summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKacper Kowalik <xarthisius@gentoo.org>2010-10-04 17:02:08 +0000
committerKacper Kowalik <xarthisius@gentoo.org>2010-10-04 17:02:08 +0000
commita375e481b7a990838edc32227670c9ed0a013f52 (patch)
treea049e75a7108a0030fe0ca2edc97952e02908167 /sci-libs
parentMasking net-misc/metacafe-dl for removal. (diff)
downloadhistorical-a375e481b7a990838edc32227670c9ed0a013f52.tar.gz
historical-a375e481b7a990838edc32227670c9ed0a013f52.tar.bz2
historical-a375e481b7a990838edc32227670c9ed0a013f52.zip
Fix buffer overflows wrt bug 339706. Thanks to Diego for the report.
Package-Manager: portage-2.1.9.13/cvs/Linux x86_64
Diffstat (limited to 'sci-libs')
-rw-r--r--sci-libs/ccp4-libs/ChangeLog8
-rw-r--r--sci-libs/ccp4-libs/Manifest14
-rw-r--r--sci-libs/ccp4-libs/ccp4-libs-6.1.3-r4.ebuild232
-rw-r--r--sci-libs/ccp4-libs/files/6.1.3-overflows.patch35
4 files changed, 283 insertions, 6 deletions
diff --git a/sci-libs/ccp4-libs/ChangeLog b/sci-libs/ccp4-libs/ChangeLog
index ad17e3ca623e..a4ff4fa0ed12 100644
--- a/sci-libs/ccp4-libs/ChangeLog
+++ b/sci-libs/ccp4-libs/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for sci-libs/ccp4-libs
# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sci-libs/ccp4-libs/ChangeLog,v 1.12 2010/07/16 10:14:47 jlec Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-libs/ccp4-libs/ChangeLog,v 1.13 2010/10/04 17:02:08 xarthisius Exp $
+
+*ccp4-libs-6.1.3-r4 (04 Oct 2010)
+
+ 04 Oct 2010; Kacper Kowalik <xarthisius@gentoo.org>
+ +files/6.1.3-overflows.patch, +ccp4-libs-6.1.3-r4.ebuild:
+ Fix buffer overflows wrt bug 339706. Thanks to Diego for the report.
16 Jul 2010; Justin Lecher <jlec@gentoo.org> -ccp4-libs-6.1.3.ebuild,
-ccp4-libs-6.1.3-r1.ebuild, -ccp4-libs-6.1.3-r2.ebuild:
diff --git a/sci-libs/ccp4-libs/Manifest b/sci-libs/ccp4-libs/Manifest
index 28c6c61b84ec..65e165cdd45e 100644
--- a/sci-libs/ccp4-libs/Manifest
+++ b/sci-libs/ccp4-libs/Manifest
@@ -8,15 +8,19 @@ AUX 6.1.3-dont-make-dirs-in-configure.patch 2866 RMD160 ba49e45ab609a42a2d93b96f
AUX 6.1.3-glibc2.10.patch 1018 RMD160 577ee4a6174df36bb8bac82738523f5c757df4b9 SHA1 48ad6d0d024c43d64277e4decba420d51e75a510 SHA256 d2a2ddf2a66738d94723b50797e279f64c8e057a3e584e33f9eb9c8d7ea0e532
AUX 6.1.3-link-proberly.patch 8282 RMD160 c45d3d1931e6a083c0c96b819aff3f67873659b8 SHA1 b1be6f1f7162616a60f3e12fe02dbe4dd426e990 SHA256 f6623dfb0d270e5fbffe03f95b23c967ec8da34b3d0a1c5262941979a965f9ea
AUX 6.1.3-noinstall.patch 5188 RMD160 d3b22f11d7c27b37243b003f03615af377c8e632 SHA1 d75402e7b23d3aa15e67cda6cec8c93864d509c2 SHA256 22d96aea9d3d5e6e090713e610b35bdb34eaff9157c41687b47294f0d62ccff7
+AUX 6.1.3-overflows.patch 904 RMD160 03d5f10e901734c6e21be3e68592711450df32cd SHA1 24a740658fae2f917061c2a032a43a60e75c5478 SHA256 e5c62922daf832b62e9ea1e14a2be0d54c88b035b78b5831eee07025dff9222a
