packages/gettext
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update code

Browse Source
This commit is contained in:
zhuchunyi 2019-11-06 19:07:38 +08:00
parent ab2b3c9d4d
commit 1d0795ef6c
8 changed files with 30 additions and 263 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
backport-CVE-2018-18751.patch
View File

@ -1,136 +0,0 @@
From dce3a16e5e9368245735e29bf498dcd5e3e474a4 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Thu, 15 Sep 2016 13:57:24 +0200
Subject: [PATCH] xgettext: Fix crash with *.po file input
When xgettext was given two *.po files with the same msgid_plural, it
crashed with double-free. Problem reported by Davlet Panech in:
http://lists.gnu.org/archive/html/bug-gettext/2016-09/msg00001.html
* gettext-tools/src/po-gram-gen.y: Don't free msgid_pluralform after
calling do_callback_message, assuming that it takes ownership.
* gettext-tools/src/read-catalog.c (default_add_message): Free
msgid_plural after calling message_alloc.
* gettext-tools/tests/xgettext-po-2: New file.
* gettext-tools/tests/Makefile.am (TESTS): Add new test.
---
gettext-tools/src/po-gram-gen.y | 13 ++++-----
gettext-tools/src/read-catalog.c | 2 ++
gettext-tools/tests/Makefile.am | 2 +-
gettext-tools/tests/xgettext-po-2 | 55 +++++++++++++++++++++++++++++++++++++++
4 files changed, 63 insertions(+), 9 deletions(-)
create mode 100755 gettext-tools/tests/xgettext-po-2
diff --git a/gettext-tools/src/po-gram-gen.y b/gettext-tools/src/po-gram-gen.y
index becf5e6..4428e77 100644
--- a/gettext-tools/src/po-gram-gen.y
+++ b/gettext-tools/src/po-gram-gen.y
@@ -221,14 +221,11 @@ message
check_obsolete ($1, $3);
check_obsolete ($1, $4);
if (!$1.obsolete || pass_obsolete_entries)
- {
- do_callback_message ($1.ctxt, string2, &$1.pos, $3.string,
- $4.rhs.msgstr, $4.rhs.msgstr_len, &$4.pos,
- $1.prev_ctxt,
- $1.prev_id, $1.prev_id_plural,
- $1.obsolete);
- free ($3.string);
- }
+ do_callback_message ($1.ctxt, string2, &$1.pos, $3.string,
+ $4.rhs.msgstr, $4.rhs.msgstr_len, &$4.pos,
+ $1.prev_ctxt,
+ $1.prev_id, $1.prev_id_plural,
+ $1.obsolete);
else
{
free_message_intro ($1);
diff --git a/gettext-tools/src/read-catalog.c b/gettext-tools/src/read-catalog.c
index 571d18e..6af6d20 100644
--- a/gettext-tools/src/read-catalog.c
+++ b/gettext-tools/src/read-catalog.c
@@ -397,6 +397,8 @@ default_add_message (default_catalog_reader_ty *this,
appropriate. */
mp = message_alloc (msgctxt, msgid, msgid_plural, msgstr, msgstr_len,
msgstr_pos);
+ if (msgid_plural != NULL)
+ free (msgid_plural);
mp->prev_msgctxt = prev_msgctxt;
mp->prev_msgid = prev_msgid;
mp->prev_msgid_plural = prev_msgid_plural;
diff --git a/gettext-tools/tests/Makefile.am b/gettext-tools/tests/Makefile.am
index 23b09b1..0dfb4d8 100644
--- a/gettext-tools/tests/Makefile.am
+++ b/gettext-tools/tests/Makefile.am
@@ -95,7 +95,7 @@ TESTS = gettext-1 gettext-2 gettext-3 gettext-4 gettext-5 gettext-6 gettext-7 \
xgettext-perl-1 xgettext-perl-2 xgettext-perl-3 xgettext-perl-4 \
xgettext-perl-5 xgettext-perl-6 xgettext-perl-7 xgettext-perl-8 \
xgettext-php-1 xgettext-php-2 xgettext-php-3 xgettext-php-4 \
- xgettext-po-1 \
+ xgettext-po-1 xgettext-po-2 \
xgettext-properties-1 \
xgettext-python-1 xgettext-python-2 xgettext-python-3 \
xgettext-python-4 \
diff --git a/gettext-tools/tests/xgettext-po-2 b/gettext-tools/tests/xgettext-po-2
new file mode 100755
index 0000000..c4bd9d0
--- /dev/null
+++ b/gettext-tools/tests/xgettext-po-2
@@ -0,0 +1,55 @@
+#! /bin/sh
+. "${srcdir=.}/init.sh"; path_prepend_ . ../src
+
+# Test PO extractors with multiple input files.
+
+cat <<EOF > xg-po-2-1.po
+msgid "first msgid"
+msgid_plural "first msgid (plural)"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "second msgid"
+msgid_plural "second msgid (plural)"
+msgstr[0] ""
+msgstr[1] ""
+EOF
+
+cat <<EOF > xg-po-2-2.po
+msgid "third msgid"
+msgid_plural "third msgid (plural)"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "second msgid"
+msgid_plural "second msgid (plural)"
+msgstr[0] ""
+msgstr[1] ""
+EOF
+
+: ${XGETTEXT=xgettext}
+${XGETTEXT} --omit-header xg-po-2-1.po xg-po-2-2.po -o xg-po-2.tmp.po || Exit 1
+LC_ALL=C tr -d '\r' < xg-po-2.tmp.po > xg-po-2.po || Exit 1
+
+cat <<EOF > xg-po-2.ok
+msgid "first msgid"
+msgid_plural "first msgid (plural)"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "second msgid"
+msgid_plural "second msgid (plural)"
+msgstr[0] ""
+msgstr[1] ""
+
+msgid "third msgid"
+msgid_plural "third msgid (plural)"
+msgstr[0] ""
+msgstr[1] ""
+EOF
+
+: ${DIFF=diff}
+${DIFF} xg-po-2.ok xg-po-2.po
+result=$?
+
+exit $result
--
1.9.1

