mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-13 16:06:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

app-arch/tar: Sync with Gentoo

Browse Source 
It's from Gentoo commit a8320b2610a082aa0766200884c69a76f21829b2.
This commit is contained in:
Flatcar Buildbot 2023-03-27 07:21:25 +00:00
parent bef2348928
commit 61b7fca2dc
3 changed files with 136 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
sdk_container/src/third_party/portage-stable/app-arch/tar/files/tar-1.34-fix-cve-2022-48303.patch vendored Normal file
View File

@ -0,0 +1,32 @@
Gentoo Bug: https://bugs.gentoo.org/898176
Upstream Commit Link: https://git.savannah.gnu.org/cgit/tar.git/commit/?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8
From 3da78400eafcccb97e2f2fd4b227ea40d794ede8 Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Sat, 11 Feb 2023 11:57:39 +0200
Subject: [PATCH] Fix boundary checking in base-256 decoder
* src/list.c (from_header): Base-256 encoding is at least 2 bytes
long.
---
src/list.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/list.c b/src/list.c
index 9fafc425..86bcfdd1 100644
--- a/src/list.c
+++ b/src/list.c
@@ -881,8 +881,9 @@ from_header (char const *where0, size_t digs, char const *type,
where++;
}
}
- else if (*where == '\200' /* positive base-256 */
- || *where == '\377' /* negative base-256 */)
+ else if (where <= lim - 2
+ && (*where == '\200' /* positive base-256 */
+ || *where == '\377' /* negative base-256 */))
{
/* Parse base-256 output. A nonnegative number N is
represented as (256**DIGS)/2 + N; a negative number -N is
--
2.39.2.637.g21b0678d19-goog

5
sdk_container/src/third_party/portage-stable/app-arch/tar/tar-1.34-r2.ebuild vendored
View File

@ -38,8 +38,13 @@ PDEPEND="
" "
src_configure() { src_configure() {
# -fanalyzer doesn't make sense for us in ebuilds, as it's for static analysis
export gl_cv_warn_c__fanalyzer=no
local myeconfargs=( local myeconfargs=(
--bindir="${EPREFIX}"/bin --bindir="${EPREFIX}"/bin
# Avoid -Werror
--disable-gcc-warnings
--enable-backup-scripts --enable-backup-scripts
--libexecdir="${EPREFIX}"/usr/sbin --libexecdir="${EPREFIX}"/usr/sbin
$(use_with acl posix-acls) $(use_with acl posix-acls)

99
sdk_container/src/third_party/portage-stable/app-arch/tar/tar-1.34-r3.ebuild vendored Normal file
View File

@ -0,0 +1,99 @@
# Copyright 1999-2023 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
VERIFY_SIG_OPENPGP_KEY_PATH="${BROOT}"/usr/share/openpgp-keys/tar.asc
inherit verify-sig
DESCRIPTION="Use this to make tarballs :)"
HOMEPAGE="https://www.gnu.org/software/tar/"
SRC_URI="mirror://gnu/tar/${P}.tar.xz
https://alpha.gnu.org/gnu/tar/${P}.tar.xz"
SRC_URI+=" verify-sig? (
mirror://gnu/tar/${P}.tar.xz.sig
https://alpha.gnu.org/gnu/tar/${P}.tar.xz.sig
)"
LICENSE="GPL-3+"
SLOT="0"
if [[ -z "$(ver_cut 3)" ]] || [[ "$(ver_cut 3)" -lt 90 ]] ; then
KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~arm64-macos ~ppc-macos ~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
fi
IUSE="acl minimal nls selinux xattr"
RDEPEND="
acl? ( virtual/acl )
selinux? ( sys-libs/libselinux )
"
DEPEND="${RDEPEND}
xattr? ( elibc_glibc? ( sys-apps/attr ) )
"
BDEPEND="
nls? ( sys-devel/gettext )
verify-sig? ( sec-keys/openpgp-keys-tar )
"
PDEPEND="
app-alternatives/tar
"
PATCHES=(
"${FILESDIR}"/${P}-fix-cve-2022-48303.patch
)
src_configure() {
# -fanalyzer doesn't make sense for us in ebuilds, as it's for static analysis
export gl_cv_warn_c__fanalyzer=no
local myeconfargs=(
--bindir="${EPREFIX}"/bin
# Avoid -Werror
--disable-gcc-warnings
--enable-backup-scripts
--libexecdir="${EPREFIX}"/usr/sbin
$(use_with acl posix-acls)
$(use_enable nls)
$(use_with selinux)
$(use_with xattr xattrs)
# autoconf looks for gtar before tar (in configure scripts), hence
# in Prefix it is important that it is there, otherwise, a gtar from
# the host system (FreeBSD, Solaris, Darwin) will be found instead
# of the Prefix provided (GNU) tar
--program-prefix=g
)
FORCE_UNSAFE_CONFIGURE=1 econf "${myeconfargs[@]}"
}
src_install() {
default
# a nasty yet required piece of baggage
exeinto /etc
doexe "${FILESDIR}"/rmt
mv "${ED}"/usr/sbin/{gbackup,backup-tar} || die
mv "${ED}"/usr/sbin/{grestore,restore-tar} || die
mv "${ED}"/usr/sbin/{g,}backup.sh || die
mv "${ED}"/usr/sbin/{g,}dump-remind || die
if use minimal ; then
find "${ED}"/etc "${ED}"/*bin/ "${ED}"/usr/*bin/ \
-type f -a '!' -name gtar \
-delete || die
fi
if ! use minimal; then
dosym grmt /usr/sbin/rmt
fi
dosym grmt.8 /usr/share/man/man8/rmt.8
}
pkg_postinst() {
# ensure to preserve the symlink before app-alternatives/tar
# is installed
if [[ ! -h ${EROOT}/bin/tar ]]; then
ln -s gtar "${EROOT}/bin/tar" || die
fi
}