pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2017Q3]: pkgsrc/math/lp_solve Pullup ticket #5591 - requested ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/d6595932122c
branches:  pkgsrc-2017Q3
changeset: 408562:d6595932122c
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sat Nov 04 17:06:24 2017 +0000

description:
Pullup ticket #5591 - requested by sevan
math/lp_solve: security fix

Revisions pulled up:
- math/lp_solve/Makefile                                        1.11
- math/lp_solve/distinfo                                        1.7-1.8
- math/lp_solve/patches/patch-lp__solve_ccc                     1.4-1.5
- math/lp_solve/patches/patch-lpsolve55_ccc                     1.4-1.5

---
   Module Name:    pkgsrc
   Committed By:   khorben
   Date:           Sat Oct 28 11:23:50 UTC 2017

   Modified Files:
           pkgsrc/math/lp_solve: distinfo
           pkgsrc/math/lp_solve/patches: patch-lp__solve_ccc
   patch-lpsolve55_ccc

   Log Message:
   Fix local privilege escalation when building math/lp_solve

   This still requires $TMPDIR (or /tmp) to be mounted with "exec", but now
   respects $TMPDIR.

---
   Module Name:    pkgsrc
   Committed By:   khorben
   Date:           Sun Oct 29 22:16:03 UTC 2017

   Modified Files:
           pkgsrc/math/lp_solve: Makefile distinfo
           pkgsrc/math/lp_solve/patches: patch-lp__solve_ccc
   patch-lpsolve55_ccc

   Log Message:
   Use ${WRKDIR}/tmp for temporary files instead of $(mktemp -d)

   This is more portable.

   As suggested by joerg@.

diffstat:

 math/lp_solve/Makefile                    |   3 +-
 math/lp_solve/distinfo                    |   6 +-
 math/lp_solve/patches/patch-lp__solve_ccc |  58 ++++++++++++++++++++++++++----
 math/lp_solve/patches/patch-lpsolve55_ccc |  56 +++++++++++++++++++++++++----
 4 files changed, 103 insertions(+), 20 deletions(-)

diffs (183 lines):

diff -r 6710942d37b5 -r d6595932122c math/lp_solve/Makefile
--- a/math/lp_solve/Makefile    Wed Nov 01 19:41:08 2017 +0000
+++ b/math/lp_solve/Makefile    Sat Nov 04 17:06:24 2017 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.10 2016/09/08 05:12:39 richard Exp $
+# $NetBSD: Makefile,v 1.10.12.1 2017/11/04 17:06:24 bsiegert Exp $
 #
 
 DISTNAME=      lp_solve_5.5.2.3_source
@@ -20,6 +20,7 @@
 SUBST_SED.dl+=         -e s,-ldl,${DL_LIBS:Q},g
 SUBST_SED.dl+=         -e s,^opts=.*,opts=\'${CFLAGS:Q}\',g
 SUBST_SED.dl+=         -e s,-fpic,-fPIC,g
+SUBST_VARS.dl+=                WRKDIR
 SUBST_FILES.dl+=       lp_solve/ccc
 SUBST_FILES.dl+=       lpsolve55/ccc
 SUBST_FILES.dl+=       demo/ccc
diff -r 6710942d37b5 -r d6595932122c math/lp_solve/distinfo
--- a/math/lp_solve/distinfo    Wed Nov 01 19:41:08 2017 +0000
+++ b/math/lp_solve/distinfo    Sat Nov 04 17:06:24 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.6 2017/07/13 13:02:43 wiz Exp $
+$NetBSD: distinfo,v 1.6.4.1 2017/11/04 17:06:24 bsiegert Exp $
 
 SHA1 (lp_solve_5.5.2.3_source.tar.gz) = 867a606fcc77612b71a0a6baa5f07a273f3023a7
 RMD160 (lp_solve_5.5.2.3_source.tar.gz) = 5657c47cf996979072fb2a1135d071e48da52ea1
@@ -6,6 +6,6 @@
 Size (lp_solve_5.5.2.3_source.tar.gz) = 812420 bytes
 SHA1 (patch-aa) = a77ec29e056252b3b82c1a1acdd463b5ff7f6f6b
 SHA1 (patch-demo_ccc) = dd5d00bce28fa89db343489bf22f0c96d3a9894b
-SHA1 (patch-lp__solve_ccc) = a83a73f420bae7a9529bac8cf5f283651d27c80d
+SHA1 (patch-lp__solve_ccc) = 667fafdffd207d987e2d2480d92ef81fc607e430
 SHA1 (patch-lp__utils.c) = b0774bd7b323f12c97c7bc78c26f64a75c841f34
-SHA1 (patch-lpsolve55_ccc) = c84ba64ffaa5aa9f04701c771b644f99318bc6da
+SHA1 (patch-lpsolve55_ccc) = c34feffbc0825fa14a46ec2f7733cc774b6ddf68
diff -r 6710942d37b5 -r d6595932122c math/lp_solve/patches/patch-lp__solve_ccc
--- a/math/lp_solve/patches/patch-lp__solve_ccc Wed Nov 01 19:41:08 2017 +0000
+++ b/math/lp_solve/patches/patch-lp__solve_ccc Sat Nov 04 17:06:24 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-lp__solve_ccc,v 1.3 2017/07/13 13:02:43 wiz Exp $
+$NetBSD: patch-lp__solve_ccc,v 1.3.4.1 2017/11/04 17:06:24 bsiegert Exp $
 
 recent versions of gcc are noisy unless main() is declared returning 'int'
 and isnan() needs a floating argument else NOISNAN is defined causing
@@ -6,16 +6,58 @@
 
