Commit ae09614e authored by Rocky Automation's avatar Rocky Automation 📺
Browse files

import zziplib-0.13.71-9.el9

parents
SOURCES/v0.13.71-pruned.tar.gz
8f4b65912e109f1841387a67b47a4626aca129bb SOURCES/v0.13.71-pruned.tar.gz
From ac9ae39ef419e9f0f83da1e583314d8c7cda34a6 Mon Sep 17 00:00:00 2001
From: Guido Draheim <guidod@gmx.de>
Date: Mon, 4 Jan 2021 21:48:45 +0100
Subject: [PATCH 1/7] #68 ssize_t return value of zzip_file_read is a signed
value being possibly -1
---
bins/unzzipcat-zip.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bins/unzzipcat-zip.c b/bins/unzzipcat-zip.c
index dd78c2b..385aeaf 100644
--- a/bins/unzzipcat-zip.c
+++ b/bins/unzzipcat-zip.c
@@ -34,7 +34,7 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
if (file)
{
char buffer[1024]; int len;
- while ((len = zzip_file_read (file, buffer, 1024)))
+ while (0 < (len = zzip_file_read (file, buffer, 1024)))
{
fwrite (buffer, 1, len, out);
}
--
2.32.0
From 7e786544084548da7fcfcd9090d3c4e7f5777f7e Mon Sep 17 00:00:00 2001
From: Guido Draheim <guidod@gmx.de>
Date: Mon, 4 Jan 2021 21:50:26 +0100
Subject: [PATCH 2/7] #68 return value of zzip_mem_disk_fread is signed
---
bins/unzip-mem.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/bins/unzip-mem.c b/bins/unzip-mem.c
index cc009f8..50eb5a6 100644
--- a/bins/unzip-mem.c
+++ b/bins/unzip-mem.c
@@ -81,7 +81,7 @@ static void zzip_mem_entry_pipe(ZZIP_MEM_DISK* disk,
if (file)
{
char buffer[1024]; int len;
- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file)))
+ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file)))
fwrite (buffer, len, 1, out);
zzip_mem_disk_fclose (file);
@@ -115,7 +115,7 @@ static void zzip_mem_entry_test(ZZIP_MEM_DISK* disk,
{
unsigned long crc = crc32 (0L, NULL, 0);
unsigned char buffer[1024]; int len;
- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file))) {
+ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file))) {
crc = crc32 (crc, buffer, len);
}
--
2.32.0
From d453977f59ca59c61bf59dec28dd724498828f2a Mon Sep 17 00:00:00 2001
From: Guido Draheim <guidod@gmx.de>
Date: Mon, 4 Jan 2021 21:51:12 +0100
Subject: [PATCH 3/7] #68 return value of zzip_entry_fread is signed
---
bins/unzzipcat-big.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/bins/unzzipcat-big.c b/bins/unzzipcat-big.c
index 111ef47..ecebe11 100644
--- a/bins/unzzipcat-big.c
+++ b/bins/unzzipcat-big.c
@@ -26,7 +26,7 @@ static void unzzip_big_entry_fprint(ZZIP_ENTRY* entry, FILE* out)
if (file)
{
char buffer[1024]; int len;
- while ((len = zzip_entry_fread (buffer, 1024, 1, file)))
+ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file)))
{
DBG2("entry read %i", len);
fwrite (buffer, len, 1, out);
@@ -45,7 +45,7 @@ static void unzzip_cat_file(FILE* disk, char* name, FILE* out)
if (file)
{
char buffer[1024]; int len;
- while ((len = zzip_entry_fread (buffer, 1024, 1, file)))
+ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file)))
fwrite (buffer, len, 1, out);
zzip_entry_fclose (file);
--
2.32.0
From 0a9db9ded9d15fbdb63bf5cf451920d0a368c00e Mon Sep 17 00:00:00 2001
From: Guido Draheim <guidod@gmx.de>
Date: Mon, 4 Jan 2021 21:51:56 +0100
Subject: [PATCH 4/7] #68 return value of zzip_mem_disk_fread is signed
---
bins/unzzipcat-mem.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/bins/unzzipcat-mem.c b/bins/unzzipcat-mem.c
index 6bd79b7..1b5bc22 100644
--- a/bins/unzzipcat-mem.c
+++ b/bins/unzzipcat-mem.c
