diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2004-09-25 03:58:11 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2004-09-25 03:58:11 +0000 |
| commit | 981e17a5e603d27a0caf817957e5baf168c6e15c (patch) | |
| tree | ad3f2ade4e5089b615f5c2ffd11a04874fb08ea4 /sys-libs/zlib/files | |
| parent | Version bump without adding the newer features. (Manifest recommit) (diff) | |
| download | gentoo-2-981e17a5e603d27a0caf817957e5baf168c6e15c.tar.gz gentoo-2-981e17a5e603d27a0caf817957e5baf168c6e15c.tar.bz2 gentoo-2-981e17a5e603d27a0caf817957e5baf168c6e15c.zip | |
need newer binutils #62286
Diffstat (limited to 'sys-libs/zlib/files')
| -rw-r--r-- | sys-libs/zlib/files/digest-zlib-1.1.4-r2 | 1 | ||||
| -rw-r--r-- | sys-libs/zlib/files/digest-zlib-1.1.4-r3 | 1 | ||||
| -rw-r--r-- | sys-libs/zlib/files/digest-zlib-1.1.4-r4 | 1 | ||||
| -rw-r--r-- | sys-libs/zlib/files/digest-zlib-1.2.1 | 1 | ||||
| -rw-r--r-- | sys-libs/zlib/files/digest-zlib-1.2.1-r1 | 1 | ||||
| -rw-r--r-- | sys-libs/zlib/files/digest-zlib-1.2.1-r2 | 1 | ||||
| -rw-r--r-- | sys-libs/zlib/files/zlib-1.1.4-build-fPIC.patch | 61 | ||||
| -rw-r--r-- | sys-libs/zlib/files/zlib-1.1.4-gentoo.security.patch | 352 | ||||
| -rw-r--r-- | sys-libs/zlib/files/zlib-1.1.4-glibc.patch | 11 | ||||
| -rw-r--r-- | sys-libs/zlib/files/zlib-1.1.4-gzprintf.patch | 294 | ||||
| -rw-r--r-- | sys-libs/zlib/files/zlib-1.1.4-mapfile.patch | 79 |
11 files changed, 0 insertions, 803 deletions
diff --git a/sys-libs/zlib/files/digest-zlib-1.1.4-r2 b/sys-libs/zlib/files/digest-zlib-1.1.4-r2 deleted file mode 100644 index ac97e5a21b50..000000000000 --- a/sys-libs/zlib/files/digest-zlib-1.1.4-r2 +++ /dev/null @@ -1 +0,0 @@ -MD5 ea16358be41384870acbdc372f9db152 zlib-1.1.4.tar.bz2 147014 diff --git a/sys-libs/zlib/files/digest-zlib-1.1.4-r3 b/sys-libs/zlib/files/digest-zlib-1.1.4-r3 deleted file mode 100644 index ac97e5a21b50..000000000000 --- a/sys-libs/zlib/files/digest-zlib-1.1.4-r3 +++ /dev/null @@ -1 +0,0 @@ -MD5 ea16358be41384870acbdc372f9db152 zlib-1.1.4.tar.bz2 147014 diff --git a/sys-libs/zlib/files/digest-zlib-1.1.4-r4 b/sys-libs/zlib/files/digest-zlib-1.1.4-r4 deleted file mode 100644 index ac97e5a21b50..000000000000 --- a/sys-libs/zlib/files/digest-zlib-1.1.4-r4 +++ /dev/null @@ -1 +0,0 @@ -MD5 ea16358be41384870acbdc372f9db152 zlib-1.1.4.tar.bz2 147014 diff --git a/sys-libs/zlib/files/digest-zlib-1.2.1 b/sys-libs/zlib/files/digest-zlib-1.2.1 deleted file mode 100644 index 9f6b96487246..000000000000 --- a/sys-libs/zlib/files/digest-zlib-1.2.1 +++ /dev/null @@ -1 +0,0 @@ -MD5 8106069990476a3c5187301465bd7a60 zlib-1.2.1.tar.bz2 284152 diff --git a/sys-libs/zlib/files/digest-zlib-1.2.1-r1 b/sys-libs/zlib/files/digest-zlib-1.2.1-r1 deleted file mode 100644 index 9f6b96487246..000000000000 --- a/sys-libs/zlib/files/digest-zlib-1.2.1-r1 +++ /dev/null @@ -1 +0,0 @@ -MD5 8106069990476a3c5187301465bd7a60 zlib-1.2.1.tar.bz2 284152 diff --git a/sys-libs/zlib/files/digest-zlib-1.2.1-r2 b/sys-libs/zlib/files/digest-zlib-1.2.1-r2 deleted file mode 100644 index 9f6b96487246..000000000000 --- a/sys-libs/zlib/files/digest-zlib-1.2.1-r2 +++ /dev/null @@ -1 +0,0 @@ -MD5 8106069990476a3c5187301465bd7a60 zlib-1.2.1.tar.bz2 284152 diff --git a/sys-libs/zlib/files/zlib-1.1.4-build-fPIC.patch b/sys-libs/zlib/files/zlib-1.1.4-build-fPIC.patch deleted file mode 100644 index a29bee225acc..000000000000 --- a/sys-libs/zlib/files/zlib-1.1.4-build-fPIC.patch +++ /dev/null @@ -1,61 +0,0 @@ ---- zlib-1.1.4/Makefile.in.build-fPIC 2003-01-30 01:35:18.000000000 -0500 -+++ zlib-1.1.4/Makefile.in 2003-01-30 01:40:49.000000000 -0500 -@@ -41,6 +41,8 @@ includedir = ${prefix}/include - OBJS = adler32.o compress.o crc32.o gzio.o uncompr.o deflate.o trees.o \ - zutil.o inflate.o infblock.o inftrees.o infcodes.o infutil.o inffast.o - -+PIC_OBJS = $(OBJS:%.o=%.lo) -+ - OBJA = - # to use the asm code: make OBJA=match.o - -@@ -80,8 +82,11 @@ match.o: match.S - mv _match.o match.o - rm -f _match.s - --$(SHAREDLIB).$(VER): $(OBJS) -- $(LDSHARED) -o $@ $(OBJS) -lc -+%.lo: %.c -+ $(CC) $(CFLAGS) -DPIC -fPIC -c $< -o $@ -+ -+$(SHAREDLIB).$(VER): $(PIC_OBJS) -+ $(LDSHARED) -o $@ $(PIC_OBJS) -lc - rm -f $(SHAREDLIB) $(SHAREDLIB).1 - ln -s $@ $(SHAREDLIB) - ln -s $@ $(SHAREDLIB).1 -@@ -92,11 +97,8 @@ example: example.o $(LIBS) - minigzip: minigzip.o $(LIBS) - $(CC) $(CFLAGS) -o $@ minigzip.o $(LDFLAGS) - --install: $(LIBS) -- -@if [ ! -d $(includedir) ]; then mkdir $(includedir); fi -+install-libs: $(LIBS) - -@if [ ! -d $(libdir) ]; then mkdir $(libdir); fi -- cp zlib.h zconf.h $(includedir) -- chmod 644 $(includedir)/zlib.h $(includedir)/zconf.h - cp $(LIBS) $(libdir) - cd $(libdir); chmod 755 $(LIBS) - -@(cd $(libdir); $(RANLIB) libz.a || true) >/dev/null 2>&1 -@@ -109,6 +111,11 @@ install: $(LIBS) - # The ranlib in install is needed on NeXTSTEP which checks file times - # ldconfig is for Linux - -+install: install-libs -+ -@if [ ! -d $(includedir) ]; then mkdir $(includedir); fi -+ cp zlib.h zconf.h $(includedir) -+ chmod 644 $(includedir)/zlib.h $(includedir)/zconf.h -+ - uninstall: - cd $(includedir); \ - v=$(VER); \ ---- zlib-1.1.4/configure.build-fPIC 2003-01-30 01:35:18.000000000 -0500 -+++ zlib-1.1.4/configure 2003-01-30 01:39:59.000000000 -0500 -@@ -130,7 +130,7 @@ if test $shared -eq 1; then - if test "`($CC -c $SFLAGS $test.c) 2>&1`" = "" && - test "`($LDSHARED -o $test$shared_ext $test.o) 2>&1`" = ""; then - CFLAGS="$SFLAGS" -- LIBS="$SHAREDLIB.$VER" -+ LIBS="$LIBS $SHAREDLIB.$VER" - echo Building shared library $SHAREDLIB.$VER with $CC. - elif test -z "$old_cc" -a -z "$old_cflags"; then - echo No shared library suppport. diff --git a/sys-libs/zlib/files/zlib-1.1.4-gentoo.security.patch b/sys-libs/zlib/files/zlib-1.1.4-gentoo.security.patch deleted file mode 100644 index e057098ccf55..000000000000 --- a/sys-libs/zlib/files/zlib-1.1.4-gentoo.security.patch +++ /dev/null @@ -1,352 +0,0 @@ -diff -Naur zlib-1.1.4/ChangeLog zlib-1.1.4-vsnprintf/ChangeLog ---- zlib-1.1.4/ChangeLog 2002-03-11 15:02:35.000000000 +0000 -+++ zlib-1.1.4-vsnprintf/ChangeLog 2003-02-24 05:31:41.000000000 +0000 -@@ -1,6 +1,13 @@ - - ChangeLog file for zlib - -+Changes in 1.1.4-patched (23 February 2003) -+- fix a security vulnerability related to improper use of snprintf/vsnprintf -+ function. -+- ./configure now detects the presence of