pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/devel/libgit2



Module Name:    pkgsrc
Committed By:   he
Date:           Thu May 25 15:52:53 UTC 2023

Modified Files:
        pkgsrc/devel/libgit2: Makefile distinfo
Added Files:
        pkgsrc/devel/libgit2/patches: patch-deps_ntlmclient_ntlm.c
            patch-src_libgit2_config.c patch-src_libgit2_path.c
            patch-src_libgit2_trailer.c
            patch-src_libgit2_transports_smart__pkt.c patch-src_util_date.c
            patch-src_util_str.c patch-src_util_util.h

Log Message:
libgit2: ensure proper value range for args to <ctype.h> functions.

Submitted upstream, ref.
https://github.com/libgit2/libgit2/pull/6569

Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.67 -r1.68 pkgsrc/devel/libgit2/Makefile
cvs rdiff -u -r1.33 -r1.34 pkgsrc/devel/libgit2/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/devel/libgit2/patches/patch-deps_ntlmclient_ntlm.c \
    pkgsrc/devel/libgit2/patches/patch-src_libgit2_config.c \
    pkgsrc/devel/libgit2/patches/patch-src_libgit2_path.c \
    pkgsrc/devel/libgit2/patches/patch-src_libgit2_trailer.c \
    pkgsrc/devel/libgit2/patches/patch-src_libgit2_transports_smart__pkt.c \
    pkgsrc/devel/libgit2/patches/patch-src_util_date.c \
    pkgsrc/devel/libgit2/patches/patch-src_util_str.c \
    pkgsrc/devel/libgit2/patches/patch-src_util_util.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/devel/libgit2/Makefile
diff -u pkgsrc/devel/libgit2/Makefile:1.67 pkgsrc/devel/libgit2/Makefile:1.68
--- pkgsrc/devel/libgit2/Makefile:1.67  Tue May 23 07:08:15 2023
+++ pkgsrc/devel/libgit2/Makefile       Thu May 25 15:52:53 2023
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.67 2023/05/23 07:08:15 tnn Exp $
+# $NetBSD: Makefile,v 1.68 2023/05/25 15:52:53 he Exp $
 
 DISTNAME=      libgit2-1.6.4
+PKGREVISION=   1
 CATEGORIES=    devel
 MASTER_SITES=  ${MASTER_SITE_GITHUB:=libgit2/}
 GITHUB_TAG=    v${PKGVERSION_NOREV}

Index: pkgsrc/devel/libgit2/distinfo
diff -u pkgsrc/devel/libgit2/distinfo:1.33 pkgsrc/devel/libgit2/distinfo:1.34
--- pkgsrc/devel/libgit2/distinfo:1.33  Wed Apr 26 10:42:27 2023
+++ pkgsrc/devel/libgit2/distinfo       Thu May 25 15:52:53 2023
@@ -1,5 +1,13 @@
-$NetBSD: distinfo,v 1.33 2023/04/26 10:42:27 wiz Exp $
+$NetBSD: distinfo,v 1.34 2023/05/25 15:52:53 he Exp $
 
 BLAKE2s (libgit2-1.6.4.tar.gz) = a32563f76be574895a845d91eb8c68dc7efe0798368dd1fc6922c03a2adc76b8
 SHA512 (libgit2-1.6.4.tar.gz) = fd73df91710f19b0d6c3765c37c7f529233196da91cf4d58028a8d3840244f11df44abafabd74a8ed1cbe4826d1afd6ff9f01316d183ace0924c65e7cf0eb8d5
 Size (libgit2-1.6.4.tar.gz) = 6666964 bytes
+SHA1 (patch-deps_ntlmclient_ntlm.c) = 0f7645497b25f6895911cf32027e830ab73bdc55
+SHA1 (patch-src_libgit2_config.c) = f3c131d26bb38e86ff992eb8007ec399846a205a
+SHA1 (patch-src_libgit2_path.c) = b1f5245472ec00ff1c1c6b55b4ecdc88e1f163ac
+SHA1 (patch-src_libgit2_trailer.c) = d8a6e733ff963124024bfb9f7118d8e537815695
+SHA1 (patch-src_libgit2_transports_smart__pkt.c) = 9c4c6ee17512f7bb06d02343ef0a07794361c88e
+SHA1 (patch-src_util_date.c) = 47c56292b8f2483065e904f99dc51832bab0de3d
+SHA1 (patch-src_util_str.c) = 737f658e82b00c623533181126996263a2f1df45
+SHA1 (patch-src_util_util.h) = 54e74097b87af3c2939e7c237f1d2827101b9a72

Added files:

