bc5e0ec67af23edef4f15cee8e +Author: Paul Eggert +Date: Mon Mar 5 10:56:29 2018 -0800 + + fflush: adjust to glibc 2.28 libio.h removal + +Problem reported by Daniel P. Berrangé in: +https://lists.gnu.org/r/bug-gnulib/2018-03/msg00000.html +* lib/fbufmode.c (fbufmode): +* lib/fflush.c (clear_ungetc_buffer_preserving_position) +(disable_seek_optimization, rpl_fflush): +* lib/fpending.c (__fpending): +* lib/fpurge.c (fpurge): +* lib/freadable.c (freadable): +* lib/freadahead.c (freadahead): +* lib/freading.c (freading): +* lib/freadptr.c (freadptr): +* lib/freadseek.c (freadptrinc): +* lib/fseeko.c (fseeko): +* lib/fseterr.c (fseterr): +* lib/fwritable.c (fwritable): +* lib/fwriting.c (fwriting): +Check _IO_EOF_SEEN instead of _IO_ftrylockfile. +* lib/stdio-impl.h (_IO_IN_BACKUP) [_IO_EOF_SEEN]: +Define if not already defined. + +commit 74d9d6a293d7462dea8f83e7fc5ac792e956a0ad +Author: Paul Eggert +Date: Thu Mar 8 16:42:45 2018 -0800 + + fflush: be more paranoid about libio.h change + +Suggested by Eli Zaretskii in: +https://lists.gnu.org/r/emacs-devel/2018-03/msg00270.html +* lib/fbufmode.c (fbufmode): +* lib/fflush.c (clear_ungetc_buffer_preserving_position) +(disable_seek_optimization, rpl_fflush): +* lib/fpending.c (__fpending): +* lib/fpurge.c (fpurge): +* lib/freadable.c (freadable): +* lib/freadahead.c (freadahead): +* lib/freading.c (freading): +* lib/freadptr.c (freadptr): +* lib/freadseek.c (freadptrinc): +* lib/fseeko.c (fseeko): +* lib/fseterr.c (fseterr): +* lib/fwritable.c (fwritable): +* lib/fwriting.c (fwriting): +Look at _IO_ftrylockfile as well as at _IO_EOF_SEEN. + +This is needed for glibc-2.28 (First spotted with +glibc-2.27.9000-13.fc29 on Fedora). + +Signed-off-by: Petr Písař +--- + lib/fflush.c | 9 ++++++--- + lib/fpurge.c | 3 ++- + lib/freading.c | 3 ++- + lib/fseeko.c | 6 ++++-- + lib/stdio-impl.h | 6 ++++++ + 5 files changed, 20 insertions(+), 7 deletions(-) + +diff --git a/lib/fflush.c b/lib/fflush.c +index 5ae3e41..d887ecb 100644 +--- a/lib/fflush.c ++++ b/lib/fflush.c +@@ -33,7 +33,8 @@ + #undef fflush + + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++/* GNU libc, BeOS, Haiku, Linux libc5 */ + + /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */ + static void +@@ -72,7 +73,8 @@ clear_ungetc_buffer (FILE *fp) + + #endif + +-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */) ++#if ! (defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1) ++/* GNU libc, BeOS, Haiku, Linux libc5 */ + + # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT + /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ +@@ -148,7 +150,8 @@ rpl_fflush (FILE *stream) + if (stream == NULL || ! freading (stream)) + return fflush (stream); + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + + clear_ungetc_buffer_preserving_position (stream); + +diff --git a/lib/fpurge.c b/lib/fpurge.c +index f313b22..a760c4d 100644 +--- a/lib/fpurge.c ++++ b/lib/fpurge.c +@@ -62,7 +62,8 @@ fpurge (FILE *fp) + /* Most systems provide FILE as a struct and the necessary bitmask in + , because they need it for implementing getc() and putc() as + fast macros. */ +-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++# if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + fp->_IO_read_end = fp->_IO_read_ptr; + fp->_IO_write_ptr = fp->_IO_write_base; + /* Avoid memory leak when there is an active ungetc buffer. */ +diff --git a/lib/freading.c b/lib/freading.c +index 0512b19..2341577 100644 +--- a/lib/freading.c ++++ b/lib/freading.c +@@ -31,7 +31,8 @@ freading (FILE *fp) + /* Most systems provide FILE as a struct and the necessary bitmask in + , because they need it for implementing getc() and putc() as + fast macros. */ +-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++# if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + return ((fp->_flags & _IO_NO_WRITES) != 0 + || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0 + && fp->_IO_read_base != NULL)); +diff --git a/lib/fseeko.c b/lib/fseeko.c +index 1c65d2a..1b1cc2f 100644 +--- a/lib/fseeko.c ++++ b/lib/fseeko.c +@@ -47,7 +47,8 @@ fseeko (FILE *fp, off_t offset, int whence) + #endif + + /* These tests are based on fpurge.c. */ +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + if (fp->_IO_read_end == fp->_IO_read_ptr + && fp->_IO_write_ptr == fp->_IO_write_base + && fp->_IO_save_base == NULL) +@@ -123,7 +124,8 @@ fseeko (FILE *fp, off_t offset, int whence) + return -1; + } + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + fp->_flags &= ~_IO_EOF_SEEN; + fp->_offset = pos; + #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__ +diff --git a/lib/stdio-impl.h b/lib/stdio-impl.h +index 502d891..ea38ee2 100644 +--- a/lib/stdio-impl.h ++++ b/lib/stdio-impl.h +@@ -18,6 +18,12 @@ + the same implementation of stdio extension API, except that some fields + have different naming conventions, or their access