update code

2019-11-06 19:03:51 +08:00 · 2019-11-06 19:03:51 +08:00 · 5d9eef59da
commit 5d9eef59da
parent 31a0d2b382
11 changed files with 65 additions and 97 deletions
--- a/0001-add-compile-option.patch
+++ b/0001-add-compile-option.patch
@ -0,0 +1,52 @@
 From 70218c0c89b399fdc6febea92aae5dcc6ad32f56 Mon Sep 17 00:00:00 2001
 From: lvying <lvying6@huawei.com>
 Date: Sat, 19 Oct 2019 13:07:28 +0800
 Subject: [PATCH 1/2] add compile option
 Signed-off-by: lvying <lvying6@huawei.com>
 ---
 Makefile           | 4 ----
 Makefile-libbz2_so | 5 ++---
 2 files changed, 2 insertions(+), 7 deletions(-)
 diff --git a/Makefile b/Makefile
 index f8a1772..69ea7b2 100644
 --- a/Makefile
 +++ b/Makefile
@@ -18,10 +18,6 @@ SHELL=/bin/sh
 CC=gcc
 AR=ar
 RANLIB=ranlib
 -LDFLAGS=
 -
 -BIGFILES=-D_FILE_OFFSET_BITS=64
 -CFLAGS=-Wall -Winline -O2 -g $(BIGFILES)
 # Where you want it installed when you do 'make install'
 PREFIX=/usr/local
 diff --git a/Makefile-libbz2_so b/Makefile-libbz2_so
 index fb0f230..1eaf26a 100644
 --- a/Makefile-libbz2_so
 +++ b/Makefile-libbz2_so
@@ -24,7 +24,6 @@
 SHELL=/bin/sh
 CC=gcc
 BIGFILES=-D_FILE_OFFSET_BITS=64
 -CFLAGS=-fpic -fPIC -Wall -Winline -O2 -g $(BIGFILES)
 OBJS= blocksort.o  \
       huffman.o    \
@@ -35,8 +34,8 @@ OBJS= blocksort.o  \
       bzlib.o
 all: $(OBJS)
 -	$(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.8 $(OBJS)
 -	$(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.8
 +	$(CC) $(CFLAGS) $(LDFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.8 $(OBJS)
 +	$(CC) $(CFLAGS) $(LDFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.8
 	rm -f libbz2.so.1.0
 	ln -s libbz2.so.1.0.8 libbz2.so.1.0
 -- 
 1.8.3.1
--- a/0001-bzip2-1.0.4-saneso.patch
+++ b/0001-bzip2-1.0.4-saneso.patch
@ -1,12 +0,0 @@
 diff -up bzip2-1.0.6/Makefile-libbz2_so.pom bzip2-1.0.6/Makefile-libbz2_so
 --- bzip2-1.0.6/Makefile-libbz2_so.pom	2010-09-11 01:07:52.000000000 +0200
 +++ bzip2-1.0.6/Makefile-libbz2_so	2010-09-22 10:31:46.000000000 +0200
@@ -35,7 +35,7 @@ OBJS= blocksort.o  \
       bzlib.o
 all: $(OBJS)
 -	$(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS)
 +	$(CC) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS)
 	$(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
 	rm -f libbz2.so.1.0
 	ln -s libbz2.so.1.0.6 libbz2.so.1.0
--- a/0002-CVE-2019-12900.patch
+++ b/0002-CVE-2019-12900.patch
@ -1,7 +1,7 @@
-From 74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc Mon Sep 17 00:00:00 2001
+From 52f520db6cda25f18e26208745f1b92803d5d559 Mon Sep 17 00:00:00 2001
 From: Albert Astals Cid <aacid@kde.org>
 Date: Tue, 28 May 2019 19:35:18 +0200
-Subject: [PATCH] Make sure nSelectors is not out of range
+Subject: [PATCH 2/2] Make sure nSelectors is not out of range
 nSelectors is used in a loop from 0 to nSelectors to access selectorMtf
 which is
@ -15,12 +15,12 @@ Fixes out of bounds access discovered while fuzzying karchive
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/decompress.c b/decompress.c
-index ab6a624..f3db91d 100644
+index a1a0bac..e1fabdb 100644
 --- a/decompress.c
 +++ b/decompress.c
@@ -287,7 +287,7 @@ Int32 BZ2_decompress ( DState* s )
       GET_BITS(BZ_X_SELECTOR_1, nGroups, 3);
-       if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR);
+       if (nGroups < 2 || nGroups > BZ_N_GROUPS) RETURN(BZ_DATA_ERROR);
       GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
 -      if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
 +      if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
@ -28,5 +28,5 @@ index ab6a624..f3db91d 100644
          j = 0;
          while (True) {
 -- 
-2.21.0
+1.8.3.1
--- a/0002-bzip2-1.0.4-cflags.patch
+++ b/0002-bzip2-1.0.4-cflags.patch
@ -1,12 +0,0 @@
 diff -up bzip2-1.0.6/Makefile-libbz2_so.pom bzip2-1.0.6/Makefile-libbz2_so
 --- bzip2-1.0.6/Makefile-libbz2_so.pom	2010-09-22 10:36:24.000000000 +0200
 +++ bzip2-1.0.6/Makefile-libbz2_so	2010-09-22 10:36:58.000000000 +0200
