summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorArsen Arsenović <arsen@aarsen.me>2022-11-28 00:47:24 +0100
committerFlorian Schmaus <flow@gentoo.org>2022-12-05 12:03:15 +0100
commit791dc067bffdd6b66d066756feb4b52d6d9865d7 (patch)
tree98800703101d751260bbece82e2dd13538d716f0 /dev-util
parentnet-proxy/haproxy: Bump to 2.5.10 (diff)
downloadgentoo-791dc067bffdd6b66d066756feb4b52d6d9865d7.tar.gz
gentoo-791dc067bffdd6b66d066756feb4b52d6d9865d7.tar.bz2
gentoo-791dc067bffdd6b66d066756feb4b52d6d9865d7.zip
dev-util/muon: bump to 0.1.0, for F_S=3 fix
Closes: https://bugs.gentoo.org/882295 Signed-off-by: Arsen Arsenović <arsen@aarsen.me> Closes: https://github.com/gentoo/gentoo/pull/28459 Signed-off-by: Florian Schmaus <flow@gentoo.org>
Diffstat (limited to 'dev-util')
-rw-r--r--dev-util/muon/files/muon-0.1.0-fix-potential-overflow.patch39
-rw-r--r--dev-util/muon/muon-0.1.0-r1.ebuild (renamed from dev-util/muon/muon-0.1.0.ebuild)4
2 files changed, 43 insertions, 0 deletions
diff --git a/dev-util/muon/files/muon-0.1.0-fix-potential-overflow.patch b/dev-util/muon/files/muon-0.1.0-fix-potential-overflow.patch
new file mode 100644
index 000000000000..fc33cb98f611
--- /dev/null
+++ b/dev-util/muon/files/muon-0.1.0-fix-potential-overflow.patch
@@ -0,0 +1,39 @@
+From 44daee7db0e6cc32f67ad2e944e7e68d73d3acc4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Arsen=20Arsenovi=C4=87?= <arsen@aarsen.me>
+Date: Sun, 20 Nov 2022 22:23:33 +0100
+Subject: [PATCH] build_target: Fix possible out-of-bounds edge case
+
+Detected on Tinderbox with FORTIFY_SOURCE=3.
+
+Bug: https://bugs.gentoo.org/882295
+---
+ src/functions/kernel/build_target.c | 6 +-----
+ 1 file changed, 1 insertion(+), 5 deletions(-)
+
+diff --git a/src/functions/kernel/build_target.c b/src/functions/kernel/build_target.c
+index 07b20e29..2ecc27c4 100644
+--- a/src/functions/kernel/build_target.c
++++ b/src/functions/kernel/build_target.c
+@@ -307,7 +307,6 @@ determine_target_build_name(struct workspace *wk, struct obj_build_target *tgt,
+ obj name_pre, obj name_suff, char plain_name[BUF_SIZE_2k])
+ {
+ const char *pref, *suff, *ver_suff = NULL;
+- uint32_t i;
+
+ switch (tgt->type) {
+ case tgt_executable:
+@@ -341,10 +340,7 @@ determine_target_build_name(struct workspace *wk, struct obj_build_target *tgt,
+ suff = get_cstr(wk, name_suff);
+ }
+
+- i = snprintf(plain_name, BUF_SIZE_2k, "%s%s", pref, get_cstr(wk, tgt->name));
+- if (suff) {
+- snprintf(&plain_name[i], BUF_SIZE_2k, ".%s", suff);
+- }
++ snprintf(plain_name, BUF_SIZE_2k, "%s%s%s%s", pref, get_cstr(wk, tgt->name), suff ? "." : "", suff ? suff : "");
+
+ tgt->build_name = make_strf(wk, "%s%s%s", plain_name, ver_suff ? "." : "", ver_suff ? ver_suff : "");
+ return true;
+--
+2.34.5
+
diff --git a/dev-util/muon/muon-0.1.0.ebuild b/dev-util/muon/muon-0.1.0-r1.ebuild
index 45c2381becbd..005a2ec004fd 100644
--- a/dev-util/muon/muon-0.1.0.ebuild
+++ b/dev-util/muon/muon-0.1.0-r1.ebuild
@@ -41,6 +41,10 @@ BDEPEND="
)
"
+PATCHES=(
+ "${FILESDIR}/muon-0.1.0-fix-potential-overflow.patch"
+)
+
python_check_deps() {
python_has_version "dev-python/pyyaml[${PYTHON_USEDEP}]"
}