AUX 6.1.3-unbundle-libs.patch 9063 RMD160 326af0e6990134546fb2607dae707b94d4588149 SHA1 ef929532e45c12fb168e5fca4eb7fa8c857c376a SHA256 7e5fc919b5204e2d9141f7715afdd8a8b4e3e2a96e2bf95aa00fbd56046f1aa4
DIST ccp4-6.1.3-core-src.tar.gz 242134076 RMD160 e9b7deb0766fb95d5e8946881f20e086f0896fe9 SHA1 ee5ada892694db5dc9b2d7d2330b4ac694f56580 SHA256 1e529c660e7f390ec0feca9d45caa00a2813d23156c10a2747c427117293c324
EBUILD ccp4-libs-6.1.3-r3.ebuild 6485 RMD160 5ab8a0698a199249f37ab9fb611126c21be49d88 SHA1 80d50bcc94effe3669c14798bd4925edc0911c1e SHA256 141cb4b230b18d8e0ecb583a3620fc0d678a3a40f3ba666fd2e265e7171270b1
-MISC ChangeLog 2088 RMD160 f6c71b2a0e8ad9ea1df28739c5301e5b57fc1313 SHA1 d346a19788cb6c4bfac4680776fe4c3c9ffd9a28 SHA256 31f0818403b70d669741b2916edfab0999c739a90984d74184473e1ff0c79e88
+EBUILD ccp4-libs-6.1.3-r4.ebuild 6578 RMD160 d168c493511c97136f9a247896c37fc42d1287cd SHA1 8ebe838a59aed6425b66adb9eace39fa9abd38c8 SHA256 6f7d6a62b6d09e831963da44801a5e3a670d19aca576b4a7c04e5399a1be6b4b
+MISC ChangeLog 2315 RMD160 e680bae0787dc934fc6daf2fccd3592da4788d92 SHA1 d82f822df178eb48ef5343525e9a829627f95a87 SHA256 cf37cdb3e4b7b5025ae5dfc8cac9fcb282c6ee56ea722452b858820466f1754b
MISC metadata.xml 306 RMD160 57ba72f54388a666851bda87e52d313d618084e3 SHA1 7d2f57cb3f35eb6d4567b211e01251b5945d4eb2 SHA256 af351be5ead71b377b6fa2fa118fb9aee74129afdc19f736b41596d3033106aa
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.15 (GNU/Linux)
+Version: GnuPG v2.0.16 (GNU/Linux)
-iEYEARECAAYFAkxAMRwACgkQgAnW8HDreRYItQCeIax3BYNY/ElSQ0p2ooh6rE9A
-/tkAn2Zbx1FUXAL4E7Lsq6SnwJct012z
-=2fA7
+iJwEAQECAAYFAkyqCJoACgkQIiMqcbOVdxTNIwQAggHdHTnIQPxUEdbY6rr1Fd2g
+bjDe/6FyW4aZzjrwyFJ3kCMlIHqlwrhPYIngUH+PB8rP6RhwPWmYHMBMgsIL+A8X
+2UAnBPhVlY8dAEH7fw+rbmSaw1FxtLMa8Ci4ckCPC9UnuI1BtCrCfIrBOLPhXGic
+DgdN9sIDVeMWKAGFf28=
+=4ywG
-----END PGP SIGNATURE-----
diff --git a/sci-libs/ccp4-libs/ccp4-libs-6.1.3-r4.ebuild b/sci-libs/ccp4-libs/ccp4-libs-6.1.3-r4.ebuild
new file mode 100644
index 000000000000..52d48d9be57c
--- /dev/null
+++ b/sci-libs/ccp4-libs/ccp4-libs-6.1.3-r4.ebuild
@@ -0,0 +1,232 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sci-libs/ccp4-libs/ccp4-libs-6.1.3-r4.ebuild,v 1.1 2010/10/04 17:02:08 xarthisius Exp $
+
+EAPI="3"
+
+inherit fortran eutils gnuconfig multilib toolchain-funcs
+
+FORTRAN="g77 gfortran ifc"
+
+SRC="ftp://ftp.ccp4.ac.uk/ccp4"
+
+#UPDATE="04_03_09"
+#PATCHDATE="090511"
+
+MY_P="${P/-libs}"
+
+PATCH_TOT="0"
+# Here's a little scriptlet to generate this list from the provided
+# index.patches file
+#
+# i=1; while read -a line; do [[ ${line//#} != ${line} ]] && continue;
+# echo "PATCH${i}=( ${line[1]}"; echo "${line[0]} )"; (( i++ )); done <
+# index.patches
+#PATCH1=( src/topp_
+#topp.f-r1.16.2.5-r1.16.2.6.diff )
+#PATCH2=( .