47
disable-gettext-runtime-test-lock.patch
View File

@ -1,47 +0,0 @@
commit bd2c6ca2b7ae0be02d4bb85db79def454f3153fb
Author: rpm-build <rpm-build>
AuthorDate: Wed Dec 21 12:50:54 2016 +0100
Commit: rpm-build <rpm-build>
CommitDate: Wed Dec 21 12:52:36 2016 +0100
disable-gettext-runtime-test-lock.patch
diff --git a/gettext-runtime/tests/Makefile.am b/gettext-runtime/tests/Makefile.am
index 88a0684..3a27b79 100644
--- a/gettext-runtime/tests/Makefile.am
+++ b/gettext-runtime/tests/Makefile.am
@@ -19,7 +19,7 @@
AUTOMAKE_OPTIONS = 1.11 gnits no-dependencies color-tests subdir-objects
EXTRA_DIST =
-TESTS = test-lock
+TESTS =
AM_CPPFLAGS = \
-I.. \
diff --git a/gettext-runtime/tests/Makefile.in b/gettext-runtime/tests/Makefile.in
index 4327733..5879146 100644
--- a/gettext-runtime/tests/Makefile.in
+++ b/gettext-runtime/tests/Makefile.in
@@ -86,7 +86,7 @@ PRE_UNINSTALL = :
POST_UNINSTALL = :
build_triplet = @build@
host_triplet = @host@
-TESTS = test-lock$(EXEEXT)
+TESTS =
check_PROGRAMS = test-lock$(EXEEXT)
subdir = tests
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
diff --git a/gettext-tools/gnulib-tests/Makefile.in b/gettext-tools/gnulib-tests/Makefile.in
index 26becd9..4b9d0e4 100644
--- a/gettext-tools/gnulib-tests/Makefile.in
+++ b/gettext-tools/gnulib-tests/Makefile.in
@@ -143,7 +143,7 @@ TESTS = test-set-mode-acl.sh test-set-mode-acl-1.sh \
test-isnanl-nolibm$(EXEEXT) test-isnanl$(EXEEXT) \
test-iswblank$(EXEEXT) test-langinfo$(EXEEXT) \
test-linkedhash_list$(EXEEXT) test-locale$(EXEEXT) \
- test-localename$(EXEEXT) test-lock$(EXEEXT) \
+ test-localename$(EXEEXT) \
test-log10$(EXEEXT) test-lseek.sh test-lstat$(EXEEXT) \
test-malloca$(EXEEXT) test-math$(EXEEXT) test-mbrtowc1.sh \
test-mbrtowc2.sh test-mbrtowc3.sh test-mbrtowc4.sh \

