[sharutils] Update to 4.15.2. JB#62204

sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch

@@ -0,0 +1,87 @@
+From 851a240296ad2ec2a5f67e84d284d3bf7882745e Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <[email protected]>
+Date: Mon, 15 Dec 2014 11:20:32 +0100
+Subject: [PATCH] Pass compilation with -Werror=format-security
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+<https://bugzilla.redhat.com/show_bug.cgi?id=1037323>
+
+Signed-off-by: Petr Písař <[email protected]>
+---
+ libopts/genshell.h  | 2 +-
+ src/shar-opts.h     | 2 +-
+ src/unshar-opts.h   | 2 +-
+ src/uudecode-opts.h | 2 +-
+ src/uuencode-opts.h | 2 +-
+ 5 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/libopts/genshell.h b/libopts/genshell.h
+index 1c18735..0a69bc2 100644
+--- a/libopts/genshell.h
++++ b/libopts/genshell.h
+@@ -168,7 +168,7 @@ extern tOptions genshelloptOptions;
+ #   endif
+
+ # ifndef ATTRIBUTE_FORMAT_ARG
+-#   define ATTRIBUTE_FORMAT_ARG(_a)
++#   define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a)))
+ # endif
+
+ static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1);
+diff --git a/src/shar-opts.h b/src/shar-opts.h
+index 64f2f12..a32b69d 100644
+--- a/src/shar-opts.h
++++ b/src/shar-opts.h
+@@ -374,7 +374,7 @@ extern tOptions sharOptions;
+ #   endif
+
+ # ifndef ATTRIBUTE_FORMAT_ARG
+-#   define ATTRIBUTE_FORMAT_ARG(_a)
++#   define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a)))
+ # endif
+
+ static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1);
+diff --git a/src/unshar-opts.h b/src/unshar-opts.h
+index ae697af..19e8be7 100644
+--- a/src/unshar-opts.h
++++ b/src/unshar-opts.h
+@@ -211,7 +211,7 @@ extern tOptions unsharOptions;
+ #   endif
+
+ # ifndef ATTRIBUTE_FORMAT_ARG
+-#   define ATTRIBUTE_FORMAT_ARG(_a)
++#   define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a)))
+ # endif
+
+ static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1);
+diff --git a/src/uudecode-opts.h b/src/uudecode-opts.h
+index d457488..fd11a20 100644
+--- a/src/uudecode-opts.h
++++ b/src/uudecode-opts.h
+@@ -189,7 +189,7 @@ extern tOptions uudecodeOptions;
+ #   endif
+
+ # ifndef ATTRIBUTE_FORMAT_ARG
+-#   define ATTRIBUTE_FORMAT_ARG(_a)
++#   define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a)))
+ # endif
+
+ static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1);
+diff --git a/src/uuencode-opts.h b/src/uuencode-opts.h
+index 7c7ed78..41352ea 100644
+--- a/src/uuencode-opts.h
++++ b/src/uuencode-opts.h
+@@ -185,7 +185,7 @@ extern tOptions uuencodeOptions;
+ #   endif
+
+ # ifndef ATTRIBUTE_FORMAT_ARG
+-#   define ATTRIBUTE_FORMAT_ARG(_a)
++#   define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a)))
+ # endif
+
+ static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1);
+-- 
+1.9.3
+

sharutils-4.15.2-Do-not-include-lib-md5.c-into-src-shar.c.patch

@@ -0,0 +1,39 @@
+From 4c47a36fb6e2e4349995376cee063bb37d4e68e3 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <[email protected]>
+Date: Thu, 23 Jan 2020 15:57:05 +0100
+Subject: [PATCH 2/2] Do not include lib/md5.c into src/shar.c
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+lib/md5.o is part of libgnu.a that is linked to shar. There is no
+point in linking md5.o twice into shar executable. Moreover SuSE
+reports that this triggers a linking error with GCC 10:
+
+/usr/lib64/gcc/x86_64-suse-linux/9/../../../../x86_64-suse-linux/bin/ld:
+../lib/libgnu.a(md5.o): in function `md5_stream':
+[   30s] md5.c:(.text+0x15d): multiple definition of `md5_stream';
+shar.o:shar.c:(.text+0x28): first defined here
+
+<https://lists.gnu.org/archive/html/bug-gnu-utils/2020-01/msg00001.html>
+
+Signed-off-by: Petr Písař <[email protected]>
+---
+ src/shar.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/shar.c b/src/shar.c
+index 11cbada..6d7ed1d 100644
+--- a/src/shar.c
++++ b/src/shar.c
+@@ -53,7 +53,6 @@ static const char cright_years_z[] =
+
+ #include "inttostr.h"
+ #include "liballoca.h"
+-#include "md5.c"
+ #include "md5.h"
+ #include "quotearg.h"
+ #include "xalloc.h"
+-- 
+2.21.1
+

