pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/devel/nss devel/nss: Patch ctype(3) abuse.
details: https://anonhg.NetBSD.org/pkgsrc/rev/02ae41192444
branches: trunk
changeset: 376437:02ae41192444
user: riastradh <riastradh%pkgsrc.org@localhost>
date: Thu Apr 07 19:08:40 2022 +0000
description:
devel/nss: Patch ctype(3) abuse.
diffstat:
devel/nss/Makefile | 3 +-
devel/nss/distinfo | 16 +-
devel/nss/patches/patch-nss_cmd_certutil_certutil.c | 15 +
devel/nss/patches/patch-nss_cmd_fipstest_fipstest.c | 1420 +++++++++++
devel/nss/patches/patch-nss_cmd_pk11gcmtest_pk11gcmtest.c | 84 +
devel/nss/patches/patch-nss_cmd_signtool_certgen.c | 15 +
devel/nss/patches/patch-nss_cmd_signtool_util.c | 23 +
devel/nss/patches/patch-nss_lib_certdb_alg1485.c | 33 +
devel/nss/patches/patch-nss_lib_certdb_certdb.c | 24 +
devel/nss/patches/patch-nss_lib_dbm_src_mktemp.c | 15 +
devel/nss/patches/patch-nss_lib_nss_nssinit.c | 36 +
devel/nss/patches/patch-nss_lib_softoken_legacydb_lowcert.c | 24 +
devel/nss/patches/patch-nss_lib_util_oidstring.c | 15 +
devel/nss/patches/patch-nss_lib_util_portreg.c | 24 +
devel/nss/patches/patch-nss_lib_util_utilpars.c | 17 +-
15 files changed, 1758 insertions(+), 6 deletions(-)
diffs (truncated from 1856 to 300 lines):
diff -r 51796e5b84bb -r 02ae41192444 devel/nss/Makefile
--- a/devel/nss/Makefile Thu Apr 07 17:39:42 2022 +0000
+++ b/devel/nss/Makefile Thu Apr 07 19:08:40 2022 +0000
@@ -1,10 +1,11 @@
-# $NetBSD: Makefile,v 1.225 2022/04/05 10:05:43 riastradh Exp $
+# $NetBSD: Makefile,v 1.226 2022/04/07 19:08:40 riastradh Exp $
#
# release notes
# https://firefox-source-docs.mozilla.org/security/nss/releases/index.html
DISTNAME= nss-${NSS_RELEASE:S/.0$//}
NSS_RELEASE= 3.77.0
+PKGREVISION= 1
CATEGORIES= devel security
MASTER_SITES= ${MASTER_SITE_MOZILLA_ALL:=security/nss/releases/NSS_${NSS_DIST_DIR_VERSION:S/_0$//}_RTM/src/}
diff -r 51796e5b84bb -r 02ae41192444 devel/nss/distinfo
--- a/devel/nss/distinfo Thu Apr 07 17:39:42 2022 +0000
+++ b/devel/nss/distinfo Thu Apr 07 19:08:40 2022 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.149 2022/03/31 18:10:52 wiz Exp $
+$NetBSD: distinfo,v 1.150 2022/04/07 19:08:40 riastradh Exp $
BLAKE2s (nss-3.77.tar.gz) = 3565c858677fbccb6b773125b34e2e8cb3e83b45bdd68f05ebfa12c32af11d8e
SHA512 (nss-3.77.tar.gz) = bd62eeb8f90ecd2d3999fd78fea6652736c02a6530f29e98d0cad0707f3b901b30409132eb6a6d53b9f5c05c6b464615a946a2a3e255553c793e44d0ed93179e
@@ -7,13 +7,25 @@
SHA1 (patch-me) = ffb5f119764c158c0bd789bd18fc77c61f2e9d2b
SHA1 (patch-mf) = 40e58385fb6f944f463bf00b9aad72bc4ea229d0
SHA1 (patch-mn) = 5b79783e48249044be1a904a6cfd20ba175b5fd4
+SHA1 (patch-nss_cmd_certutil_certutil.c) = 76acb4c30779fb44d24fb59fcfe555b238816197
+SHA1 (patch-nss_cmd_fipstest_fipstest.c) = 2f2028b9ab1e63bc7160acc0f0c61d843755ff76
+SHA1 (patch-nss_cmd_pk11gcmtest_pk11gcmtest.c) = b31cb30343f3983e0afa5d0f322207620257cb98
SHA1 (patch-nss_cmd_platlibs.mk) = 01f4350de601b29c94e8a791a28daca226866bb6
SHA1 (patch-nss_cmd_shlibsign_sign.sh) = 7948b7b502a4c148ee185836dde8a84d3aa388af
+SHA1 (patch-nss_cmd_signtool_certgen.c) = 56bc3068543121d6bc34e7fdc41a021ae0c49364
+SHA1 (patch-nss_cmd_signtool_util.c) = ab9dc7cdcc6c33191edcb058b6004109bd5825d6
SHA1 (patch-nss_coreconf_OpenBSD.mk) = 944f71fcaaa7d5b2b3ed008341b1392a65480f2b
