diff options
| author |   Michael Weber <xmw@gentoo.org> | 2013-07-08 13:41:12 +0000 |
|---|---|---|
| committer | Michael Weber <xmw@gentoo.org> | 2013-07-08 13:41:12 +0000 |
| commit | 366a5cbe92ddd346a29d6f3f8604c99c8df0c55e (patch) | |
| tree | 17a4c39b076f4a568e43f034dc2c6610841a6e9f /dev-scheme | |
| parent | Fix typo/invalid token (diff) | |
| download | historical-366a5cbe92ddd346a29d6f3f8604c99c8df0c55e.tar.gz historical-366a5cbe92ddd346a29d6f3f8604c99c8df0c55e.tar.bz2 historical-366a5cbe92ddd346a29d6f3f8604c99c8df0c55e.zip | |
Revbump to include security patches (bugs 462458, 469392, 467966)
Package-Manager: portage-2.2.0_alpha186/cvs/Linux x86_64
Manifest-Sign-Key: 0x62EEF090
Diffstat (limited to 'dev-scheme')
| -rw-r--r-- | dev-scheme/chicken/ChangeLog | 11 | ||||
| -rw-r--r-- | dev-scheme/chicken/Manifest | 28 | ||||
| -rw-r--r-- | dev-scheme/chicken/chicken-4.8.0.3-r1.ebuild | 93 | ||||
| -rw-r--r-- | dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-1874.patch | 25 | ||||
| -rw-r--r-- | dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2024.patch | 47 | ||||
| -rw-r--r-- | dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2075_1.patch | 161 | ||||
| -rw-r--r-- | dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2075_2.patch | 309 |
7 files changed, 657 insertions, 17 deletions
diff --git a/dev-scheme/chicken/ChangeLog b/dev-scheme/chicken/ChangeLog index b67bb300dd0e..be3e831f1b16 100644 --- a/dev-scheme/chicken/ChangeLog +++ b/dev-scheme/chicken/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for dev-scheme/chicken # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-scheme/chicken/ChangeLog,v 1.53 2013/04/11 21:42:52 ago Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-scheme/chicken/ChangeLog,v 1.54 2013/07/08 13:41:06 xmw Exp $ + +*chicken-4.8.0.3-r1 (08 Jul 2013) + + 08 Jul 2013; Michael Weber <xmw@gentoo.org> +chicken-4.8.0.3-r1.ebuild, + +files/chicken-4.8.0.3-CVE-2013-1874.patch, + +files/chicken-4.8.0.3-CVE-2013-2024.patch, + +files/chicken-4.8.0.3-CVE-2013-2075_1.patch, + +files/chicken-4.8.0.3-CVE-2013-2075_2.patch: + Revbump to include security patches (bugs 462458, 469392, 467966) 11 Apr 2013; Agostino Sarubbo <ago@gentoo.org> chicken-4.8.0.3.ebuild: Stable for amd64, wrt bug #455200 diff --git a/dev-scheme/chicken/Manifest b/dev-scheme/chicken/Manifest index b9a031880e8e..54b0f8f59d38 100644 --- a/dev-scheme/chicken/Manifest +++ b/dev-scheme/chicken/Manifest @@ -1,34 +1,30 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 +Hash: SHA256 AUX 50hen-gentoo.el 145 SHA256 5b58b0cc226fd167fa8f2523846fa980c74df77513703dbd63f7f82167ec0f52 SHA512 9e9e2a29ca0591eca6858326fa56cb90db406fb5dad487d2b452b51f6a575dd7df307673c9289ce04b9488da599f84c2b70373638c0fb141fe57e03c7254ee81 WHIRLPOOL aa1f242327f2c285efe1ac9e458d3fc1574454feef878aa27fcf2d73825c486a1fb90ece6a44055ae6b84a413fad49babb16e8ce4f1c6ac211dbe20b24e1f623 AUX chicken-4.5.0-r0-ARCH-to-zARCH-hack.patch 5441 SHA256 a887a97531a57585894cae4ac6934ce88073525ef96e5ef5d6201421f93c1e6f SHA512 79b84a5f183c3a42eddbd991bd42453c7b666f5684abb1ea303eca6c603bd9ab5b9e0eee2cf74bdf92535fafaca2adb6879e961b0f00e8a7d6bc2f5e14f0d7b2 WHIRLPOOL 61b9c1e374dbfa424d9bedd1e1422effab997964579eeb5f74163cdeea7c8078fb0a83aba2a0fdc9c69d83836d7cd998e861466c47f26fb4e541909b50cdcc1a AUX chicken-4.7.3-parallel-build.patch 3122 SHA256 ae1be72f78144daf010d07a5c88e94c977f0288f1c95a3410da6a5120f2a7bfb SHA512 966cea017c3c79ae372a46ad39198f944d5d727356fe1acd41e75edc7b57890e9563c1d9bb47662c5e7abd2d080c9026d310f949054f070e276f7314946344ff WHIRLPOOL 6f0f1dd2856c7f067a9dca9393179e7d0b397efcd1f771fa4bb83d077ae0f7e6bcd6b58be5d14fe841e5d747fdd9254cd3c44a94e713ecb032762508b9515faf +AUX chicken-4.8.0.3-CVE-2013-1874.patch 897 SHA256 51748f3ac98a2a883824b0080a5c6a939a2f49697afaa733034d1f5be0f67549 SHA512 975c97dbc49e5245a79b9dc8de4d9dbdc0aa6f54bf3e3a1c6cac34a65f069e8be72ea079fd0705a9cf341e0b157f87be7dc12d9e593c5142401c183bb8e0bd02 WHIRLPOOL