sharutils-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch

@@ -0,0 +1,58 @@
+From 1067cdba6d08f2a765cb0ea371189a5b703eb4db Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <[email protected]>
+Date: Thu, 22 Feb 2018 16:39:43 +0100
+Subject: [PATCH] Fix a heap-buffer-overflow in find_archive()
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+rw_buffer has allocated rw_base_size bytes. But subsequend fgets() in
+find_archive() reads up-to BUFSIZ bytes.
+
+On my system, BUFSIZ is 8192. rw_base_size is usually equaled to
+a memory page size, 4096 on my system. Thus find_archive() can write
+beyonded allocated memmory for rw_buffer array:
+
+$ valgrind -- ./unshar /tmp/id\:000000\,sig\:06\,src\:000005+000030\,op\:splice\,rep\:4
+==30582== Memcheck, a memory error detector
+==30582== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
+==30582== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
+==30582== Command: ./unshar /tmp/id:000000,sig:06,src:000005+000030,op:splice,rep:4
+==30582==
+==30582== Invalid write of size 1
+==30582==    at 0x4EAB480: _IO_getline_info (in /usr/lib64/libc-2.27.so)
+==30582==    by 0x4EB47C2: fgets_unlocked (in /usr/lib64/libc-2.27.so)
+==30582==    by 0x10BF60: fgets_unlocked (stdio2.h:320)
+==30582==    by 0x10BF60: find_archive (unshar.c:243)
+==30582==    by 0x10BF60: unshar_file (unshar.c:379)
+==30582==    by 0x10BCCC: validate_fname (unshar-opts.c:604)
+==30582==    by 0x10BCCC: main (unshar-opts.c:639)
+==30582==  Address 0x523a790 is 0 bytes after a block of size 4,096 alloc'd
+==30582==    at 0x4C2DBBB: malloc (vg_replace_malloc.c:299)
+==30582==    by 0x10C670: init_unshar (unshar.c:450)
+==30582==    by 0x10BC55: main (unshar-opts.c:630)
+
+This was reported in
+<http://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00004.html>.
+
+Signed-off-by: Petr Písař <[email protected]>
+---
+ src/unshar.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/unshar.c b/src/unshar.c
+index 80bc3a9..0fc3773 100644
+--- a/src/unshar.c
++++ b/src/unshar.c
+@@ -240,7 +240,7 @@ find_archive (char const * name, FILE * file, off_t start)
+       off_t position = ftello (file);
+
+       /* Read next line, fail if no more and no previous process.  */
+-      if (!fgets (rw_buffer, BUFSIZ, file))
++      if (!fgets (rw_buffer, rw_base_size, file))
+ 	{
+ 	  if (!start)
+ 	    error (0, 0, _("Found no shell commands in %s"), name);
+-- 
+2.13.6
+

sharutils-4.15.2-Fix-building-with-GCC-10.patch

@@ -0,0 +1,97 @@
+From ec4ceb632abc0d54061269bc779459e13172f264 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <[email protected]>
+Date: Thu, 23 Jan 2020 15:42:41 +0100
+Subject: [PATCH 1/2] Fix building with GCC 10
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+GCC 10 defaults to -fno-common that results into errors on multiple
+global variable definitions:
+
+/usr/lib64/gcc/x86_64-suse-linux/9/../../../../x86_64-suse-linux/bin/ld:
+shar-opts.o:(.data.rel.ro.local+0x0): multiple definition of
+`program_name'; shar.o:(.rodata+0x10): first defined here
+
+This patch fixes it by changing the definitions in header files into extern
+declarations.
+
+<https://lists.gnu.org/archive/html/bug-gnu-utils/2020-01/msg00001.html>
+
+Signed-off-by: Petr Písař <[email protected]>
+---
+ src/shar-opts.h     | 2 +-
+ src/shar-std.def    | 2 +-
+ src/unshar-opts.h   | 2 +-
+ src/uudecode-opts.h | 2 +-
+ src/uuencode-opts.h | 2 +-
+ 5 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/shar-opts.h b/src/shar-opts.h
+index 75dcae2..5055d1c 100644
+--- a/src/shar-opts.h
++++ b/src/shar-opts.h
+@@ -352,7 +352,7 @@ extern "C" {
+  *  global exported definitions
+  */
+ #include "local.h"
+-char const * const program_name;
++extern char const * const program_name;
+
+ extern bool initialization_done;
+ extern int optidx;
+diff --git a/src/shar-std.def b/src/shar-std.def
+index ed06b77..a28f61c 100644
+--- a/src/shar-std.def
++++ b/src/shar-std.def
+@@ -41,7 +41,7 @@ no-misuse-usage;
+ usage-message;
+ die-code;
+
+-export  = '#include "local.h"'"\nchar const * const program_name;";
++export  = '#include "local.h"'"\nextern char const * const program_name;";
+
+ #shell
+ echo "include = 'char const * const program_name = \"${progname}\";';"
+diff --git a/src/unshar-opts.h b/src/unshar-opts.h
+index 2c3febe..9ebe2fc 100644
+--- a/src/unshar-opts.h
++++ b/src/unshar-opts.h
+@@ -192,7 +192,7 @@ extern "C" {
+ extern size_t       separator_str_len;
+
+ #include "local.h"
+-char const * const program_name;
++extern char const * const program_name;
+
+
+ /* * * * * *
+diff --git a/src/uudecode-opts.h b/src/uudecode-opts.h
+index 29b3b5c..5494289 100644
+--- a/src/uudecode-opts.h
++++ b/src/uudecode-opts.h
+@@ -170,7 +170,7 @@ extern "C" {
+  *  global exported definitions
+  */
+ #include "local.h"
+-char const * const program_name;
++extern char const * const program_name;
+
+
+ /* * * * * *
+diff --git a/src/uuencode-opts.h b/src/uuencode-opts.h
+index e71c9b8..d6ec03e 100644
+--- a/src/uuencode-opts.h
++++ b/src/uuencode-opts.h
+@@ -166,7 +166,7 @@ extern "C" {
+  *  global exported definitions
+  */
+ #include "local.h"
+-char const * const program_name;
++extern char const * const program_name;
+
+
+ /* * * * * *
+-- 
+2.21.1
+