snprintf/vsnprintf and enables it -+ automatically if present. -+- README.vsnprintf added. -+ - Changes in 1.1.4 (11 March 2002) - - ZFREE was repeated on same allocation on some error conditions. - This creates a security problem described in -diff -Naur zlib-1.1.4/README.vsnprintf zlib-1.1.4-vsnprintf/README.vsnprintf ---- zlib-1.1.4/README.vsnprintf 1970-01-01 00:00:00.000000000 +0000 -+++ zlib-1.1.4-vsnprintf/README.vsnprintf 2003-02-24 05:13:28.000000000 +0000 -@@ -0,0 +1,23 @@ -+During a recent audit of zlib-1.1.4, a buffer-overflow and string-format -+vulnerability was found in the gzprintf() function. This has been corrected in -+this version of zlib; in addition, some ./configure checks have been added to -+make sure the host system can utilize the corrections fully. -+ -+As a result, it is now strongly recommended that your host system or compiler -+provide a fully C99-compliant implementation of the vsnprintf() function. -+Anything less will reduce the functionality and/or security of the gzprintf() -+function. The most critical aspect is that vsnprintf() should be present and -+should provide a return value. If this function is missing, one of the -+fallback functions (vsprintf(), snprintf(), vsnprintf()) will have to be used, -+and if so, they too should return a value. If your system is lacking in any of -+these aspects, the ./configure script should warn you and refer you to this -+file. -+ -+In addition, the HAS_vsnprintf and HAS_snprintf macros are automatically -+defined if these functions are available. zlib-1.1.4 and older versions did -+not do this, potentially leading to a broken and vulnerable zlib even when the -+host system supported the requisite functionality to avoid this. -+ -+ -+ -- Kelledin <kelledin@users.sourceforge.net> -+ -diff -Naur zlib-1.1.4/configure zlib-1.1.4-vsnprintf/configure ---- zlib-1.1.4/configure 1998-07-08 18:19:35.000000000 +0000 -+++ zlib-1.1.4-vsnprintf/configure 2003-02-24 05:13:28.000000000 +0000 -@@ -156,6 +156,209 @@ - fi - - cat > $test.c <<EOF -+#include <stdio.h> -+ -+#if (defined(__MSDOS__) || defined(_WINDOWS) || defined(_WIN32) || defined(__WIN32__) || defined(WIN32) || defined(__STDC__) || defined(__cplusplus) || defined(__OS2__)) && !defined(STDC) -+# define STDC -+#endif -+ -+int main() { -+ int i; -+ -+ i=0; -+#ifndef STDC -+ choke me -+#endif -+ -+ return 0; -+} -+EOF -+ -+if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ echo "Checking whether to use vsnprintf() or snprintf()... using vsnprintf()" -+ -+ cat > $test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest(char *fmt, ...) { -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ vsnprintf(buf, sizeof(buf), fmt, ap); -+ return 0; -+} -+ -+int main() { -+ return (mytest("Hello%d\n", 1)); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_vsnprintf" -+ echo "Checking for vsnprintf() in stdio.h... Yes." -+ -+ cat > $test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest(char *fmt, ...) { -+ int i; -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ i=vsnprintf(buf, sizeof(buf), fmt, ap); -+ return 0; -+} -+ -+int main() { -+ return (mytest("Hello%d\n", 