Compare commits
13 Commits
master
...
stable/1.8
Author | SHA1 | Date |
---|---|---|
Ariadne Conill | 20db9ffcbe | |
Ariadne Conill | 5436648cd4 | |
Ariadne Conill | 66046df940 | |
Ariadne Conill | 81e1785db2 | |
wi24rd | 2b850d2648 | |
Eli Schwartz | c87a6c2ec1 | |
Doug Freed | 1f282295ff | |
Ariadne Conill | e3957c6155 | |
Doug Freed | f58d54e77b | |
Timo Röhling | 2837bbcc4c | |
Ariadne Conill | 0b5f360bce | |
Ariadne Conill | 81cc9b3e6d | |
Ariadne Conill | 4b0264de8b |
|
@ -22,6 +22,7 @@ EXTRA_DIST = pkg.m4 \
|
||||||
libpkgconf/win-dirent.h \
|
libpkgconf/win-dirent.h \
|
||||||
tests/lib-relocatable/lib/pkgconfig/foo.pc \
|
tests/lib-relocatable/lib/pkgconfig/foo.pc \
|
||||||
tests/lib1/argv-parse-2.pc \
|
tests/lib1/argv-parse-2.pc \
|
||||||
|
tests/lib1/billion-laughs.pc \
|
||||||
tests/lib1/dos-lineendings.pc \
|
tests/lib1/dos-lineendings.pc \
|
||||||
tests/lib1/paren-quoting.pc \
|
tests/lib1/paren-quoting.pc \
|
||||||
tests/lib1/argv-parse-3.pc \
|
tests/lib1/argv-parse-3.pc \
|
||||||
|
|
8
NEWS
8
NEWS
|
@ -1,6 +1,14 @@
|
||||||
Changes from previous version of pkgconf
|
Changes from previous version of pkgconf
|
||||||
========================================
|
========================================
|
||||||
|
|
||||||
|
Changes from 1.8.0 to 1.8.1:
|
||||||
|
----------------------------
|
||||||
|
|
||||||
|
* Fix a buffer overflow vulnerability involving very large variable expansions.
|
||||||
|
CVE-2023-24056
|
||||||
|
|
||||||
|
* Fix handling of tildes in version strings.
|
||||||
|
|
||||||
Changes from 1.7.4 to 1.8.0:
|
Changes from 1.7.4 to 1.8.0:
|
||||||
----------------------------
|
----------------------------
|
||||||
|
|
||||||
|
|
|
@ -1039,6 +1039,9 @@ main(int argc, char *argv[])
|
||||||
if ((want_flags & PKG_STATIC) == PKG_STATIC || personality->want_default_static)
|
if ((want_flags & PKG_STATIC) == PKG_STATIC || personality->want_default_static)
|
||||||
want_client_flags |= (PKGCONF_PKG_PKGF_SEARCH_PRIVATE | PKGCONF_PKG_PKGF_MERGE_PRIVATE_FRAGMENTS);
|
want_client_flags |= (PKGCONF_PKG_PKGF_SEARCH_PRIVATE | PKGCONF_PKG_PKGF_MERGE_PRIVATE_FRAGMENTS);
|
||||||
|
|
||||||
|
if ((want_flags & PKG_EXISTS) == PKG_EXISTS)
|
||||||
|
want_client_flags |= PKGCONF_PKG_PKGF_SEARCH_PRIVATE;
|
||||||
|
|
||||||
if ((want_flags & PKG_SHARED) == PKG_SHARED)
|
if ((want_flags & PKG_SHARED) == PKG_SHARED)
|
||||||
want_client_flags &= ~(PKGCONF_PKG_PKGF_SEARCH_PRIVATE | PKGCONF_PKG_PKGF_MERGE_PRIVATE_FRAGMENTS);
|
want_client_flags &= ~(PKGCONF_PKG_PKGF_SEARCH_PRIVATE | PKGCONF_PKG_PKGF_MERGE_PRIVATE_FRAGMENTS);
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@ dnl implied. In no event shall the authors be liable for any damages arising
|
||||||
dnl from the use of this software.
|
dnl from the use of this software.
|
||||||
|
|
||||||
AC_PREREQ([2.68])
|
AC_PREREQ([2.68])
|
||||||
AC_INIT([pkgconf], [1.8.0], [https://github.com/pkgconf/pkgconf/issues/new])
|
AC_INIT([pkgconf], [1.8.1], [https://github.com/pkgconf/pkgconf/issues/new])
|
||||||
AC_CONFIG_SRCDIR([cli/main.c])
|
AC_CONFIG_SRCDIR([cli/main.c])
|
||||||
AC_CONFIG_MACRO_DIR([m4])
|
AC_CONFIG_MACRO_DIR([m4])
|
||||||
AX_CHECK_COMPILE_FLAG([-Wall], [CFLAGS="$CFLAGS -Wall"])
|
AX_CHECK_COMPILE_FLAG([-Wall], [CFLAGS="$CFLAGS -Wall"])
|
||||||
|
|
|
@ -76,7 +76,7 @@ routines.
|
||||||
|
|
||||||
:param char* a: The first version to compare in the pair.
|
:param char* a: The first version to compare in the pair.
|
||||||
:param char* b: The second version to compare in the pair.
|
:param char* b: The second version to compare in the pair.
|
||||||
:return: -1 if the first version is greater, 0 if both versions are equal, 1 if the second version is greater.
|
:return: -1 if the first version is less than, 0 if both versions are equal, 1 if the second version is less than.
|
||||||
:rtype: int
|
:rtype: int
|
||||||
|
|
||||||
.. c:function:: pkgconf_pkg_t *pkgconf_builtin_pkg_get(const char *name)
|
.. c:function:: pkgconf_pkg_t *pkgconf_builtin_pkg_get(const char *name)
|
||||||
|
|
|
@ -78,8 +78,8 @@ typedef struct pkgconf_cross_personality_ pkgconf_cross_personality_t;
|
||||||
#define PKGCONF_FOREACH_LIST_ENTRY_REVERSE(tail, value) \
|
#define PKGCONF_FOREACH_LIST_ENTRY_REVERSE(tail, value) \
|
||||||
for ((value) = (tail); (value) != NULL; (value) = (value)->prev)
|
for ((value) = (tail); (value) != NULL; (value) = (value)->prev)
|
||||||
|
|
||||||
#define LIBPKGCONF_VERSION 10700
|
#define LIBPKGCONF_VERSION 10801
|
||||||
#define LIBPKGCONF_VERSION_STR "1.7.0"
|
#define LIBPKGCONF_VERSION_STR "1.8.1"
|
||||||
|
|
||||||
struct pkgconf_fragment_ {
|
struct pkgconf_fragment_ {
|
||||||
pkgconf_node_t iter;
|
pkgconf_node_t iter;
|
||||||
|
|
|
@ -44,10 +44,18 @@ pkgconf_parser_parse(FILE *f, void *data, const pkgconf_parser_operand_func_t *o
|
||||||
lineno++;
|
lineno++;
|
||||||
|
|
||||||
p = readbuf;
|
p = readbuf;
|
||||||
|
while (*p && isspace((unsigned int)*p))
|
||||||
|
p++;
|
||||||
|
if (*p && p != readbuf)
|
||||||
|
{
|
||||||
|
warnfunc(data, "%s:" SIZE_FMT_SPECIFIER ": warning: whitespace encountered while parsing key section\n",
|
||||||
|
filename, lineno);
|
||||||
|
warned_key_whitespace = true;
|
||||||
|
}
|
||||||
|
key = p;
|
||||||
while (*p && (isalpha((unsigned int)*p) || isdigit((unsigned int)*p) || *p == '_' || *p == '.'))
|
while (*p && (isalpha((unsigned int)*p) || isdigit((unsigned int)*p) || *p == '_' || *p == '.'))
|
||||||
p++;
|
p++;
|
||||||
|
|
||||||
key = readbuf;
|
|
||||||
if (!isalpha((unsigned int)*key) && !isdigit((unsigned int)*p))
|
if (!isalpha((unsigned int)*key) && !isdigit((unsigned int)*p))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
@ -89,7 +97,6 @@ pkgconf_parser_parse(FILE *f, void *data, const pkgconf_parser_operand_func_t *o
|
||||||
*p = '\0';
|
*p = '\0';
|
||||||
p--;
|
p--;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (ops[(unsigned char) op])
|
if (ops[(unsigned char) op])
|
||||||
ops[(unsigned char) op](data, lineno, key, value);
|
ops[(unsigned char) op](data, lineno, key, value);
|
||||||
}
|
}
|
||||||
|
|
|
@ -798,7 +798,7 @@ out:
|
||||||
*
|
*
|
||||||
* :param char* a: The first version to compare in the pair.
|
* :param char* a: The first version to compare in the pair.
|
||||||
* :param char* b: The second version to compare in the pair.
|
* :param char* b: The second version to compare in the pair.
|
||||||
* :return: -1 if the first version is greater, 0 if both versions are equal, 1 if the second version is greater.
|
* :return: -1 if the first version is less than, 0 if both versions are equal, 1 if the second version is less than.
|
||||||
* :rtype: int
|
* :rtype: int
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
|
@ -813,10 +813,10 @@ pkgconf_compare_version(const char *a, const char *b)
|
||||||
|
|
||||||
/* optimization: if version matches then it's the same version. */
|
/* optimization: if version matches then it's the same version. */
|
||||||
if (a == NULL)
|
if (a == NULL)
|
||||||
return 1;
|
return -1;
|
||||||
|
|
||||||
if (b == NULL)
|
if (b == NULL)
|
||||||
return -1;
|
return 1;
|
||||||
|
|
||||||
if (!strcasecmp(a, b))
|
if (!strcasecmp(a, b))
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -837,9 +837,9 @@ pkgconf_compare_version(const char *a, const char *b)
|
||||||
if (*one == '~' || *two == '~')
|
if (*one == '~' || *two == '~')
|
||||||
{
|
{
|
||||||
if (*one != '~')
|
if (*one != '~')
|
||||||
return -1;
|
|
||||||
if (*two != '~')
|
|
||||||
return 1;
|
return 1;
|
||||||
|
if (*two != '~')
|
||||||
|
return -1;
|
||||||
|
|
||||||
one++;
|
one++;
|
||||||
two++;
|
two++;
|
||||||
|
|
|
@ -293,12 +293,23 @@ pkgconf_tuple_parse(const pkgconf_client_t *client, pkgconf_list_t *vars, const
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
PKGCONF_TRACE(client, "lookup tuple %s", varname);
|
||||||
|
|
||||||
|
size_t remain = PKGCONF_BUFSIZE - (bptr - buf);
|
||||||
ptr += (pptr - ptr);
|
ptr += (pptr - ptr);
|
||||||
kv = pkgconf_tuple_find_global(client, varname);
|
kv = pkgconf_tuple_find_global(client, varname);
|
||||||
if (kv != NULL)
|
if (kv != NULL)
|
||||||
{
|
{
|
||||||
strncpy(bptr, kv, PKGCONF_BUFSIZE - (bptr - buf));
|
size_t nlen = pkgconf_strlcpy(bptr, kv, remain);
|
||||||
bptr += strlen(kv);
|
if (nlen > remain)
|
||||||
|
{
|
||||||
|
pkgconf_warn(client, "warning: truncating very long variable to 64KB\n");
|
||||||
|
|
||||||
|
bptr = buf + (PKGCONF_BUFSIZE - 1);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
bptr += nlen;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
@ -306,12 +317,21 @@ pkgconf_tuple_parse(const pkgconf_client_t *client, pkgconf_list_t *vars, const
|
||||||
|
|
||||||
if (kv != NULL)
|
if (kv != NULL)
|
||||||
{
|
{
|
||||||
|
size_t nlen;
|
||||||
|
|
||||||
parsekv = pkgconf_tuple_parse(client, vars, kv);
|
parsekv = pkgconf_tuple_parse(client, vars, kv);
|
||||||
|
nlen = pkgconf_strlcpy(bptr, parsekv, remain);
|
||||||
strncpy(bptr, parsekv, PKGCONF_BUFSIZE - (bptr - buf));
|
|
||||||
bptr += strlen(parsekv);
|
|
||||||
|
|
||||||
free(parsekv);
|
free(parsekv);
|
||||||
|
|
||||||
|
if (nlen > remain)
|
||||||
|
{
|
||||||
|
pkgconf_warn(client, "warning: truncating very long variable to 64KB\n");
|
||||||
|
|
||||||
|
bptr = buf + (PKGCONF_BUFSIZE - 1);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
bptr += nlen;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -36,7 +36,7 @@ Properties are set using RFC822-style stanzas which consist of a keyword, follow
|
||||||
by a colon (:) and then the value the property should be set to.
|
by a colon (:) and then the value the property should be set to.
|
||||||
Variable substitution is always performed regardless of property type.
|
Variable substitution is always performed regardless of property type.
|
||||||
.Pp
|
.Pp
|
||||||
There are two types of property:
|
There are three types of property:
|
||||||
.\"
|
.\"
|
||||||
.Bl -tag -width indent
|
.Bl -tag -width indent
|
||||||
.\"
|
.\"
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
project('pkgconf', 'c',
|
project('pkgconf', 'c',
|
||||||
version : '1.8.0',
|
version : '1.8.1',
|
||||||
license : 'ISC',
|
license : 'ISC',
|
||||||
meson_version : '>=0.47')
|
meson_version : '>=0.47')
|
||||||
|
|
||||||
|
@ -107,4 +107,4 @@ install_man('man/pc.5')
|
||||||
install_man('man/pkgconf-personality.5')
|
install_man('man/pkgconf-personality.5')
|
||||||
install_data('pkg.m4', install_dir: 'share/aclocal')
|
install_data('pkg.m4', install_dir: 'share/aclocal')
|
||||||
install_data('AUTHORS', install_dir: 'share/doc/pkgconf')
|
install_data('AUTHORS', install_dir: 'share/doc/pkgconf')
|
||||||
install_data('README.md', install_dir: 'share/doc/pkgconf')
|
install_data('README.md', install_dir: 'share/doc/pkgconf')
|
||||||
|
|
|
@ -176,7 +176,7 @@ exists_version_bad3_body()
|
||||||
export PKG_CONFIG_PATH="${selfdir}/lib1"
|
export PKG_CONFIG_PATH="${selfdir}/lib1"
|
||||||
atf_check \
|
atf_check \
|
||||||
-s exit:1 \
|
-s exit:1 \
|
||||||
pkgconf --exists 'tilde <= 1.0.0'
|
pkgconf --exists 'tilde >= 1.0.0'
|
||||||
}
|
}
|
||||||
|
|
||||||
exists_body()
|
exists_body()
|
||||||
|
@ -190,7 +190,7 @@ exists2_body()
|
||||||
{
|
{
|
||||||
export PKG_CONFIG_PATH="${selfdir}/lib1"
|
export PKG_CONFIG_PATH="${selfdir}/lib1"
|
||||||
atf_check \
|
atf_check \
|
||||||
pkgconf --exists 'tilde >= 1.0.0'
|
pkgconf --exists 'tilde <= 1.0.0'
|
||||||
}
|
}
|
||||||
|
|
||||||
exists3_body()
|
exists3_body()
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
v9=lol
|
||||||
|
v8=${v9}${v9}${v9}${v9}${v9}${v9}${v9}${v9}${v9}${v9}
|
||||||
|
v7=${v8}${v8}${v8}${v8}${v8}${v8}${v8}${v8}${v8}${v8}
|
||||||
|
v6=${v7}${v7}${v7}${v7}${v7}${v7}${v7}${v7}${v7}${v7}
|
||||||
|
v5=${v6}${v6}${v6}${v6}${v6}${v6}${v6}${v6}${v6}${v6}
|
||||||
|
v4=${v5}${v5}${v5}${v5}${v5}${v5}${v5}${v5}${v5}${v5}
|
||||||
|
v3=${v4}${v4}${v4}${v4}${v4}${v4}${v4}${v4}${v4}${v4}
|
||||||
|
v2=${v3}${v3}${v3}${v3}${v3}${v3}${v3}${v3}${v3}${v3}
|
||||||
|
v1=${v2}${v2}${v2}${v2}${v2}${v2}${v2}${v2}${v2}${v2}
|
||||||
|
v0=${v1}${v1}${v1}${v1}${v1}${v1}${v1}${v1}${v1}${v1}
|
||||||
|
Name: One Billion Laughs
|
||||||
|
Version: ${v0}
|
||||||
|
Description: Don't install this!
|
|
@ -19,5 +19,4 @@ tests = [
|
||||||
# yuck
|
# yuck
|
||||||
foreach test : tests
|
foreach test : tests
|
||||||
configure_file(input: test + '.sh', output: test, copy: true)
|
configure_file(input: test + '.sh', output: test, copy: true)
|
||||||
run_command('chmod', '755', join_paths(meson.build_root(), 'tests', test))
|
|
||||||
endforeach
|
endforeach
|
||||||
|
|
|
@ -28,7 +28,8 @@ tests_init \
|
||||||
malformed_1 \
|
malformed_1 \
|
||||||
malformed_quoting \
|
malformed_quoting \
|
||||||
explicit_sysroot \
|
explicit_sysroot \
|
||||||
empty_tuple
|
empty_tuple \
|
||||||
|
billion_laughs
|
||||||
|
|
||||||
# sysroot_munge \
|
# sysroot_munge \
|
||||||
|
|
||||||
|
@ -251,3 +252,9 @@ empty_tuple_body()
|
||||||
atf_check -o inline:"\n" \
|
atf_check -o inline:"\n" \
|
||||||
pkgconf --with-path="${selfdir}/lib1" --cflags empty-tuple
|
pkgconf --with-path="${selfdir}/lib1" --cflags empty-tuple
|
||||||
}
|
}
|
||||||
|
|
||||||
|
billion_laughs_body()
|
||||||
|
{
|
||||||
|
atf_check -o inline:"warning: truncating very long variable to 64KB\nwarning: truncating very long variable to 64KB\nwarning: truncating very long variable to 64KB\nwarning: truncating very long variable to 64KB\nwarning: truncating very long variable to 64KB\n" \
|
||||||
|
pkgconf --with-path="${selfdir}/lib1" --validate billion-laughs
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue