From e11ed1ef79f380f40e14af8d45720f80fc172162 Mon Sep 17 00:00:00 2001
From: Zach van Rijn <me@zv.io>
Date: Tue, 15 Nov 2022 19:43:24 +0000
Subject: user/mbuffer: add patch to clamp 32-bit parameters. fixes #834.

The number of physical and available pages will of course be
correct on real 32-bit systems, but mbuffer does not account
for the case of when a 64-bit system with more memory is
running with a 32-bit personality. In this scenario, dynamic
detection of system memory limits yields values that are not
safe for use in a 32-bit environment.
---
 user/mbuffer/APKBUILD                      |  9 ++++---
 user/mbuffer/clamp-32-bit-parameters.patch | 39 ++++++++++++++++++++++++++++++
 2 files changed, 45 insertions(+), 3 deletions(-)
 create mode 100644 user/mbuffer/clamp-32-bit-parameters.patch

(limited to 'user/mbuffer')

diff --git a/user/mbuffer/APKBUILD b/user/mbuffer/APKBUILD
index 4e1e4b843..3652e22d3 100644
--- a/user/mbuffer/APKBUILD
+++ b/user/mbuffer/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: CyberLeo <cyberleo@cyberleo.net>
 pkgname=mbuffer
 pkgver=20220418
-pkgrel=0
+pkgrel=1
 pkgdesc="mbuffer is a tool for buffering data streams."
 url="https://www.maier-komor.de/mbuffer.html"
 arch="all"
@@ -11,7 +11,9 @@ depends=""
 makedepends="cmd:which openssl-dev"
 subpackages="$pkgname-doc"
 source="https://www.maier-komor.de/software/$pkgname/$pkgname-$pkgver.tgz
-	test-static-file-instead.patch"
+	test-static-file-instead.patch
+	clamp-32-bit-parameters.patch
+	"
 
 build() {
 	./configure \
@@ -33,4 +35,5 @@ package() {
 }
 
 sha512sums="aad7f764c82e3bdd4ee3fc5ac8174e716fd44cdb0418f1994d3f506d2e58264a13e15596bc8e78e9e8bb2d181875294448085bab122a2a31356d4336bb8b54a4  mbuffer-20220418.tgz
-28b7c7c7ee2b2130315cd6c4765d492e9d29376670a03ab0a1ab862a1ec5dea93e91e9de5e08604db69fe4139370eedb2a0754f16e5ebec3de9b48dc2a1dbea7  test-static-file-instead.patch"
+28b7c7c7ee2b2130315cd6c4765d492e9d29376670a03ab0a1ab862a1ec5dea93e91e9de5e08604db69fe4139370eedb2a0754f16e5ebec3de9b48dc2a1dbea7  test-static-file-instead.patch
+73a8a854c8f1aae866abf2b52aa5fc2d276dd5a0cc8595e176bb852e731ba4b310833a9b58260b323abf413b0fec74bdb39f89d708ffb81fc5ea82680c535268  clamp-32-bit-parameters.patch"
diff --git a/user/mbuffer/clamp-32-bit-parameters.patch b/user/mbuffer/clamp-32-bit-parameters.patch
new file mode 100644
index 000000000..3dc2d0eac
--- /dev/null
+++ b/user/mbuffer/clamp-32-bit-parameters.patch
@@ -0,0 +1,39 @@
+In addition to clamping NumP and AvP, this patch reorders
+shift operations to prevent possible overflow when given
+values that are found in some environments where a 64-bit
+system is running with a 32-bit personality.
+
+It should not be construed as fixing any bug in mbuffer.
+
+--- a/mbuffer.c
++++ b/mbuffer.c
+@@ -984,7 +984,14 @@
+ 
+ 	/* get physical memory size */
+ #if defined(_SC_PHYS_PAGES)
+-	NumP = sysconf(_SC_PHYS_PAGES);
++	if (sizeof(void *) == 4)
++	{
++		NumP = (unsigned)-1 / PgSz; /* 4GB worth of pages */
++	}
++	else
++	{
++		NumP = sysconf(_SC_PHYS_PAGES);
++	}
+ 	if (NumP < 0) {
+ 		warningmsg("unable to determine number of total memory pages: %s\n",strerror(errno));
+ 		NumP = 0;
+@@ -1004,8 +1011,12 @@
+ 			char *at = strstr(tmp,"MemAvailable:");
+ 			if (at) {
+ 				AvP = strtol(at+13,0,0);
+-				AvP <<= 10;
+ 				AvP /= PgSz;
++				AvP <<= 10;
++				if (sizeof(void *) == 4 && AvP > NumP)
++				{
++					AvP = NumP;
++				}
+ 				debugmsg("available memory: %lu pages\n",AvP);
+ 			}
+ 		}
-- 
cgit v1.2.3-70-g09d2