@@ -35,7 +35,7 @@ static void unzzip_mem_entry_fprint(ZZIP_MEM_DISK* disk,
if (file)
{
char buffer[1024]; int len;
- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file)))
+ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file)))
fwrite (buffer, len, 1, out);
zzip_mem_disk_fclose (file);
@@ -48,7 +48,7 @@ static void unzzip_mem_disk_cat_file(ZZIP_MEM_DISK* disk, char* name, FILE* out)
if (file)
{
char buffer[1025]; int len;
- while ((len = zzip_mem_disk_fread (buffer, 1, 1024, file)))
+ while (0 < (len = zzip_mem_disk_fread (buffer, 1, 1024, file)))
{
fwrite (buffer, 1, len, out);
}
--
2.32.0
From a34a96fbda1e58fbec5c79f4c0b5063e031ce11d Mon Sep 17 00:00:00 2001
From: Guido Draheim <guidod@gmx.de>
Date: Mon, 4 Jan 2021 21:52:47 +0100
Subject: [PATCH 5/7] #68 return value of zzip_fread is signed
---
bins/unzzipcat-mix.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bins/unzzipcat-mix.c b/bins/unzzipcat-mix.c
index e18987d..8f3d0b8 100644
--- a/bins/unzzipcat-mix.c
+++ b/bins/unzzipcat-mix.c
@@ -34,7 +34,7 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
if (file)
{
char buffer[1024]; int len;
- while ((len = zzip_fread (buffer, 1, 1024, file)))
+ while (0 < (len = zzip_fread (buffer, 1, 1024, file)))
{
fwrite (buffer, 1, len, out);
}
--
2.32.0
From fa1f78abe1b08544061204019016809664f2618c Mon Sep 17 00:00:00 2001
From: Guido Draheim <guidod@gmx.de>
Date: Mon, 4 Jan 2021 21:53:50 +0100
Subject: [PATCH 6/7] #68 return value of zzip_entry_fread is signed
---
bins/unzzipshow.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/bins/unzzipshow.c b/bins/unzzipshow.c
index 9d8c2ed..5672d3b 100644
--- a/bins/unzzipshow.c
+++ b/bins/unzzipshow.c
@@ -22,7 +22,7 @@ static void zzip_entry_fprint(ZZIP_ENTRY* entry, FILE* out)
if (file)
{
char buffer[1024]; int len;
- while ((len = zzip_entry_fread (buffer, 1024, 1, file)))
+ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file)))
fwrite (buffer, len, 1, out);
zzip_entry_fclose (file);
@@ -35,7 +35,7 @@ static void zzip_cat_file(FILE* disk, char* name, FILE* out)
if (file)
{
char buffer[1024]; int len;
- while ((len = zzip_entry_fread (buffer, 1024, 1, file)))
+ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file)))
fwrite (buffer, len, 1, out);
zzip_entry_fclose (file);
--
2.32.0
From f7a6fa9f0c29aecb4c2299568ed2e6094c34aca7 Mon Sep 17 00:00:00 2001
From: Guido Draheim <guidod@gmx.de>
Date: Mon, 4 Jan 2021 21:55:08 +0100
Subject: [PATCH 7/7] #68 return value of posix read(2) is signed
---
bins/zzipmake-zip.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bins/zzipmake-zip.c b/bins/zzipmake-zip.c
index 8e09c31..b37877c 100644
--- a/bins/zzipmake-zip.c
+++ b/bins/zzipmake-zip.c
@@ -57,7 +57,7 @@ int rezzip_make (int argc, char ** argv)
continue;
}
- while ((n = read (input, buf, 16)))
+ while (0 < (n = read (input, buf, 16)))
{
zzip_write (output, buf, n);
}
--
2.32.0
#! /usr/bin/env python3
from __future__ import print_function
import re
try:
basestring
except NameError:
basestring = str
# ---------------------------------------------------------- Regex Match()
# beware, stupid python interprets backslashes in replace-parts only partially!
class MatchReplace:
""" A MatchReplace is a mix of a Python Pattern and a Replace-Template """
def __init__(self, matching, template, count = 0, flags = None):
""" setup a substition from regex 'matching' into 'template',
the replacement count default of 0 will replace all occurrences.
