From 94393d04ccce851b0084c650c99a2eca52f9d3bb Mon Sep 17 00:00:00 2001
From: V3n3RiX <venerix@koprulu.sector>
Date: Mon, 5 Dec 2022 03:04:53 +0000
Subject: gentoo auto-resync : 05:12:2022 - 03:04:53

---
 games-arcade/Manifest.gz                           | Bin 20920 -> 20916 bytes
 games-arcade/supertux/Manifest                     |   3 +-
 .../supertux-0.6.3-squirrel-CVE-2021-41556.patch   |  36 ++++++++++++
 games-arcade/supertux/supertux-0.6.3-r1.ebuild     |  63 --------------------
 games-arcade/supertux/supertux-0.6.3-r2.ebuild     |  64 +++++++++++++++++++++
 5 files changed, 102 insertions(+), 64 deletions(-)
 create mode 100644 games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch
 delete mode 100644 games-arcade/supertux/supertux-0.6.3-r1.ebuild
 create mode 100644 games-arcade/supertux/supertux-0.6.3-r2.ebuild

(limited to 'games-arcade')

diff --git a/games-arcade/Manifest.gz b/games-arcade/Manifest.gz
index b9cd234ec7dc..5219d2476499 100644
Binary files a/games-arcade/Manifest.gz and b/games-arcade/Manifest.gz differ
diff --git a/games-arcade/supertux/Manifest b/games-arcade/supertux/Manifest
index 28612595796a..f89a4540b978 100644
--- a/games-arcade/supertux/Manifest
+++ b/games-arcade/supertux/Manifest
@@ -3,8 +3,9 @@ AUX supertux-0.6.0-icon.patch 531 BLAKE2B ffe235acd0ebaac3ecb2588d195496ac2ea34a
 AUX supertux-0.6.0-license.patch 696 BLAKE2B 76ba58368ce9c02ce66f2a51f54e6c95ede9058130dc54e9560ad060f69806623ea6496a3cb89d823cfbae8d84ce00e4da19eb38e60519f48726a083a3633b76 SHA512 8b4baf774be6625ff253614bb68436ddc26149722af7acea0a4f0772d496c6b30013a22fd3777b11275bd901128caf11b968a37b6a7b99ab344bac78309a6e8e
 AUX supertux-0.6.0-obstack.patch 1063 BLAKE2B ab251d7514f38a8a641e680df6c69bea88b8cfb360fc93b7e91a5274ca20e0ef4210429f8ab0694cd5c3e9eee89c6ee955b54a20dd04b11cb385bccc5bb6be6c SHA512 32da8175888fca98b76640739aa531fbfcc132dbce0a89e76be49bca29bc5878266c702e5f4c7499ddd0473804b344c62d03f39f6b14941f0e669e20d2c2241d
 AUX supertux-0.6.3-missing-include.patch 214 BLAKE2B ea83aa555192689f12d4d9aa6a170f8631aab11a5bde4d5995d06bf2f318aa795ff84249cb40a6a023d3c5cbda790de216be7e6660de690125bf374f4cbd2229 SHA512 be149515773888d26e792e636cb0083bc838d489824ee0b1c52cf892d7d9db6a38075f8917c443cb710475a16d3ca87231e38723dccfd98b74afb3e4b67511a1
+AUX supertux-0.6.3-squirrel-CVE-2021-41556.patch 1344 BLAKE2B 1c2d557e8affd6dce084e0b92774c860690d9326c57d85b81c44949304bc83e916cd009b35bc2ab71c7e4ff6b26a14f2ebfb17bee13a9606586b8d56feb70269 SHA512 e17ba944820a836065323222de307e5b18a6fb37e1036a6b129cd9a5010743ce70c70d857db0f2ed2f204f2c1b25c51ad18a35e4cc6c5a19312f0fc980871137
 AUX supertux-0.6.3-squirrel-CVE-2022-30292.patch 861 BLAKE2B b7d28c9ac1c995e4772fda5661da53b293c3fd32e2aa312be614f3af0460baebe875d4f86676dc9c4b4b0abccaca9e62aefa24a9d863e4f2696ea65637383c65 SHA512 298efb21e00e2eeca59e1b67a4e5999a3aa759c6918f6fc39d8d7d678fca8a66cdbe10d9a8dd094b412d59054e205af8772cd00293fe4eed63452f18b5db47af
 DIST SuperTux-v0.6.3-Source.tar.gz 182065428 BLAKE2B c4acbe2c61306e6e462a375205b4e95af174c87dbc391f15211e1fac365ab51147d7a83d20a90e35f7d7a994c72b560631ddf1686fee2e1f937f97a711fb1003 SHA512 c6540bab1b3befbd975756031c4587e5569d9613d9539dc829c728b574d1a4da92816d6a7e68947b32963cc13d9b8b52312701c199138640e9f89e5885433798
