rpms/compface/devel compface-1.5.2-stack-smashing.patch, NONE, 1.1 compface-test.xbm, NONE, 1.1 compface.spec, 1.11, 1.12

Michael Schwendt (mschwendt) fedora-extras-commits at redhat.com
Fri Aug 4 16:58:22 UTC 2006


Author: mschwendt

Update of /cvs/extras/rpms/compface/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16422/devel

Modified Files:
	compface.spec 
Added Files:
	compface-1.5.2-stack-smashing.patch compface-test.xbm 
Log Message:
auto-import compface-1.5.2-2 on branch devel from compface-1.5.2-2.src.rpm

compface-1.5.2-stack-smashing.patch:

--- NEW FILE compface-1.5.2-stack-smashing.patch ---
Prevent sscanf stack smashing, and fix two GCC warnings.

diff -Nur compface-1.5.2-prepped/file.c compface-1.5.2-modified/file.c
--- compface-1.5.2-prepped/file.c	2006-08-04 18:58:17.000000000 +0200
+++ compface-1.5.2-modified/file.c	2006-08-04 18:59:30.000000000 +0200
@@ -80,7 +80,7 @@
 	static char table_inv[] = { 0,8,4,12,2,10,6,14,1,9, 5,13, 3,11, 7,15 };
 	static char table_nop[] = { 0,1,2, 3,4, 5,6, 7,8,9,10,11,12,13,14,15 };
 	char *table = table_nop;	/* optionally invert bits in nibble */
-	register inc = 0;		/* optionally swap nimmles */
+	register int inc = 0;		/* optionally swap nimmles */
 	int bits;
 
 	t = s = fbuf;
@@ -91,9 +91,9 @@
 			char type1[128];
 			char type2[128];
 			while (*s && *s++ != '\n');
-			if (sscanf(s, "#define %*s %d", &bits) == 1) if (bits == 48) {
+			if ((sscanf(s, "#define %*s %d", &bits) == 1) && (bits == 48)) {
 				while (*s && *s++ != '\n');
-				if (sscanf(s, "static %s %s", type1,type2)==2 &&
+				if (sscanf(s, "static %127s %127s", type1,type2)==2 &&
 					(!strcmp(type1, "char") || 
 				    	 !strcmp(type2, "char"))) {
 						while (*s && *s++ != '\n');


--- NEW FILE compface-test.xbm ---
#define noname_width 48
#define noname_height 48
static char noname_bits[] = {
 0xFC,0xFF,0xFF,0xFF,0xFF,0x7F,0xFC,0xFF,0xFF,0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,
 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xDF,0x56,0x95,0x24,0x00,0xE0,
 0xBF,0xBD,0x55,0xD5,0x6E,0xE5,0xEF,0xF7,0xFF,0x6F,0xBB,0xEB,0xAF,0xFF,0xFF,
 0xFF,0xFF,0xE7,0xDF,0xFF,0xDF,0xFE,0xFF,0xE7,0xFF,0xFF,0x0F,0x00,0xE0,0xEF,
 0xAF,0xFF,0x07,0x00,0xE0,0xE3,0xEF,0xFF,0x07,0x00,0xE0,0xE7,0xDF,0xFF,0x03,
 0x00,0xE0,0xE7,0xDF,0xFF,0x07,0x00,0xE0,0xEF,0xFF,0xFF,0x03,0x00,0xF0,0xE7,
 0xCF,0xFF,0x03,0x88,0xFC,0xE7,0xFF,0xFF,0x03,0xFC,0xFF,0xE7,0x8F,0xFF,0x03,
 0xFE,0xFF,0xE7,0xFF,0xFF,0x03,0xD4,0xFF,0xE7,0xD7,0xFF,0x03,0x00,0xFE,0xE7,
 0xEF,0xFF,0x01,0x00,0xFF,0xE7,0xCF,0xFF,0x01,0x00,0xFE,0xE7,0xDF,0xFF,0x01,
 0x00,0xFE,0xE7,0xDF,0xFF,0x01,0x00,0xFF,0xE7,0xEF,0xFF,0x00,0xA0,0xFF,0xE3,
 0xCF,0xFF,0x80,0xFF,0xFF,0xE7,0xDF,0xFF,0x00,0xFF,0xFF,0xE7,0xDF,0xFF,0x80,
 0xFF,0xFF,0xE7,0xEF,0xFF,0x80,0xFF,0xFF,0xC3,0xCF,0x7F,0x80,0xFF,0xFF,0xE7,
 0xAF,0xFF,0x80,0xFF,0xFF,0xE7,0xDF,0x7F,0x80,0xFF,0xFF,0xE7,0xAF,0x7F,0xC0,
 0xFF,0xFF,0xC3,0xD7,0x7F,0xC0,0xFF,0xFF,0xE7,0xEF,0x7F,0xC0,0xFF,0xFF,0xC7,
 0xCF,0x3F,0xC0,0xFF,0xFF,0xE7,0xAF,0x3F,0xC0,0xFF,0xFF,0xC3,0xDF,0x3F,0xE0,
 0xFF,0xFF,0xE7,0xCF,0x3F,0xC0,0xFF,0xFF,0xC7,0xDF,0x7F,0xF0,0xFF,0xFF,0xC7,
 0xCF,0xFF,0xFF,0xFF,0xFF,0xE3,0x9F,0xFF,0xFF,0xFF,0xFF,0xC7,0xAF,0x52,0x55,
 0x95,0x00,0xE0,0x2F,0x02,0x00,0x00,0x04,0xC0,0x4F,0x49,0x2A,0x01,0x10,0xE0,
 0xFF,0xFF,0xFF,0xFF,0xF7,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFC,0xFF,0xFF,
 0xFF,0xFF,0x7F};


Index: compface.spec
===================================================================
RCS file: /cvs/extras/rpms/compface/devel/compface.spec,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- compface.spec	4 Aug 2006 16:56:24 -0000	1.11
+++ compface.spec	4 Aug 2006 16:58:22 -0000	1.12
@@ -1,15 +1,18 @@
 Name:           compface
 Version:        1.5.2
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Utilities for handling X-Faces
 
 Group:          Applications/Multimedia
 License:        MIT
 URL:            http://www.ibiblio.org/pub/Linux/apps/graphics/convert/
 Source0:        http://ftp.xemacs.org/pub/xemacs/aux/%{name}-%{version}.tar.gz
+Source1:        compface-test.xbm
 Patch0:         http://ftp.debian.org/debian/pool/main/libc/libcompface/libcompface_1.5.2-3.diff.gz
-Patch1:         %{name}-1.5.2-build.patch
+Patch1:         compface-1.5.2-stack-smashing.patch
+Patch2:         %{name}-1.5.2-build.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+BuildRequires:  diffutils
 
 %description
 %{summary}.
@@ -26,7 +29,8 @@
 %prep
 %setup -q
 %patch0 -p1
-%patch1 -p0
+%patch1 -p1 -b .stack-smashing
+%patch2 -p0
 
 
 %build
@@ -39,6 +43,12 @@
 make install DESTDIR=$RPM_BUILD_ROOT STRIP=/bin/true
 
 
+%check || :
+export LD_LIBRARY_PATH=$RPM_BUILD_ROOT%{_libdir}:$LD_LIBRARY_PATH
+./compface %{SOURCE1} | ./uncompface -X > __test.xbm
+cmp %{SOURCE1} __test.xbm
+
+
 %clean
 rm -rf $RPM_BUILD_ROOT
 
@@ -66,6 +76,11 @@
 
 
 %changelog
+* Fri Aug  4 2006 Michael Schwendt <mschwendt[AT]users.sf.net> - 1.5.2-2
+- Add patch to prevent sscanf stack smashing through Debian's patch.
+- Fix two GCC warnings in the same patch.
+- Add one test to the %%check section and BR diffutils.
+
 * Wed Aug  2 2006 Ville Skyttä <ville.skytta at iki.fi> - 1.5.2-1
 - Update to 1.5.2, apply Debian's 1.5.2-3 patchset.
 - Crudely patch to build a shared lib (inspired by Debian), drop static one.




More information about the fedora-extras-commits mailing list