The first argument may be a Match object or it is a string that
will be turned into one by using Match(matching, flags). """
self.template = template
MatchReplace.__call__(self, matching, template, count, flags)
def __call__(self, matching, template = None, count = 0, flags = None):
""" other than __init__ the template may be left off to be unchanged"""
if isinstance(count, basestring): # count/flags swapped over?
flags = count; count = 0
if isinstance(matching, Match):
self.matching = matching
else:
self.matching = Match()(matching, flags) ## python 2.4.2 bug
if template is not None:
self.template = template
self.count = count
def __and__(self, string):
""" z = MatchReplace('foo', 'bar') & 'foo'; assert z = 'bar' """
text, self.matching.replaced = \
self.matching.regex.subn(self.template, string, self.count)
return text
def __rand__(self, string):
""" z = 'foo' & Match('foo') >> 'bar'; assert z = 'bar' """
text, self.matching.replaced = \
self.matching.regex.subn(self.template, string, self.count)
return text
def __iand__(self, string):
""" x = 'foo' ; x &= Match('foo') >> 'bar'; assert x == 'bar' """
string, self.matching.replaced = \
self.matching.regex.subn(self.template, string, self.count)
return string
def __rshift__(self, count):
" shorthand to set the replacement count: Match('foo') >> 'bar' >> 1 "
self.count = count ; return self
def __rlshift__(self, count):
self.count = count ; return self
class Match:
""" A Match is actually a mix of a Python Pattern and MatchObject """
def __init__(self, pattern = None, flags = None):
""" flags is a string: 'i' for case-insensitive etc.; it is just
short for a regex prefix: Match('foo','i') == Match('(?i)foo') """
Match.__call__(self, pattern, flags)
def __call__(self, pattern, flags = None):
assert isinstance(pattern, str) or pattern is None
assert isinstance(flags, str) or flags is None
self.replaced = 0 # set by subn() inside MatchReplace
self.found = None # set by search() to a MatchObject
self.pattern = pattern
if pattern is not None:
if flags:
self.regex = re.compile("(?"+flags+")"+self.pattern)
else:
self.regex = re.compile(self.pattern)
return self
def __repr__(self):
return self.pattern
def __truth__(self):
return self.found is not None
def __and__(self, string):
self.found = self.regex.search(string)
return self.__truth__()
def __rand__(self, string):
self.found = self.regex.search(string)
return self.__truth__()
def __rshift__(self, template):
return MatchReplace(self, template)
def __rlshift__(self, template):
return MatchReplace(self, template)
def __getitem__(self, index):
return self.group(index)
def group(self, index):
assert self.found is not None
return self.found.group(index)
def finditer(self, string):
return self.regex.finditer(string)
if __name__ == "__main__":
# matching:
if "foo" & Match("oo"):
print("oo")
x = Match()
if "foo" & x("(o+)"):
print(x[1])
# replacing:
y = "fooboo" & Match("oo") >> "ee"
print(y)
r = Match("oo") >> "ee"
print("fooboo" & r)
s = MatchReplace("oo", "ee")
print("fooboo" & s)
--- ./a/zzip/_config.h 2021-07-21 14:18:09.000000000 +0200
+++ ./b/zzip/_config.h 2021-07-21 14:46:24.037432969 +0200
@@ -138,9 +138,12 @@
/* whether the system defaults to 32bit off_t but can do 64bit when requested
*/
+#if __WORDSIZE == 32
#ifndef ZZIP_LARGEFILE_SENSITIVE
#define ZZIP_LARGEFILE_SENSITIVE 1
#endif
+#endif
+/* #undef LARGEFILE_SENSITIVE */
/* Define to the sub-directory where libtool stores uninstalled libraries. */
#ifndef ZZIP_LT_OBJDIR
@@ -227,9 +230,13 @@
#endif
/* Number of bits in a file offset, on hosts where this is settable. */