 --- lp_solve/ccc.orig  2009-01-25 18:39:03.000000000 +0000
 +++ lp_solve/ccc
-@@ -20,7 +20,7 @@ math=-lm
- echo '#include <stdio.h>'>>/tmp/isnan.c
- echo '#include <stdlib.h>'>>/tmp/isnan.c
- echo '#include <math.h>'>>/tmp/isnan.c
+@@ -2,31 +2,36 @@
+ src='../lp_MDO.c ../shared/commonlib.c ../colamd/colamd.c ../shared/mmio.c ../shared/myblas.c ../ini.c ../fortify.c ../lp_rlp.c ../lp_crash.c ../bfp/bfp_LUSOL/lp_LUSOL.c 
../bfp/bfp_LUSOL/LUSOL/lusol.c ../lp_Hash.c ../lp_lib.c ../lp_wlp.c ../lp_matrix.c ../lp_mipbb.c ../lp_MPS.c ../lp_params.c ../lp_presolve.c ../lp_price.c ../lp_pricePSE.c ../lp_report.c 
../lp_scale.c ../lp_simplex.c lp_solve.c ../lp_SOS.c ../lp_utils.c ../yacc_read.c'
+ c=cc
+ 
++tmpdir="@WRKDIR@/tmp"
++mkdir "$tmpdir" || return 2
++
+ #determine platform (32/64 bit)
+->/tmp/platform.c
+-echo '#include <stdlib.h>'>>/tmp/platform.c
+-echo '#include <stdio.h>'>>/tmp/platform.c
+-echo 'main(){printf("ux%d", (int) (sizeof(void *)*8));}'>>/tmp/platform.c
+-$c /tmp/platform.c -o /tmp/platform
+-PLATFORM=`/tmp/platform`
+-rm /tmp/platform /tmp/platform.c >/dev/null 2>&1
++>$tmpdir/platform.c
++echo '#include <stdlib.h>'>>$tmpdir/platform.c
++echo '#include <stdio.h>'>>$tmpdir/platform.c
++echo 'main(){printf("ux%d", (int) (sizeof(void *)*8));}'>>$tmpdir/platform.c
++$c $tmpdir/platform.c -o $tmpdir/platform
++PLATFORM=`$tmpdir/platform`
++rm $tmpdir/platform $tmpdir/platform.c >/dev/null 2>&1
+ 
+ mkdir bin bin/$PLATFORM >/dev/null 2>&1
+ 
+ math=-lm
+ 
+ #check if this system has the isnan function
+->/tmp/isnan.c
+-echo '#include <stdio.h>'>>/tmp/isnan.c
+-echo '#include <stdlib.h>'>>/tmp/isnan.c
+-echo '#include <math.h>'>>/tmp/isnan.c
 -echo 'main(){isnan(0);}'>>/tmp/isnan.c
-+echo 'int main(){isnan(0.0);}'>>/tmp/isnan.c
- $c /tmp/isnan.c -o /tmp/isnan $math >/dev/null 2>&1
+-$c /tmp/isnan.c -o /tmp/isnan $math >/dev/null 2>&1
++>$tmpdir/isnan.c
++echo '#include <stdio.h>'>>$tmpdir/isnan.c
++echo '#include <stdlib.h>'>>$tmpdir/isnan.c
++echo '#include <math.h>'>>$tmpdir/isnan.c
++echo 'int main(){isnan(0.0);}'>>$tmpdir/isnan.c
++$c $tmpdir/isnan.c -o $tmpdir/isnan $math >/dev/null 2>&1
  if [ $? = 0 ]
  then NOISNAN=
-@@ -38,4 +38,4 @@ then opts='-O0'
+ else NOISNAN=-DNOISNAN
+ fi
+-rm /tmp/isnan.c /tmp/isnan >/dev/null 2>&1
++rm $tmpdir/isnan.c $tmpdir/isnan >/dev/null 2>&1
++
++rmdir $tmpdir
+ 
+ opts='-O3'
+ 
+@@ -38,4 +43,4 @@ then opts='-O0'
  else dl=-ldl
  fi
  
diff -r 6710942d37b5 -r d6595932122c math/lp_solve/patches/patch-lpsolve55_ccc
--- a/math/lp_solve/patches/patch-lpsolve55_ccc Wed Nov 01 19:41:08 2017 +0000
+++ b/math/lp_solve/patches/patch-lpsolve55_ccc Sat Nov 04 17:06:24 2017 +0000
@@ -1,4 +1,4 @@
-$NetBSD: patch-lpsolve55_ccc,v 1.3 2017/07/13 13:02:43 wiz Exp $
+$NetBSD: patch-lpsolve55_ccc,v 1.3.4.1 2017/11/04 17:06:24 bsiegert Exp $
 
 recent versions of gcc are noisy unless main() is declared returning 'int'
 and isnan() needs a floating argument else NOISNAN is defined causing
@@ -6,16 +6,56 @@
 
