gentoo resync : 14.07.2018

5 files changed, 247 insertions, 0 deletions

diff --git a/app-arch/rzip/Manifest b/app-arch/rzip/Manifest
new file mode 100644
index 000000000000..4cc217a623a4
--- /dev/null
+++ b/app-arch/rzip/Manifest
@@ -0,0 +1,5 @@
+AUX rzip-2.1-CVE-2017-8364.patch 1006 BLAKE2B dc84fc222e5fcf1c0e5a37eda05bfb136b9603eb3c510edabd91bfc639b2c4a9f9956ce8cf152c94fb255c1b749a5eb8dfd0d13f65a2a4682a008f6fc236ab4d SHA512 18f594eca2f805770dad7569ad8cffbb934e74b85b04cc91cbcbb04fbc936529f68121504c50b037cfb848e9ba90131a5b35a1d236f0c1453d55fd8b415a7ed6
+AUX rzip-2.1-darwin.patch 4829 BLAKE2B 7e6cd7273573517aa29e73f0556e6b33d4386d71872d643d448859a48308b8fcd59b1a2c6749117e39c8184ac4239053a97757b2e4e821b7b9e7232e99af2120 SHA512 a3cd2c98a486626767eacd5a949ecf1f328f11bd663a1f4b9f758314dde709e9fd73fb1239dec8737d4511f61225f47682b610b9a2609646613a774d6f6ad5f8
+DIST rzip-2.1.tar.gz 46785 BLAKE2B da38d7ae74149824dd33f3ecb1a7f6f63d63a8ee54c57565e4edc5915b503882d4de20b19c22228e8d3fc698477b6c8f095c2a399d442101a83ee66f4bfbcc63 SHA512 06ed760ba2b7f09781a2e9312b645d41c145f96e3ee55ddf573714493e92466366ec6394267e5e06b0d8c42dcb67e1ae99dafa417a84737ce2b4a650a9059a6f
+EBUILD rzip-2.1-r3.ebuild 1098 BLAKE2B 1e460e70954a817ddb95638de32d3333079741a6101c33f55c0b5dd16911343253ecdf3e6e41ad18f7ddd4ba1ca2593d4c476a5475aadf320086457b79deeeb2 SHA512 a3789a90c00622d6e2d9c54bdee2a3b9c69a18cb9d266d150088dee340062f243af38056f767c6cfc094e6f6c537dbcb7c1974a8816075c9045b94b8ef0eed39
+MISC metadata.xml 166 BLAKE2B c254f1fb642881aba57637be14fb0a89b10384f91a128feaec3a8c870d76efc2cbacb92caccc0dee2dd19a5ac5eaf8643080dafa05c4e2ac96a68568927e5afd SHA512 a56648c974a1d14dd4c18237532773c72057a13ab90c58b5da04f185e3c12a8bd8d5c21fb06053507f31766291a82dc7d87b34cd65fd94cfe2af7295c813ef84
diff --git a/app-arch/rzip/files/rzip-2.1-CVE-2017-8364.patch b/app-arch/rzip/files/rzip-2.1-CVE-2017-8364.patch
new file mode 100644
index 000000000000..3c65e6f1939d
--- /dev/null
+++ b/app-arch/rzip/files/rzip-2.1-CVE-2017-8364.patch
@@ -0,0 +1,33 @@
+Index: rzip-2.1/stream.c
+===================================================================
+--- rzip-2.1.orig/stream.c
++++ rzip-2.1/stream.c
+@@ -147,16 +147,16 @@ static int write_u32(int f, u32 v)
+ 	return 0;
+ }
+ 
+-static int read_buf(int f, uchar *p, int len)
++static int read_buf(int f, uchar *p, unsigned int len)
+ {
+ 	int ret;
+ 	ret = read(f, p, len);
+ 	if (ret == -1) {
+-		err_msg("Read of length %d failed - %s\n", len, strerror(errno));
++		err_msg("Read of length %u failed - %s\n", len, strerror(errno));
+ 		return -1;
+ 	}
+ 	if (ret != len) {
+-		err_msg("Partial read!? asked for %d bytes but got %d\n", len, ret);
++		err_msg("Partial read!? asked for %u bytes but got %d\n", len, ret);
+ 		return -1;
+ 	}
+ 	return 0;
+@@ -399,7 +399,7 @@ static int fill_buffer(struct stream_inf
+ 	if (sinfo->s[stream].buf) {
+ 		free(sinfo->s[stream].buf);
+ 	}
+-	sinfo->s[stream].buf = malloc(u_len);
++	sinfo->s[stream].buf = malloc(c_len > u_len ? c_len : u_len);
+ 	if (!sinfo->s[stream].buf) {
+ 		return -1;
+ 	}
diff --git a/app-arch/rzip/files/rzip-2.1-darwin.patch b/app-arch/rzip/files/rzip-2.1-darwin.patch
new file mode 100644
index 000000000000..b07aa1712309
--- /dev/null
+++ b/app-arch/rzip/files/rzip-2.1-darwin.patch
@@ -0,0 +1,163 @@
+--- a/configure.in	2003-11-03 09:19:11.000000000 +0100
++++ b/configure.in	2008-07-27 21:59:45.774740303 +0200
+@@ -2,6 +2,12 @@
+ AC_INIT(main.c)
+ AC_CONFIG_HEADER(config.h)
+ 
++# test prior to AC_PROG_CC, since it sets cflags on it's own.
