From 567233dd7726dd7c486b4ea8780b12e99e66727d Mon Sep 17 00:00:00 2001 From: maxice8 Date: Sun, 10 Feb 2019 22:20:11 -0200 Subject: [PATCH] libextractor: update to 1.9. --- .../libextractor-1.8-CVE-2018-20430.patch | 49 ------------------- .../libextractor-1.8-CVE-2018-20431.patch | 39 --------------- srcpkgs/libextractor/template | 4 +- 3 files changed, 2 insertions(+), 90 deletions(-) delete mode 100644 srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20430.patch delete mode 100644 srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20431.patch diff --git a/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20430.patch b/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20430.patch deleted file mode 100644 index d0b5968606..0000000000 --- a/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20430.patch +++ /dev/null @@ -1,49 +0,0 @@ -From b405d707b36e0654900cba78e89f49779efea110 Mon Sep 17 00:00:00 2001 -From: Christian Grothoff -Date: Thu, 20 Dec 2018 22:47:53 +0100 -Subject: fix #5493 (out of bounds read) - ---- - src/common/convert.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/src/common/convert.c b/src/common/convert.c -index c0edf21..2be2108 100644 ---- a/src/common/convert.c -+++ b/src/common/convert.c -@@ -36,8 +36,8 @@ - * string is returned. - */ - char * --EXTRACTOR_common_convert_to_utf8 (const char *input, -- size_t len, -+EXTRACTOR_common_convert_to_utf8 (const char *input, -+ size_t len, - const char *charset) - { - #if HAVE_ICONV -@@ -52,7 +52,7 @@ EXTRACTOR_common_convert_to_utf8 (const char *input, - i = input; - cd = iconv_open ("UTF-8", charset); - if (cd == (iconv_t) - 1) -- return strdup (i); -+ return strndup (i, len); - if (len > 1024 * 1024) - { - iconv_close (cd); -@@ -67,11 +67,11 @@ EXTRACTOR_common_convert_to_utf8 (const char *input, - } - itmp = tmp; - finSize = tmpSize; -- if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == SIZE_MAX) -+ if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == ((size_t) -1)) - { - iconv_close (cd); - free (tmp); -- return strdup (i); -+ return strndup (i, len); - } - ret = malloc (tmpSize - finSize + 1); - if (ret == NULL) --- -cgit v1.1 diff --git a/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20431.patch b/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20431.patch deleted file mode 100644 index 2cd0448ba8..0000000000 --- a/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20431.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 489c4a540bb2c4744471441425b8932b97a153e7 Mon Sep 17 00:00:00 2001 -From: Christian Grothoff -Date: Thu, 20 Dec 2018 23:02:28 +0100 -Subject: fix #5494 - ---- - ChangeLog | 3 ++- - src/plugins/ole2_extractor.c | 9 +++++++-- - 2 files changed, 9 insertions(+), 3 deletions(-) - -diff --git a/src/plugins/ole2_extractor.c b/src/plugins/ole2_extractor.c -index 53fa1b9..a48b726 100644 ---- a/src/plugins/ole2_extractor.c -+++ b/src/plugins/ole2_extractor.c -@@ -173,7 +173,7 @@ struct ProcContext - EXTRACTOR_MetaDataProcessor proc; - - /** -- * Closure for 'proc'. -+ * Closure for @e proc. - */ - void *proc_cls; - -@@ -213,7 +213,12 @@ process_metadata (gpointer key, - - if (G_VALUE_TYPE(gval) == G_TYPE_STRING) - { -- contents = strdup (g_value_get_string (gval)); -+ const char *gvals; -+ -+ gvals = g_value_get_string (gval); -+ if (NULL == gvals) -+ return; -+ contents = strdup (gvals); - } - else - { --- -cgit v1.1 diff --git a/srcpkgs/libextractor/template b/srcpkgs/libextractor/template index 682435ddc1..bd7af6f78d 100644 --- a/srcpkgs/libextractor/template +++ b/srcpkgs/libextractor/template @@ -1,6 +1,6 @@ # Template file for 'libextractor' pkgname=libextractor -version=1.8 +version=1.9 revision=1 build_style=gnu-configure configure_args="--disable-static" @@ -14,7 +14,7 @@ maintainer="Martin Riese " license="GPL-3.0-or-later" homepage="https://www.gnu.org/software/libextractor/" distfiles="${GNU_SITE}/${pkgname}/${pkgname}-${version}.tar.gz" -checksum=e235a4aa2623fe458f8fcf1dcbb5be4f03df509aacec86a1de1fc7fcca582cfc +checksum=f08f257d26c5e9b503f068d6753c8e55cb76f47f73a81da6ed2bba3de3fee2ff patch_args="-Np1" post_install() {