commit 2a3bb10843bfcfbebcf422986f6ceab80842cb7a Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 11:17:07 2019 -0400 Package init diff --git a/LicenseList b/LicenseList new file mode 100644 index 0000000..1390279 --- /dev/null +++ b/LicenseList @@ -0,0 +1,13 @@ +The main code: GPLv3+ +intl/dngettext.c: LGPLv2+ +lib (gnulib): GPLv3+ +lib/md5.c: GPLv3+ and Public Domain +libopts/file.c: LGPLv3+ or BSD +libopts/genshell.h: LGPLv2+ +libopts/m4/libopts.m4: GPLv3+ +doc/sharutils.texi: GFDL +src/uuencode.c: GPLv3+ and BSD +ar-lib: GPLv2+ +config.rpath: FSFULLR +INSTALL: FSFAPP +install-sh: MIT diff --git a/sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch b/sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch new file mode 100644 index 0000000..10460af --- /dev/null +++ b/sharutils-4.14.2-Pass-compilation-with-Werror-format-security.patch @@ -0,0 +1,87 @@ +From 851a240296ad2ec2a5f67e84d284d3bf7882745e Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Mon, 15 Dec 2014 11:20:32 +0100 +Subject: [PATCH] Pass compilation with -Werror=format-security +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + + + +Signed-off-by: Petr Písař +--- + libopts/genshell.h | 2 +- + src/shar-opts.h | 2 +- + src/unshar-opts.h | 2 +- + src/uudecode-opts.h | 2 +- + src/uuencode-opts.h | 2 +- + 5 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/libopts/genshell.h b/libopts/genshell.h +index 1c18735..0a69bc2 100644 +--- a/libopts/genshell.h ++++ b/libopts/genshell.h +@@ -168,7 +168,7 @@ extern tOptions genshelloptOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +diff --git a/src/shar-opts.h b/src/shar-opts.h +index 64f2f12..a32b69d 100644 +--- a/src/shar-opts.h ++++ b/src/shar-opts.h +@@ -374,7 +374,7 @@ extern tOptions sharOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +diff --git a/src/unshar-opts.h b/src/unshar-opts.h +index ae697af..19e8be7 100644 +--- a/src/unshar-opts.h ++++ b/src/unshar-opts.h +@@ -211,7 +211,7 @@ extern tOptions unsharOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +diff --git a/src/uudecode-opts.h b/src/uudecode-opts.h +index d457488..fd11a20 100644 +--- a/src/uudecode-opts.h ++++ b/src/uudecode-opts.h +@@ -189,7 +189,7 @@ extern tOptions uudecodeOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +diff --git a/src/uuencode-opts.h b/src/uuencode-opts.h +index 7c7ed78..41352ea 100644 +--- a/src/uuencode-opts.h ++++ b/src/uuencode-opts.h +@@ -185,7 +185,7 @@ extern tOptions uuencodeOptions; + # endif + + # ifndef ATTRIBUTE_FORMAT_ARG +-# define ATTRIBUTE_FORMAT_ARG(_a) ++# define ATTRIBUTE_FORMAT_ARG(_a) __attribute__ ((format_arg(_a))) + # endif + + static inline char* aoGetsText(char const* pz) ATTRIBUTE_FORMAT_ARG(1); +-- +1.9.3 + diff --git a/sharutils-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch b/sharutils-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch new file mode 100644 index 0000000..bf9d583 --- /dev/null +++ b/sharutils-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch @@ -0,0 +1,58 @@ +From 1067cdba6d08f2a765cb0ea371189a5b703eb4db Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= +Date: Thu, 22 Feb 2018 16:39:43 +0100 +Subject: [PATCH] Fix a heap-buffer-overflow in find_archive() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +rw_buffer has allocated rw_base_size bytes. But subsequend fgets() in +find_archive() reads