diff --git a/srcpkgs/libextractor/patches/exiv-0.27.patch b/srcpkgs/libextractor/patches/exiv-0.27.patch new file mode 100644 index 00000000000..cfdb6426408 --- /dev/null +++ b/srcpkgs/libextractor/patches/exiv-0.27.patch @@ -0,0 +1,127 @@ +From bbe21db4bf8face03adf0efd2eb18540582cb5ba Mon Sep 17 00:00:00 2001 +From: Andreas Sturmlechner +Date: Sun, 30 Dec 2018 00:46:57 +0100 +Subject: [PATCH] Fix build with exiv2-0.27 + +--- + src/plugins/exiv2_extractor.cc | 35 +++++++++++++++++++++++++++------- + 1 file changed, 28 insertions(+), 7 deletions(-) + +diff --git a/src/plugins/exiv2_extractor.cc b/src/plugins/exiv2_extractor.cc +index 8741d40..ef402a8 100644 +--- a/src/plugins/exiv2_extractor.cc ++++ b/src/plugins/exiv2_extractor.cc +@@ -27,10 +27,7 @@ + #include + #include + #include +-#include +-#include +-#include +-#include ++#include + + /** + * Enable debugging to get error messages. +@@ -180,7 +177,7 @@ public: + * + * @return -1 on error + */ +-#if EXIV2_VERSION >= EXIV2_MAKE_VERSION(0,26,0) ++#if EXIV2_TEST_VERSION(0,26,0) + virtual size_t size (void) const; + #else + virtual long int size (void) const; +@@ -316,7 +313,11 @@ ExtractorIO::getb () + const unsigned char *r; + + if (1 != ec->read (ec->cls, &data, 1)) ++#if EXIV2_TEST_VERSION(0,27,0) ++ throw Exiv2::BasicError (Exiv2::kerDecodeLangAltQualifierFailed); ++#else + throw Exiv2::BasicError (42 /* error code */); ++#endif + r = (const unsigned char *) data; + return *r; + } +@@ -371,7 +372,11 @@ ExtractorIO::putb (Exiv2::byte data) + void + ExtractorIO::transfer (Exiv2::BasicIo& src) + { ++#if EXIV2_TEST_VERSION(0,27,0) ++ throw Exiv2::BasicError (Exiv2::kerDecodeLangAltQualifierFailed); ++#else + throw Exiv2::BasicError (42 /* error code */); ++#endif + } + + +@@ -416,7 +421,11 @@ ExtractorIO::seek (long offset, + Exiv2::byte * + ExtractorIO::mmap (bool isWritable) + { ++#if EXIV2_TEST_VERSION(0,27,0) ++ throw Exiv2::BasicError (Exiv2::kerDecodeLangAltQualifierFailed); ++#else + throw Exiv2::BasicError (42 /* error code */); ++#endif + } + + +@@ -449,7 +458,7 @@ ExtractorIO::tell (void) const + * + * @return -1 on error + */ +-#if EXIV2_VERSION >= EXIV2_MAKE_VERSION(0,26,0) ++#if EXIV2_TEST_VERSION(0,26,0) + size_t + #else + long int +@@ -504,7 +513,11 @@ ExtractorIO::eof () const + std::string + ExtractorIO::path () const + { ++#if EXIV2_TEST_VERSION(0,27,0) ++ throw Exiv2::BasicError (Exiv2::kerDecodeLangAltQualifierFailed); ++#else + throw Exiv2::BasicError (42 /* error code */); ++#endif + } + + +@@ -517,7 +530,11 @@ ExtractorIO::path () const + std::wstring + ExtractorIO::wpath () const + { ++#if EXIV2_TEST_VERSION(0,27,0) ++ throw Exiv2::BasicError (Exiv2::kerDecodeLangAltQualifierFailed); ++#else + throw Exiv2::BasicError (42 /* error code */); ++#endif + } + #endif + +@@ -531,7 +548,11 @@ Exiv2::BasicIo::AutoPtr + ExtractorIO::temporary () const + { + fprintf (stderr, "throwing temporary error\n"); ++#if EXIV2_TEST_VERSION(0,27,0) ++ throw Exiv2::BasicError (Exiv2::kerDecodeLangAltQualifierFailed); ++#else + throw Exiv2::BasicError (42 /* error code */); ++#endif + } + + +@@ -697,7 +718,7 @@ EXTRACTOR_exiv2_extract_method (struct EXTRACTOR_ExtractContext *ec) + { + try + { +-#if EXIV2_MAKE_VERSION(0,23,0) <= EXIV2_VERSION ++#if !EXIV2_TEST_VERSION(0,24,0) + Exiv2::LogMsg::setLevel (Exiv2::LogMsg::mute); + #endif + std::auto_ptr eio(new ExtractorIO (ec)); +-- +2.20.1 + diff --git a/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20430.patch b/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20430.patch new file mode 100644 index 00000000000..d0b5968606b --- /dev/null +++ b/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20430.patch @@ -0,0 +1,49 @@ +From b405d707b36e0654900cba78e89f49779efea110 Mon Sep 17 00:00:00 2001 +From: Christian Grothoff +Date: Thu, 20 Dec 2018 22:47:53 +0100 +Subject: fix #5493 (out of bounds read) + +--- + src/common/convert.