f61071ea715a78d720003a1c08c2151c5481113fb64be67a1f552cc00b95d8e46e14b863b6279523d05329c61d235973b97084bb390a9e65a2149c7b91a62830 +AUX chicken-4.8.0.3-CVE-2013-2024.patch 1466 SHA256 fab93b61b95c87b95d2d4894988b76af6451f12a5cc8898447f1087cd30edcef SHA512 cb1c140ce01445ae62490576a76d553c695d077385d38e1537fec609527232bc1113697aa42be3e490d4f21f425ab7ea503e4d3cd6bf56b5fde2192afad0b952 WHIRLPOOL 62ee16f5ab426f8e305c7bbafbea74eb1c15e541158d46efd5c457731423094037178913643611607a03e48c1fb637d5371fe8aa11645d5e4623b2096aed8103 +AUX chicken-4.8.0.3-CVE-2013-2075_1.patch 6574 SHA256 1621872142aeee4868082b430a5c2c4bd52760cd48adf4926d0f9c1c6c4b9f4b SHA512 9e82d6e17f6930c430f20689a83d3a5841cf328f78e9b507defcb9ecf3016881cfda9085773d92f0d1456680e4f30d0418bf163c416c9acadbaa97335653fc08 WHIRLPOOL 31dde9cb237b48b37342e4509efd84ee375ab2847aa1791312ed8f6fdfb70b1a1c744e912b2971aa88a521db6af5b86cfa08bdbc47d61e809fb703f1fb8f8bef +AUX chicken-4.8.0.3-CVE-2013-2075_2.patch 10011 SHA256 0b70a4b8838e8ae366e23d135e8ec260ad33d0191edc0047fc5ade6fa385119b SHA512 5d5f04a9ec8f4c8b9a903c123d51cd91f6f220a160891c16df660fa216f380f21a90c613bf5cbcb914d2c6a8cc9ede6b2b774dbd09cd2d782abbc09ffc01773b WHIRLPOOL b4e14a87745ee0f2987cfbe09700dfb3c1b9cb70a488ff49d61d83b0f0a59b4183ba2653db311cb910f65e68e84212e3076d1363ea6954911af77115a0eaa284 AUX chicken-4.8.0.3-parallel-build.patch 3112 SHA256 0fc0f3422c2c24a2bdfb67aaec5e0378e5835b8858b9fd9cd7e9d296183101af SHA512 b85db92ef9f92484e5cc35b570bc7017f970d3d57aff5c573acfb7d8efac4ee823ab2c269f383695dbb834b37cb07b2638d19ea2114b0ad23ef73e00dc11aba8 WHIRLPOOL 6b81fc9745728092b992a0442dfdb2994906a1205bfdc76a32dd97a7a3716d587362ac8bde6775c1f4a924e7a28b23484e7ab6ff764feef748f58c045bda11bd DIST chicken-3.3.0.tar.gz 4228441 SHA256 5ce2519bac9956de5700a5777b2bbc2cd89202ef2d2252a40a0d1e8c9854bec6 DIST chicken-4.6.0.tar.gz 3019126 SHA256 c55d1dadf9941b3efbc7be9181d5c7cbc304a20c614625fbf710c0acaa1cd245 DIST chicken-4.7.3.tar.gz 3316152 SHA256 00c82bc2208d74463a69356d2a30a3771f87048ea87fb9c024d464b3c9d4e230 +DIST chicken-4.8.0.3-cve-updates.tar.bz2 218025 SHA256 3e4de410766b09706be156d8460a39a8382365470f46f2da545a577a4f986502 SHA512 2ad05fbc414fe536d94a63e4d57c98c3bb19267f99e636c2039cd2c3984778fb7f7a0765c64ed6dbe4c438c14bdc94d1f83a626191e0cb817eeca5ea1e480132 WHIRLPOOL b0c7a0280ff08e1ca66a8155e3917f6b12c4e9d9b94f2b354046d3d4cbc598d5edb43c4a210d30fda59c9a4654e95adfe7b21a0aa84ab795e46b37128235ec1e DIST chicken-4.8.0.3.tar.gz 3959422 SHA256 6a1414e6f35586e47d7f4470eaf1779a4f73dec664b14bebf8763dd804b399c3 SHA512 8a716953fe7eeaea9039e90c5a2abad7fbe341a580176abe870c7b78bfdd11f1291d90bb9df43334b7f7ea484695ba59eba3558b9e360e5e9bd21fa106679197 WHIRLPOOL f55ca79a7df54dce9612b444a5a6a767b9b18cb9ba48a91bb5abab799d260e6c8aef83dade54d38013f41cc4d4b8bbdcda77513d75c91ab038289c6eabcca2fb EBUILD chicken-3.3.0.ebuild 1569 SHA256 68e958a02a13039359584927a0d15e5b95280bcf1e12da97bad4dada0e8c17e7 SHA512 cf72e794dc60a635184a6ee5243d916a72bbb019e32dda6c7ec65766081af9e9048d2774513a909148f5c29e0be8830210b49c7ffa748eadb2f7c5ddc0c97a5c WHIRLPOOL 3b5c969762e0f4d0becac42f449481acf1461ff90da1cf8958930add92578ee90090b1d3fbbc86a1812b27e24d4bb4bbbde733a0d8946d9a312d4278edcb304a EBUILD chicken-4.6.0.ebuild 1693 SHA256 baac199e060815f232b8947c00fea3d39e6e42622095111b0370f9d5c7187d6a SHA512 4119461d3e2ba3a9b7803af7e350f17e20b528b2753ed3de669fb8dc1cf78ce90b1c8741ef56f27483dc1752ce3db3754b6a3a468cf5410c9dd03d28e20ddc30 WHIRLPOOL d744e08a4b62b75e93937eb71cf20298128c0d51110d507ae642ca6b8a9c91b4f46f378ececb30a2ccf9b3cf0105a9d50a98881d182b96b6051053608115ac67 EBUILD chicken-4.7.3-r1.ebuild 2211 SHA256 ec496c450194858301e12d6a2bc4fe265bed39a139b581d54fc5411e6fbed3c6 SHA512 2b91d77e285889197bf2082218557dc45d73e27a99e2f631f364cd15d7b642dd2be04116a4cd51bc73364d8a8867a16703d64c0a9992e7e780a8e23d38b1c21a WHIRLPOOL 47e7b3504f7a44aaf31fe155dde011aec602aa6467111ed8c24d4bbb6a7a479d77c0e74f1c2bffadae635ba314ad748d6791b49bc4c1691e65755585f866834b +EBUILD chicken-4.8.0.3-r1.ebuild 2845 SHA256 d11f159d00d597d25f1b6cebcfa5db5d4aabb67964cf31b09c88d6ca98bda25b SHA512 242cf6c890be09c4dd34a166249abbfae550a0b121577c5d495b0595daf5023df7b995bd1d9722a09cda7d3161218666e8c5cfc40f856520c8013e384aa08b1e WHIRLPOOL ac14cb7cea48ad3d555973f6286f3bc56a669125c33d5abf1487ae98867ca35017fc53bdd8375192dbe78ec15dbb051dea1ca62ebb2fa6e645b35d555a7409fc EBUILD chicken-4.8.0.3.ebuild 2326 SHA256 79a59e05f3a440f48f3890a43a053a327519f840e341b33b3271022391c051bc SHA512 44b5759d197fd0633deadc349ce528b60e98cf7da60c7e3bb24c276e920ca627526dec75af5b00c39188420a89a0929546f92024fb943a4d72411a8f18c4768d WHIRLPOOL 9d26940dfb0368f9b66f7cbae65c980e6edb32caecca6d72f17d4a63780e4a4459b7f455f9af2bb2cdcd3637b6a2ce369a69cdb9f23ab77f9eea0a1cd5dfa88b -MISC ChangeLog 8393 SHA256 780bb10982f9355b6cdb36c5e2ce2e33c10bd07423e8aff5e51c250c25510ca8 SHA512 c06b80b6bcdeeeee6553b5fd964cef11947dc75c525d0bedfccad27b7d5c51e1fa6f8ff5a63e2b1ee064b45097e8a5235857ea3273995419ce2657daf76ed5cb WHIRLPOOL 306ea61be3e07d790661eed1543bb86a09c55e3458f6e15baa8d724693c7814786e494b2ff7ce6e380c5f7a316ebc819a2eb72d989ac0f887a97f85652c2c5f8 +MISC ChangeLog 8759 SHA256 f9a55eec29f3a79809d05e3e5b7dcb74a99e69966d8aa488548a29b108a05709 SHA512 90a1264ec36b0a3ee34ce5f2a57abe16cc7184dde8f9f63c40f7fe9c1fb7664f476eec1a7ac43e301e348057659d075303df2275c6938b48cb56094f4216a139 WHIRLPOOL 50468bbb84ba62cf81d8d0c9eaf4c0f42b61ce287f16b57838ca83a8857b78f656b0cd12d04d1ba3dd562607e7c2829a514f73ff33d83c2306985197a81223bb MISC metadata.xml 870 SHA256 8608f5461e3c84d4034d7fdb21f85cfcaa7afdbf7603fce4f8b817edcd99da94 SHA512 eab200c152579766739e425703a9a1b002df0c5ceb31ce201424789a4f821c004d968a9b5dffe9ee9735913331b40261784ed70b6ec8a256b3117c98cb0ebab4 WHIRLPOOL 78f702cbd1e1ea1aa39c62fb9ab48b102b1bc859c1535531d2d073d9f57bdeb4413247d3331057c167b32e6fa69d76c818f76b8d39d7afb0d96396923f11947e -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.19 (GNU/Linux) +Version: GnuPG v2.0.20 (GNU/Linux) -iQIcBAEBCgAGBQJRZy5RAAoJELp701BxlEWfszkP/RLSNlyq11BMBAJ1O94N+Ctp -iHJFEO5I8Z3sBTSKtf+A00metHDUrPxqpm0NTjsPaBzhL7n0l5tsgwkd3PPD/Sss -v1X6MlVX2xUP6YLC/MFOrUglDMpOkzfd/TwOQyHNPZT/SgQa/5skj4zLUXKInQOU -T8vmU1J9wDbuvEQyfcDE9T6n2L3RUb+NphrKn7v4Uok58OICGWXwszdA/KJJq/Wv -9nAW1kf2kQlp+zxBFwdslCTvk7BEBICyxICokDKLqfs3KyNT/ZSGQ3vDVu1hXSXu -Sx80NdynNuJSBgwEIsf9AWj+xNuY5oJropZLZCMDBwfS91nCen4gkhdWzJjkMjIm -TrD0UJpEDJXRwx/llANrsFVHQoo9diToD027w+0E2rAwQR+vsD8uagwKqo9m/dKh -xXRRHGkMWEg6PX4rmtCalF/nLptTh9W1A1tovznd3kjKwjgYDZDvahBKkLgiC5dH -TlaxjpG2kTPE2hPaswlUaHiDZ9b/AsFswB4deWkYHMrZ7G0xH/nmJtILKFoAQhL5 -6nKbbpfWyxFiBFwqvGiJ4gSYK5PKkU+FjE3SxkabGU7IFmxyn7cVWHoR6F2YHweU -pEzsAYQWXrFFxyokoJu86KQkh0N5PM7OVWLg8ucAsfPO2j7sE/PfYsFtI8a5WGwZ -BuV0fTg6y05ad1/VG9sr -=eFVL +iF4EAREIAAYFAlHawXQACgkQknrdDGLu8JAAvgD8DhRbCg3nTJmsVc0XssxbrMUL +PEblwi50AYP0qd2og9IBAIDswVhO9hDMEP234LlTyyH1vTXoeA8b+fjqhwL3dxoJ +=CNdy -----END PGP SIGNATURE----- diff --git a/dev-scheme/chicken/chicken-4.8.0.3-r1.ebuild b/dev-scheme/chicken/chicken-4.8.0.3-r1.ebuild new file mode 100644 index 000000000000..0478dc61db24 --- /dev/null +++ b/dev-scheme/chicken/chicken-4.8.0.3-r1.ebuild @@ -0,0 +1,93 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-scheme/chicken/chicken-4.8.0.3-r1.ebuild,v 1.1 2013/07/08 13:41:06 xmw Exp $ + +EAPI="3" + +inherit eutils multilib versionator + +MY_PV=$(get_version_component_range 1-3) +DESCRIPTION="Chicken is a Scheme interpreter and native Scheme to C compiler" +HOMEPAGE="http://www.call-cc.org/" +SRC_URI="http://code.call-cc.org/releases/${MY_PV}/${P}.tar.gz + mirror://gentoo/${P}-cve-updates.tar.bz2" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~x86" +IUSE="emacs parallel-build doc" + +DEPEND="sys-apps/texinfo + emacs? ( virtual/emacs )" +RDEPEND="emacs? ( virtual/emacs app-emacs/scheme-complete )" + +src_prepare() { + #these patch .scm source files + # bug 467966 + epatch "${FILESDIR}"/${P}-CVE-2013-2024.patch + # bug 469392 + epatch "${FILESDIR}"/${P}-CVE-2013-2075_1.patch \ + "${FILESDIR}"/${P}-CVE-2013-2075_2.patch + # bug 462458 + epatch "${FILESDIR}"/${P}-CVE-2013-1874.patch + + # buildsystem tries to generate .c out of patched .scm files, + # which fails w/o installed chicken binary + # touch and add precompiled .c files + touch ../${P}-cve-updates/* + mv -v ../${P}-cve-updates/* . + + if use "parallel-build" + then + epatch "${FILESDIR}"/${P}-parallel-build.patch + fi + + #Because chicken's Upstream is in the habit of using variables that + #portage also uses :( eg. $ARCH and $A + sed 's,A\(\s?=\|)\),chicken&,' -i Makefile.cross-linux-mingw \ + defaults.make rules.make \ + || die "sed failed" + + sed "s,ARCH,zARCH," -i Makefile.bsd Makefile.cross-linux-mingw \ + Makefile.cygwin Makefile.haiku Makefile.linux Makefile.macosx \ + Makefile.mingw Makefile.mingw-msys Makefile.solaris \ + defaults.make rules.make \ + || die "sed failed" + + sed "s,\$(PREFIX)/lib,\$(PREFIX)/$(get_libdir)," -i defaults.make || die "sed failed" + sed "s,\$(DATADIR)/doc,\$(SHAREDIR)/doc/${P}," -i defaults.make || die "sed failed" +} + +src_compile() { + OPTIONS="PLATFORM=linux PREFIX=/usr" + if use "parallel-build" + then + emake ${OPTIONS} C_COMPILER_OPTIMIZATION_OPTIONS="${CFLAGS}" \ + LINKER_OPTIONS="${LDFLAGS}" \ + HOSTSYSTEM="${CBUILD}" || die "emake failed" + else + emake -j1 ${OPTIONS} C_COMPILER_OPTIMIZATION_OPTIONS="${CFLAGS}" \ + LINKER_OPTIONS="${LDFLAGS}" \ + HOSTSYSTEM="${CBUILD}" || die "emake failed" + fi +} + +# chicken's testsuite is not runnable before install +# upstream has been notified of the issue +RESTRICT=test + +src_install() { + # still can't run make in parallel for the install target + emake -j1 ${OPTIONS} DESTDIR="${D}" HOSTSYSTEM="${CBUILD}" \ + LINKER_OPTIONS="${LDFLAGS}" \ + install || die + + rm "${D}"/usr/share/doc/${P}/LICENSE || die + dodoc NEWS || die + + # remove HTML documentation if the user doesn't USE=doc + if ! use "doc" + then + rm -rf "${D}"/usr/share/doc/${P}/manual || die + fi +} diff --git a/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-1874.patch b/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-1874.patch new file mode 100644 index 000000000000..599ae61d322f --- /dev/null +++ b/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-1874.patch @@ -0,0 +1,25 @@ +From http://lists.nongnu.org/archive/html/chicken-hackers/2013-03/msg00074.html +--- chicken-4.8.0.3/csi.scm ++++ chicken-4.8.0.3/csi.scm +@@ -1019,13 +1019,11 @@ EOF + (cons (cadr p) (loop (cddr p)))) ) ] + [else '()] ) ) ) + (define (loadinit) +- (let ([fn (##sys#string-append "./" init-file)]) +- (if (file-exists? fn) +- (load fn) +- (let* ([prefix (chop-separator (or (get-environment-variable "HOME") "."))] +- [fn (string-append prefix "/" init-file)] ) +- (when (file-exists? fn) +- (load fn) ) ) ) ) ) ++ (and-let* ((home (get-environment-variable "HOME")) ++ ((not (string=? home "")))) ++ (let ((fn (string-append (chop-separator home) "/" init-file))) ++ (when (file-exists? fn) ++ (load fn) ) ) ) ) + (define (evalstring str #!optional (rec (lambda _ (void)))) + (let ((in (open-input-string str))) + (do ([x (read in) (read in)]) +-- +1.7.12 + diff --git a/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2024.patch b/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2024.patch new file mode 100644 index 000000000000..d57a4bce970a --- /dev/null +++ b/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2024.patch @@ -0,0 +1,47 @@ +From http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=58684f69572453acc6fed7326fa9df39be98760e +--- chicken-4.8.0.3/setup-api.scm ++++ chicken-4.8.0.3/setup-api.scm +@@ -239,7 +239,7 @@ + (cond ((string=? prg "csc") + (string-intersperse + (cons* +- (shellpath (find-program "csc")) ++ (find-program "csc") + "-feature" "compiling-extension" + (if (or (deployment-mode) + (and (feature? #:cross-chicken) +--- chicken-4.8.0.3/utils.scm ++++ chicken-4.8.0.3/utils.scm +@@ -59,20 +59,18 @@ + ;;; Quote string for shell + + (define (qs str #!optional (platform (build-platform))) +- (case platform +- ((mingw32) +- (string-append "\"" str "\"")) +- (else +- (if (zero? (string-length str)) +- "''" +- (string-concatenate +- (map (lambda (c) +- (if (or (char-whitespace? c) +- (memq c '(#\# #\" #\' #\` #\´ #\~ #\& #\% #\$ #\! #\* #\; +- #\< #\> #\\ #\( #\) #\[ #\] #\{ #\} #\?))) +- (string #\\ c) +- (string c))) +- (string->list str))))))) ++ (let ((delim (if (eq? platform 'mingw32) #\" #\')) ++ (escaped (if (eq? platform 'mingw32) "\"\"" "'\\''"))) ++ (string-append ++ (string delim) ++ (string-concatenate ++ (map (lambda (c) ++ (cond ++ ((char=? c delim) escaped) ++ ((char=? c #\nul) (error 'qs "NUL character can not be represented in shell string" str)) ++ (else (string c)))) ++ (string->list str))) ++ (string delim)))) + + + ;;; Compile and load file diff --git a/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2075_1.patch b/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2075_1.patch new file mode 100644 index 000000000000..d3de47bb6ece --- /dev/null +++ b/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2075_1.patch @@ -0,0 +1,161 @@ +From 9e2022652258e8a30e5cedbf0abc9cd85a0f6af7 Mon Sep 17 00:00:00 2001 +From: Peter Bex <peter.bex@xs4all.nl> +Date: Thu, 18 Apr 2013 00:31:08 +0200 +Subject: [PATCH] Implement file-select in terms of POSIX poll() for UNIX + +Signed-off-by: felix <felix@call-with-current-continuation.org> +--- + posixunix.scm | 116 ++++++++++++++++++++++++++------------------------------ + 1 files changed, 54 insertions(+), 62 deletions(-) + +diff --git a/posixunix.scm b/posixunix.scm +index 15cb535..90e0176 100644 +--- a/posixunix.scm ++++ b/posixunix.scm +@@ -67,6 +67,7 @@ static C_TLS int C_wait_status; + #endif + + #include <sys/mman.h> ++#include <sys/poll.h> + #include <time.h> + + #ifndef O_FSYNC +@@ -136,7 +137,6 @@ static C_TLS struct { + static C_TLS int C_pipefds[ 2 ]; + static C_TLS time_t C_secs; + static C_TLS struct tm C_tm; +-static C_TLS fd_set C_fd_sets[ 2 ]; + static C_TLS struct timeval C_timeval; + static C_TLS char C_hostbuf[ 256 ]; + static C_TLS struct stat C_statbuf; +@@ -303,13 +303,6 @@ static C_TLS sigset_t C_sigset; + #define C_fseek(p, n, w) C_mk_nbool(fseek(C_port_file(p), C_num_to_int(n), C_unfix(w))) + #define C_lseek(fd, o, w) C_fix(lseek(C_unfix(fd), C_unfix(o), C_unfix(w))) + +-#define C_zero_fd_set(i) FD_ZERO(&C_fd_sets[ i ]) +-#define C_set_fd_set(i, fd) FD_SET(fd, &C_fd_sets[ i ]) +-#define C_test_fd_set(i, fd) FD_ISSET(fd, &C_fd_sets[ i ]) +-#define C_C_select(m) C_fix(select(C_unfix(m), &C_fd_sets[ 0 ], &C_fd_sets[ 1 ], NULL, NULL)) +-#define C_C_select_t(m, t) (C_set_timeval(t, &C_timeval), \ +- C_fix(select(C_unfix(m), &C_fd_sets[ 0 ], &C_fd_sets[ 1 ], NULL, &C_timeval))) +- + #define C_ctime(n) (C_secs = (n), ctime(&C_secs)) + + #if defined(__SVR4) || defined(C_MACOSX) +@@ -656,60 +649,59 @@ EOF + + ;;; I/O multiplexing: + +-(define file-select +- (let ([fd_zero (foreign-lambda void "C_zero_fd_set" int)] +- [fd_set (foreign-lambda void "C_set_fd_set" int int)] +- [fd_test (foreign-lambda bool "C_test_fd_set" int int)] ) +- (lambda (fdsr fdsw . timeout) +- (let ([fdmax 0] +- [tm (if (pair? timeout) (car timeout) #f)] ) +- (fd_zero 0) +- (fd_zero 1) +- (cond [(not fdsr)] +- [(fixnum? fdsr) +- (set! fdmax fdsr) +- (fd_set 0 fdsr) ] +- [else +- (##sys#check-list fdsr 'file-select) +- (for-each +- (lambda (fd) +- (##sys#check-exact fd 'file-select) +- (set! fdmax (##core#inline "C_i_fixnum_max" fdmax fd)) +- (fd_set 0 fd) ) +- fdsr) ] ) +- (cond [(not fdsw)] +- [(fixnum? fdsw) +- (set! fdmax fdsw) +- (fd_set 1 fdsw) ] +- [else +- (##sys#check-list fdsw 'file-select) +- (for-each +- (lambda (fd) +- (##sys#check-exact fd 'file-select) +- (set! fdmax (##core#inline "C_i_fixnum_max" fdmax fd)) +- (fd_set 1 fd) ) +- fdsw) ] ) +- (let ([n (cond [tm +- (##sys#check-number tm 'file-select) +- (##core#inline "C_C_select_t" (fx+ fdmax 1) tm) ] +- [else (##core#inline "C_C_select" (fx+ fdmax 1))] ) ] ) +- (cond [(fx< n 0) +- (posix-error #:file-error 'file-select "failed" fdsr fdsw) ] +- [(fx= n 0) (values (if (pair? fdsr) '() #f) (if (pair? fdsw) '() #f))] +- [else +- (values +- (and fdsr +- (if (fixnum? fdsr) +- (fd_test 0 fdsr) +- (let ([lstr '()]) +- (for-each (lambda (fd) (when (fd_test 0 fd) (set! lstr (cons fd lstr)))) fdsr) +- lstr) ) ) +- (and fdsw +- (if (fixnum? fdsw) +- (fd_test 1 fdsw) +- (let ([lstw '()]) +- (for-each (lambda (fd) (when (fd_test 1 fd) (set! lstw (cons fd lstw)))) fdsw) +- lstw) ) ) ) ] ) ) ) ) ) ) ++(define (file-select fdsr fdsw . timeout) ++ (let* ((tm (if (pair? timeout) (car timeout) #f)) ++ (fdsrl (cond ((not fdsr) '()) ++ ((fixnum? fdsr) (list fdsr)) ++ (else (##sys#check-list fdsr 'file-select) ++ fdsr))) ++ (fdswl (cond ((not fdsw) '()) ++ ((fixnum? fdsw) (list fdsw)) ++ (else (##sys#check-list fdsw 'file-select) ++ fdsw))) ++ (nfdsr (##sys#length fdsrl)) ++ (nfdsw (##sys#length fdswl)) ++ (nfds (fx+ nfdsr nfdsw)) ++ (fds-blob (##sys#make-blob ++ (fx* nfds (foreign-value "sizeof(struct pollfd)" int))))) ++ (when tm (##sys#check-number tm)) ++ (do ((i 0 (fx+ i 1)) ++ (fdsrl fdsrl (cdr fdsrl))) ++ ((null? fdsrl)) ++ ((foreign-lambda* void ((int i) (int fd) (scheme-pointer p)) ++ "struct pollfd *fds = p;" ++ "fds[i].fd = fd; fds[i].events = POLLIN;") i (car fdsrl) fds-blob)) ++ (do ((i nfdsr (fx+ i 1)) ++ (fdswl fdswl (cdr fdswl))) ++ ((null? fdswl)) ++ ((foreign-lambda* void ((int i) (int fd) (scheme-pointer p)) ++ "struct pollfd *fds = p;" ++ "fds[i].fd = fd; fds[i].events = POLLOUT;") i (car fdswl) fds-blob)) ++ (let ((n ((foreign-lambda int "poll" scheme-pointer int int) ++ fds-blob nfds (if tm (inexact->exact (* (max 0 tm) 1000)) -1)))) ++ (cond ((fx< n 0) ++ (posix-error #:file-error 'file-select "failed" fdsr fdsw) ) ++ ((fx= n 0) (values (if (pair? fdsr) '() #f) (if (pair? fdsw) '() #f))) ++ (else ++ (let ((rl (let lp ((i 0) (res '()) (fds fdsrl)) ++ (cond ((null? fds) (##sys#fast-reverse res)) ++ (((foreign-lambda* bool ((int i) (scheme-pointer p)) ++ "struct pollfd *fds = p;" ++ "C_return(fds[i].revents & (POLLIN|POLLERR|POLLHUP|POLLNVAL));") ++ i fds-blob) ++ (lp (fx+ i 1) (cons (car fds) res) (cdr fds))) ++ (else (lp (fx+ i 1) res (cdr fds)))))) ++ (wl (let lp ((i nfdsr) (res '()) (fds fdswl)) ++ (cond ((null? fds) (##sys#fast-reverse res)) ++ (((foreign-lambda* bool ((int i) (scheme-pointer p)) ++ "struct pollfd *fds = p;" ++ "C_return(fds[i].revents & (POLLOUT|POLLERR|POLLHUP|POLLNVAL));") ++ i fds-blob) ++ (lp (fx+ i 1) (cons (car fds) res) (cdr fds))) ++ (else (lp (fx+ i 1) res (cdr fds))))))) ++ (values ++ (and fdsr (if (fixnum? fdsr) (and (memq fdsr rl) fdsr) rl)) ++ (and fdsw (if (fixnum? fdsw) (and (memq fdsw wl) fdsw) wl))))))))) + + + ;;; File attribute access: +-- +1.7.2.1 + diff --git a/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2075_2.patch b/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2075_2.patch new file mode 100644 index 000000000000..b85ea7c8b259 --- /dev/null +++ b/dev-scheme/chicken/files/chicken-4.8.0.3-CVE-2013-2075_2.patch @@ -0,0 +1,309 @@ +From http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commitdiff;h=556108092774086b6c86c2e27daf3f740ffec091 + +--- chicken-4.8.0.3/chicken.h ++++ chicken-4.8.0.3/chicken.h +@@ -1668,6 +1668,7 @@ + C_fctexport C_word C_fcall C_read_char(C_word port) C_regparm; + C_fctexport C_word C_fcall C_peek_char(C_word port) C_regparm; + C_fctexport C_word C_fcall C_execute_shell_command(C_word string) C_regparm; ++C_fctexport int C_fcall C_check_fd_ready(int fd) C_regparm; + C_fctexport C_word C_fcall C_char_ready_p(C_word port) C_regparm; + C_fctexport C_word C_fcall C_fudge(C_word fudge_factor) C_regparm; + C_fctexport void C_fcall C_raise_interrupt(int reason) C_regparm; +--- chicken-4.8.0.3/posixunix.scm ++++ chicken-4.8.0.3/posixunix.scm +@@ -493,16 +493,7 @@ + "if(val == -1) C_return(0);" + "C_return(fcntl(fd, F_SETFL, val | O_NONBLOCK) != -1);" ) ) + +-(define ##sys#file-select-one +- (foreign-lambda* int ([int fd]) +- "fd_set in;" +- "struct timeval tm;" +- "FD_ZERO(&in);" +- "FD_SET(fd, &in);" +- "tm.tv_sec = tm.tv_usec = 0;" +- "if(select(fd + 1, &in, NULL, NULL, &tm) == -1) C_return(-1);" +- "else C_return(FD_ISSET(fd, &in) ? 1 : 0);" ) ) +- ++(define ##sys#file-select-one (foreign-lambda int "C_check_fd_ready" int) ) + + ;;; Lo-level I/O: + +--- chicken-4.8.0.3/runtime.c ++++ chicken-4.8.0.3/runtime.c +@@ -60,6 +60,11 @@ + # define EOVERFLOW 0 + #endif + ++/* TODO: Include sys/select.h? Windows doesn't seem to have it... */ ++#ifdef HAVE_POSIX_POLL ++# include <poll.h> ++#endif ++ + #if !defined(C_NONUNIX) + + # include <sys/types.h> +@@ -4036,20 +4041,39 @@ + return C_fix(n); + } + ++/* ++ * TODO: Implement something for Windows that supports selecting on ++ * arbitrary fds (there, select() only works on network sockets and ++ * poll() is not available at all). ++ */ ++C_regparm int C_fcall C_check_fd_ready(int fd) ++{ ++#ifdef HAVE_POSIX_POLL ++ struct pollfd ps; ++ ps.fd = fd; ++ ps.events = POLLIN; ++ return poll(&ps, 1, 0); ++#else ++ fd_set in; ++ struct timeval tm; ++ int rv; ++ FD_ZERO(&in); ++ FD_SET(fd, &in); ++ tm.tv_sec = tm.tv_usec = 0; ++ rv = select(fd + 1, &in, NULL, NULL, &tm); ++ if(rv > 0) { rv = FD_ISSET(fd, &in) ? 1 : 0; } ++ return rv; ++#endif ++} + + C_regparm C_word C_fcall C_char_ready_p(C_word port) + { +-#if !defined(C_NONUNIX) +- fd_set fs; +- struct timeval to; +- int fd = C_fileno(C_port_file(port)); +- +- FD_ZERO(&fs); +- FD_SET(fd, &fs); +- to.tv_sec = to.tv_usec = 0; +- return C_mk_bool(C_select(fd + 1, &fs, NULL, NULL, &to) == 1); +-#else ++#if defined(C_NONUNIX) ++ /* The best we can currently do on Windows... */ + return C_SCHEME_TRUE; ++#else ++ int fd = C_fileno(C_port_file(port)); ++ return C_mk_bool(C_check_fd_ready(fd) == 1); + #endif + } + +--- chicken-4.8.0.3/tcp.scm ++++ chicken-4.8.0.3/tcp.scm +@@ -46,6 +46,7 @@ + # define fcntl(a, b, c) 0 + # define EWOULDBLOCK 0 + # define EINPROGRESS 0 ++# define EAGAIN 0 + # define typecorrect_getsockopt(socket, level, optname, optval, optlen) \ + getsockopt(socket, level, optname, (char *)optval, optlen) + #else +@@ -111,6 +112,7 @@ + (define ##net#recv (foreign-lambda int "recv" int scheme-pointer int int)) + (define ##net#shutdown (foreign-lambda int "shutdown" int int)) + (define ##net#connect (foreign-lambda int "connect" int scheme-pointer int)) ++(define ##net#check-fd-ready (foreign-lambda int "C_check_fd_ready" int)) + + (define ##net#send + (foreign-lambda* +@@ -177,30 +179,6 @@ + if((se = getservbyname(serv, proto)) == NULL) C_return(0); + else C_return(ntohs(se->s_port));") ) + +-(define ##net#select +- (foreign-lambda* int ((int fd)) +- "fd_set in; +- struct timeval tm; +- int rv; +- FD_ZERO(&in); +- FD_SET(fd, &in); +- tm.tv_sec = tm.tv_usec = 0; +- rv = select(fd + 1, &in, NULL, NULL, &tm); +- if(rv > 0) { rv = FD_ISSET(fd, &in) ? 1 : 0; } +- C_return(rv);") ) +- +-(define ##net#select-write +- (foreign-lambda* int ((int fd)) +- "fd_set out; +- struct timeval tm; +- int rv; +- FD_ZERO(&out); +- FD_SET(fd, &out); +- tm.tv_sec = tm.tv_usec = 0; +- rv = select(fd + 1, NULL, &out, NULL, &tm); +- if(rv > 0) { rv = FD_ISSET(fd, &out) ? 1 : 0; } +- C_return(rv);") ) +- + (define ##net#gethostaddr + (foreign-lambda* bool ((scheme-pointer saddr) (c-string host) (unsigned-short port)) + "struct hostent *he = gethostbyname(host);" +@@ -212,13 +190,6 @@ + "addr->sin_addr = *((struct in_addr *)he->h_addr);" + "C_return(1);") ) + +-(define (yield) +- (##sys#call-with-current-continuation +- (lambda (return) +- (let ((ct ##sys#current-thread)) +- (##sys#setslot ct 1 (lambda () (return (##core#undefined)))) +- (##sys#schedule) ) ) ) ) +- + (define ##net#parse-host + (let ((substring substring)) + (lambda (host proto) +@@ -343,7 +314,9 @@ + (outbufsize (tbs)) + (outbuf (and outbufsize (fx> outbufsize 0) "")) + (tmr (tcp-read-timeout)) ++ (dlr (and tmr (+ (current-milliseconds) tmr))) + (tmw (tcp-write-timeout)) ++ (dlw (and tmw (+ (current-milliseconds) tmw))) + (read-input + (lambda () + (let loop () +@@ -351,12 +324,11 @@ + (cond ((eq? -1 n) + (cond ((or (eq? errno _ewouldblock) + (eq? errno _eagain)) +- (when tmr +- (##sys#thread-block-for-timeout! +- ##sys#current-thread +- (+ (current-milliseconds) tmr) ) ) ++ (when dlr ++ (##sys#thread-block-for-timeout! ++ ##sys#current-thread dlr) ) + (##sys#thread-block-for-i/o! ##sys#current-thread fd #:input) +- (yield) ++ (##sys#thread-yield!) + (when (##sys#slot ##sys#current-thread 13) + (##sys#signal-hook + #:network-timeout-error +@@ -386,7 +358,7 @@ + c) ) ) + (lambda () + (or (fx< bufindex buflen) +- (let ((f (##net#select fd))) ++ (let ((f (##net#check-fd-ready fd))) + (when (eq? f -1) + (##sys#update-errno) + (##sys#signal-hook +@@ -469,12 +441,11 @@ + (cond ((eq? -1 n) + (cond ((or (eq? errno _ewouldblock) + (eq? errno _eagain)) +- (when tmw ++ (when dlw + (##sys#thread-block-for-timeout! +- ##sys#current-thread +- (+ (current-milliseconds) tmw) ) ) +- (##sys#thread-block-for-i/o! ##sys#current-thread fd #:output) +- (yield) ++ ##sys#current-thread dlw) ) ++ (##sys#thread-block-for-i/o! ##sys#current-thread fd #:output) ++ (##sys#thread-yield!) + (when (##sys#slot ##sys#current-thread 13) + (##sys#signal-hook + #:network-timeout-error +@@ -528,38 +499,29 @@ + + (define (tcp-accept tcpl) + (##sys#check-structure tcpl 'tcp-listener) +- (let ((fd (##sys#slot tcpl 1)) +- (tma (tcp-accept-timeout))) ++ (let* ((fd (##sys#slot tcpl 1)) ++ (tma (tcp-accept-timeout)) ++ (dla (and tma (+ tma (current-milliseconds))))) + (let loop () +- (if (eq? 1 (##net#select fd)) +- (let ((fd (##net#accept fd #f #f))) +- (cond ((not (eq? -1 fd)) (##net#io-ports fd)) +- ((eq? errno _eintr) +- (##sys#dispatch-interrupt loop)) +- (else +- (##sys#update-errno) +- (##sys#signal-hook +- #:network-error +- 'tcp-accept +- (##sys#string-append "could not accept from listener - " strerror) +- tcpl)))) +- (begin +- (when tma +- (##sys#thread-block-for-timeout! +- ##sys#current-thread +- (+ (current-milliseconds) tma) ) ) +- (##sys#thread-block-for-i/o! ##sys#current-thread fd #:input) +- (yield) +- (when (##sys#slot ##sys#current-thread 13) +- (##sys#signal-hook +- #:network-timeout-error +- 'tcp-accept +- "accept operation timed out" tma fd) ) +- (loop) ) ) ) ) ) ++ (when dla ++ (##sys#thread-block-for-timeout! ##sys#current-thread dla) ) ++ (##sys#thread-block-for-i/o! ##sys#current-thread fd #:input) ++ (##sys#thread-yield!) ++ (if (##sys#slot ##sys#current-thread 13) ++ (##sys#signal-hook ++ #:network-timeout-error ++ 'tcp-accept ++ "accept operation timed out" tma fd) ) ++ (let ((fd (##net#accept fd #f #f))) ++ (cond ((not (eq? -1 fd)) (##net#io-ports fd)) ++ ((eq? errno _eintr) ++ (##sys#dispatch-interrupt loop)) ++ (else ++ (network-error 'tcp-accept "could not accept from listener" tcpl)))) ) ) ) + + (define (tcp-accept-ready? tcpl) + (##sys#check-structure tcpl 'tcp-listener 'tcp-accept-ready?) +- (let ((f (##net#select (##sys#slot tcpl 1)))) ++ (let ((f (##net#check-fd-ready (##sys#slot tcpl 1)))) + (when (eq? -1 f) + (##sys#update-errno) + (##sys#signal-hook +@@ -578,8 +540,9 @@ + (define general-strerror (foreign-lambda c-string "strerror" int)) + + (define (tcp-connect host . more) +- (let ((port (optional more #f)) +- (tmc (tcp-connect-timeout))) ++ (let* ((port (optional more #f)) ++ (tmc (tcp-connect-timeout)) ++ (dlc (and tmc (+ (current-milliseconds) tmc)))) + (##sys#check-string host) + (unless port + (set!-values (host port) (##net#parse-host host "tcp")) +@@ -606,23 +569,9 @@ + (let loop () + (when (eq? -1 (##net#connect s addr _sockaddr_in_size)) + (cond ((eq? errno _einprogress) +- (let loop2 () +- (let ((f (##net#select-write s))) +- (when (eq? f -1) (fail)) +- (unless (eq? f 1) +- (when tmc +- (##sys#thread-block-for-timeout! +- ##sys#current-thread +- (+ (current-milliseconds) tmc) ) ) +- (##sys#thread-block-for-i/o! ##sys#current-thread s #:all) +- (yield) +- (when (##sys#slot ##sys#current-thread 13) +- (##net#close s) +- (##sys#signal-hook +- #:network-timeout-error +- 'tcp-connect +- "connect operation timed out" tmc s) ) +- (loop2) ) ) )) ++ (when dlc ++ (##sys#thread-block-for-timeout! ##sys#current-thread dlc)) ++ (##sys#thread-block-for-i/o! ##sys#current-thread s #:all)) + ((eq? errno _eintr) + (##sys#dispatch-interrupt loop)) + (else (fail) ) ))) |