summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-nntp')
-rw-r--r--net-nntp/nzbget/Manifest1
-rw-r--r--net-nntp/nzbget/files/nzbget-24.2-fix-getrealpath-buffer-overflow.patch174
-rw-r--r--net-nntp/nzbget/nzbget-24.2.ebuild117
3 files changed, 292 insertions, 0 deletions
diff --git a/net-nntp/nzbget/Manifest b/net-nntp/nzbget/Manifest
index 059d1d38d04c..a14970625b51 100644
--- a/net-nntp/nzbget/Manifest
+++ b/net-nntp/nzbget/Manifest
@@ -1,2 +1,3 @@
DIST nzbget-21.1.tar.gz 1988916 BLAKE2B 74298c5c7f3986831f36832a8ffe596543196b5b46500925de478bf11cab8e66fb36dee9458533a4194d82123765b29e37914463d72fd206e218b4875861001a SHA512 d8dc1ad324f675c5505e623049a14c022475267aa03dcd5d8fd6cf9ed3b776cc2776077b61d035e252937ea4b6bf8f90bd33e715cfd842d2e012615df3ffeafb
DIST nzbget-24.1.tar.gz 5365282 BLAKE2B 4fe260c361888d99eaf457a520b39560320b86d181cd12891b35962c9d4c6d773aeb389bf2254029fc58643bb5b04eb24917db9319f1a1068014feed08521dde SHA512 eb4a60cb3a529e2fb8242615e57758ceed615a573fabbe7170490e7af8c228edc90a096860ab7cf49ee85fc834cb8db30aa866c4f149679396139e54c166cf5c
+DIST nzbget-24.2.tar.gz 5512752 BLAKE2B ef4c6e562976030b790a93747d11d6b7059be7cb8bc9076068c037a0e8d25f09054ff280417b52f534af50aec0f11cd21959f995ae8252a21ea274aa7efdfc84 SHA512 ad280315f9a60bf206a134e3703337af2e2dfb8282dd5efc55af071f82f5f7e7857f819dd843f6ae70cd7fcea2c84de4db535d7658fb5255a380ffcf685a680f
diff --git a/net-nntp/nzbget/files/nzbget-24.2-fix-getrealpath-buffer-overflow.patch b/net-nntp/nzbget/files/nzbget-24.2-fix-getrealpath-buffer-overflow.patch
new file mode 100644
index 000000000000..fcaeb9a5c2d6
--- /dev/null
+++ b/net-nntp/nzbget/files/nzbget-24.2-fix-getrealpath-buffer-overflow.patch
@@ -0,0 +1,174 @@
+https://github.com/nzbgetcom/nzbget/commit/f89978f7479cbb0ff2f96c8632d9d2f31834e6c8
+
+From f89978f7479cbb0ff2f96c8632d9d2f31834e6c8 Mon Sep 17 00:00:00 2001
+From: Denis <146707790+dnzbk@users.noreply.github.com>
+Date: Wed, 7 Aug 2024 11:54:33 -0700
+Subject: [PATCH] Fixed: buffer overflow using getrealpath function (#346)
+
+- use a safer approach of using `getrealpath` according to the [doc](https://man7.org/linux/man-pages/man3/realpath.3.html)
+- using `std::string_view` instead of `std::string&` for better performance
+- improved `SystemInfoTest` to make it more flexible
+--- a/daemon/util/FileSystem.cpp
++++ b/daemon/util/FileSystem.cpp
+@@ -56,20 +56,21 @@ void FileSystem::NormalizePathSeparators(char* path)
+ }
+ }
+
+-std::optional<std::string> FileSystem::GetFileRealPath(const std::string& path)
++std::optional<std::string> FileSystem::GetFileRealPath(std::string_view path)
+ {
+- char buffer[256];
+-
+ #ifdef WIN32
+- DWORD len = GetFullPathName(path.c_str(), 256, buffer, nullptr);
++ char buffer[MAX_PATH];
++ DWORD len = GetFullPathName(path.data(), MAX_PATH, buffer, nullptr);
+ if (len != 0)
+ {
+- return std::optional<std::string>{ buffer };
++ return std::optional{ buffer };
+ }
+ #else
+- if (realpath(path.c_str(), buffer) != nullptr)
++ if (char* realPath = realpath(path.data(), nullptr))
+ {
+- return std::optional<std::string>{ buffer };
++ std::string res = realPath;
++ free(realPath);
++ return std::optional(std::move(res));
+ }
+ #endif
+
+--- a/daemon/util/FileSystem.h
++++ b/daemon/util/FileSystem.h
+@@ -40,7 +40,7 @@ class FileSystem
+ static char* BaseFileName(const char* filename);
+ static bool SameFilename(const char* filename1, const char* filename2);
+ static void NormalizePathSeparators(char* path);
+- static std::optional<std::string> GetFileRealPath(const std::string& path);