@@ -35,7 +35,7 @@ OBJS= blocksort.o  \
       bzlib.o
 all: $(OBJS)
 -	$(CC) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS)
 +	$(CC) $(CFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS)
 	$(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
 	rm -f libbz2.so.1.0
 	ln -s libbz2.so.1.0.6 libbz2.so.1.0
--- a/0003-bzip2-1.0.4-bzip2recover.patch
+++ b/0003-bzip2-1.0.4-bzip2recover.patch
@ -1,12 +0,0 @@
 --- bzip2-1.0.4/bzip2recover.c.pom	2007-01-03 03:00:55.000000000 +0100
 +++ bzip2-1.0.4/bzip2recover.c	2007-02-05 11:55:17.000000000 +0100
@@ -309,7 +309,8 @@
    UInt32      buffHi, buffLo, blockCRC;
    Char*       p;
 -   strcpy ( progName, argv[0] );
 +   strncpy ( progName, argv[0], BZ_MAX_FILENAME-1);
 +   progName[BZ_MAX_FILENAME-1]='\0';
    inFileName[0] = outFileName[0] = 0;
    fprintf ( stderr, 
--- a/0004-bzip2-ldflags.patch
+++ b/0004-bzip2-ldflags.patch
@ -1,36 +0,0 @@
 diff -up bzip2-1.0.6/Makefile.jx bzip2-1.0.6/Makefile
 --- bzip2-1.0.6/Makefile.jx	2010-09-10 18:46:02.000000000 -0400
 +++ bzip2-1.0.6/Makefile	2015-08-14 13:04:33.891504131 -0400
@@ -18,10 +18,6 @@ SHELL=/bin/sh
 CC=gcc
 AR=ar
 RANLIB=ranlib
 -LDFLAGS=
 -
 -BIGFILES=-D_FILE_OFFSET_BITS=64
 -CFLAGS=-Wall -Winline -O2 -g $(BIGFILES)
 # Where you want it installed when you do 'make install'
 PREFIX=/usr/local
 diff -up bzip2-1.0.6/Makefile-libbz2_so.jx bzip2-1.0.6/Makefile-libbz2_so
 --- bzip2-1.0.6/Makefile-libbz2_so.jx	2015-08-14 13:04:33.885503955 -0400
 +++ bzip2-1.0.6/Makefile-libbz2_so	2015-08-14 13:06:52.554581179 -0400
@@ -24,7 +24,6 @@
 SHELL=/bin/sh
 CC=gcc
 BIGFILES=-D_FILE_OFFSET_BITS=64
 -CFLAGS=-fpic -fPIC -Wall -Winline -O2 -g $(BIGFILES)
 OBJS= blocksort.o  \
       huffman.o    \
@@ -35,8 +34,8 @@ OBJS= blocksort.o  \
       bzlib.o
 all: $(OBJS)
 -	$(CC) $(CFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS)
 -	$(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
 +	$(CC) $(CFLAGS) $(LDFLAGS) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS)
 +	$(CC) $(CFLAGS) $(LDFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6
 	rm -f libbz2.so.1.0
 	ln -s libbz2.so.1.0.6 libbz2.so.1.0
--- a/0005-set-out-file-to-null.patch
+++ b/0005-set-out-file-to-null.patch
@ -1,11 +0,0 @@
 diff -up ./bzip2recover.c.old ./bzip2recover.c
 --- ./bzip2recover.c.old	2016-03-22 08:49:38.855620000 +0100
 +++ ./bzip2recover.c	2016-03-30 10:22:27.341430099 +0200
@@ -458,6 +458,7 @@ Int32 main ( Int32 argc, Char** argv )
             bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
             bsPutUInt32 ( bsWr, blockCRC );
             bsClose ( bsWr );
 +            outFile = NULL;
          }
          if (wrBlock >= rbCtr) break;
          wrBlock++;
--- a/bzip2-1.0.6.tar.gz
+++ b/bzip2-1.0.6.tar.gz
--- a/bzip2-1.0.8.tar.gz
+++ b/bzip2-1.0.8.tar.gz
--- a/bzip2.pc
+++ b/bzip2.pc
@ -6,6 +6,6 @@ includedir=/usr/include
 Name: bzip2
 Description: A file compression library
-Version: 1.0.6
+Version: 1.0.8
 Libs: -L${libdir} -lbz2
 Cflags: -I${includedir}
--- a/bzip2.spec
+++ b/bzip2.spec
@ -1,6 +1,6 @@
 Name:		bzip2
-Version:	1.0.6
+Version:	1.0.8
-Release:	33
+Release:	1
 Summary:	A high-quality data compressor
 License:	BSD
@ -8,12 +8,8 @@ URL:		https://www.sourceware.org/bzip2/
 Source0:	https://sourceware.org/pub/bzip2/%{name}-%{version}.tar.gz
 Source1:	bzip2.pc
-Patch0:		0001-bzip2-1.0.4-saneso.patch
+Patch0:		0001-add-compile-option.patch
-Patch1:		0002-bzip2-1.0.4-cflags.patch
+Patch1:		0002-CVE-2019-12900.patch
 Patch2:		0003-bzip2-1.0.4-bzip2recover.patch
 Patch3:		0004-bzip2-ldflags.patch
 Patch4:		0005-set-out-file-to-null.patch
 Patch5:		0006-CVE-2019-12900.patch
 BuildRequires:	gcc
@ -94,6 +90,9 @@ make check
 %{_mandir}/man1/b*.1.gz
 %changelog
 * Sat Oct 19 2019 openEuler Builteam <buildteam@openeuler.org> - 1.0.8-1
 - update bzip2
 * Tue Sep 24 2019 shenyangyang<shenyangyang4@huawei.com> - 1.0.6-33
 - Type:enhancement
 - ID:NA