+#configure-r1.372.2.18-r1.372.2.19.diff )
+
+DESCRIPTION="Protein X-ray crystallography toolkit"
+HOMEPAGE="http://www.ccp4.ac.uk/"
+SRC_URI="${SRC}/${PV}/${MY_P}-core-src.tar.gz"
+# patch tarball from upstream
+ [[ -n ${UPDATE} ]] && SRC_URI="${SRC_URI} ${SRC}/${PV}/updates/${P}-src-patch-${UPDATE}.tar.gz"
+# patches created by us
+ [[ -n ${PATCHDATE} ]] && SRC_URI="${SRC_URI} http://dev.gentooexperimental.org/~jlec/science-dist/${PV}-${PATCHDATE}-updates.patch.bz2"
+
+for i in $(seq $PATCH_TOT); do
+ NAME="PATCH${i}[1]"
+ SRC_URI="${SRC_URI}
+ ${SRC}/${PV}/patches/${!NAME}"
+done
+
+LICENSE="ccp4"
+SLOT="0"
+KEYWORDS="~amd64 ~x86 ~amd64-linux ~x86-linux"
+IUSE=""
+
+RDEPEND="
+ media-libs/jpeg:0
+ app-shells/tcsh
+ !<sci-chemistry/ccp4-6.1.3
+ sci-libs/cbflib
+ =sci-libs/fftw-2*
+ sci-libs/mmdb
+ sci-libs/monomer-db
+ virtual/lapack
+ virtual/blas"
+DEPEND="${RDEPEND}"
+
+S="${WORKDIR}/${MY_P}"
+
+src_prepare() {
+ einfo "Applying upstream patches ..."
+ for patch in $(seq $PATCH_TOT); do
+ base="PATCH${patch}"
+ dir=$(eval echo \${${base}[0]})
+ p=$(eval echo \${${base}[1]})
+ pushd "${dir}" >& /dev/null
+ ccp_patch "${DISTDIR}/${p}"
+ popd >& /dev/null
+ done
+ einfo "Done."
+ echo
+
+ [[ -n ${PATCHDATE} ]] && epatch "${WORKDIR}"/${PV}-${PATCHDATE}-updates.patch
+
+ einfo "Applying Gentoo patches ..."