requires some casts. */ + ++/* Glibc 2.28 made _IO_IN_BACKUP private. For now, work around this ++ problem by defining it ourselves. FIXME: Do not rely on glibc ++ internals. */ ++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN ++# define _IO_IN_BACKUP 0x100 ++#endif + + /* BSD stdio derived implementations. */ + +-- +2.14.3 + diff --git a/sharutils-4.15.2.tar.xz b/sharutils-4.15.2.tar.xz new file mode 100644 index 0000000..d7ca05e Binary files /dev/null and b/sharutils-4.15.2.tar.xz differ diff --git a/sharutils.changes b/sharutils.changes index c180118..57dbe0b 100644 --- a/sharutils.changes +++ b/sharutils.changes @@ -1,4 +1,7 @@ -* Sat Oct 10 2013 Carsten Munk - 4.11.1 +* Thu Jan 02 2025 Matti Lehtimäki - 4.15.2 +- Update to 4.15.2. JB#62204 + +* Thu Oct 10 2013 Carsten Munk - 4.11.1 - Apply patch to work with gets-less-glibc * Tue Nov 22 2011 Marko Saukko - 4.11.1 diff --git a/sharutils.spec b/sharutils.spec index 0c251e9..118830c 100644 --- a/sharutils.spec +++ b/sharutils.spec @@ -1,22 +1,38 @@ -# -# Do NOT Edit the Auto-generated Part! -# Generated by: spectacle version 0.26 -# - Name: sharutils - -# >> macros -# << macros - Summary: The GNU shar utilities for packaging and unpackaging shell archives -Version: 4.11.1 +Version: 4.15.2 Release: 1 -Group: Applications/Archiving -License: GPLv3 +# The main code: GPLv3+ +# intl/dngettext.c: LGPLv2+ +# lib (gnulib): GPLv3+ +# lib/md5.c: GPLv3+ and Public Domain +# libopts/file.c: LGPLv3+ or BSD +# libopts/genshell.h: LGPLv2+ +# libopts/m4/libopts.m4: GPLv3+ +# doc/sharutils.texi: GFDL +# src/uuencode.c: GPLv3+ and BSD +## Not in the binary package +# ar-lib: GPLv2+ +# config.rpath: FSFULLR +# INSTALL: FSFAPP +# install-sh: MIT +License: GPLv3+ and (GPLv3+ and BSD) and (LGPLv3+ or BSD) and LGPLv2+ and Public Domain and GFDL URL: http://www.gnu.org/software/sharutils/ -Source0: ftp://ftp.gnu.org/gnu/sharutils/REL-%{version}/sharutils-%{version}.tar.bz2 -Source100: sharutils.yaml -Patch0: fix-glibc-gets.patch +Source0: sharutils-%{version}.tar.xz +# Pass compilation with -Werror=format-security, bug #1037323 +Patch0: %{name}-4.14.2-Pass-compilation-with-Werror-format-security.patch +# Fix CVE-2018-1000097 (a heap buffer overflow in find_archive()), +# bug #1548019, +# +Patch1: %{name}-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch +# Adapt bundled gnulib to glibc-2.28 +Patch2: %{name}-4.15.2-fflush-adjust-to-glibc-2.28-libio.h-removal.patch +# Fix building with GCC 10, +# +Patch3: %{name}-4.15.2-Fix-building-with-GCC-10.patch +# Fix building with GCC 10, +# +Patch4: %{name}-4.15.2-Do-not-include-lib-md5.c-into-src-shar.c.patch BuildRequires: gettext %description @@ -34,43 +50,25 @@ shar files. Install sharutils if you send binary files through e-mail. - %prep -%setup -q -n %{name}-%{version} - -# fix-glibc-gets.patch -%patch0 -p1 -# >> setup -# << setup +%autosetup -p1 -n %{name}-%{version} %build -# >> build pre -# << build pre %configure --disable-static -make %{?jobs:-j%jobs} - -# >> build post -# << build post +%make_build %install -rm -rf %{buildroot} -# >> install pre -# << install pre %make_install -# >> install post rm -f ${RPM_BUILD_ROOT}%{_infodir}/dir chmod 644 AUTHORS ChangeLog COPYING NEWS README THANKS TODO -# << install post %find_lang %{name} %files -f %{name}.lang -%defattr(-,root,root,-) -# >> files -%doc AUTHORS COPYING NEWS README THANKS TODO +%license COPYING +%doc AUTHORS NEWS README THANKS TODO %{_bindir}/* %doc %{_infodir}/*info* %doc %{_mandir}/*/* -# << files diff --git a/sharutils.yaml b/sharutils.yaml deleted file mode 100644 index f0953ab..0000000 --- a/sharutils.yaml +++ /dev/null @@ -1,31 +0,0 @@ -Name: sharutils -Summary: The GNU shar utilities for packaging and unpackaging shell archives -Version: 4.11.1 -Release: 1 -Group: Applications/Archiving -License: GPLv3 -URL: http://www.gnu.org/software/sharutils/ -Sources: - - ftp://ftp.gnu.org/gnu/sharutils/REL-%{version}/sharutils-%{version}.tar.bz2 -Patches: - - fix-glibc-gets.patch -Description: | - The sharutils package contains the GNU shar utilities, a set of tools - for encoding and decoding packages of files (in binary or text format) - in a special plain text format called shell archives (shar). This - format can be sent through e-mail (which can be problematic for regular - binary files). The shar utility supports a wide range of capabilities - (compressing, uuencoding, splitting long files for multi-part - mailings, providing checksums), which make it very flexible at - creating shar files. After the files have been sent, the unshar tool - scans mail messages looking for shar files. Unshar automatically - strips off mail headers and introductory text and then unpacks the - shar files. - - Install sharutils if you send binary files through e-mail. - -PkgBR: - - gettext -Configure: configure -Builder: make -LocaleName: "%{name}"