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/src/common/convert.c b/src/common/convert.c +index c0edf21..2be2108 100644 +--- a/src/common/convert.c ++++ b/src/common/convert.c +@@ -36,8 +36,8 @@ + * string is returned. + */ + char * +-EXTRACTOR_common_convert_to_utf8 (const char *input, +- size_t len, ++EXTRACTOR_common_convert_to_utf8 (const char *input, ++ size_t len, + const char *charset) + { + #if HAVE_ICONV +@@ -52,7 +52,7 @@ EXTRACTOR_common_convert_to_utf8 (const char *input, + i = input; + cd = iconv_open ("UTF-8", charset); + if (cd == (iconv_t) - 1) +- return strdup (i); ++ return strndup (i, len); + if (len > 1024 * 1024) + { + iconv_close (cd); +@@ -67,11 +67,11 @@ EXTRACTOR_common_convert_to_utf8 (const char *input, + } + itmp = tmp; + finSize = tmpSize; +- if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == SIZE_MAX) ++ if (iconv (cd, (char **) &input, &len, &itmp, &finSize) == ((size_t) -1)) + { + iconv_close (cd); + free (tmp); +- return strdup (i); ++ return strndup (i, len); + } + ret = malloc (tmpSize - finSize + 1); + if (ret == NULL) +-- +cgit v1.1 diff --git a/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20431.patch b/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20431.patch new file mode 100644 index 00000000000..2cd0448ba89 --- /dev/null +++ b/srcpkgs/libextractor/patches/libextractor-1.8-CVE-2018-20431.patch @@ -0,0 +1,39 @@ +From 489c4a540bb2c4744471441425b8932b97a153e7 Mon Sep 17 00:00:00 2001 +From: Christian Grothoff +Date: Thu, 20 Dec 2018 23:02:28 +0100 +Subject: fix #5494 + +--- + ChangeLog | 3 ++- + src/plugins/ole2_extractor.c | 9 +++++++-- + 2 files changed, 9 insertions(+), 3 deletions(-) + +diff --git a/src/plugins/ole2_extractor.c b/src/plugins/ole2_extractor.c +index 53fa1b9..a48b726 100644 +--- a/src/plugins/ole2_extractor.c ++++ b/src/plugins/ole2_extractor.c +@@ -173,7 +173,7 @@ struct ProcContext + EXTRACTOR_MetaDataProcessor proc; + + /** +- * Closure for 'proc'. ++ * Closure for @e proc. + */ + void *proc_cls; + +@@ -213,7 +213,12 @@ process_metadata (gpointer key, + + if (G_VALUE_TYPE(gval) == G_TYPE_STRING) + { +- contents = strdup (g_value_get_string (gval)); ++ const char *gvals; ++ ++ gvals = g_value_get_string (gval); ++ if (NULL == gvals) ++ return; ++ contents = strdup (gvals); + } + else + { +-- +cgit v1.1 diff --git a/srcpkgs/libextractor/template b/srcpkgs/libextractor/template index e4c180e7893..682435ddc13 100644 --- a/srcpkgs/libextractor/template +++ b/srcpkgs/libextractor/template @@ -1,19 +1,21 @@ # Template file for 'libextractor' pkgname=libextractor -version=1.7 +version=1.8 revision=1 build_style=gnu-configure configure_args="--disable-static" hostmakedepends="pkg-config" +#FIXME: Build without gsf support for now, ole2_extractor.c causes GCC sigfault makedepends="zlib-devel bzip2-devel exiv2-devel tiff-devel libpng-devel libjpeg-turbo-devel libvorbis-devel libflac-devel giflib-devel libmpeg2-devel - ffmpeg-devel libgsf-devel gtk+3-devel libltdl-devel libarchive-devel file-devel" + ffmpeg-devel gtk+3-devel libltdl-devel libarchive-devel file-devel" short_desc="Library used to extract meta data from files" maintainer="Martin Riese " -license="GPL-3" +license="GPL-3.0-or-later" homepage="https://www.gnu.org/software/libextractor/" distfiles="${GNU_SITE}/${pkgname}/${pkgname}-${version}.tar.gz" -checksum=e0a6fde824cf2212c4f217a5e0fc03391251cfb46ca000117f66cf7ae4368e8f +checksum=e235a4aa2623fe458f8fcf1dcbb5be4f03df509aacec86a1de1fc7fcca582cfc +patch_args="-Np1" post_install() { sed -i "s|\(-specs=.*hardened-ld\)||g" ${DESTDIR}/usr/lib/pkgconfig/libextractor.pc