Index: pkgsrc/devel/libgit2/patches/patch-deps_ntlmclient_ntlm.c
diff -u /dev/null pkgsrc/devel/libgit2/patches/patch-deps_ntlmclient_ntlm.c:1.1
--- /dev/null   Thu May 25 15:52:53 2023
+++ pkgsrc/devel/libgit2/patches/patch-deps_ntlmclient_ntlm.c   Thu May 25 15:52:53 2023
@@ -0,0 +1,18 @@
+$NetBSD: patch-deps_ntlmclient_ntlm.c,v 1.1 2023/05/25 15:52:53 he Exp $
+
+Ensure proper value range for arg to toupper().
+
+--- deps/ntlmclient/ntlm.c.orig        2023-04-12 12:05:25.000000000 +0000
++++ deps/ntlmclient/ntlm.c
+@@ -988,9 +988,9 @@ static inline bool generate_lm_hash(
+       keystr2_len = (password_len > 7) ? MIN(14, password_len) - 7 : 0;
+ 
+       for (i = 0; i < keystr1_len; i++)
+-              keystr1[i] = (unsigned char)toupper(password[i]);
++              keystr1[i] = (unsigned char)toupper((unsigned char)password[i]);
+       for (i = 0; i < keystr2_len; i++)
+-              keystr2[i] = (unsigned char)toupper(password[i+7]);
++              keystr2[i] = (unsigned char)toupper((unsigned char)password[i+7]);
+ 
+       /* DES encrypt the LM constant using the password as the key */
+       des_key_from_password(&key1, keystr1, keystr1_len);
Index: pkgsrc/devel/libgit2/patches/patch-src_libgit2_config.c
diff -u /dev/null pkgsrc/devel/libgit2/patches/patch-src_libgit2_config.c:1.1
--- /dev/null   Thu May 25 15:52:53 2023
+++ pkgsrc/devel/libgit2/patches/patch-src_libgit2_config.c     Thu May 25 15:52:53 2023
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_libgit2_config.c,v 1.1 2023/05/25 15:52:53 he Exp $
+
+Ensure proper value range for arg to isalnum().
+
+--- src/libgit2/config.c.orig  2023-04-12 12:05:25.000000000 +0000
++++ src/libgit2/config.c
+@@ -1447,7 +1447,7 @@ static int normalize_section(char *start
+       for (scan = start; *scan; ++scan) {
+               if (end && scan >= end)
+                       break;
+-              if (isalnum(*scan))
++              if (isalnum((unsigned char)*scan))
+                       *scan = (char)git__tolower(*scan);
+               else if (*scan != '-' || scan == start)
+                       return GIT_EINVALIDSPEC;
Index: pkgsrc/devel/libgit2/patches/patch-src_libgit2_path.c
diff -u /dev/null pkgsrc/devel/libgit2/patches/patch-src_libgit2_path.c:1.1
--- /dev/null   Thu May 25 15:52:53 2023
+++ pkgsrc/devel/libgit2/patches/patch-src_libgit2_path.c       Thu May 25 15:52:53 2023
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_libgit2_path.c,v 1.1 2023/05/25 15:52:53 he Exp $
+
+Ensure proper value range for tolower() argument.
+
+--- src/libgit2/path.c.orig    2023-04-12 12:05:25.000000000 +0000
++++ src/libgit2/path.c
+@@ -202,7 +202,7 @@ GIT_INLINE(size_t) common_prefix_icase(c
+ {
+       size_t count = 0;
+ 
+-      while (len > 0 && tolower(*str) == tolower(*prefix)) {
++      while (len > 0 && tolower((unsigned char)*str) == tolower((unsigned char)*prefix)) {
+               count++;
+               str++;
+               prefix++;
Index: pkgsrc/devel/libgit2/patches/patch-src_libgit2_trailer.c
diff -u /dev/null pkgsrc/devel/libgit2/patches/patch-src_libgit2_trailer.c:1.1
--- /dev/null   Thu May 25 15:52:53 2023
+++ pkgsrc/devel/libgit2/patches/patch-src_libgit2_trailer.c    Thu May 25 15:52:53 2023
@@ -0,0 +1,48 @@
+$NetBSD: patch-src_libgit2_trailer.c,v 1.1 2023/05/25 15:52:53 he Exp $
+
+Ensure proper value range for args to ctype functions.
+
+--- src/libgit2/trailer.c.orig 2023-04-12 12:05:25.000000000 +0000
++++ src/libgit2/trailer.c
+@@ -24,7 +24,7 @@ static const char *const git_generated_p
+ static int is_blank_line(const char *str)
+ {
+       const char *s = str;
+-      while (*s && *s != '\n' && isspace(*s))
++      while (*s && *s != '\n' && isspace((unsigned char)*s))
+               s++;
+       return !*s || *s == '\n';
+ }
+@@ -93,7 +93,7 @@ static bool find_separator(size_t *out, 
+                       return true;
+               }
+ 
+-              if (!whitespace_found && (isalnum(*c) || *c == '-'))
++              if (!whitespace_found && (isalnum((unsigned char)*c) || *c == '-'))
+                       continue;
+               if (c != line && (*c == ' ' || *c == '\t')) {
+                       whitespace_found = 1;
+@@ -233,12 +233,12 @@ static size_t find_trailer_start(const c
+               }
+ 
+               find_separator(&separator_pos, bol, TRAILER_SEPARATORS);
+-              if (separator_pos >= 1 && !isspace(bol[0])) {
++              if (separator_pos >= 1 && !isspace((unsigned char)bol[0])) {
+                       trailer_lines++;
+                       possible_continuation_lines = 0;
+                       if (recognized_prefix)
+                               continue;
+-              } else if (isspace(bol[0]))
++              } else if (isspace((unsigned char)bol[0]))
+                       possible_continuation_lines++;
+               else {
+                       non_trailer_lines++;
+@@ -323,7 +323,7 @@ int git_message_trailers(git_message_tra
+                                       goto ret;
+                               }
+ 
+-                              if (isalnum(*ptr) || *ptr == '-') {
++                              if (isalnum((unsigned char)*ptr) || *ptr == '-') {
+                                       /* legal key character */
+                                       NEXT(S_KEY);
+                               }
Index: pkgsrc/devel/libgit2/patches/patch-src_libgit2_transports_smart__pkt.c
diff -u /dev/null pkgsrc/devel/libgit2/patches/patch-src_libgit2_transports_smart__pkt.c:1.1
--- /dev/null   Thu May 25 15:52:53 2023
+++ pkgsrc/devel/libgit2/patches/patch-src_libgit2_transports_smart__pkt.c      Thu May 25 15:52:53 2023
@@ -0,0 +1,19 @@
+$NetBSD: patch-src_libgit2_transports_smart__pkt.c,v 1.1 2023/05/25 15:52:53 he Exp $
+
+Ensure proper value range for args to ctype functions.
+
+--- src/libgit2/transports/smart_pkt.c.orig    2023-04-12 12:05:25.000000000 +0000
++++ src/libgit2/transports/smart_pkt.c
+@@ -451,10 +451,10 @@ static int parse_len(size_t *out, const 
+       num[PKT_LEN_SIZE] = '\0';
+ 
+       for (i = 0; i < PKT_LEN_SIZE; ++i) {
+-              if (!isxdigit(num[i])) {
++              if (!isxdigit((unsigned char)num[i])) {
+                       /* Make sure there are no special characters before passing to error message */
+                       for (k = 0; k < PKT_LEN_SIZE; ++k) {
+-                              if(!isprint(num[k])) {
++                              if(!isprint((unsigned char)num[k])) {
+                                       num[k] = '.';
+                               }
+                       }
Index: pkgsrc/devel/libgit2/patches/patch-src_util_date.c
diff -u /dev/null pkgsrc/devel/libgit2/patches/patch-src_util_date.c:1.1
--- /dev/null   Thu May 25 15:52:53 2023
+++ pkgsrc/devel/libgit2/patches/patch-src_util_date.c  Thu May 25 15:52:53 2023
@@ -0,0 +1,81 @@
+$NetBSD: patch-src_util_date.c,v 1.1 2023/05/25 15:52:53 he Exp $
+
+Ensure proper value range to ctype ops (toupper, isalnum, ...).
+
+--- src/util/date.c.orig       2023-04-12 12:05:25.000000000 +0000
++++ src/util/date.c
+@@ -129,9 +129,9 @@ static size_t match_string(const char *d
+       for (i = 0; *date; date++, str++, i++) {
+               if (*date == *str)
+                       continue;
+-              if (toupper(*date) == toupper(*str))
++              if (toupper((unsigned char)*date) == toupper((unsigned char)*str))
+                       continue;
+-              if (!isalnum(*date))
++              if (!isalnum((unsigned char)*date))
+                       break;
+               return 0;
+       }
+@@ -143,7 +143,7 @@ static int skip_alpha(const char *date)
+       int i = 0;
+       do {
+               i++;
+-      } while (isalpha(date[i]));
++      } while (isalpha((unsigned char)date[i]));
+       return i;
+ }
+ 
+@@ -251,7 +251,7 @@ static size_t match_multi_number(unsigne
+ 
