From d3afe39dd7e3d64e3018b1f9487d8a90c8ccad04 Mon Sep 17 00:00:00 2001 From: Domenico Panella Date: Thu, 15 Oct 2020 11:05:07 +0200 Subject: [PATCH 1/2] matio : update to 1.5.18 --- common/shlibs | 2 +- srcpkgs/matio/patches/CVE-2019-20020.patch | 45 ---------------------- srcpkgs/matio/template | 6 +-- 3 files changed, 4 insertions(+), 49 deletions(-) delete mode 100644 srcpkgs/matio/patches/CVE-2019-20020.patch diff --git a/common/shlibs b/common/shlibs index e50e44f1246..234b7feb89d 100644 --- a/common/shlibs +++ b/common/shlibs @@ -3967,7 +3967,7 @@ libhidrd_opt.so.0 hidrd-0.2.0_1 libhidrd_strm.so.0 hidrd-0.2.0_1 libhidrd_fmt.so.0 hidrd-0.2.0_1 libjcat.so.1 libjcat-0.1.2_1 -libmatio.so.9 matio-1.5.17_2 +libmatio.so.11 matio-1.5.18_1 libportal.so.0 libportal-0.3_1 libvips.so.42 libvips-8.9.2_1 libvips-cpp.so.42 libvips-8.9.2_1 diff --git a/srcpkgs/matio/patches/CVE-2019-20020.patch b/srcpkgs/matio/patches/CVE-2019-20020.patch deleted file mode 100644 index f86cee5ec1a..00000000000 --- a/srcpkgs/matio/patches/CVE-2019-20020.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 8138e767bf6df7cccf1664f3a854e596628fdb2d Mon Sep 17 00:00:00 2001 -From: Nathan Owens -Date: Sat, 28 Dec 2019 18:25:58 -0600 -Subject: [PATCH] matio: CVE-2019-20020 patch - -Signed-off-by: Nathan Owens ---- - src/mat5.c | 18 +++++++++++++++++- - 1 file changed, 17 insertions(+), 1 deletion(-) - -diff --git a/src/mat5.c b/src/mat5.c -index abdb351..776f233 100644 ---- src/mat5.c -+++ src/mat5.c -@@ -980,10 +980,26 @@ ReadNextCell( mat_t *mat, matvar_t *matvar ) - /* Rank and Dimension */ - if ( uncomp_buf[0] == MAT_T_INT32 ) { - int j; -+ size_t size; - cells[i]->rank = uncomp_buf[1]; - nbytes -= cells[i]->rank; - cells[i]->rank /= 4; -- cells[i]->dims = (size_t*)malloc(cells[i]->rank*sizeof(*cells[i]->dims)); -+ if ( 0 == do_clean && cells[i]->rank > 13 ) { -+ int rank = cells[i]->rank; -+ cells[i]->rank = 0; -+ Mat_Critical("%d is not a valid rank", rank); -+ continue; -+ } -+ err = SafeMul(&size, cells[i]->rank, sizeof(*cells[i]->dims)); -+ if ( err ) { -+ if ( do_clean ) -+ free(dims); -+ Mat_VarFree(cells[i]); -+ cells[i] = NULL; -+ Mat_Critical("Integer multiplication overflow"); -+ continue; -+ } -+ cells[i]->dims = (size_t*)malloc(size); - if ( mat->byteswap ) { - for ( j = 0; j < cells[i]->rank; j++ ) - cells[i]->dims[j] = Mat_uint32Swap(dims + j); --- -2.24.1 - diff --git a/srcpkgs/matio/template b/srcpkgs/matio/template index 63d059701b6..63b39685e29 100644 --- a/srcpkgs/matio/template +++ b/srcpkgs/matio/template @@ -1,7 +1,7 @@ # Template file for 'matio' pkgname=matio -version=1.5.17 -revision=2 +version=1.5.18 +revision=1 build_style=gnu-configure configure_args="--disable-static" hostmakedepends="libtool" @@ -11,7 +11,7 @@ maintainer="Florian Eich " license="BSD-2-Clause" homepage="https://github.com/tbeu/matio" distfiles="https://github.com/tbeu/matio/releases/download/v${version}/${pkgname}-${version}.tar.gz" -checksum=5e455527d370ab297c4abe5a2ab4d599c93ac7c1a0c85d841cc5c22f8221c400 +checksum=5fad71a63a854d821cc6f4e8c84da837149dd5fb57e1e2baeffd85fa0f28fe25 if [ "$CROSS_BUILD" ]; then configure_args+=" ac_cv_va_copy=C99" From 3ea8bf312e5dc1ae7bb33079b4358b87a031162a Mon Sep 17 00:00:00 2001 From: Domenico Panella Date: Sat, 17 Oct 2020 18:35:21 +0200 Subject: [PATCH 2/2] Update --- srcpkgs/matio/template | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/srcpkgs/matio/template b/srcpkgs/matio/template index 63b39685e29..88a5cadcdf4 100644 --- a/srcpkgs/matio/template +++ b/srcpkgs/matio/template @@ -17,6 +17,11 @@ if [ "$CROSS_BUILD" ]; then configure_args+=" ac_cv_va_copy=C99" fi +if [ "$XBPS_TARGET_LIBC" = musl ]; then + makedepends+=" musl-legacy-compat" +fi + + post_install() { vlicense COPYING }