+#if __WORDSIZE == 32
#ifndef ZZIP__FILE_OFFSET_BITS
#define ZZIP__FILE_OFFSET_BITS 64
#endif
+#endif
+/* #undef _FILE_OFFSET_BITS */
+
/* Define for large files, on AIX-style hosts. */
/* #undef _LARGE_FILES */
--- ./a/zzip/_config.h 2021-07-21 14:18:14.000000000 +0200
+++ ./b/zzip/_config.h 2021-07-21 14:46:24.037432969 +0200
@@ -138,6 +138,11 @@
/* whether the system defaults to 32bit off_t but can do 64bit when requested
*/
+#if __WORDSIZE == 32
+#ifndef ZZIP_LARGEFILE_SENSITIVE
+#define ZZIP_LARGEFILE_SENSITIVE 1
+#endif
+#endif
/* #undef LARGEFILE_SENSITIVE */
/* Define to the sub-directory where libtool stores uninstalled libraries. */
@@ -225,8 +230,14 @@
#endif
/* Number of bits in a file offset, on hosts where this is settable. */
+#if __WORDSIZE == 32
+#ifndef ZZIP__FILE_OFFSET_BITS
+#define ZZIP__FILE_OFFSET_BITS 64
+#endif
+#endif
/* #undef _FILE_OFFSET_BITS */
+
/* Define for large files, on AIX-style hosts. */
/* #undef _LARGE_FILES */
#! /usr/bin/env python3
from zzipdoc.match import Match
# use as o.optionname to check for commandline options.
class Options:
var = {}
def __getattr__(self, name):
if not name in self.var: return None
return self.var[name]
def __setattr__(self, name, value):
self.var[name] = value
def scan(self, optionstring): # option-name or None
x = Match()
if optionstring & x(r"^--?(\w+)=(.*)"):
self.var[x[1]] = x[2] ; return x[1]
if optionstring & x(r"^--?no-(\w+)$"):
self.var[x[1]] = "" ; return x[1]
if optionstring & x(r"^--?(\w+)$"):
self.var[x[1]] = "*"; return x[1]
return None
#end Options
if False:
o = Options()
o.help = """
scans for options
"""
Summary: Lightweight library to easily extract data from zip files
Name: zziplib
Version: 0.13.71
Release: 9%{?dist}
License: LGPLv2+ or MPLv1.1
URL: http://zziplib.sourceforge.net/
#Source: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz
#Using the pruned version of the upstream archive. The archive does not contain the Source1 and Source2 files. Their github version is used instead (the original ones had licensing issues)
#rhbz#1982241
Source0: v%{version}-pruned.tar.gz
#https://raw.githubusercontent.com/gdraheim/zziplib/465450c86c930026664329876e5350d21a7527db/docs/zzipdoc/match.py
Source1: match.py
#https://raw.githubusercontent.com/gdraheim/zziplib/465450c86c930026664329876e5350d21a7527db/docs/zzipdoc/options.py
Source2: options.py
Patch1: CVE-2020-18442.patch
Patch100: multilib-32.patch
Patch101: multilib-64.patch
BuildRequires: make
BuildRequires: gcc
BuildRequires: perl-interpreter
BuildRequires: python3
BuildRequires: python3-rpm-macros
BuildRequires: zip
BuildRequires: xmlto
BuildRequires: zlib-devel
BuildRequires: SDL-devel
BuildRequires: pkgconfig
#BuildRequires: autoconf
#BuildRequires: automake
%description
The zziplib library is intentionally lightweight, it offers the ability to
easily extract data from files archived in a single zip file. Applications
can bundle files into a single zip archive and access them. The implementation
is based only on the (free) subset of compression with the zlib algorithm
which is actually used by the zip/unzip tools.
%package utils
Summary: Utilities for the zziplib library
Requires: %{name}%{?_isa} = %{version}-%{release}
%description utils
The zziplib library is intentionally lightweight, it offers the ability to
easily extract data from files archived in a single zip file. Applications
can bundle files into a single zip archive and access them. The implementation
is based only on the (free) subset of compression with the zlib algorithm
which is actually used by the zip/unzip tools.
