diff options
author | Sam James <sam@gentoo.org> | 2022-06-20 04:33:22 +0100 |
---|---|---|
committer | Sam James <sam@gentoo.org> | 2022-06-20 06:03:51 +0100 |
commit | 503f602e1edc26f721b47c80981068f547b86b68 (patch) | |
tree | 75318a19f45e3b3277ce9e265839681689187112 /sys-libs/db | |
parent | media-sound/vorbisgain: fix -Wformat-security (diff) | |
download | gentoo-503f602e1edc26f721b47c80981068f547b86b68.tar.gz gentoo-503f602e1edc26f721b47c80981068f547b86b68.tar.bz2 gentoo-503f602e1edc26f721b47c80981068f547b86b68.zip |
sys-libs/db: fix -Wformat-security
Closes: https://bugs.gentoo.org/632628
Thanks-to: René Rhéaume <rene.rheaume@gmail.com>
Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'sys-libs/db')
-rw-r--r-- | sys-libs/db/db-4.8.30-r7.ebuild | 164 | ||||
-rw-r--r-- | sys-libs/db/files/db-4.8-wformat-security.patch | 43 |
2 files changed, 207 insertions, 0 deletions
diff --git a/sys-libs/db/db-4.8.30-r7.ebuild b/sys-libs/db/db-4.8.30-r7.ebuild new file mode 100644 index 000000000000..6b8e376acdb7 --- /dev/null +++ b/sys-libs/db/db-4.8.30-r7.ebuild @@ -0,0 +1,164 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools db flag-o-matic multilib-minimal toolchain-funcs + +# Number of official patches +#PATCHNO=`echo ${PV}|sed -e "s,\(.*_p\)\([0-9]*\),\2,"` +PATCHNO="${PV/*.*.*_p}" +if [[ ${PATCHNO} == "${PV}" ]] ; then + MY_PV="${PV}" + MY_P="${P}" + PATCHNO=0 +else + MY_PV="${PV/_p${PATCHNO}}" + MY_P="${PN}-${MY_PV}" +fi + +S="${WORKDIR}/${MY_P}/build_unix" +DESCRIPTION="Oracle Berkeley DB" +HOMEPAGE="http://www.oracle.com/technetwork/database/database-technologies/berkeleydb/overview/index.html" +SRC_URI="http://download.oracle.com/berkeley-db/${MY_P}.tar.gz" +for (( i=1 ; i<=${PATCHNO} ; i++ )) ; do + SRC_URI+=" http://www.oracle.com/technology/products/berkeley-db/db/update/${MY_PV}/patch.${MY_PV}.${i}" +done + +LICENSE="Sleepycat" +SLOT="$(ver_cut 1-2)" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" +IUSE="doc cxx tcl test" +RESTRICT="!test? ( test )" +REQUIRED_USE="test? ( tcl )" + +# The entire testsuite needs the TCL functionality +DEPEND="tcl? ( >=dev-lang/tcl-8.5.15-r1:0=[${MULTILIB_USEDEP}] ) + test? ( >=dev-lang/tcl-8.5.15-r1:0=[${MULTILIB_USEDEP}] )" +RDEPEND="tcl? ( >=dev-lang/tcl-8.5.15-r1:0=[${MULTILIB_USEDEP}] )" + +PATCHES=( + "${FILESDIR}"/${PN}-4.8-libtool.patch + "${FILESDIR}"/${PN}-4.8.30-rename-atomic-compare-exchange.patch + "${FILESDIR}"/${PN}-4.8-wformat-security.patch +) + +src_prepare() { + cd "${WORKDIR}"/"${MY_P}" || die + for (( i=1 ; i<=${PATCHNO} ; i++ )); do + eapply -p0 "${DISTDIR}"/patch."${MY_PV}"."${i}" + done + + default + + sed -e "/^DB_RELEASE_DATE=/s/%B %e, %Y/%Y-%m-%d/" -i dist/RELEASE \ + || die + + cd dist || die + rm aclocal/libtool.m4 || die + sed \ + -e '/AC_PROG_LIBTOOL$/aLT_OUTPUT' \ + -i configure.ac || die + sed \ + -e '/^AC_PATH_TOOL/s/ sh, none/ bash, none/' \ + -i aclocal/programs.m4 || die + + AT_M4DIR="aclocal" eautoreconf + + # They do autoconf and THEN replace the version variables :( + . ./RELEASE + sed \ + -e "s/__EDIT_DB_VERSION_MAJOR__/$DB_VERSION_MAJOR/g" \ + -e "s/__EDIT_DB_VERSION_MINOR__/$DB_VERSION_MINOR/g" \ + -e "s/__EDIT_DB_VERSION_PATCH__/$DB_VERSION_PATCH/g" \ + -e "s/__EDIT_DB_VERSION_STRING__/$DB_VERSION_STRING/g" \ + -e "s/__EDIT_DB_VERSION_UNIQUE_NAME__/$DB_VERSION_UNIQUE_NAME/g" \ + -e "s/__EDIT_DB_VERSION__/$DB_VERSION/g" \ + -i configure || die +} + +multilib_src_configure() { + local myconf=( + --enable-compat185 + --enable-o_direct + --without-uniquename + --disable-static + --disable-java + $([[ ${ABI} == amd64 ]] && echo --with-mutex=x86/gcc-assembly) + $(use_enable cxx) + $(use_enable cxx stl) + $(use_enable test) + ) + + # bug #470634 and bug #729510 + tc-ld-force-bfd + + # compilation with -O0 fails on amd64, see bug #171231 + if [[ ${ABI} == amd64 ]]; then + local CFLAGS=${CFLAGS} CXXFLAGS=${CXXFLAGS} + replace-flags -O0 -O2 + is-flagq -O[s123] || append-flags -O2 + fi + + # Add linker versions to the symbols. Easier to do, and safer than header file + # mumbo jumbo. + append-ldflags -Wl,--default-symver + + # Bug #270851: test needs TCL support + if use tcl || use test ; then + myconf+=( + --enable-tcl + --with-tcl="${EPREFIX}/usr/$(get_libdir)" + ) + else + myconf+=(--disable-tcl ) + fi + + ECONF_SOURCE="${S}"/../dist STRIP="true" econf "${myconf[@]}" + + # The embedded assembly on ARM does not work on newer hardware + # so you CANNOT use --with-mutex=ARM/gcc-assembly anymore. + # Specifically, it uses the SWPB op, which was deprecated: + # http://www.keil.com/support/man/docs/armasm/armasm_dom1361289909499.htm + # The op ALSO cannot be used in ARM-Thumb mode. + # Trust the compiler instead. + # >=db-6.1 uses LDREX instead. +} + +multilib_src_test() { + multilib_is_native_abi || return + + S="${BUILD_DIR}" db_src_test +} + +multilib_src_install() { + emake install DESTDIR="${D}" + + db_src_install_headerslot + + db_src_install_usrlibcleanup +} + +multilib_src_install_all() { + db_src_install_usrbinslot + + db_src_install_doc + + dodir /usr/sbin + # This file is not always built, and no longer exists as of db-4.8 + if [[ -f "${ED}"/usr/bin/berkeley_db_svc ]] ; then + mv "${ED}"/usr/bin/berkeley_db_svc \ + "${ED}"/usr/sbin/berkeley_db"${SLOT/./}"_svc || die + fi + + # no static libraries + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + multilib_foreach_abi db_fix_so +} + +pkg_postrm() { + multilib_foreach_abi db_fix_so +} diff --git a/sys-libs/db/files/db-4.8-wformat-security.patch b/sys-libs/db/files/db-4.8-wformat-security.patch new file mode 100644 index 000000000000..4db5bada0d9f --- /dev/null +++ b/sys-libs/db/files/db-4.8-wformat-security.patch @@ -0,0 +1,43 @@ +https://bugs.gentoo.org/632628 +--- a/repmgr/repmgr_net.c ++++ b/repmgr/repmgr_net.c +@@ -1331,7 +1331,7 @@ __repmgr_listen(env) + } + + ret = net_errno; +- __db_err(env, ret, why); ++ __db_err(env, ret, "%s", why); + clean: if (s != INVALID_SOCKET) + (void)closesocket(s); + return (ret); +--- a/crypto/aes_method.c ++++ b/crypto/aes_method.c +@@ -267,6 +267,6 @@ __aes_err(env, err) + errstr = "AES error unrecognized"; + break; + } +- __db_errx(env, errstr); ++ __db_errx(env, "%s", errstr); + return; + } +--- a/txn/txn.c ++++ b/txn/txn.c +@@ -168,7 +168,7 @@ __txn_begin(env, ip, parent, txnpp, flag + + *txnpp = NULL; + if ((ret = __os_calloc(env, 1, sizeof(DB_TXN), &txn)) != 0) { +- __db_errx(env, TxnAlloc); ++ __db_errx(env, "%s", TxnAlloc); + return (ret); + } + +@@ -315,7 +315,7 @@ __txn_compensate_begin(env, txnpp) + int ret; + + if ((ret = __os_calloc(env, 1, sizeof(DB_TXN), &txn)) != 0) { +- __db_errx(env, TxnAlloc); ++ __db_errx(env, "%s", TxnAlloc); + return (ret); + } + + |