SHA1 (patch-nss_coreconf_command.mk) = a7b682d367825b48f8802fa30cee83f10680bb74
+SHA1 (patch-nss_lib_certdb_alg1485.c) = 71f1b1b2ce839d105a5be61640ee21ed91e742dd
+SHA1 (patch-nss_lib_certdb_certdb.c) = c3ce6300d981edf4054cabbd3ecb8bd6810718d5
+SHA1 (patch-nss_lib_dbm_src_mktemp.c) = e051e46ac36ea7670047b95d728e38b37af85b77
SHA1 (patch-nss_lib_freebl_aes-armv8.c) = aa698f61dd3d66ba707a9b5425bc15d057244ad7
SHA1 (patch-nss_lib_freebl_gcm-aarch64.c) = 311cfe7ca58e91285052d0ca27bd2df3f325071b
SHA1 (patch-nss_lib_freebl_sha256-armv8.c) = 48ec50204493dd510099a3495f3b775c6bfa8828
-SHA1 (patch-nss_lib_util_utilpars.c) = 5d3000515b01037929730a752b7d7a0f46f06deb
+SHA1 (patch-nss_lib_nss_nssinit.c) = bcef361041afa6bd2462b49142b5e56b8641f038
+SHA1 (patch-nss_lib_softoken_legacydb_lowcert.c) = 79b20197ec901480bce5c91ce1abb1bbfa73612e
+SHA1 (patch-nss_lib_util_oidstring.c) = 76d792c9fd95c39c0bf75950a9c048fd43fd496c
+SHA1 (patch-nss_lib_util_portreg.c) = 52ea179827ef562394bdbb5408765ab5e04daf58
+SHA1 (patch-nss_lib_util_utilpars.c) = 1739a132d23edf17cea131c7186dd72cb545e424
SHA1 (patch-nss_tests_all.sh) = b328778b538db66f5447f962f23afd6f650f7071
SHA1 (patch-nss_tests_merge_merge.sh) = 42a4866d226b1076740ba9a5e42c7604f2cb15a7
diff -r 51796e5b84bb -r 02ae41192444 devel/nss/patches/patch-nss_cmd_certutil_certutil.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/nss/patches/patch-nss_cmd_certutil_certutil.c Thu Apr 07 19:08:40 2022 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-nss_cmd_certutil_certutil.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/cmd/certutil/certutil.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/cmd/certutil/certutil.c
+@@ -3977,7 +3977,7 @@ shutdown:
+ newargv[1] = nextcommand;
+ nextarg = nextcommand;
+ while ((space = PORT_Strpbrk(nextarg, " \f\n\r\t\v"))) {
+- while (isspace(*space)) {
++ while (isspace((unsigned char)*space)) {
+ *space = '\0';
+ space++;
+ }
diff -r 51796e5b84bb -r 02ae41192444 devel/nss/patches/patch-nss_cmd_fipstest_fipstest.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/nss/patches/patch-nss_cmd_fipstest_fipstest.c Thu Apr 07 19:08:40 2022 +0000
@@ -0,0 +1,1420 @@
+$NetBSD: patch-nss_cmd_fipstest_fipstest.c,v 1.1 2022/04/07 19:08:40 riastradh Exp $
+
+Fix ctype(3) abuse: https://bugzilla.mozilla.org/show_bug.cgi?id=1246768
+
+--- nss/cmd/fipstest/fipstest.c.orig 2022-03-03 10:18:53.000000000 +0000
++++ nss/cmd/fipstest/fipstest.c
+@@ -128,7 +128,7 @@ from_hex_str(unsigned char *buf, unsigne
+
+ /* count the hex digits */
+ nxdigit = 0;
+- for (nxdigit = 0; isxdigit(str[nxdigit]); nxdigit++) {
++ for (nxdigit = 0; isxdigit((unsigned char)str[nxdigit]); nxdigit++) {
+ /* empty body */
+ }
+ if (nxdigit == 0) {
+@@ -336,7 +336,7 @@ tdea_kat_mmt(char *reqfn)
+ /* NumKeys */
+ if (strncmp(&buf[0], "NumKeys", 7) == 0) {
+ i = 7;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ numKeys = buf[i];
+@@ -360,10 +360,10 @@ tdea_kat_mmt(char *reqfn)
+ if (numKeys == 0) {
+ if (strncmp(buf, "KEYs", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ key[j + 8] = key[j];
+ key[j + 16] = key[j];
+@@ -375,10 +375,10 @@ tdea_kat_mmt(char *reqfn)
+ /* KEY1 = ... */
+ if (strncmp(buf, "KEY1", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ fputs(buf, resp);
+@@ -387,10 +387,10 @@ tdea_kat_mmt(char *reqfn)
+ /* KEY2 = ... */
+ if (strncmp(buf, "KEY2", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 8; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 8; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ fputs(buf, resp);
+@@ -399,10 +399,10 @@ tdea_kat_mmt(char *reqfn)
+ /* KEY3 = ... */
+ if (strncmp(buf, "KEY3", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 16; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 16; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ fputs(buf, resp);
+@@ -414,7 +414,7 @@ tdea_kat_mmt(char *reqfn)
+ if (strncmp(buf, "IV", 2) == 0) {
+ mode = NSS_DES_EDE3_CBC;
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof iv; i += 2, j++) {
+@@ -431,10 +431,10 @@ tdea_kat_mmt(char *reqfn)
+ goto loser;
+ }
+ i = 9;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &plaintext[j]);
+ }
+ plaintextlen = j;
+@@ -461,10 +461,10 @@ tdea_kat_mmt(char *reqfn)
+ }
+
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+ ciphertextlen = j;
+@@ -779,7 +779,7 @@ tdea_mct(int mode, char *reqfn)
+ /* NumKeys */
+ if (strncmp(&buf[0], "NumKeys", 7) == 0) {
+ i = 7;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ numKeys = atoi(&buf[i]);
+@@ -788,10 +788,10 @@ tdea_mct(int mode, char *reqfn)
+ /* KEY1 = ... */
+ if (strncmp(buf, "KEY1", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ continue;
+@@ -799,10 +799,10 @@ tdea_mct(int mode, char *reqfn)
+ /* KEY2 = ... */
+ if (strncmp(buf, "KEY2", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 8; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 8; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ continue;
+@@ -810,10 +810,10 @@ tdea_mct(int mode, char *reqfn)
+ /* KEY3 = ... */
+ if (strncmp(buf, "KEY3", 4) == 0) {
+ i = 4;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 16; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 16; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ continue;
+@@ -822,7 +822,7 @@ tdea_mct(int mode, char *reqfn)
+ /* IV = ... */
+ if (strncmp(buf, "IV", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof iv; i += 2, j++) {
+@@ -840,7 +840,7 @@ tdea_mct(int mode, char *reqfn)
+ }
+ /* PT[0] = PT */
+ i = 9;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof plaintext; i += 2, j++) {
+@@ -863,10 +863,10 @@ tdea_mct(int mode, char *reqfn)
+ }
+ /* CT[0] = CT */
+ i = 10;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &ciphertext[j]);
+ }
+
+@@ -1071,10 +1071,10 @@ aes_gcm(char *reqfn, int encrypt)
+ /* KEY = ... */
+ if (strncmp(buf, "Key", 3) == 0) {
+ i = 3;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &key[j]);
+ }
+ keysize = j;
+@@ -1084,7 +1084,7 @@ aes_gcm(char *reqfn, int encrypt)
+ /* IV = ... */
+ if (strncmp(buf, "IV", 2) == 0) {
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+ for (j = 0; j < sizeof iv; i += 2, j++) {
+@@ -1101,10 +1101,10 @@ aes_gcm(char *reqfn, int encrypt)
+ }
+
+ i = 2;
+- while (isspace(buf[i]) || buf[i] == '=') {
++ while (isspace((unsigned char)buf[i]) || buf[i] == '=') {
+ i++;
+ }
+- for (j = 0; isxdigit(buf[i]); i += 2, j++) {
++ for (j = 0; isxdigit((unsigned char)buf[i]); i += 2, j++) {
+ hex_to_byteval(&buf[i], &plaintext[j]);
+ }
+ plaintextlen = j;
Home |
Main Index |
Thread Index |
Old Index