-EBUILD supertux-0.6.3-r1.ebuild 1584 BLAKE2B 261145d60f6e59d834225a28794ae0eeda4c03845d5b917b8ef4d304844ac36c416e76ac52d8cf424d4cda084c27ab9a168525994fb51c243e85cb5fb2beecd3 SHA512 dce0e141063901e527a1b4c6e359b27b43afcdffc977768a3966e756c191cda7b38f90926992acd28d41f9113a38745d2563731d113a7a4eb56af90359c0be93
+EBUILD supertux-0.6.3-r2.ebuild 1641 BLAKE2B 4e7c67f875ddc41112577e1a23e16dd0bb89122354b4be60bb187ca1a13daa3245f5c6c29d8ccd865618df2b65ddc1b04bc23983bb7691948e48eb1c005eb677 SHA512 071615e062d1c579ed0719fecc0296e30a805b7eaea05342b88a2c54928ff19f39c53363a61d2a25ae7aa1e0ba866e18646e0a067115b73b6c268f6e15e5969d
 EBUILD supertux-0.6.3.ebuild 1527 BLAKE2B bd9fe860e1e668f52ad6ccd3a4505715caa818d82327aa7a40ebaf3cb948f7957717b6008befb20493d6977406fe8ea0446ff8903de0a8a9cf1d2cda722e8ca9 SHA512 c73528284249d628aa6553a5a7e08a3f093694b438dded494fc425e53d55231254ca8a84db522fe8b8b77ef1923d7249443bc4bb022aedb6bfbd4c55c64c80c4
 MISC metadata.xml 390 BLAKE2B a850f1d65a3de8f6ba0f4835c4fe013e748abf1da785b984a1ea5df2c7c176c8646c240b30137b42708e8e00b75a78fa236748991a9c32f6264d20b6312e5a22 SHA512 b814077d7680ad9cd8d3dd67f136ad09d7c321cb9fe8c019d256db495b88346b32d20791630956773dafe2ddfba76984bf2ef1d366f5575534712ef42f41a949
diff --git a/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch b/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch
new file mode 100644
index 000000000000..a63e7a6c4e69
--- /dev/null
+++ b/games-arcade/supertux/files/supertux-0.6.3-squirrel-CVE-2021-41556.patch
@@ -0,0 +1,36 @@
+From 23a0620658714b996d20da3d4dd1a0dcf9b0bd98 Mon Sep 17 00:00:00 2001
+From: albertodemichelis <alberto@qnsoftware.com>
+Date: Thu, 16 Sep 2021 22:36:53 +0800
+Subject: [PATCH] check max member count in class
+
+---
+ squirrel/sqclass.cpp | 3 +++
+ squirrel/sqclass.h   | 1 +
+ 2 files changed, 4 insertions(+)
+
+diff --git a/squirrel/sqclass.cpp b/squirrel/sqclass.cpp
+index fc619616..53a29763 100644
+--- a/external/squirrel/squirrel/sqclass.cpp
++++ b/external/squirrel/squirrel/sqclass.cpp
+@@ -61,6 +61,9 @@ bool SQClass::NewSlot(SQSharedState *ss,const SQObjectPtr &key,const SQObjectPtr
+         _defaultvalues[_member_idx(temp)].val = val;
+         return true;
+     }
++	if (_members->CountUsed() >= MEMBER_MAX_COUNT) {
++		return false;
++	}
+     if(belongs_to_static_table) {
+         SQInteger mmidx;
+         if((sq_type(val) == OT_CLOSURE || sq_type(val) == OT_NATIVECLOSURE) &&
+diff --git a/squirrel/sqclass.h b/squirrel/sqclass.h
+index 7d402172..60d3d21b 100644
+--- a/external/squirrel/squirrel/sqclass.h
++++ b/external/squirrel/squirrel/sqclass.h
+@@ -17,6 +17,7 @@ typedef sqvector<SQClassMember> SQClassMemberVec;
+ 
+ #define MEMBER_TYPE_METHOD 0x01000000
+ #define MEMBER_TYPE_FIELD 0x02000000
++#define MEMBER_MAX_COUNT 0x00FFFFFF
+ 
+ #define _ismethod(o) (_integer(o)&MEMBER_TYPE_METHOD)
+ #define _isfield(o) (_integer(o)&MEMBER_TYPE_FIELD)
diff --git a/games-arcade/supertux/supertux-0.6.3-r1.ebuild b/games-arcade/supertux/supertux-0.6.3-r1.ebuild
deleted file mode 100644
index e670bfd6f25a..000000000000
--- a/games-arcade/supertux/supertux-0.6.3-r1.ebuild
+++ /dev/null
@@ -1,63 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=8
-
-#: ${CMAKE_MAKEFILE_GENERATOR:=emake}
-inherit cmake
-
-MY_PV="${PV/_rc/-rc.}"
-MY_P="SuperTux-v${MY_PV}-Source"
-
-DESCRIPTION="A game similar to Super Mario Bros"