++ static std::optional<std::string> GetFileRealPath(std::string_view path);
+ static bool LoadFileIntoBuffer(const char* filename, CharBuffer& buffer, bool addTrailingNull);
+ static bool SaveBufferIntoFile(const char* filename, const char* buffer, int bufLen);
+ static bool AllocateFile(const char* filename, int64 size, bool sparse, CString& errmsg);
+--- a/tests/system/SystemInfoTest.cpp
++++ b/tests/system/SystemInfoTest.cpp
+@@ -28,22 +28,22 @@
+ #include "Log.h"
+ #include "DiskState.h"
+
+-Log* g_Log = new Log();
++Log* g_Log;
+ Options* g_Options;
+ DiskState* g_DiskState;
+
+-std::string GetToolsJsonStr(const std::vector<System::Tool> tools)
++std::string GetToolsJsonStr(const std::vector<System::Tool>& tools)
+ {
+ std::string json = "\"Tools\":[";
+
+ for (size_t i = 0; i < tools.size(); ++i)
+ {
+ std::string path = tools[i].path;
+- for (size_t i = 0; i < path.length(); ++i) {
+- if (path[i] == '\\')
++ for (size_t j = 0; j < path.length(); ++j) {
++ if (path[j] == '\\')
+ {
+- path.insert(i, "\\");
+- ++i;
++ path.insert(j, "\\");
++ ++j;
+ }
+ }
+
+@@ -62,7 +62,7 @@ std::string GetToolsJsonStr(const std::vector<System::Tool> tools)
+ return json;
+ }
+
+-std::string GetLibrariesJsonStr(const std::vector<System::Library> libs)
++std::string GetLibrariesJsonStr(const std::vector<System::Library>& libs)
+ {
+ std::string json = "\"Libraries\":[";
+
+@@ -82,7 +82,7 @@ std::string GetLibrariesJsonStr(const std::vector<System::Library> libs)
+ return json;
+ }
+
+-std::string GetToolsXmlStr(const std::vector<System::Tool> tools)
++std::string GetToolsXmlStr(const std::vector<System::Tool>& tools)
+ {
+ std::string xml = "<Tools>";
+
+@@ -110,7 +110,7 @@ std::string GetToolsXmlStr(const std::vector<System::Tool> tools)
+ return xml;
+ }
+
+-std::string GetLibrariesXmlStr(const std::vector<System::Library> libs)
++std::string GetLibrariesXmlStr(const std::vector<System::Library>& libs)
+ {
+ std::string xml = "<Libraries>";
+
+@@ -126,13 +126,32 @@ std::string GetLibrariesXmlStr(const std::vector<System::Library> libs)
+ return xml;
+ }
+
++std::string GetNetworkXmlStr(const System::Network& network)
++{
++ std::string res = "<Network>";
++ res += network.publicIP.empty()
++ ? "<member><name>PublicIP</name><value><string/></value></member>"
++ : "<member><name>PublicIP</name><value><string>" + network.publicIP + "</string></value></member>";
++
++ res += network.privateIP.empty()
++ ? "<member><name>PrivateIP</name><value><string/></value></member>"
++ : "<member><name>PrivateIP</name><value><string>" + network.privateIP + "</string></value></member>";
++
++ res += "</Network>";
++ return res;
++}
++
+ BOOST_AUTO_TEST_CASE(SystemInfoTest)
+ {
+- BOOST_CHECK(0 == 0);
++ Log log;
++ DiskState ds;
+ Options::CmdOptList cmdOpts;
+ cmdOpts.push_back("SevenZipCmd=7z");
+ cmdOpts.push_back("UnrarCmd=unrar");
+ Options options(&cmdOpts, nullptr);
++
++ g_Log = &log;
++ g_DiskState = &ds;
+ g_Options = &options;
+
+ auto sysInfo = std::make_unique<System::SystemInfo>();
+@@ -157,14 +176,25 @@ BOOST_AUTO_TEST_CASE(SystemInfoTest)
+ "</string></value></member>" +
+ "<member><name>Arch</name><value><string>" + sysInfo->GetCPUInfo().GetArch() +
+ "</string></value></member></CPU>" +
+- "<Network><member><name>PublicIP</name><value><string>" + sysInfo->GetNetworkInfo().publicIP +
+- "</string></value></member>"
+- "<member><name>PrivateIP</name><value><string>" + sysInfo->GetNetworkInfo().privateIP +
+- "</string></value></member></Network>" +
++ GetNetworkXmlStr(sysInfo->GetNetworkInfo()) +