++if test x"CFLAGS" = x
++then
++	DEFAULT_CFLAGS="-g -Wall -O3"
++fi
++
+ dnl Checks for programs.
+ AC_PROG_CC
+ AC_PROG_INSTALL
+@@ -9,10 +15,10 @@
+ AC_SYS_LARGEFILE
+ 
+ # Thanks to Martin Pool
+-if test x"$GCC" = xyes 
++if test x"$GCC" = xyes && test x"$DEFAULT_CFLAGS" != x
+ then
+     CFLAGS="-g -Wall -O3"
+-    AC_MSG_NOTICE([Setting gcc options: $CFLAGS])
++    AC_MSG_RESULT([Setting default cflags: $CFLAGS])
+ fi
+ 
+ AC_CHECK_HEADERS(fcntl.h sys/time.h sys/unistd.h unistd.h)
+@@ -45,12 +51,8 @@
+ AC_CHECK_LIB(bz2, BZ2_bzBuffToBuffCompress, , 
+         AC_MSG_ERROR([Could not find bz2 library - please install libbz2-devel]))
+ 
+-echo $ac_n "checking for errno in errno.h... $ac_c"
+-AC_TRY_COMPILE([#include <errno.h>],[int i = errno],
+-echo yes; AC_DEFINE(HAVE_ERRNO_DECL),
+-echo no)
+-
+ AC_CHECK_FUNCS(mmap strerror)
+ AC_CHECK_FUNCS(getopt_long)
++AC_CHECK_FUNCS(strndup)
+ 
+ AC_OUTPUT(Makefile)
+--- a/main.c	2006-02-14 01:38:23.000000000 +0100
++++ b/main.c	2008-07-27 22:00:28.298071207 +0200
+@@ -18,6 +18,7 @@
+ /* rzip compression - main program */
+ 
+ #include "rzip.h"
++#include "strutils.h"
+ 
+ static void usage(void)
+ {
+--- a/rzip.h	2006-02-14 01:38:23.000000000 +0100
++++ b/rzip.h	2008-07-27 21:58:08.204752617 +0200
+@@ -94,7 +94,7 @@
+ #define strerror(i) sys_errlist[i]
+ #endif
+ 
+-#ifndef HAVE_ERRNO_DECL
++#if !defined(errno)
+ extern int errno;
+ #endif
+ 
+--- a/strutils.c	1970-01-01 01:00:00.000000000 +0100
++++ b/strutils.c	2008-07-27 21:58:08.204752617 +0200
+@@ -0,0 +1,29 @@
++/* 
++   Copyright (C) 2005 Gentoo Foundation
++   
++   This program is free software; you can redistribute it and/or modify
++   it under the terms of the GNU General Public License as published by
++   the Free Software Foundation; either version 2 of the License, or
++   (at your option) any later version.
++   
++   This program is distributed in the hope that it will be useful,
++   but WITHOUT ANY WARRANTY; without even the implied warranty of
++   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++   GNU General Public License for more details.
++   
++   You should have received a copy of the GNU General Public License
++   along with this program; if not, write to the Free Software
++   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++*/
++/* string utilities that may be missing on various platforms */
++
++#include "strutils.h"
++
++#ifndef HAVE_STRNDUP
++char* strndup(const char* s, size_t n) {
++	char* ret = malloc(n + 1);
++	if (ret == NULL) return(ret);
++	ret[n] = '\0';
++	return(memcpy(ret, s, n));
++}
++#endif
+--- a/strutils.h	1970-01-01 01:00:00.000000000 +0100
++++ b/strutils.h	2008-07-27 21:58:08.204752617 +0200
+@@ -0,0 +1,31 @@
++/* 
++   Copyright (C) 2005 Gentoo Foundation
++   
++   This program is free software; you can redistribute it and/or modify
++   it under the terms of the GNU General Public License as published by
++   the Free Software Foundation; either version 2 of the License, or
++   (at your option) any later version.
++   
++   This program is distributed in the hope that it will be useful,
++   but WITHOUT ANY WARRANTY; without even the implied warranty of
++   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++   GNU General Public License for more details.
++   
++   You should have received a copy of the GNU General Public License
++   along with this program; if not, write to the Free Software
++   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++*/
++/* string utilities that may be missing on various platforms */
++
++#ifndef _HEADER_STRUTIL
++#define _HEADER_STRUTIL 1
++
++#include <stdlib.h>
++#include <string.h>
++#include "config.h"
++
++# ifndef HAVE_STRNDUP
++char* strndup(const char* s, size_t n);
++# endif
++
++#endif
+--- a/Makefile.in	2006-02-14 01:38:23.000000000 +0100
++++ b/Makefile.in	2010-08-26 23:34:38.000000000 +0200
+@@ -3,8 +3,8 @@
+ 
+ prefix=@prefix@
+ exec_prefix=@exec_prefix@
+-INSTALL_BIN=$(exec_prefix)/bin
+-INSTALL_MAN=$(prefix)/man
++INSTALL_BIN=$(DESTDIR)/@bindir@
++INSTALL_MAN=$(DESTDIR)/@mandir@
+ 
+ LIBS=@LIBS@
+ CC=@CC@
+@@ -20,7 +20,7 @@
+ .SUFFIXES:
+ .SUFFIXES: .c .o
+ 
+-OBJS= rzip.o runzip.o main.o stream.o util.o crc32.o
++OBJS= rzip.o runzip.o strutils.o main.o stream.o util.o crc32.o
+ 
+ # note that the -I. is needed to handle config.h when using VPATH
+ .c.o:
+@@ -35,9 +35,10 @@
+ 	${INSTALLCMD} -m 755 rzip ${INSTALL_BIN}
+ 	-mkdir -p ${INSTALL_MAN}/man1
+ 	${INSTALLCMD} -m 644 $(srcdir)/rzip.1 ${INSTALL_MAN}/man1/
++	ln -s rzip $(INSTALL_BIN)/runzip
+ 
+ rzip: $(OBJS)
+-	$(CC) $(CFLAGS) -o rzip $(OBJS) $(LIBS)
++	$(CC) $(CFLAGS) $(LDFLAGS) -o rzip $(OBJS) $(LIBS)
+ 
+ rzip.1: rzip.yo
+ 	yodl2man -o rzip.1 rzip.yo
diff --git a/app-arch/rzip/metadata.xml b/app-arch/rzip/metadata.xml
new file mode 100644
index 000000000000..6f49eba8f496
--- /dev/null
+++ b/app-arch/rzip/metadata.xml
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<!-- maintainer-needed -->
+</pkgmetadata>
diff --git a/app-arch/rzip/rzip-2.1-r3.ebuild b/app-arch/rzip/rzip-2.1-r3.ebuild
new file mode 100644
index 000000000000..915c6deeef2b
--- /dev/null
+++ b/app-arch/rzip/rzip-2.1-r3.ebuild
@@ -0,0 +1,41 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+inherit autotools
+
+DESCRIPTION="Compression program for large files"
+HOMEPAGE="https://rzip.samba.org/"
+SRC_URI="https://rzip.samba.org/ftp/rzip/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 hppa ~ppc ~ppc64 ~sparc x86 ~amd64-linux ~x86-linux ~ppc-macos"
+IUSE=""
+
+RDEPEND="app-arch/bzip2:="
+DEPEND="${DEPEND}"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-2.1-darwin.patch
+	"${FILESDIR}"/${PN}-2.1-CVE-2017-8364.patch
+)
+
+src_prepare() {
+	default
+	mv configure.{in,ac} || die
+	eautoreconf
+}
+
+pkg_postinst() {
+	ewarn "Warning: Gentoo shipped a broken rzip for quite some time. During"
+	ewarn "compression of large files it didn't set the right file size, so"
+	ewarn "if you have any reason to believe that your archive was compressed "
+	ewarn "with an old Gentoo rzip, please refer to "
+	ewarn "     https://bugs.gentoo.org/show_bug.cgi?id=217552 "
+	ewarn "for the rzip-handle-broken-archive.patch patch to rescue your"
+	ewarn "data."
+	ewarn
+	ewarn "We apologize for the inconvenience."
+}