-HOMEPAGE="https://www.supertux.org"
-SRC_URI="https://github.com/SuperTux/${PN}/releases/download/v${MY_PV}/${MY_P}.tar.gz"
-S="${WORKDIR}/${MY_P}"
-
-LICENSE="GPL-2+ GPL-3+ ZLIB MIT CC-BY-SA-2.0 CC-BY-SA-3.0"
-SLOT="0"
-KEYWORDS="~amd64 ~arm64 ~x86"
-IUSE="debug"
-
-# =media-libs/libsdl2-2.0.14-r0 can cause supertux binary to move entire
-# content of ${HOME} to ${HOME}/.local/share/supertux2/
-# DO NOT REMOVE THIS BLOCKER!!! See bug #764959
-RDEPEND="
-	!=media-libs/libsdl2-2.0.14-r0
-	>=dev-games/physfs-3.0
-	dev-libs/boost:=[nls]
-	media-libs/freetype
-	media-libs/glew:=
-	media-libs/libpng:0=
-	>=media-libs/libsdl2-2.0.1[joystick,video]
-	media-libs/libvorbis
-	media-libs/openal
-	>=media-libs/sdl2-image-2.0.0[png,jpeg]
-	>=net-misc/curl-7.21.7
-	virtual/opengl
-"
-DEPEND="${RDEPEND}
-	media-libs/glm"
-BDEPEND="
-	virtual/pkgconfig
-"
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-0.5.0-tinygettext.patch
-	"${FILESDIR}"/${PN}-0.6.0-{license,icon,obstack}.patch
-	"${FILESDIR}"/${PN}-0.6.3-missing-include.patch
-	"${FILESDIR}"/${PN}-0.6.3-squirrel-CVE-2022-30292.patch
-)
-
-src_configure() {
-	local mycmakeargs=(
-		-DWERROR=OFF
-		-DINSTALL_SUBDIR_BIN=bin
-		-DINSTALL_SUBDIR_DOC=share/doc/${PF}
-		-DINSTALL_SUBDIR_SHARE=share/${PN}2
-		-DENABLE_SQDBG="$(usex debug)"
-		-DUSE_SYSTEM_PHYSFS=ON
-		-DIS_SUPERTUX_RELEASE=ON
-	)
-	cmake_src_configure
-}
diff --git a/games-arcade/supertux/supertux-0.6.3-r2.ebuild b/games-arcade/supertux/supertux-0.6.3-r2.ebuild
new file mode 100644
index 000000000000..2126e741ddad
--- /dev/null
+++ b/games-arcade/supertux/supertux-0.6.3-r2.ebuild
@@ -0,0 +1,64 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+#: ${CMAKE_MAKEFILE_GENERATOR:=emake}
+inherit cmake
+
+MY_PV="${PV/_rc/-rc.}"
+MY_P="SuperTux-v${MY_PV}-Source"
+
+DESCRIPTION="A game similar to Super Mario Bros"
+HOMEPAGE="https://www.supertux.org"
+SRC_URI="https://github.com/SuperTux/${PN}/releases/download/v${MY_PV}/${MY_P}.tar.gz"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="GPL-2+ GPL-3+ ZLIB MIT CC-BY-SA-2.0 CC-BY-SA-3.0"
+SLOT="0"
+KEYWORDS="~amd64 ~arm64 ~x86"
+IUSE="debug"
+
+# =media-libs/libsdl2-2.0.14-r0 can cause supertux binary to move entire
+# content of ${HOME} to ${HOME}/.local/share/supertux2/
+# DO NOT REMOVE THIS BLOCKER!!! See bug #764959
+RDEPEND="
+	!=media-libs/libsdl2-2.0.14-r0
+	>=dev-games/physfs-3.0
+	dev-libs/boost:=[nls]
+	media-libs/freetype
+	media-libs/glew:=
+	media-libs/libpng:0=
+	>=media-libs/libsdl2-2.0.1[joystick,video]
+	media-libs/libvorbis
+	media-libs/openal
+	>=media-libs/sdl2-image-2.0.0[png,jpeg]
+	>=net-misc/curl-7.21.7
+	virtual/opengl
+"
+DEPEND="${RDEPEND}
+	media-libs/glm"
+BDEPEND="
+	virtual/pkgconfig
+"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-0.5.0-tinygettext.patch
+	"${FILESDIR}"/${PN}-0.6.0-{license,icon,obstack}.patch
+	"${FILESDIR}"/${PN}-0.6.3-missing-include.patch
+	"${FILESDIR}"/${PN}-0.6.3-squirrel-CVE-2021-41556.patch
+	"${FILESDIR}"/${PN}-0.6.3-squirrel-CVE-2022-30292.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		-DWERROR=OFF
+		-DINSTALL_SUBDIR_BIN=bin
+		-DINSTALL_SUBDIR_DOC=share/doc/${PF}
+		-DINSTALL_SUBDIR_SHARE=share/${PN}2
+		-DENABLE_SQDBG="$(usex debug)"
+		-DUSE_SYSTEM_PHYSFS=ON
+		-DIS_SUPERTUX_RELEASE=ON
+	)
+	cmake_src_configure
+}
-- 
cgit v1.2.3