43
gettext-0.19.8-its-segfault.patch
View File

@ -1,43 +0,0 @@
From a0cab23332a254e3500cac2a3a984472d02180e5 Mon Sep 17 00:00:00 2001
From: Bruno Haible <bruno@clisp.org>
Date: Fri, 9 Dec 2016 21:04:31 +0100
Subject: [PATCH] Fix crash of xgettext with --its option.
* gettext-tools/src/xgettext.c (main): Free contents of its_dirs only when it
was initialized. Fixes bug introduced on 2016-05-16.
---
gettext-tools/src/xgettext.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/gettext-tools/src/xgettext.c b/gettext-tools/src/xgettext.c
index f848d76d1..a80ee51ac 100644
--- a/gettext-tools/src/xgettext.c
+++ b/gettext-tools/src/xgettext.c
@@ -330,7 +330,7 @@ main (int argc, char *argv[])
bool sort_by_msgid = false;
bool sort_by_filepos = false;
char **dirs;
- char **its_dirs;
+ char **its_dirs = NULL;
char *explicit_its_filename = NULL;
const char *file_name;
const char *files_from = NULL;
@@ -1016,9 +1016,12 @@ warning: file '%s' extension '%s' is unknown; will try C"), filename, extension)
if (its_locating_rules)
locating_rule_list_free (its_locating_rules);
- for (i = 0; its_dirs[i] != NULL; i++)
- free (its_dirs[i]);
- free (its_dirs);
+ if (its_dirs != NULL)
+ {
+ for (i = 0; its_dirs[i] != NULL; i++)
+ free (its_dirs[i]);
+ free (its_dirs);
+ }
exit (EXIT_SUCCESS);
}
--
2.14.3

BIN
gettext-0.19.8.1.tar.xz
View File

Binary file not shown.

BIN
gettext-0.20.1.tar.gz Normal file
View File

Binary file not shown.

21
gettext-po-send-mail.patch
View File

@ -1,21 +0,0 @@
Index: gettext-0.19.8.1/gettext-tools/misc/po-mode.el
===================================================================
--- gettext-0.19.8.1.orig/gettext-tools/misc/po-mode.el
+++ gettext-0.19.8.1/gettext-tools/misc/po-mode.el
@@ -3518,10 +3518,12 @@ Write to your team? ('n' if writing to
(re-search-forward
(concat "^" (regexp-quote mail-header-separator) "\n"))
(save-excursion
- (insert-buffer-substring buffer)
- (shell-command-on-region
- (region-beginning) (region-end)
- (concat po-gzip-uuencode-command " " name ".gz") t t))))))
+ (save-restriction
+ (narrow-to-region (point) (point))
+ (insert-buffer-substring buffer)
+ (shell-command-on-region
+ (point-min) (point-max)
+ (concat po-gzip-uuencode-command " " name ".gz") t t)))))))
(message ""))
(defun po-confirm-and-quit ()

