summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--system/pkgconf/0001-tuple-Ensure-buf-length-is-always-1-in-dequote.patch53
-rw-r--r--system/pkgconf/APKBUILD10
2 files changed, 59 insertions, 4 deletions
diff --git a/system/pkgconf/0001-tuple-Ensure-buf-length-is-always-1-in-dequote.patch b/system/pkgconf/0001-tuple-Ensure-buf-length-is-always-1-in-dequote.patch
new file mode 100644
index 000000000..d1a423391
--- /dev/null
+++ b/system/pkgconf/0001-tuple-Ensure-buf-length-is-always-1-in-dequote.patch
@@ -0,0 +1,53 @@
+From 9b7affe0b1e6512c6c73d19e1220c94fdb5c8159 Mon Sep 17 00:00:00 2001
+From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
+Date: Sat, 28 Jul 2018 19:06:33 -0500
+Subject: [PATCH] tuple: Ensure buf length is always >= 1 in dequote
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If a key is defined with no value, dequote will allocate a buffer with a
+length of 0. Since the buffer's length is 0, any manipulation of its
+content is UB.
+
+Example .pc file:
+
+prefix=/usr
+exec_prefix=${prefix}
+libdir=${exec_prefix}/lib
+includedir=${prefix}/include
+
+xcflags=
+xlibs= -lSM -lICE -lX11
+
+Name: Obt
+Description: Openbox Toolkit Library
+Version: 3.6
+Requires: glib-2.0 libxml-2.0
+Libs: -L${libdir} -lobt ${xlibs}
+Cflags: -I${includedir}/openbox/3.6 ${xcflags}
+
+Output using pkgconf 1.5.2 on x86_64 Linux/musl:
+
+% pkgconf --cflags obt-3.5
+-I/usr/include/openbox/3.6 \�\\�I\�\ -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/libxml2
+---
+ libpkgconf/tuple.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libpkgconf/tuple.c b/libpkgconf/tuple.c
+index 26dc5d5..8523709 100644
+--- a/libpkgconf/tuple.c
++++ b/libpkgconf/tuple.c
+@@ -139,7 +139,7 @@ pkgconf_tuple_find_delete(pkgconf_list_t *list, const char *key)
+ static char *
+ dequote(const char *value)
+ {
+- char *buf = calloc(strlen(value) * 2, 1);
++ char *buf = calloc((strlen(value) + 1) * 2, 1);
+ char *bptr = buf;
+ const char *i;
+ char quote = 0;
+--
+2.17.1
+
diff --git a/system/pkgconf/APKBUILD b/system/pkgconf/APKBUILD
index a2e2f3b32..fd401ee2c 100644
--- a/system/pkgconf/APKBUILD
+++ b/system/pkgconf/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer: William Pitcock <nenolod@dereferenced.org>
pkgname=pkgconf
-pkgver=1.5.1
+pkgver=1.5.2
pkgrel=0
pkgdesc="development framework configuration tools"
url="https://git.dereferenced.org/pkgconf/pkgconf/"
@@ -8,10 +8,11 @@ arch="all"
license="ISC"
replaces="pkgconfig"
provides="pkgconfig=1"
-source="https://distfiles.dereferenced.org/pkgconf/pkgconf-$pkgver.tar.xz"
subpackages="$pkgname-doc $pkgname-dev"
checkdepends="kyua atf"
-builddir="$srcdir/$pkgname-$pkgver"
+source="https://distfiles.dereferenced.org/pkgconf/pkgconf-$pkgver.tar.xz
+ 0001-tuple-Ensure-buf-length-is-always-1-in-dequote.patch
+ "
build() {
cd "$builddir"
@@ -50,4 +51,5 @@ dev() {
mv "$subpkgdir"/usr/share/aclocal/pkg.m4 "$pkgdir"/usr/share/aclocal/
}
-sha512sums="a2e7a675fed6600fd38d90a98fa8295e1b79b4dd018f544ca777caf8cf6687029d0925ef33a08dd7815d5d3cad835bb9b70ab3161b6e083965fa60652661955a pkgconf-1.5.1.tar.xz"
+sha512sums="2f4eee60f677599d7c1d230050b7044d6919c460a409d79f51335efe358aeaf29f362249ad5986de947c2cb24032a6da641361b47216ff1d91d7371cec5d512c pkgconf-1.5.2.tar.xz
+0044dd942a4893c1ec2f905133b0c1568f757b2e4e585fc113328b607f1e1d32eb2c7ccc62b8ddb445a18c076a694239875ce4aa380a628d21ebcc6aab4b8a40 0001-tuple-Ensure-buf-length-is-always-1-in-dequote.patch"