1)); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_vsnprintf_return" -+ echo "Checking for return value of vsnprintf()... Yes." -+ else -+ echo "Checking for return value of vsnprintf()... No." -+ echo " WARNING: apparently vsnprintf() does not return a value. zlib" -+ echo " can build but will be open to possible string-format security" -+ echo " vulnerabilities. See README.vsnprintf for more info." -+ echo -+ fi -+ else -+ echo "Checking for vsnprintf() in stdio.h... No." -+ echo " WARNING: vsnprintf() not found, falling back to vsprintf(). zlib" -+ echo " can build but will be open to possible buffer-overflow security" -+ echo " vulnerabilities. See README.vsnprintf for more info." -+ echo -+ -+ cat > $test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest(char *fmt, ...) { -+ int i; -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ i=vsprintf(buf, fmt, ap); -+ return 0; -+} -+ -+int main() { -+ return (mytest("Hello%d\n", 1)); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_vsprintf_return" -+ echo "Checking for return value of vsprintf()... Yes." -+ else -+ echo "Checking for return value of vsprintf()... No." -+ echo " WARNING: apparently vsprintf() does not return a value. zlib" -+ echo " can build but will be open to possible string-format security" -+ echo " vulnerabilities. See README.vsnprintf for more info." -+ echo -+ fi -+ fi -+else -+ echo "Checking whether to use vsnprintf() or snprintf()... using snprintf()" -+ -+ cat > $test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest() { -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ snprintf(buf, sizeof(buf), fmt, ap); -+ return 0; -+} -+ -+int main() { -+ return (mytest()); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_snprintf" -+ echo "Checking for snprintf() in stdio.h... Yes." -+ -+ cat > $test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest() { -+ int i; -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ i=snprintf(buf, sizeof(buf), fmt, ap); -+ return 0; -+} -+ -+int main() { -+ return (mytest()); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_snprintf_return" -+ echo "Checking for return value of snprintf()... Yes." -+ else -+ echo "Checking for return value of snprintf()... No." -+ echo " WARNING: apparently snprintf() does not return a value. zlib" -+ echo " can build but will be open to possible string-format security" -+ echo " vulnerabilities. See README.vsnprintf for more info." -+ echo -+ fi -+ else -+ echo "Checking for snprintf() in stdio.h... No." -+ echo " WARNING: snprintf() not found, falling back to sprintf(). zlib" -+ echo " can build but will be open to possible buffer-overflow security" -+ echo " vulnerabilities. See README.vsnprintf for more info." -+ echo -+ -+ cat > $test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest() { -+ int i; -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ i=sprintf(buf, fmt, ap); -+ return 0; -+} -+ -+int main() { -+ return (mytest()); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_sprintf_return" -+ echo "Checking for return value of sprintf()... Yes." -+ else -+ echo "Checking for return value of sprintf()... No." -+ echo " WARNING: apparently