+ # fix buffer overflows wrt bug 339706
+ ccp_patch "${FILESDIR}"/${PV}-overflows.patch
+
+ # it tries to create libdir, bindir etc on live system in configure
+ ccp_patch "${FILESDIR}"/${PV}-dont-make-dirs-in-configure.patch
+
+ # gerror_ gets defined twice on ppc if you're using gfortran/g95
+ ccp_patch "${FILESDIR}"/6.0.2-ppc-double-define-gerror.patch
+
+ # make creation of libccif.so smooth
+ ccp_patch "${FILESDIR}"/${PV}-ccif-shared.patch
+
+ # lets try to build libmmdb seperatly
+ ccp_patch "${FILESDIR}"/${PV}-dont-build-mmdb.patch
+
+ # unbundle libjpeg and cbflib
+ ccp_patch "${FILESDIR}"/${PV}-unbundle-libs.patch
+
+ # Fix missing DESTIDR
+ # not installing during build
+ ccp_patch "${FILESDIR}"/${PV}-noinstall.patch
+ sed \
+ -e '/SHARE_INST/s:$(libdir):$(DESTDIR)/$(libdir):g' \
+ -i configure || die
+
+ einfo "Done." # done applying Gentoo patches
+ echo
+
+ sed \
+ -e "s:/usr:${EPREFIX}/usr:g" \
+ -e 's:-Wl,-rpath,$CLIB::g' \
+ -e 's: -rpath $CLIB::g' \
+ -e 's: -I${srcdir}/include/cpp_c_headers::g' \
+ -i configure || die
+
+ gnuconfig_update
+}
+
+src_configure() {
+
+ rm -rf lib/DiffractionImage/{jpg,CBFlib} || die
+
+ # Build system is broken if we set LDFLAGS
+ userldflags="${LDFLAGS}"
+ export SHARED_LIB_FLAGS="${LDFLAGS}"
+ unset LDFLAGS
+
+ # GENTOO_OSNAME can be one of:
+ # irix irix64 sunos sunos64 aix hpux osf1 linux freebsd
+ # linux_compaq_compilers linux_intel_compilers generic Darwin
+ # ia64_linux_intel Darwin_ibm_compilers linux_ibm_compilers
+ if [[ "${FORTRANC}" = "ifc" ]]; then
+ if use ia64; then
+ GENTOO_OSNAME="ia64_linux_intel"
+ else
+ # Should be valid for x86, maybe amd64
+ GENTOO_OSNAME="linux_intel_compilers"
+ fi
+ else
+ # Should be valid for x86 and amd64, at least
+ GENTOO_OSNAME="linux"
+ fi
+
+ # Sets up env
+ ln -s \
+ ccp4.setup-bash \
+ "${S}"/include/ccp4.setup
+
+ # We agree to the license by emerging this, set in LICENSE
+ sed -i \
+ -e "s~^\(^agreed=\).*~\1yes~g" \
+ "${S}"/configure
+
+ # Fix up variables -- need to reset CCP4_MASTER at install-time
+ sed -i \
+ -e "s~^\(setenv CCP4_MASTER.*\)/.*~\1"${WORKDIR}"~g" \
+ -e "s~^\(setenv CCP4I_TCLTK.*\)/usr/local/bin~\1${EPREFIX}/usr/bin~g" \
+ "${S}"/include/ccp4.setup*
+
+ # Set up variables for build
+ source "${S}"/include/ccp4.setup
+
+ export CC=$(tc-getCC)
+ export CXX=$(tc-getCXX)
+ export COPTIM=${CFLAGS}
+ export CXXOPTIM=${CXXFLAGS}
+ # Default to -O2 if FFLAGS is unset
+ export FC=${FORTRANC}
+ export FOPTIM=${FFLAGS:- -O2}
+# export CCP4_SCR="${T}"
+
+ # Fix linking
+# $(tc-getCC) ${userldflags} -shared -Wl,-soname,libmmdb.so -o libmmdb.so \${MMDBOBJS} $(gcc-config -L | awk -F: '{for(i=1; i<=NF; i++) printf " -L%s", $i}') -lm -lstdc++ && \
+ export SHARE_LIB="\
+ $(tc-getCC) ${userldflags} -shared -Wl,-soname,libccp4c.so -o libccp4c.so \${CORELIBOBJS} \${CGENERALOBJS} \${CUCOBJS} \${CMTZOBJS} \${CMAPOBJS} \${CSYMOBJS} -L../ccif/ -lccif $(gcc-config -L | awk -F: '{for(i=1; i<=NF; i++) printf " -L%s", $i}') -lm && \