up-to BUFSIZ bytes. + +On my system, BUFSIZ is 8192. rw_base_size is usually equaled to +a memory page size, 4096 on my system. Thus find_archive() can write +beyonded allocated memmory for rw_buffer array: + +$ valgrind -- ./unshar /tmp/id\:000000\,sig\:06\,src\:000005+000030\,op\:splice\,rep\:4 +==30582== Memcheck, a memory error detector +==30582== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al. +==30582== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info +==30582== Command: ./unshar /tmp/id:000000,sig:06,src:000005+000030,op:splice,rep:4 +==30582== +==30582== Invalid write of size 1 +==30582== at 0x4EAB480: _IO_getline_info (in /usr/lib64/libc-2.27.so) +==30582== by 0x4EB47C2: fgets_unlocked (in /usr/lib64/libc-2.27.so) +==30582== by 0x10BF60: fgets_unlocked (stdio2.h:320) +==30582== by 0x10BF60: find_archive (unshar.c:243) +==30582== by 0x10BF60: unshar_file (unshar.c:379) +==30582== by 0x10BCCC: validate_fname (unshar-opts.c:604) +==30582== by 0x10BCCC: main (unshar-opts.c:639) +==30582== Address 0x523a790 is 0 bytes after a block of size 4,096 alloc'd +==30582== at 0x4C2DBBB: malloc (vg_replace_malloc.c:299) +==30582== by 0x10C670: init_unshar (unshar.c:450) +==30582== by 0x10BC55: main (unshar-opts.c:630) + +This was reported in +. + +Signed-off-by: Petr Písař +--- + src/unshar.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/unshar.c b/src/unshar.c +index 80bc3a9..0fc3773 100644 +--- a/src/unshar.c ++++ b/src/unshar.c +@@ -240,7 +240,7 @@ find_archive (char const * name, FILE * file, off_t start) + off_t position = ftello (file); + + /* Read next line, fail if no more and no previous process. */ +- if (!fgets (rw_buffer, BUFSIZ, file)) ++ if (!fgets (rw_buffer, rw_base_size, file)) + { + if (!start) + error (0, 0, _("Found no shell commands in %s"), name); +-- +2.13.6 + diff --git a/sharutils-4.15.2-fflush-adjust-to-glibc-2.28-libio.h-removal.patch b/sharutils-4.15.2-fflush-adjust-to-glibc-2.28-libio.h-removal.patch new file mode 100644 index 0000000..78e6564 --- /dev/null +++ b/sharutils-4.15.2-fflush-adjust-to-glibc-2.28-libio.h-removal.patch @@ -0,0 +1,178 @@ +From 0e2f412eeec2e1f7f5743ea23c62bdf98bf4102c Mon Sep 17 00:00:00 2001 +From: Paul Eggert +Date: Thu, 8 Mar 2018 16:42:45 -0800 +Subject: [PATCH] fflush: adjust to glibc 2.28 libio.h removal +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Petr Písař: Ported to sharutils-4.15.2 from: + +commit 4af4a4a71827c0bc5e0ec67af23edef4f15cee8e +Author: Paul Eggert +Date: Mon Mar 5 10:56:29 2018 -0800 + + fflush: adjust to glibc 2.28 libio.h removal + +Problem reported by Daniel P. Berrangé in: +https://lists.gnu.org/r/bug-gnulib/2018-03/msg00000.html +* lib/fbufmode.c (fbufmode): +* lib/fflush.c (clear_ungetc_buffer_preserving_position) +(disable_seek_optimization, rpl_fflush): +* lib/fpending.c (__fpending): +* lib/fpurge.c (fpurge): +* lib/freadable.c (freadable): +* lib/freadahead.c (freadahead): +* lib/freading.c (freading): +* lib/freadptr.c (freadptr): +* lib/freadseek.c (freadptrinc): +* lib/fseeko.c (fseeko): +* lib/fseterr.c (fseterr): +* lib/fwritable.c (fwritable): +* lib/fwriting.c (fwriting): +Check _IO_EOF_SEEN instead of _IO_ftrylockfile. +* lib/stdio-impl.h (_IO_IN_BACKUP) [_IO_EOF_SEEN]: +Define if not already defined. + +commit 74d9d6a293d7462dea8f83e7fc5ac792e956a0ad +Author: Paul Eggert +Date: Thu Mar 8 16:42:45 2018 -0800 + + fflush: be more paranoid about libio.h change + +Suggested by Eli Zaretskii in: +https://lists.gnu.org/r/emacs-devel/2018-03/msg00270.html +* lib/fbufmode.c (fbufmode): +* lib/fflush.c (clear_ungetc_buffer_preserving_position) +(disable_seek_optimization, rpl_fflush): +* lib/fpending.c (__fpending): +* lib/fpurge.c (fpurge): +* lib/freadable.c (freadable): +* lib/freadahead.c (freadahead): +* lib/freading.c (freading): +* lib/freadptr.c (freadptr): +* lib/freadseek.c (freadptrinc): +* lib/fseeko.c (fseeko): +* lib/fseterr.c (fseterr): +* lib/fwritable.c (fwritable): +* lib/fwriting.c (fwriting): +Look at _IO_ftrylockfile as well as at _IO_EOF_SEEN. + +This is needed for glibc-2.28 (First spotted with +glibc-2.27.9000-13.fc29 on Fedora). + +Signed-off-by: Petr Písař +--- + lib/fflush.c | 9 ++++++--- + lib/fpurge.c | 3 ++- + lib/freading.c | 3 ++- + lib/fseeko.c | 6 ++++-- + lib/stdio-impl.h | 6 ++++++ + 5 files changed, 20 insertions(+), 7 deletions(-) + +diff --git a/lib/fflush.c b/lib/fflush.c +index 5ae3e41..d887ecb 100644 +--- a/lib/fflush.c ++++ b/lib/fflush.c +@@ -33,7 +33,8 @@ + #undef fflush + + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++/* GNU libc, BeOS, Haiku, Linux libc5 */ + + /* Clear the stream's ungetc buffer, preserving the value of ftello (fp). */ + static void +@@ -72,7 +73,8 @@ clear_ungetc_buffer (FILE *fp) + + #endif + +-#if ! (defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */) ++#if ! (defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1) ++/* GNU libc, BeOS, Haiku, Linux libc5 */ + + # if (defined __sferror || defined __DragonFly__ || defined __ANDROID__) && defined __SNPT + /* FreeBSD, NetBSD, OpenBSD, DragonFly, Mac OS X, Cygwin, Android */ +@@ -148,7 +150,8 @@ rpl_fflush (FILE *stream) + if (stream == NULL || ! freading (stream)) + return fflush (stream); + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + + clear_ungetc_buffer_preserving_position (stream); + +diff --git a/lib/fpurge.c b/lib/fpurge.c +index f313b22..a760c4d 100644 +--- a/lib/fpurge.c ++++ b/lib/fpurge.c +@@ -62,7 +62,8 @@ fpurge (FILE *fp) + /* Most systems provide FILE as a struct and the necessary bitmask in + , because they need it for implementing getc() and putc() as + fast macros. */ +-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++# if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + fp->_IO_read_end = fp->_IO_read_ptr; + fp->_IO_write_ptr = fp->_IO_write_base; + /* Avoid memory leak when there is an active ungetc buffer. */ +diff --git a/lib/freading.c b/lib/freading.c +index 0512b19..2341577 100644 +--- a/lib/freading.c ++++ b/lib/freading.c +@@ -31,7 +31,8 @@ freading (FILE *fp) + /* Most systems provide FILE as a struct and the necessary bitmask in + , because they need it for implementing getc() and putc() as + fast macros. */ +-# if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++# if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + return ((fp->_flags & _IO_NO_WRITES) != 0 + || ((fp->_flags & (_IO_NO_READS | _IO_CURRENTLY_PUTTING)) == 0 + && fp->_IO_read_base != NULL)); +diff --git a/lib/fseeko.c b/lib/fseeko.c +index 1c65d2a..1b1cc2f 100644 +--- a/lib/fseeko.c ++++ b/lib/fseeko.c +@@ -47,7 +47,8 @@ fseeko (FILE *fp, off_t offset, int whence) + #endif + + /* These tests are based on fpurge.c. */ +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + if (fp->_IO_read_end == fp->_IO_read_ptr + && fp->_IO_write_ptr == fp->_IO_write_base + && fp->_IO_save_base == NULL) +@@ -123,7 +124,8 @@ fseeko (FILE *fp, off_t offset, int whence) + return -1; + } + +-#if defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 /* GNU libc, BeOS, Haiku, Linux libc5 */ ++#if defined _IO_EOF_SEEN || defined _IO_ftrylockfile || __GNU_LIBRARY__ == 1 ++ /* GNU libc, BeOS, Haiku, Linux libc5 */ + fp->_flags &= ~_IO_EOF_SEEN; + fp->_offset = pos; + #elif defined __sferror || defined __DragonFly__ || defined __ANDROID__ +diff --git a/lib/stdio-impl.h b/lib/stdio-impl.h +index 502d891..ea38ee2 100644 +--- a/lib/stdio-impl.h ++++ b/lib/stdio-impl.h +@@ -18,6 +18,12 @@ + the same implementation of stdio extension API, except that some fields + have different naming conventions, or their access requires some casts. */ + ++/* Glibc 2.28 made _IO_IN_BACKUP private. For now, work around this ++ problem by defining it ourselves. FIXME: Do not rely on glibc ++ internals. */ ++#if !defined _IO_IN_BACKUP && defined _IO_EOF_SEEN ++# define _IO_IN_BACKUP 0x100 ++#endif + + /* BSD stdio derived implementations. */ + +-- +2.14.3 + diff --git a/sharutils-4.15.2.tar.xz b/sharutils-4.15.2.tar.xz new file mode 100644 index 0000000..d7ca05e Binary files /dev/null and b/sharutils-4.15.2.tar.xz differ diff --git a/sharutils.spec b/sharutils.spec new file mode 100644 index 0000000..cc54ece --- /dev/null +++ b/sharutils.spec @@ -0,0 +1,68 @@ +Name: sharutils +Version: 4.15.2 +Release: 14 +Summary: The set of GNU shar utilities +License: GPLv3+ and (GPLv3+ and BSD) and (LGPLv3+ or BSD) and LGPLv2+ and Public Domain and GFDL +URL: http://www.gnu.org/software/%{name}/ +Source0: ftp://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz +Source1: LicenseList + +Patch0: %{name}-4.14.2-Pass-compilation-with-Werror-format-security.patch +Patch1: %{name}-4.15.2-Fix-a-heap-buffer-overflow-in-find_archive.patch +Patch2: %{name}-4.15.2-fflush-adjust-to-glibc-2.28-libio.h-removal.patch + +BuildRequires: binutils coreutils gcc gettext glibc-common make sed diffutils +Provides: bundled(gnulib) +Provides: bundled(libopts) = 41.1 + +%description +This is the set of GNU shar utilities. + +shar makes shell archives out of many files, preparing them for +transmission by electronic mail services. Use unshar to unpack shell +archives after reception. + +uuencode prepares a file for transmission over an electronic channel +which ignores or otherwise mangles the eight bit (high order bit) of +bytes. uudecode does the converse transformation. + +remsync allows for remote synchronization of directory trees, using +e-mail. This part of sharutils is still alpha. + +%package_help + +%prep +%autosetup -n %{name}-%{version} -p1 + +for i in TODO THANKS; do + iconv -f iso-8859-1 -t utf-8 -o $i{.utf8,} + mv $i{.utf8,} +done + +%build +%configure +make %{?_smp_mflags} + +%install +%make_install + +chmod 644 AUTHORS ChangeLog COPYING NEWS README THANKS TODO + +%find_lang %{name} + +%check +make check + +%files -f %{name}.lang +%license COPYING +%{_bindir}/* +%{_infodir}/*info* +%exclude %{_infodir}/dir + +%files help +%doc AUTHORS ChangeLog NEWS README THANKS TODO +%{_mandir}/man* + +%changelog +* Thu Aug 22 2019 openEuler Buildteam - 4.15.2-14 +- Package init