46
gettext.spec
View File

@ -2,20 +2,15 @@
%bcond_with java
%bcond_without check
%global archiveversion 0.19.8
%global archiveversion 0.20
Name: gettext
Version: 0.19.8.1
Release: 19
Name: gettext
Version: 0.20.1
Release: 1
License: GPLv3+ and LGPLv2+
Summary: GNU gettext utilities are a set of tools that provides a framework to help other GNU packages produce multi-lingual messages.
URL: https://www.gnu.org/software/gettext/
Source: ftp://ftp.gnu.org/gnu/gettext/%{name}-%{version}.tar.xz
Patch0: disable-gettext-runtime-test-lock.patch
Patch1: gettext-po-send-mail.patch
Patch2: gettext-0.19.8-its-segfault.patch
Patch6000: backport-CVE-2018-18751.patch
URL: https://www.gnu.org/software/gettext/
Source: https://ftp.gnu.org/pub/gnu/gettext/%{name}-%{version}.tar.gz
Source2: msghack.py
Source3: msghack.1
@ -87,6 +82,10 @@ This package contains man, license, info, readme, copyright, license.
%prep
%autosetup -n %{name}-%{version} -S git
sed -e 's/\(gl_cv_libcroco_force_included=\)yes/\1no/' \
-e 's/\(gl_cv_libxml_force_included=\)yes/\1no/' \
-i libtextstyle/configure
%build
%if %{with java}
export JAVAC=gcj
@ -97,7 +96,8 @@ export JAR=fastjar
%ifarch ppc ppc64 ppc64le
export CFLAGS="$RPM_OPT_FLAGS -D__SUPPORT_SNAN__"
%endif
autoreconf
export CPPFLAGS="-I$(ls -1d %{_includedir}/libcroco-*/libcroco) -I%{_includedir}/libxml2"
export LIBS="-lcroco-0.6 -lxml2"
%configure --without-included-gettext --enable-nls --disable-static \
--enable-shared --with-pic --disable-csharp --disable-rpath \
%if %{with java}
@ -168,17 +168,19 @@ done
%if %{with check}
%check
export LD_LIBRARY_PATH=$RPM_BUILD_ROOT%{_libdir}:$PWD/gettext-tools/intl/.libs
make check LIBUNISTRING=-lunistring
%endif
%ldconfig_scriptlets libs
%files -f %{name}.lang
%doc AUTHORS gettext-runtime/BUGS
%doc COPYING gettext-tools/misc/DISCLAIM README
%doc gettext-runtime/BUGS
%doc gettext-tools/misc/DISCLAIM README
%doc NEWS THANKS
%doc gettext-runtime/man/*.1.html
%doc gettext-runtime/intl/COPYING*
%license COPYING AUTHORS
%{_bindir}/*
%exclude %{_bindir}/autopoint
%exclude %{_bindir}/gettextize
@ -196,6 +198,7 @@ make check LIBUNISTRING=-lunistring
%{_datadir}/%{name}-%{archiveversion}/its
%{_libdir}/libasprintf.so.0*
%{_libdir}/libgettextpo.so.0*
%{_libdir}/libtextstyle.so.0*
%{_libdir}/libgettextlib-0.*.so
%{_libdir}/libgettextsrc-0.*.so
%if %{with jar}
@ -215,12 +218,12 @@ make check LIBUNISTRING=-lunistring
%{_infodir}/autosprintf*
%{_libdir}/libasprintf.so
%{_libdir}/libgettextpo.so
%{_libdir}/libtextstyle.so
%{_libdir}/preloadable_libintl.so
%{_mandir}/man1/autopoint.1*
%{_mandir}/man3/*
%{_datadir}/%{name}/intl
%{_datadir}/%{name}/javaversion.class
%doc gettext-runtime/intl-java/javadoc*
%{_docdir}/libtextstyle/
%if %{with java}
%{_libdir}/%{name}/gnu.gettext.*
%endif
@ -235,11 +238,22 @@ make check LIBUNISTRING=-lunistring
%files help
%{_infodir}/gettext*
%{_infodir}/libtextstyle*
%{_mandir}/man1/*
%{_mandir}/man3/*
%exclude %{_mandir}/man1/autopoint.1*
%exclude %{_mandir}/man1/msghack.1*
%changelog
* Fri Oct 11 2019 hanzhijun<hanzhijun1@huawei.com> - 0.20.1-1
- Type:enhancement
- ID:NA
- SUG:NA
- DESC:update to 0.20.1
* Mon Sep 30 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.19.8.1-20
- modify CVE patch name
* Fri Sep 27 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.19.8.1-19
- fix CVE-2018-18751

0
msghack.py Executable file → Normal file
View File