sprintf() does not return a value. zlib" -+ echo " can build but will be open to possible string-format security" -+ echo " vulnerabilities. See README.vsnprintf for more info." -+ echo -+ fi -+ fi -+fi -+ -+cat > $test.c <<EOF - #include <errno.h> - int main() { return 0; } - EOF -diff -Naur zlib-1.1.4/gzio.c zlib-1.1.4-vsnprintf/gzio.c ---- zlib-1.1.4/gzio.c 2002-03-11 13:16:01.000000000 +0000 -+++ zlib-1.1.4-vsnprintf/gzio.c 2003-02-24 05:18:44.000000000 +0000 -@@ -529,14 +529,42 @@ - int len; - - va_start(va, format); -+ -+ /* 2003/02/23: Add proper length checking here, if possible. -+ * -+ * -- Kelledin -+ */ - #ifdef HAS_vsnprintf -- (void)vsnprintf(buf, sizeof(buf), format, va); -+# ifdef HAS_vsnprintf_return -+ len=vsnprintf(buf, sizeof(buf), format, va); -+ va_end(va); -+ -+ if (len <= 0 || len >= sizeof(buf)) { -+ /* Resulting string too large to fit in the buffer. */ -+ return 0; -+ } -+# else -+ vsnprintf(buf, sizeof(buf), format, va); -+ va_end(va); -+ len=strlen(buf); -+ if (len <= 0) return 0; -+# endif - #else -- (void)vsprintf(buf, format, va); --#endif -+# ifdef HAS_vsprintf_return -+ len=vsprintf(buf, format, va); -+ va_end(va); -+ -+ if (len <= 0 || len >= sizeof(buf)) { -+ /* Resulting string too large to fit in the buffer. */ -+ return 0; -+ } -+# else -+ vsprintf(buf, format, va); - va_end(va); -- len = strlen(buf); /* some *sprintf don't return the nb of bytes written */ -+ len=strlen(buf); - if (len <= 0) return 0; -+# endif -+#endif - - return gzwrite(file, buf, (unsigned)len); - } -@@ -552,15 +580,41 @@ - char buf[Z_PRINTF_BUFSIZE]; - int len; - -+ /* 2003/02/23: Add proper length checking here when possible. -+ * -+ * -- Kelledin -+ */ - #ifdef HAS_snprintf -+# ifdef HAS_snprintf_return -+ len=snprintf(buf, sizeof(buf), format, a1, a2, a3, a4, a5, a6, a7, a8, -+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); -+ -+ if (len <= 0 || len >= sizeof(buf)) { -+ /* Resulting string too large to fit in the buffer. */ -+ return 0; -+ } -+# else - snprintf(buf, sizeof(buf), format, a1, a2, a3, a4, a5, a6, a7, a8, - a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); -+ len=strlen(buf); -+ if (len <= 0) return 0; -+# endif - #else -+# ifdef HAS_sprintf_return -+ len=sprintf(buf, format, a1, a2, a3, a4, a5, a6, a7, a8, -+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); -+ -+ if (len <= 0 || len >= sizeof(buf)) { -+ /* Resulting string too large to fit in the buffer. */ -+ return 0; -+ } -+# else - sprintf(buf, format, a1, a2, a3, a4, a5, a6, a7, a8, - a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); --#endif -- len = strlen(buf); /* old sprintf doesn't return the nb of bytes written */ -+ len=strlen(buf); - if (len <= 0) return 0; -+# endif -+#endif - - return gzwrite(file, buf, len); - } - diff --git a/sys-libs/zlib/files/zlib-1.1.4-glibc.patch b/sys-libs/zlib/files/zlib-1.1.4-glibc.patch deleted file mode 100644 index 49ded8639f8e..000000000000 --- a/sys-libs/zlib/files/zlib-1.1.4-glibc.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- zlib-1.1.3/Makefile.in.glibc Wed Sep 9 11:48:46 1998 -+++ zlib-1.1.3/Makefile.in Wed Sep 9 11:49:04 1998 -@@ -80,7 +80,7 @@ - rm -f _match.s - - $(SHAREDLIB).