+       num2 = strtol(end+1, &end, 10);
+       num3 = -1;
+-      if (*end == c && isdigit(end[1]))
++      if (*end == c && isdigit((unsigned char)end[1]))
+               num3 = strtol(end+1, &end, 10);
+ 
+       /* Time? Date? */
+@@ -349,7 +349,7 @@ static size_t match_digit(const char *da
+       case '.':
+       case '/':
+       case '-':
+-              if (isdigit(end[1])) {
++              if (isdigit((unsigned char)end[1])) {
+                       size_t match = match_multi_number(num, *end, date, end, tm);
+                       if (match)
+                               return match;
+@@ -364,7 +364,7 @@ static size_t match_digit(const char *da
+       n = 0;
+       do {
+               n++;
+-      } while (isdigit(date[n]));
++      } while (isdigit((unsigned char)date[n]));
+ 
+       /* Four-digit year or a timezone? */
+       if (n == 4) {
+@@ -518,7 +518,7 @@ static int parse_date_basic(const char *
+                       match = match_alpha(date, &tm, offset);
+               else if (isdigit(c))
+                       match = match_digit(date, &tm, offset, &tm_gmt);
+-              else if ((c == '-' || c == '+') && isdigit(date[1]))
++              else if ((c == '-' || c == '+') && isdigit((unsigned char)date[1]))
+                       match = match_tz(date, offset);
+ 
+               if (!match) {
+@@ -682,7 +682,7 @@ static const char *approxidate_alpha(con
+       const char *end = date;
+       int i;
+ 
+-      while (isalpha(*++end))
++      while (isalpha((unsigned char)*++end))
+               /* scan to non-alpha */;
+ 
+       for (i = 0; i < 12; i++) {
+@@ -783,7 +783,7 @@ static const char *approxidate_digit(con
+       case '.':
+       case '/':
+       case '-':
+-              if (isdigit(end[1])) {
++              if (isdigit((unsigned char)end[1])) {
+                       size_t match = match_multi_number(number, *end, date, end, tm);
+                       if (match)
+                               return date + match;
Index: pkgsrc/devel/libgit2/patches/patch-src_util_str.c
diff -u /dev/null pkgsrc/devel/libgit2/patches/patch-src_util_str.c:1.1
--- /dev/null   Thu May 25 15:52:53 2023
+++ pkgsrc/devel/libgit2/patches/patch-src_util_str.c   Thu May 25 15:52:53 2023
@@ -0,0 +1,17 @@
+$NetBSD: patch-src_util_str.c,v 1.1 2023/05/25 15:52:53 he Exp $
+
+Ensure proper value range for arg to isxdigit().
+
+--- src/util/str.c.orig        2023-04-12 12:05:25.000000000 +0000
++++ src/util/str.c
+@@ -485,8 +485,8 @@ int git_str_decode_percent(
+       for (str_pos = 0; str_pos < str_len; buf->size++, str_pos++) {
+               if (str[str_pos] == '%' &&
+                       str_len > str_pos + 2 &&
+-                      isxdigit(str[str_pos + 1]) &&
+-                      isxdigit(str[str_pos + 2])) {
++                      isxdigit((unsigned char)str[str_pos + 1]) &&
++                      isxdigit((unsigned char)str[str_pos + 2])) {
+                       buf->ptr[buf->size] = (HEX_DECODE(str[str_pos + 1]) << 4) +
+                               HEX_DECODE(str[str_pos + 2]);
+                       str_pos += 2;
Index: pkgsrc/devel/libgit2/patches/patch-src_util_util.h
diff -u /dev/null pkgsrc/devel/libgit2/patches/patch-src_util_util.h:1.1
--- /dev/null   Thu May 25 15:52:53 2023
+++ pkgsrc/devel/libgit2/patches/patch-src_util_util.h  Thu May 25 15:52:53 2023
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_util_util.h,v 1.1 2023/05/25 15:52:53 he Exp $
+
+Ensure appropriate value range for arg to tolower().
+
+--- src/util/util.h.orig       2023-04-12 12:05:25.000000000 +0000
++++ src/util/util.h
+@@ -89,7 +89,7 @@ GIT_INLINE(int) git__tolower(int c)
+       return (c >= 'A' && c <= 'Z') ? (c + 32) : c;
+ }
+ #else
+-# define git__tolower(a) tolower(a)
++# define git__tolower(a) tolower((unsigned char)a)
+ #endif
+ 
+ extern size_t git__linenlen(const char *buffer, size_t buffer_len);



Home | Main Index | Thread Index | Old Index