This packages contains all the utilities that come with the zziplib library.
%package devel
Summary: Development files for the zziplib library
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: pkgconfig
Requires: zlib-devel
Requires: SDL-devel
%description devel
The zziplib library is intentionally lightweight, it offers the ability to
easily extract data from files archived in a single zip file. Applications
can bundle files into a single zip archive and access them. The implementation
is based only on the (free) subset of compression with the zlib algorithm
which is actually used by the zip/unzip tools.
This package contains files required to build applications that will use the
zziplib library.
%prep
%setup -q
cp %{SOURCE1} docs/zzipdoc/
cp %{SOURCE2} docs/zzipdoc/
%patch1 -p1
%build
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
%configure \
--disable-static \
--enable-sdl \
--enable-frame-pointer
# Remove rpath on 64bit archs
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
# Only patch generated _config.h on non-i686 and armv7hl
# These platforms have a correct _config.h already
pushd %{_builddir}/zziplib-%{version}
%ifarch i686 armv7hl
patch -p2 < %{PATCH100}
%endif
%ifnarch i686 armv7hl
patch -p2 < %{PATCH101}
%endif
popd
%make_build
%install
%make_install
%ldconfig_scriptlets
%files
%doc docs/COPYING* ChangeLog README TODO
%{_libdir}/*.so.*
%files utils
%{_bindir}/*
%files devel
%doc docs/README.SDL docs/*.htm
%{_includedir}/*
%exclude %{_libdir}/*.la
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%{_datadir}/aclocal/*.m4
%{_mandir}/man3/*
%changelog
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 0.13.71-9
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Jul 27 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-8
- Add gating tests
Resolves: rhbz#1986332
* Fri Jul 23 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-7
- Remove the doc/zzipdoc/{options,match}.py scritps from the original tar
- Replace them with a current github version
- The original version of the files contains autogenerated header with incompatible license
- This build thus uses modified tar archive
Resolves: rhbz#1982241
* Thu Jul 22 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-6
- Fix CVE-2020-18442
Resolves: CVE-2020-18442
Resolves: 1977964
* Thu Jul 22 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-5
- Refresh the multilib patch
Resolves: rhbz#1915747
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.13.71-4
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Feb 01 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-3
- Use python3 (versioned) as buildrequires
* Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.71-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Jan 21 2021 Jakub Martisko <jamartis@redhat.com> - 0.13.71-1
- Rebase to 0.13.71
- Drop the CVE patches, they are now part of the upstream package
- Build no longer requires python2
- Resolves: 1807565
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 0.13.69-8
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jan 24 2019 Jakub Martisko <jamartis@redhat.com> - 0.13.69-4
- Add the missing CVE-2018-17828.part2.patch file
- Fix Formating of the previous 2 changelog entries
* Thu Jan 24 2019 Jakub Martisko <jamartis@redhat.com> - 0.13.69-3
- Related: #1626202
- Resolves: CVE-2018-16548
* Thu Jan 24 2019 Jakub Martisko <jamartis@redhat.com> - 0.13.69-2
- Related: 1635890
- Resolves: CVE-2018-17828
* Mon Jul 23 2018 Alexander Bokovoy <abokovoy@redhat.com> - 0.13.69-1
- Update to 0.13.69 release
- Fixes: #1598246 (CVE-2018-6541)
- Fixes: #1554673 (CVE-2018-7727)
- Use versioned python executables everywhere
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.68-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Sun Mar 18 2018 Iryna Shcherbina <ishcherb@redhat.com> - 0.13.68-2
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Wed Feb 14 2018 Alexander Bokovoy <abokovoy@redhat.com> - 0.13.68-1
- 0.13.68
- Fixes: #1543942 (CVE-2018-6484)
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.67-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Feb 01 2018 Alexander Bokovoy <abokovoy@redhat.com> - 0.13.67-1
- Update release
- CVE-2018-6381
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.62-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild