diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2018-03-31 10:55:17 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2018-03-31 10:55:17 +0100 |
| commit | 75fc75ae1f0481ffdb78450e801a9b443ba641bd (patch) | |
| tree | cef96ea0860ae39a202bbf1e226100335209627d /dev-cpp/yaml-cpp | |
| parent | 1173ad5704ce725916e0c332416aff326d850d06 (diff) | |
gentoo resync : 31.03.2018
Diffstat (limited to 'dev-cpp/yaml-cpp')
| -rw-r--r-- | dev-cpp/yaml-cpp/Manifest | 4 | ||||
| -rw-r--r-- | dev-cpp/yaml-cpp/files/yaml-cpp-0.6.2-CVE-2017-5950.patch | 45 | ||||
| -rw-r--r-- | dev-cpp/yaml-cpp/files/yaml-cpp-0.6.2-unbundle-gtest.patch | 70 | ||||
| -rw-r--r-- | dev-cpp/yaml-cpp/yaml-cpp-0.6.2.ebuild | 41 |
4 files changed, 160 insertions, 0 deletions
diff --git a/dev-cpp/yaml-cpp/Manifest b/dev-cpp/yaml-cpp/Manifest index a03af14bec50..b4a7ee9d6c6e 100644 --- a/dev-cpp/yaml-cpp/Manifest +++ b/dev-cpp/yaml-cpp/Manifest @@ -1,5 +1,9 @@ AUX yaml-cpp-0.5.3-gcc6.patch 1768 BLAKE2B 979b0ce92ceb0305f3b063b926c2d01e06507adcca2ea8dfabc656678f8fcfe8a66a839cef5adaece8a1b9b8cc2dfc97f97b80b073594f25e80fcc1810c98ef7 SHA512 be0d4cab18312329e37c114cf739fe143a6f635669a741f149fd32cf54bc0307f80a5383025dc04700a8c1ae33de68185f85d516ceb32e364317db06563a8b39 +AUX yaml-cpp-0.6.2-CVE-2017-5950.patch 1697 BLAKE2B 7b13c947e471aa08ec718cecfd43666689cbf0137ed6328ab550f722c409f19ec6437a5458180a3c334ebfe899ef67cbee04237fd230ac06fde863c3adc231f3 SHA512 0ba8bb8d81a98b77cde3dd386fe237dd11aae53011419042ff0b72b643ac2c1fdb7753ff524d0c5d319f7d601b417d1c6ab2419c728c4015197f83ce3eaa34b2 +AUX yaml-cpp-0.6.2-unbundle-gtest.patch 2204 BLAKE2B 733b6eed366ca33085251c3c6f3655060d3cc02a77f5f53a21c9163b894400c7418c3d9f032c8f6d460d58b35594f6ba1cd8eea0a667fbe1849a8eb866074ce5 SHA512 8cb227c2e156bd642be29b15ae7a7de9e4839d6f4b5e0132982659eaab442347d3ef3eedd1bfb8f936a5a1dc98b6d41be915f7da53fd6764f8b6becbaf6cff98 DIST yaml-cpp-0.5.3.tar.gz 2016737 BLAKE2B 6c10d44fe04fdd81cd61c909acdb576834f5358dd44353723b04d8a42bf8a1312cfa752e445c84f93c6ce76358b2d42dee5263f6fbd47a1f928d1cd28aedef07 SHA512 5ed15fee3c6455c08e6bd8f74256b230f274ef18f8e144491e940640e41626517c7eaaf4a1f380c4179066a2a757c8a0f61878df9dc3caa15e37c4954be47fe0 +DIST yaml-cpp-0.6.2.tar.gz 1396250 BLAKE2B be342c212c980cdb03349dbafbe1db0bb581123b4dd6909393d3cdc86145b997a9d2f9b57a5e9d7c8cc60cdfd03f1c37e9db610d8784f2d29fdeada5ab322894 SHA512 fea8ce0a20a00cbc75023d1db442edfcd32d0ac57a3c41b32ec8d56f87cc1d85d7dd7a923ce662f5d3a315f91a736d6be0d649997acd190915c1d68cc93795e4 EBUILD yaml-cpp-0.5.3-r1.ebuild 798 BLAKE2B 7934aba0c61b222341b99a64d4aba8853ab7a4aa985feaafb5f3e64e94b851d86c50cb40652cc062b995277fb6d6a78fcccfb0f04a829c4100ca5473f37b06c9 SHA512 f1bb48e5ea79c1ec1ab1a53e2947bbaf6d0d857dd66c8216e2d31048b0b0a8e1d2decd0e8bd943cbdbf6628b8db812bf598900cb19d29aa6a5720a5a3ca638f2 EBUILD yaml-cpp-0.5.3.ebuild 797 BLAKE2B 8bbe93179b538d9752b8a0a850b4eb23c423b65df19bf8f6344f343142b9e9dc0b88bf652f952537a9432dadf74e45cad2c24ce63908a329be67bc9d2da56dde SHA512 7ba8c623a04d5ca58e4f0398a08f35f93828b309d73f03d150f6345134544efccb4ba1ca87ded44744025f4c320576976cc8ba52d86604d7cbd0caa5a796376c +EBUILD yaml-cpp-0.6.2.ebuild 