$(VER): $(OBJS) -- $(LDSHARED) -o $@ $(OBJS) -+ $(LDSHARED) -o $@ $(OBJS) -lc - rm -f $(SHAREDLIB) $(SHAREDLIB).1 - ln -s $@ $(SHAREDLIB) - ln -s $@ $(SHAREDLIB).1 diff --git a/sys-libs/zlib/files/zlib-1.1.4-gzprintf.patch b/sys-libs/zlib/files/zlib-1.1.4-gzprintf.patch deleted file mode 100644 index 28b610f57a79..000000000000 --- a/sys-libs/zlib/files/zlib-1.1.4-gzprintf.patch +++ /dev/null @@ -1,294 +0,0 @@ -This patch fixes security holes caused by potential buffer overflows -in the implementation of the gzprintf() function in zlib 1.1.4. The -security holes are fixed for platforms providing vsnprintf(3) and -snprintf(3) only. This patch is derived from a prepared security patch, -originally created by Kelledin <kelledin@users.sourceforge.net>. The -OpenPKG project reduced the patch in size and fixed the configuration -checks. - -diff -ru3 zlib-1.1.4.orig/configure zlib-1.1.4/configure ---- zlib-1.1.4.orig/configure Wed Jul 8 20:19:35 1998 -+++ zlib-1.1.4/configure Thu Feb 27 15:14:54 2003 -@@ -155,7 +155,212 @@ - echo "Checking for unistd.h... No." - fi - --cat > $test.c <<EOF -+cat >$test.c <<EOF -+#include <stdio.h> -+#include <stdlib.h> -+ -+#if (defined(__MSDOS__) || defined(_WINDOWS) || defined(_WIN32) || defined(__WIN32__) || defined(WIN32) || defined(__STDC__) || defined(__cplusplus) || defined(__OS2__)) && !defined(STDC) -+# define STDC -+#endif -+ -+int main() -+{ -+#ifndef STDC -+ choke me -+#endif -+ -+ return 0; -+} -+EOF -+ -+if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ echo "Checking whether to use vsnprintf() or snprintf()... using vsnprintf()" -+ -+ cat >$test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest(char *fmt, ...) -+{ -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ vsnprintf(buf, sizeof(buf), fmt, ap); -+ va_end(ap); -+ return 0; -+} -+ -+int main() -+{ -+ return (mytest("Hello%d\n", 1)); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_vsnprintf" -+ echo "Checking for vsnprintf() in stdio.h... Yes." -+ -+ cat >$test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest(char *fmt, ...) -+{ -+ int i; -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ i = vsnprintf(buf, sizeof(buf), fmt, ap); -+ va_end(ap); -+ return 0; -+} -+ -+int main() -+{ -+ return (mytest("Hello%d\n", 1)); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_vsnprintf_return" -+ echo "Checking for return value of vsnprintf()... Yes." -+ else -+ echo "Checking for return value of vsnprintf()... No." -+ echo " WARNING: apparently vsnprintf() does not return a value. zlib" -+ echo " can build but will be open to possible string-format security" -+ echo " vulnerabilities." -+ fi -+ else -+ echo "Checking for vsnprintf() in stdio.h... No." -+ echo " WARNING: vsnprintf() not found, falling back to vsprintf(). zlib" -+ echo " can build but will be open to possible buffer-overflow security" -+ echo " vulnerabilities." -+ -+ cat >$test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest(char *fmt, ...) -+{ -+ int i; -+ char buf[20]; -+ va_list ap; -+ -+ va_start(ap, fmt); -+ i = vsprintf(buf, fmt, ap); -+ va_end(ap); -+ return 0; -+} -+ -+int