+ GetToolsXmlStr(sysInfo->GetTools()) +
+ GetLibrariesXmlStr(sysInfo->GetLibraries()) +
+ "</struct></value>";
+
++ BOOST_TEST_MESSAGE("EXPECTED JSON STR: ");
++ BOOST_TEST_MESSAGE(jsonStrExpected);
++
++ BOOST_TEST_MESSAGE("RESULT JSON STR: ");
++ BOOST_TEST_MESSAGE(jsonStrResult);
++
++ BOOST_TEST_MESSAGE("EXPECTED XML STR: ");
++ BOOST_TEST_MESSAGE(xmlStrExpected);
++
++ BOOST_TEST_MESSAGE("RESULT XML STR: ");
++ BOOST_TEST_MESSAGE(xmlStrResult);
++
+ BOOST_CHECK(jsonStrResult == jsonStrExpected);
+ BOOST_CHECK(xmlStrResult == xmlStrExpected);
++
++ xmlCleanupParser();
+ }
diff --git a/net-nntp/nzbget/nzbget-24.2.ebuild b/net-nntp/nzbget/nzbget-24.2.ebuild
new file mode 100644
index 000000000000..61ab9a26e4e2
--- /dev/null
+++ b/net-nntp/nzbget/nzbget-24.2.ebuild
@@ -0,0 +1,117 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake systemd
+
+DESCRIPTION="A command-line based binary newsgrabber supporting .nzb files"
+HOMEPAGE="https://nzbget.com/"
+SRC_URI="https://github.com/nzbgetcom/${PN}/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~x86"
+IUSE="gnutls ncurses +parcheck ssl test zlib"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+ dev-libs/boost:=
+ dev-libs/libxml2:=
+ ncurses? ( sys-libs/ncurses:0= )
+ ssl? (
+ gnutls? (
+ net-libs/gnutls:=
+ dev-libs/nettle:=
+ )
+ !gnutls? ( dev-libs/openssl:0=[-bindist(-)] )
+ )
+ zlib? ( sys-libs/zlib:= )"
+RDEPEND="
+ ${DEPEND}
+ acct-user/nzbget
+ acct-group/nzbget
+"
+BDEPEND="
+ test? (
+ || (
+ app-arch/rar
+ app-arch/unrar
+ )
+ )
+ virtual/pkgconfig
+"
+
+DOCS=( ChangeLog.md README.md nzbget.conf )
+
+PATCHES=(
+ "${FILESDIR}/${P}-fix-getrealpath-buffer-overflow.patch"
+)
+
+src_prepare() {
+ cmake_src_prepare
+
+ # Update the main configuration file with the correct paths
+ sed -i nzbget.conf \
+ -e "s:^WebDir=.*:WebDir=${EPREFIX}/usr/share/nzbget/webui:" \
+ -e "s:^ConfigTemplate=.*:ConfigTemplate=${EPREFIX}/usr/share/nzbget/nzbget.conf:" \
+ || die
+ # Update the daemon-specific configuration file (used by the OpenRC and
+ # systemd services)
+ sed nzbget.conf > nzbgetd.conf \
+ -e "s:^MainDir=.*:MainDir=${EPREFIX}/var/lib/nzbget:" \
+ -e "s:^LogFile=.*:LogFile=${EPREFIX}/var/log/nzbget/nzbget.log:" \
+ -e 's:^DaemonUsername=.*:DaemonUsername=nzbget:' \
+ || die
+}
+
+src_configure() {
+ local mycmakeargs=(
+ -DDISABLE_CURSES=$(usex !ncurses)
+ -DDISABLE_PARCHECK=$(usex !parcheck)
+ -DDISABLE_TLS=$(usex !ssl)
+ -DDISABLE_GZIP=$(usex !zlib)
+ -DUSE_OPENSSL=$(usex !gnutls)
+ -DUSE_GNUTLS=$(usex gnutls)
+ -DENABLE_TESTS=$(usex test)
+ )
+ cmake_src_configure
+}
+
+src_install() {
+ cmake_src_install
+
+ insinto /etc
+ doins nzbget.conf
+ doins nzbgetd.conf
+
+ # The configuration file's "ConfigTemplate" option points to this, we must
+ # make sure it exists as the Web UI reads it. It is not installed by
+ # default, see the "install-conf" target in cmake/install.cmake.
+ insinto /usr/share/nzbget
+ doins nzbget.conf
+
+ keepdir /var/log/nzbget
+
+ newinitd "${FILESDIR}"/nzbget.initd-r1 nzbget
+ newconfd "${FILESDIR}"/nzbget.confd nzbget
+ systemd_dounit "${FILESDIR}"/nzbget.service
+}
+
+pkg_preinst() {
+ fowners nzbget:nzbget /var/log/nzbget
+ fperms 750 /var/log/nzbget
+
+ fowners nzbget:nzbget /etc/nzbgetd.conf
+ fperms 640 /etc/nzbgetd.conf
+}
+
+pkg_postinst() {
+ if [[ -z ${REPLACING_VERSIONS} ]] ; then
+ elog
+ elog "Please add users that you want to be able to use the system-wide"
+ elog "nzbget daemon to the nzbget group. To access the daemon, run nzbget"
+ elog "with the --configfile /etc/nzbgetd.conf option."
+ elog
+ fi
+}