905 BLAKE2B 7bb0614342221c0641cd2d7ba4e80045454de983b7389778f113048337599edbe5e21b0307676bdff762e2bbd1b45d2d657b79855b87fd1146cc8f9a4a416ef1 SHA512 1730638bacf866c7ccb1d9745631201e27d9fb2180e47a72572e1700d835f6c5e9b66a6e89996d4c65c688cbd1dd8edf02345deddb824447260f413216903c4a MISC metadata.xml 325 BLAKE2B 8e094a75d87d80e86efaf6ee191225ad0772dac343ae12ec84e73faffc17464c8431ee78018602127fd52441a6b18d09b58127b7d7ea1ee02163f58d327f0f3f SHA512 a4a5de1911c7bfeb37a3ca5aca8b3c044d51230164ac7d14566a9a4064e5202fac0e613089191ea959d0bb3df157049932d394d167e32fc8a432ab35e4cf24ae diff --git a/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.2-CVE-2017-5950.patch b/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.2-CVE-2017-5950.patch new file mode 100644 index 000000000000..2892108bd250 --- /dev/null +++ b/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.2-CVE-2017-5950.patch @@ -0,0 +1,45 @@ +From d540476e31b080aa1f903ad20ec0426dd3838be7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org> +Date: Tue, 25 Apr 2017 20:10:20 -0400 +Subject: [PATCH] fix stack overflow in HandleNode() (CVE-2017-5950) + +simply set a hardcoded recursion limit to 2000 (inspired by Python's) +to avoid infinitely recursing into arbitrary data structures + +assert() the depth. unsure if this is the right approach, but given +that HandleNode() is "void", I am not sure how else to return an +error. the problem with this approach of course is that it will still +crash the caller, unless they have proper exception handling in place. + +Closes: #459 +--- + src/singledocparser.cpp | 2 ++ + src/singledocparser.h | 2 ++ + 2 files changed, 4 insertions(+) + +diff --git a/src/singledocparser.cpp b/src/singledocparser.cpp +index a27c1c3b..1b4262ee 100644 +--- a/src/singledocparser.cpp ++++ b/src/singledocparser.cpp +@@ -46,6 +46,8 @@ void SingleDocParser::HandleDocument(EventHandler& eventHandler) { + } + + void SingleDocParser::HandleNode(EventHandler& eventHandler) { ++ assert(depth < depth_limit); ++ depth++; + // an empty node *is* a possibility + if (m_scanner.empty()) { + eventHandler.OnNull(m_scanner.mark(), NullAnchor); +diff --git a/src/singledocparser.h b/src/singledocparser.h +index 2b92067c..7046f1e2 100644 +--- a/src/singledocparser.h ++++ b/src/singledocparser.h +@@ -51,6 +51,8 @@ class SingleDocParser : private noncopyable { + anchor_t LookupAnchor(const Mark& mark, const std::string& name) const; + + private: ++ int depth = 0; ++ int depth_limit = 2000; + Scanner& m_scanner; + const Directives& m_directives; + std::unique_ptr<CollectionStack> m_pCollectionStack; diff --git a/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.2-unbundle-gtest.patch b/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.2-unbundle-gtest.patch new file mode 100644 index 000000000000..671bde36704a --- /dev/null +++ b/dev-cpp/yaml-cpp/files/yaml-cpp-0.6.2-unbundle-gtest.patch @@ -0,0 +1,70 @@ +From 259f944bc3e45420f5891737101260f07ab3030a Mon Sep 17 00:00:00 2001 +From: "Azamat H. Hackimov" <azamat.hackimov@gmail.com> +Date: Tue, 27 Feb 2018 14:17:49 +0500 +Subject: [PATCH] Externalize googletest project + +Externalize gtest to avoid installation, fixes #539. +--- + test/CMakeLists.txt | 35 ++++++++++++++++++++++++++--------- + 1 file changed, 26 insertions(+), 9 deletions(-) + +diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt +index 3633da5..7b39dd4 100644 +--- a/test/CMakeLists.txt ++++ b/test/CMakeLists.txt +@@ -1,16 +1,27 @@ ++include(ExternalProject) ++ ++ExternalProject_Add( ++ googletest_project ++ SOURCE_DIR "${CMAKE_SOURCE_DIR}/test/gtest-1.8.0" ++ INSTALL_DIR "${CMAKE_BINARY_DIR}/prefix" ++ CMAKE_ARGS -DCMAKE_INSTALL_PREFIX:PATH=<INSTALL_DIR> -DBUILD_GMOCK=ON ++) ++ ++add_library(gmock UNKNOWN IMPORTED) ++set_target_properties(gmock PROPERTIES ++ IMPORTED_LOCATION ${PROJECT_BINARY_DIR}/prefix/lib/libgmock.a ++) ++ ++find_package(Threads) ++ ++include_directories(SYSTEM "${PROJECT_BINARY_DIR}/prefix/include") ++ + set(gtest_force_shared_crt ${MSVC_SHARED_RT} CACHE BOOL + "Use shared (DLL) run-time lib even when Google Test built as a static lib.") +-add_subdirectory(gtest-1.8.0) +-include_directories(SYSTEM gtest-1.8.0/googlemock/include) +-include_directories(SYSTEM gtest-1.8.0/googletest/include) +- +-if(WIN32 AND BUILD_SHARED_LIBS) +- add_definitions("-DGTEST_LINKED_AS_SHARED_LIBRARY") +-endif() + + if(CMAKE_CXX_COMPILER_ID MATCHES "GNU" OR + CMAKE_CXX_COMPILER_ID MATCHES "Clang") +- set(yaml_test_flags "-Wno-variadic-macros -Wno-sign-compare") ++ set(yaml_test_flags "-Wno-variadic-macros -Wno-sign-compare") + + if(CMAKE_CXX_COMPILER_ID MATCHES "Clang") + set(yaml_test_flags "${yaml_test_flags} -Wno-c99-extensions") +@@ -36,9 +47,15 @@ add_executable(run-tests + ${test_sources} + ${test_headers} + ) ++ ++add_dependencies(run-tests googletest_project) ++ + set_target_properties(run-tests PROPERTIES + COMPILE_FLAGS "${yaml_c_flags} ${yaml_cxx_flags} ${yaml_test_flags}" + ) +-target_link_libraries(run-tests yaml-cpp gmock) ++target_link_libraries(run-tests ++ yaml-cpp ++ gmock ++ ${CMAKE_THREAD_LIBS_INIT}) + + add_test(yaml-test ${CMAKE_RUNTIME_OUTPUT_DIRECTORY}/run-tests) +-- +2.16.1 + diff --git a/dev-cpp/yaml-cpp/yaml-cpp-0.6.2.ebuild b/dev-cpp/yaml-cpp/yaml-cpp-0.6.2.ebuild new file mode 100644 index 000000000000..608eab3ed612 --- /dev/null +++ b/dev-cpp/yaml-cpp/yaml-cpp-0.6.2.ebuild @@ -0,0 +1,41 @@ +# Copyright 1999-2018 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI=6 + +inherit cmake-multilib + +DESCRIPTION="YAML parser and emitter in C++" +HOMEPAGE="https://github.com/jbeder/yaml-cpp" +SRC_URI="https://github.com/jbeder/${PN}/archive/${P}.tar.gz" + +LICENSE="MIT" +SLOT="0/0.6" +KEYWORDS="~amd64 ~arm ~arm64 ~hppa ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="test" + +DEPEND="test? ( dev-cpp/gtest )" + +S="${WORKDIR}/${PN}-${P}" + +PATCHES=( + "${FILESDIR}/${P}-CVE-2017-5950.patch" + "${FILESDIR}/${P}-unbundle-gtest.patch" +) + +src_prepare() { + sed -i \ + -e 's:INCLUDE_INSTALL_ROOT_DIR:INCLUDE_INSTALL_DIR:g' \ + yaml-cpp.pc.cmake || die + + cmake-utils_src_prepare +} + +src_configure() { + local mycmakeargs=( + -DBUILD_SHARED_LIBS=ON + -DYAML_CPP_BUILD_TOOLS=OFF # Don't have install rule + -DYAML_CPP_BUILD_TESTS=$(usex test) + ) + cmake-multilib_src_configure +} |