+ ${FORTRANC} ${userldflags} -shared -Wl,-soname,libccp4f.so -o libccp4f.so \${FORTRANLOBJS} \${FINTERFACEOBJS} -L../ccif/ -lccif -L. -lccp4c -lmmdb $(gcc-config -L | awk -F: '{for(i=1; i<=NF; i++) printf " -L%s", $i}') -lstdc++ -lgfortran -lm"
+
+ # Can't use econf, configure rejects unknown options like --prefix
+ ./configure \
+ --onlylibs \
+ --with-shared-libs \
+ --with-fftw="${EPREFIX}"/usr \
+ --with-warnings \
+ --disable-cctbx \
+ --disable-clipper \
+ --tmpdir="${TMPDIR}" \
+ --bindir="${EPREFIX}"/usr/libexec/ccp4/bin/ \
+ --libdir="${EPREFIX}"/usr/$(get_libdir) \
+ ${GENTOO_OSNAME} || die "econf failed"
+}
+
+src_compile() {
+ emake -j1 \
+ DESTDIR="${ED}" onlylib || die "emake failed"
+}
+
+src_install() {
+ # Set up variables for build
+ source "${S}"/include/ccp4.setup
+
+ emake -j1 \
+ DESTDIR="${ED}" \
+ includedir="${EPREFIX}"/usr/include \
+ library_includedir="${EPREFIX}"/usr/include \
+ install || die
+
+ # Libs
+ for file in "${S}"/lib/*; do
+ if [[ -d ${file} ]]; then
+ continue
+ elif [[ -x ${file} ]]; then
+ dolib.so ${file} || die
+ else
+ insinto /usr/$(get_libdir)
+ doins ${file} || die
+ fi
+ done
+
+ # Fix libdir in all *.la files
+ sed -i \
+ -e "s:^\(libdir=\).*:\1\'${EPREFIX}/usr/$(get_libdir)\':g" \
+ "${ED}"/usr/$(get_libdir)/*.la || die
+
+ # Data
+ insinto /usr/share/ccp4/data/
+ doins -r "${S}"/lib/data/{*.PARM,*.prt,*.lib,*.dic,*.idl,*.cif,*.resource,*.york,*.hist,fraglib,reference_structures} || die
+ dodoc "${S}"/lib/data/*.doc || die
+ newdoc "${S}"/lib/data/README DATA-README || die
+}
+
+# Epatch wrapper for bulk patching
+ccp_patch() {
+ EPATCH_SINGLE_MSG=" ${1##*/} ..." epatch ${1}
+}
diff --git a/sci-libs/ccp4-libs/files/6.1.3-overflows.patch b/sci-libs/ccp4-libs/files/6.1.3-overflows.patch
new file mode 100644
index 000000000000..0e3c941d1cc2
--- /dev/null
+++ b/sci-libs/ccp4-libs/files/6.1.3-overflows.patch
@@ -0,0 +1,35 @@
+Fix overflows and array subscript above array bounds
+
+http://bugs.gentoo.org/show_bug.cgi?id=339706
+
+--- ccp4-6.1.3/lib/ccif/f_interface.c
++++ ccp4-6.1.3/lib/ccif/f_interface.c
+@@ -926,7 +926,7 @@
+ #endif
+
+ {
+- char logname_c[81];
++ char logname_c[MAXFLEN];
+ size_t Length;
+ int unit;
+ CIF_FILE_LIST file_list_entry;
+@@ -4064,7 +4064,7 @@
+ #endif
+
+ {
+- char lognam_c[81], *blknam_c;
++ char lognam_c[MAXFLEN], *blknam_c;
+ size_t loglen, blklen;
+ int i, j, new;
+
+--- ccp4-6.1.3/lib/src/ccp4_diskio_f.c
++++ ccp4-6.1.3/lib/src/ccp4_diskio_f.c
+@@ -705,7 +705,7 @@
+ log_name = strdup("diskio.dft");
+ if (!(file_name = getenv(log_name)))
+ file_name = log_name;
+- for ( *istrm = 1; *istrm == MAXFILES; *istrm++)
++ for ( *istrm = 1; *istrm < MAXFILES; *istrm++)
+ if (!strcmp(file_name,_ioChannels[*istrm]->iobj->name)) break;
+ }
+ if (*istrm != MAXFILES) {