 --- lpsolve55/ccc.orig 2009-03-25 00:27:18.000000000 +0000
 +++ lpsolve55/ccc
-@@ -18,7 +18,7 @@ mkdir bin bin/$PLATFORM >/dev/null 2>&1
- echo '#include <stdio.h>'>>/tmp/isnan.c
- echo '#include <stdlib.h>'>>/tmp/isnan.c
- echo '#include <math.h>'>>/tmp/isnan.c
+@@ -2,29 +2,34 @@
+ src='../lp_MDO.c ../shared/commonlib.c ../shared/mmio.c ../shared/myblas.c ../ini.c ../fortify.c ../colamd/colamd.c ../lp_rlp.c ../lp_crash.c ../bfp/bfp_LUSOL/lp_LUSOL.c 
../bfp/bfp_LUSOL/LUSOL/lusol.c ../lp_Hash.c ../lp_lib.c ../lp_wlp.c ../lp_matrix.c ../lp_mipbb.c ../lp_MPS.c ../lp_params.c ../lp_presolve.c ../lp_price.c ../lp_pricePSE.c ../lp_report.c 
../lp_scale.c ../lp_simplex.c ../lp_SOS.c ../lp_utils.c ../yacc_read.c'
+ c=cc
+ 
++tmpdir="@WRKDIR@/tmp"
++mkdir "$tmpdir" || return 2
++
+ #determine platform (32/64 bit)
+->/tmp/platform.c
+-echo '#include <stdlib.h>'>>/tmp/platform.c
+-echo '#include <stdio.h>'>>/tmp/platform.c
+-echo 'main(){printf("ux%d", (int) (sizeof(void *)*8));}'>>/tmp/platform.c
+-$c /tmp/platform.c -o /tmp/platform
+-PLATFORM=`/tmp/platform`
+-rm /tmp/platform /tmp/platform.c >/dev/null 2>&1
++>$tmpdir/platform.c
++echo '#include <stdlib.h>'>>$tmpdir/platform.c
++echo '#include <stdio.h>'>>$tmpdir/platform.c
++echo 'main(){printf("ux%d", (int) (sizeof(void *)*8));}'>>$tmpdir/platform.c
++$c $tmpdir/platform.c -o $tmpdir/platform
++PLATFORM=`$tmpdir/platform`
++rm $tmpdir/platform $tmpdir/platform.c >/dev/null 2>&1
+ 
+ mkdir bin bin/$PLATFORM >/dev/null 2>&1
+ 
+ #check if this system has the isnan function
+->/tmp/isnan.c
+-echo '#include <stdio.h>'>>/tmp/isnan.c
+-echo '#include <stdlib.h>'>>/tmp/isnan.c
+-echo '#include <math.h>'>>/tmp/isnan.c
 -echo 'main(){isnan(0);}'>>/tmp/isnan.c
-+echo 'int main(){isnan(0.0);}'>>/tmp/isnan.c
- $c /tmp/isnan.c -o /tmp/isnan $math >/dev/null 2>&1
+-$c /tmp/isnan.c -o /tmp/isnan $math >/dev/null 2>&1
++>$tmpdir/isnan.c
++echo '#include <stdio.h>'>>$tmpdir/isnan.c
++echo '#include <stdlib.h>'>>$tmpdir/isnan.c
++echo '#include <math.h>'>>$tmpdir/isnan.c
++echo 'int main(){isnan(0.0);}'>>$tmpdir/isnan.c
++$c $tmpdir/isnan.c -o $tmpdir/isnan $math >/dev/null 2>&1
  if [ $? = 0 ]
  then NOISNAN=
-@@ -44,7 +44,7 @@ ranlib bin/$PLATFORM/liblpsolve55.a
+ else NOISNAN=-DNOISNAN
+ fi
+-rm /tmp/isnan.c /tmp/isnan >/dev/null 2>&1
++rm $tmpdir/isnan.c $tmpdir/isnan >/dev/null 2>&1
++
++rmdir $tmpdir
+ 
+ def=
+ so=
+@@ -44,7 +49,7 @@ ranlib bin/$PLATFORM/liblpsolve55.a
  if [ "$so" != "" ]
  then
    $c -fpic -s -c -I.. -I../shared -I../bfp -I../bfp/bfp_LUSOL -I../bfp/bfp_LUSOL/LUSOL -I../colamd -I. $opts $NOISNAN -DYY_NEVER_INTERACTIVE -DPARSER_LP -DINVERSE_ACTIVE=INVERSE_LUSOL 
-DRoleIsExternalInvEngine $src



Home | Main Index | Thread Index | Old Index