main() -+{ -+ return (mytest("Hello%d\n", 1)); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_vsprintf_return" -+ echo "Checking for return value of vsprintf()... Yes." -+ else -+ echo "Checking for return value of vsprintf()... No." -+ echo " WARNING: apparently vsprintf() does not return a value. zlib" -+ echo " can build but will be open to possible string-format security" -+ echo " vulnerabilities." -+ fi -+ fi -+else -+ echo "Checking whether to use vsnprintf() or snprintf()... using snprintf()" -+ -+ cat >$test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest() -+{ -+ char buf[20]; -+ -+ snprintf(buf, sizeof(buf), "%s", "foo"); -+ return 0; -+} -+ -+int main() -+{ -+ return (mytest()); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_snprintf" -+ echo "Checking for snprintf() in stdio.h... Yes." -+ -+ cat >$test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest(char *fmt, ...) -+{ -+ int i; -+ char buf[20]; -+ -+ i = snprintf(buf, sizeof(buf), "%s", "foo"); -+ return 0; -+} -+ -+int main() -+{ -+ return (mytest()); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_snprintf_return" -+ echo "Checking for return value of snprintf()... Yes." -+ else -+ echo "Checking for return value of snprintf()... No." -+ echo " WARNING: apparently snprintf() does not return a value. zlib" -+ echo " can build but will be open to possible string-format security" -+ echo " vulnerabilities." -+ fi -+ else -+ echo "Checking for snprintf() in stdio.h... No." -+ echo " WARNING: snprintf() not found, falling back to sprintf(). zlib" -+ echo " can build but will be open to possible buffer-overflow security" -+ echo " vulnerabilities." -+ -+ cat >$test.c <<EOF -+#include <stdio.h> -+#include <stdarg.h> -+ -+int mytest(char *fmt, ...) -+{ -+ int i; -+ char buf[20]; -+ -+ i = sprintf(buf, "%s", "foo"); -+ return 0; -+} -+ -+int main() -+{ -+ return (mytest()); -+} -+EOF -+ -+ if test "`($CC -c $CFLAGS $test.c) 2>&1`" = ""; then -+ CFLAGS="$CFLAGS -DHAS_sprintf_return" -+ echo "Checking for return value of sprintf()... Yes." -+ else -+ echo "Checking for return value of sprintf()... No." -+ echo " WARNING: apparently sprintf() does not return a value. zlib" -+ echo " can build but will be open to possible string-format security" -+ echo " vulnerabilities." -+ fi -+ fi -+fi -+ -+cat >$test.c <<EOF - #include <errno.h> - int main() { return 0; } - EOF -diff -ru3 zlib-1.1.4.orig/gzio.c zlib-1.1.4/gzio.c ---- zlib-1.1.4.orig/gzio.c Mon Mar 11 14:16:01 2002 -+++ zlib-1.1.4/gzio.c Thu Feb 27 14:29:26 2003 -@@ -530,13 +530,31 @@ - - va_start(va, format); - #ifdef HAS_vsnprintf -+# ifdef HAS_vsnprintf_return -+ len = vsnprintf(buf, sizeof(buf), format, va); -+ va_end(va); -+ if (len <= 0 || len >= sizeof(buf)) -+ return 0; -+# else - (void)vsnprintf(buf, sizeof(buf), format, va); -+ va_end(va); -+ len = strlen(buf); -+ if (len <= 0) -+ return 0; -+# endif - #else -+# ifdef HAS_vsprintf_return -+ len = vsprintf(buf, format, va); -+ va_end(va); -+ if (len <= 0 || len >= sizeof(buf)) -+ return 0; -+# else - (void)vsprintf(buf, format, va); --#endif - va_end(va); - len = strlen(buf); /* some *sprintf don't return the nb of bytes written */ - if (len <= 0) return 0; -+# endif -+#endif - - return gzwrite(file, buf, (unsigned)len); - } -@@ -553,14 +571,31 @@ - int len; - - #ifdef HAS_snprintf -+# ifdef HAS_snprintf_return -+ len = snprintf(buf, sizeof(buf), format, a1, a2, a3, a4, a5, a6, a7, a8, -+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); -+ if (len <= 0 || len >= sizeof(buf)) -+ return 0; -+# else - snprintf(buf, sizeof(buf), format, a1, a2, a3, a4, a5, a6, a7, a8, - a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); -+ len = strlen(buf); -+ if (len <= 0) -+ return 0; -+# endif - #else -+# ifdef HAS_sprintf_return -+ len = sprintf(buf, format, a1, a2, a3, a4, a5, a6, a7, a8, -+ a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); -+ if (len <= 0 || len >= sizeof(buf)) -+ return 0; -+# else - sprintf(buf, format, a1, a2, a3, a4, a5, a6, a7, a8, - a9, a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20); --#endif - len = strlen(buf); /* old sprintf doesn't return the nb of bytes written */ - if (len <= 0) return 0; -+# endif -+#endif - - return gzwrite(file, buf, len); - } diff --git a/sys-libs/zlib/files/zlib-1.1.4-mapfile.patch b/sys-libs/zlib/files/zlib-1.1.4-mapfile.patch deleted file mode 100644 index 8b6d13a91269..000000000000 --- a/sys-libs/zlib/files/zlib-1.1.4-mapfile.patch +++ /dev/null @@ -1,79 +0,0 @@ ---- configure.orig 2003-11-04 20:00:19.192057400 -0800 -+++ configure 2003-11-04 20:00:22.524327784 -0800 -@@ -72,7 +72,8 @@ - SFLAGS=${CFLAGS-"-fPIC -O3"} - CFLAGS="$cflags" - case `(uname -s || echo unknown) 2>/dev/null` in -- Linux | linux) LDSHARED=${LDSHARED-"gcc -shared -Wl,-soname,libz.so.1"};; -+ Linux | linux) LDSHARED=${LDSHARED-"gcc -shared -Wl,-soname,libz.so.1"} -+ MAPFILE=${MAPFILE-"-Wl,--version-script,mapfile"};; - *) LDSHARED=${LDSHARED-"gcc -shared"};; - esac - else -@@ -104,7 +105,8 @@ - LDSHARED=${LDSHARED-"cc -dy -KPIC -G"};; - SunOS\ 5*) SFLAGS=${CFLAGS-"-fast -xcg89 -KPIC -R."} - CFLAGS=${CFLAGS-"-fast -xcg89"} -- LDSHARED=${LDSHARED-"cc -G"};; -+ MAPFILE=${MAPFILE-"-M mapfile"} -+ LDSHARED=${LDSHARED-"cc -G"};; - SunOS\ 4*) SFLAGS=${CFLAGS-"-O2 -PIC"} - CFLAGS=${CFLAGS-"-O2"} - LDSHARED=${LDSHARED-"ld"};; -@@ -138,6 +140,7 @@ - echo 'No shared library suppport; try without defining CC and CFLAGS' - shared=0; - fi -+ LDSHARED="${LDSHARED} ${MAPFILE}" - fi - if test $shared -eq 0; then - LDSHARED="$CC" ---- /dev/null 2003-10-15 22:31:52.000000000 -0700 -+++ mapfile 2003-11-04 19:44:59.742269984 -0800 -@@ -0,0 +1,46 @@ -+{ -+ global: -+ zlibVersion ; -+ deflateInit_ ; -+ deflateInit2_ ; -+ deflate ; -+ deflateSetDictionary ; -+ deflateCopy ; -+ deflateReset ; -+ deflateParams ; -+ deflateEnd ; -+ inflateInit_ ; -+ inflateInit2_ ; -+ inflate ; -+ inflateSetDictionary ; -+ inflateSync ; -+ inflateReset ; -+ inflateEnd ; -+ compress ; -+ compress2 ; -+ uncompress ; -+ gzopen ; -+ gzdopen ; -+ gzsetparams ; -+ gzread ; -+ gzwrite ; -+ gzprintf ; -+ gzputs ; -+ gzgets ; -+ gzputc ; -+ gzgetc ; -+ gzflush ; -+ gzseek ; -+ gzrewind ; -+ gztell ; -+ gzeof ; -+ gzclose ; -+ gzerror ; -+ adler32 ; -+ crc32 ; -+ zError ; -+ inflateSyncPoint ; -+ get_crc_table ; -+ local: -+ *; -+}; |