From c224cd498277cbf2f53a092843a7568c272012cb Mon Sep 17 00:00:00 2001 From: Ulrich Müller Date: Wed, 6 Mar 2024 09:14:18 +0100 Subject: 25.3: Remove patchset MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Ulrich Müller --- emacs/25.3/01_all_gc-align-sparc.patch | 31 ---- emacs/25.3/02_all_imagemagick-7.patch | 86 ----------- emacs/25.3/03_all_glibc-2.34.patch | 20 --- emacs/25.3/04_all_etags.patch | 255 --------------------------------- emacs/25.3/05_all_etags-metachar.patch | 99 ------------- emacs/25.3/06_all_htmlfontify.patch | 22 --- 6 files changed, 513 deletions(-) delete mode 100644 emacs/25.3/01_all_gc-align-sparc.patch delete mode 100644 emacs/25.3/02_all_imagemagick-7.patch delete mode 100644 emacs/25.3/03_all_glibc-2.34.patch delete mode 100644 emacs/25.3/04_all_etags.patch delete mode 100644 emacs/25.3/05_all_etags-metachar.patch delete mode 100644 emacs/25.3/06_all_htmlfontify.patch diff --git a/emacs/25.3/01_all_gc-align-sparc.patch b/emacs/25.3/01_all_gc-align-sparc.patch deleted file mode 100644 index b76cf99..0000000 --- a/emacs/25.3/01_all_gc-align-sparc.patch +++ /dev/null @@ -1,31 +0,0 @@ -Fix segmentation fault on sparc64 with 32 bit userland. -https://bugs.gentoo.org/647238 - -Backported from upstream git: - -commit db64a866f6971c5d63565253c0c8d8db15d4a4dc -Author: Paul Eggert -Date: Tue Mar 20 09:54:20 2018 -0700 - - Port to 32-bit sparc64 - - Problem reported by Ulrich Mueller; fix suggested by Eli Zaretskii - and Andreas Schwab (Bug#30855). - * src/alloc.c (mark_memory): Call mark_maybe_object only on - pointers that are properly aligned for Lisp_Object. - ---- emacs-25.3-orig/src/alloc.c -+++ emacs-25.3/src/alloc.c -@@ -4892,7 +4892,11 @@ - for (pp = start; (void *) pp < end; pp += GC_POINTER_ALIGNMENT) - { - mark_maybe_pointer (*(void **) pp); -- mark_maybe_object (*(Lisp_Object *) pp); -+ -+ verify (alignof (Lisp_Object) % GC_POINTER_ALIGNMENT == 0); -+ if (alignof (Lisp_Object) == GC_POINTER_ALIGNMENT -+ || (uintptr_t) pp % alignof (Lisp_Object) == 0) -+ mark_maybe_object (*(Lisp_Object *) pp); - } - } - diff --git a/emacs/25.3/02_all_imagemagick-7.patch b/emacs/25.3/02_all_imagemagick-7.patch deleted file mode 100644 index 873fdcd..0000000 --- a/emacs/25.3/02_all_imagemagick-7.patch +++ /dev/null @@ -1,86 +0,0 @@ -Support ImageMagick version 7. -https://bugs.gentoo.org/665058 -https://debbugs.gnu.org/25967 - -This backports and consolidates the following commits from upstream git: - -commit 3cc42bb60099c32f64e57d2ee33c8321adba7942 -Author: Glenn Morris -Date: Thu Aug 30 13:56:08 2018 -0400 - - * configure.ac: Fix goofs in my recent ImageMagick change. - -commit 42ed35c68b7c199aa797e655fdc3547c5c3087d2 -Author: Paul Eggert -Date: Thu Aug 30 10:03:43 2018 -0700 - - Pacify -Wdouble-promotion in ImageMagick code - -commit bf1b147b55e1328efca6e40181e79dd9a369895d -Author: Glenn Morris -Date: Mon Aug 27 22:03:25 2018 -0400 - - * configure.ac, src/image.c: Tweak previous ImageMagick change. - -commit 5729486951e6a60db55ea17ee3bac9baf8b54f6a -Author: Karl Otness -Date: Mon Aug 27 21:57:44 2018 -0400 - - Support ImageMagick version 7 (bug#25967) - ---- emacs-25.3-orig/configure.ac -+++ emacs-25.3/configure.ac -@@ -2405,10 +2405,14 @@ - HAVE_IMAGEMAGICK=no - if test "${HAVE_X11}" = "yes" || test "${HAVE_NS}" = "yes" || test "${HAVE_W32}" = "yes"; then - if test "${with_imagemagick}" != "no"; then -- ## 6.3.5 is the earliest version known to work; see Bug#17339. -- ## 6.8.2 makes Emacs crash; see Bug#13867. -- IMAGEMAGICK_MODULE="Wand >= 6.3.5 Wand != 6.8.2" -- EMACS_CHECK_MODULES([IMAGEMAGICK], [$IMAGEMAGICK_MODULE]) -+ EMACS_CHECK_MODULES([IMAGEMAGICK], [MagickWand >= 7]) -+ if test $HAVE_IMAGEMAGICK = yes; then -+ AC_DEFINE([HAVE_IMAGEMAGICK7], 1, [Define to 1 if using ImageMagick7.]) -+ else -+ ## 6.3.5 is the earliest version known to work; see Bug#17339. -+ ## 6.8.2 makes Emacs crash; see Bug#13867. -+ EMACS_CHECK_MODULES([IMAGEMAGICK], [Wand >= 6.3.5 Wand != 6.8.2]) -+ fi - AC_SUBST(IMAGEMAGICK_CFLAGS) - AC_SUBST(IMAGEMAGICK_LIBS) - ---- emacs-25.3-orig/src/image.c -+++ emacs-25.3/src/image.c -@@ -8240,11 +8240,20 @@ - /* The GIF library also defines DrawRectangle, but its never used in Emacs. - Therefore rename the function so it doesn't collide with ImageMagick. */ - #define DrawRectangle DrawRectangleGif --#include -+ -+#ifdef HAVE_IMAGEMAGICK7 -+# include -+# include -+/* ImageMagick 7 compatibility definitions. */ -+# define PixelSetMagickColor PixelSetPixelColor -+typedef PixelInfo MagickPixelPacket; -+#else -+# include -+# include -+#endif - - /* ImageMagick 6.5.3 through 6.6.5 hid PixelGetMagickColor for some reason. - Emacs seems to work fine with the hidden version, so unhide it. */ --#include - #if 0x653 <= MagickLibVersion && MagickLibVersion <= 0x665 - extern WandExport void PixelGetMagickColor (const PixelWand *, - MagickPixelPacket *); -@@ -8744,7 +8753,8 @@ - #endif /* HAVE_MAGICKEXPORTIMAGEPIXELS */ - { - size_t image_height; -- MagickRealType color_scale = 65535.0 / QuantumRange; -+ double quantum_range = QuantumRange; -+ MagickRealType color_scale = 65535.0 / quantum_range; - - /* Try to create a x pixmap to hold the imagemagick pixmap. */ - if (!image_create_x_image_and_pixmap (f, img, width, height, 0, diff --git a/emacs/25.3/03_all_glibc-2.34.patch b/emacs/25.3/03_all_glibc-2.34.patch deleted file mode 100644 index 1ecad71..0000000 --- a/emacs/25.3/03_all_glibc-2.34.patch +++ /dev/null @@ -1,20 +0,0 @@ -Fix compilation with glibc-2.34 -https://bugs.gentoo.org/803644 - -In glibc-2.34, definition of SIGSTKSZ has changed from a fixed value -to sysconf(_SC_SIGSTKSZ), which cannot be used in the definition of a -static array. In 2.33, the default SIGSTKSZ was 8192, but apparently -some arches (e.g. aarch64 and sparc) used 16384. Hardcode the larger -of these values. - ---- emacs-25.3/src/sysdep.c -+++ emacs-25.3/src/sysdep.c -@@ -1624,7 +1624,7 @@ - - /* Alternate stack used by SIGSEGV handler below. */ - --static unsigned char sigsegv_stack[SIGSTKSZ]; -+static unsigned char sigsegv_stack[16384]; - - - /* Return true if SIGINFO indicates a stack overflow. */ diff --git a/emacs/25.3/04_all_etags.patch b/emacs/25.3/04_all_etags.patch deleted file mode 100644 index a9f857f..0000000 --- a/emacs/25.3/04_all_etags.patch +++ /dev/null @@ -1,255 +0,0 @@ -Fix ctags command execution vulnerability (CVE-2022-45939) -Backported from emacs-29 branch -https://bugs.gentoo.org/883687 - -commit d48bb4874bc6cd3e69c7a15fc3c91cc141025c51 -Author: Xi Lu -Date: Fri Nov 25 14:38:29 2022 +0800 - - Fixed ctags local command execute vulnerability - ---- emacs-25.3/lib-src/etags.c -+++ emacs-25.3/lib-src/etags.c -@@ -374,7 +374,7 @@ - - static language *get_language_from_langname (const char *); - static void readline (linebuffer *, FILE *); --static long readline_internal (linebuffer *, FILE *, char const *); -+static long readline_internal (linebuffer *, FILE *, char const *, const bool); - static bool nocase_tail (const char *); - static void get_tag (char *, char **); - -@@ -396,7 +396,9 @@ - static void pfnote (char *, bool, char *, int, int, long); - static void invalidate_nodes (fdesc *, node **); - static void put_entries (node *); -+static void clean_matched_file_tag (char const * const, char const * const); - -+static void do_move_file (const char *, const char *); - static char *concat (const char *, const char *, const char *); - static char *skip_spaces (char *); - static char *skip_non_spaces (char *); -@@ -1293,7 +1295,7 @@ - if (parsing_stdin) - fatal ("cannot parse standard input " - "AND read file names from it"); -- while (readline_internal (&filename_lb, stdin, "-") > 0) -+ while (readline_internal (&filename_lb, stdin, "-", false) > 0) - process_file_name (filename_lb.buffer, lang); - } - else -@@ -1341,9 +1343,6 @@ - /* From here on, we are in (CTAGS && !cxref_style) */ - if (update) - { -- char *cmd = -- xmalloc (strlen (tagfile) + whatlen_max + -- sizeof "mv..OTAGS;fgrep -v '\t\t' OTAGS >;rm OTAGS"); - for (i = 0; i < current_arg; ++i) - { - switch (argbuffer[i].arg_type) -@@ -1354,17 +1353,8 @@ - default: - continue; /* the for loop */ - } -- char *z = stpcpy (cmd, "mv "); -- z = stpcpy (z, tagfile); -- z = stpcpy (z, " OTAGS;fgrep -v '\t"); -- z = stpcpy (z, argbuffer[i].what); -- z = stpcpy (z, "\t' OTAGS >"); -- z = stpcpy (z, tagfile); -- strcpy (z, ";rm OTAGS"); -- if (system (cmd) != EXIT_SUCCESS) -- fatal ("failed to execute shell command"); -+ clean_matched_file_tag (tagfile, argbuffer[i].what); - } -- free (cmd); - append_to_tagfile = true; - } - -@@ -1393,6 +1383,51 @@ - return EXIT_SUCCESS; - } - -+/* -+ * Equivalent to: mv tags OTAGS;grep -Fv ' filename ' OTAGS >tags;rm OTAGS -+ */ -+static void -+clean_matched_file_tag (const char* tagfile, const char* match_file_name) -+{ -+ FILE *otags_f = fopen ("OTAGS", "wb"); -+ FILE *tag_f = fopen (tagfile, "rb"); -+ -+ if (otags_f == NULL) -+ pfatal ("OTAGS"); -+ -+ if (tag_f == NULL) -+ pfatal (tagfile); -+ -+ int buf_len = strlen (match_file_name) + sizeof ("\t\t ") + 1; -+ char *buf = xmalloc (buf_len); -+ snprintf (buf, buf_len, "\t%s\t", match_file_name); -+ -+ linebuffer line; -+ linebuffer_init (&line); -+ while (readline_internal (&line, tag_f, tagfile, true) > 0) -+ { -+ if (ferror (tag_f)) -+ pfatal (tagfile); -+ -+ if (strstr (line.buffer, buf) == NULL) -+ { -+ fprintf (otags_f, "%s\n", line.buffer); -+ if (ferror (tag_f)) -+ pfatal (tagfile); -+ } -+ } -+ free (buf); -+ free (line.buffer); -+ -+ if (fclose (otags_f) == EOF) -+ pfatal ("OTAGS"); -+ -+ if (fclose (tag_f) == EOF) -+ pfatal (tagfile); -+ -+ do_move_file ("OTAGS", tagfile); -+ return; -+} - - /* - * Return a compressor given the file name. If EXTPTR is non-zero, -@@ -1780,7 +1815,7 @@ - - /* Else look for sharp-bang as the first two characters. */ - if (parser == NULL -- && readline_internal (&lb, inf, infilename) > 0 -+ && readline_internal (&lb, inf, infilename, false) > 0 - && lb.len >= 2 - && lb.buffer[0] == '#' - && lb.buffer[1] == '!') -@@ -6059,7 +6094,7 @@ - if (regexfp == NULL) - pfatal (regexfile); - linebuffer_init (®exbuf); -- while (readline_internal (®exbuf, regexfp, regexfile) > 0) -+ while (readline_internal (®exbuf, regexfp, regexfile, false) > 0) - analyze_regex (regexbuf.buffer); - free (regexbuf.buffer); - if (fclose (regexfp) != 0) -@@ -6391,11 +6426,13 @@ - - /* - * Read a line of text from `stream' into `lbp', excluding the -- * newline or CR-NL, if any. Return the number of characters read from -- * `stream', which is the length of the line including the newline. -+ * newline or CR-NL (if `leave_cr` is false), if any. Return the -+ * number of characters read from `stream', which is the length -+ * of the line including the newline. - * -- * On DOS or Windows we do not count the CR character, if any before the -- * NL, in the returned length; this mirrors the behavior of Emacs on those -+ * On DOS or Windows, if `leave_cr` is false, we do not count the -+ * CR character, if any before the NL, in the returned length; -+ * this mirrors the behavior of Emacs on those - * platforms (for text files, it translates CR-NL to NL as it reads in the - * file). - * -@@ -6403,7 +6440,7 @@ - * appended to `filebuf'. - */ - static long --readline_internal (linebuffer *lbp, FILE *stream, char const *filename) -+readline_internal (linebuffer *lbp, FILE *stream, char const *filename, const bool leave_cr) - { - char *buffer = lbp->buffer; - char *p = lbp->buffer; -@@ -6433,19 +6470,19 @@ - break; - } - if (c == '\n') -- { -- if (p > buffer && p[-1] == '\r') -- { -- p -= 1; -- chars_deleted = 2; -- } -- else -- { -- chars_deleted = 1; -- } -- *p = '\0'; -- break; -- } -+ { -+ if (!leave_cr && p > buffer && p[-1] == '\r') -+ { -+ p -= 1; -+ chars_deleted = 2; -+ } -+ else -+ { -+ chars_deleted = 1; -+ } -+ *p = '\0'; -+ break; -+ } - *p++ = c; - } - lbp->len = p - buffer; -@@ -6479,7 +6516,7 @@ - long result; - - linecharno = charno; /* update global char number of line start */ -- result = readline_internal (lbp, stream, infilename); /* read line */ -+ result = readline_internal (lbp, stream, infilename, false); /* read line */ - lineno += 1; /* increment global line number */ - charno += result; /* increment global char number */ - -@@ -6839,6 +6876,46 @@ - return templt; - } - -+static void -+do_move_file(const char *src_file, const char *dst_file) -+{ -+ if (rename (src_file, dst_file) == 0) -+ return; -+ -+ FILE *src_f = fopen (src_file, "rb"); -+ FILE *dst_f = fopen (dst_file, "wb"); -+ -+ if (src_f == NULL) -+ pfatal (src_file); -+ -+ if (dst_f == NULL) -+ pfatal (dst_file); -+ -+ int c; -+ while ((c = fgetc (src_f)) != EOF) -+ { -+ if (ferror (src_f)) -+ pfatal (src_file); -+ -+ if (ferror (dst_f)) -+ pfatal (dst_file); -+ -+ if (fputc (c, dst_f) == EOF) -+ pfatal ("cannot write"); -+ } -+ -+ if (fclose (src_f) == EOF) -+ pfatal (src_file); -+ -+ if (fclose (dst_f) == EOF) -+ pfatal (dst_file); -+ -+ if (unlink (src_file) == -1) -+ pfatal ("unlink error"); -+ -+ return; -+} -+ - /* Return a newly allocated string containing the file name of FILE - relative to the absolute directory DIR (which should end with a slash). */ - static char * diff --git a/emacs/25.3/05_all_etags-metachar.patch b/emacs/25.3/05_all_etags-metachar.patch deleted file mode 100644 index 31ffc14..0000000 --- a/emacs/25.3/05_all_etags-metachar.patch +++ /dev/null @@ -1,99 +0,0 @@ -Fix etags local command injection vulnerability (CVE-2022-48337) -Backported from emacs-28 branch -https://bugs.gentoo.org/897950 -https://debbugs.gnu.org/59817 - -commit e339926272a598bd9ee7e02989c1662b89e64cf0 -Author: Xi Lu -Date: Tue Dec 6 15:42:40 2022 +0800 - - Fix etags local command injection vulnerability - ---- emacs-25.3/lib-src/etags.c -+++ emacs-25.3/lib-src/etags.c -@@ -398,6 +398,7 @@ - static void put_entries (node *); - static void clean_matched_file_tag (char const * const, char const * const); - -+static char *escape_shell_arg_string (char *); - static void do_move_file (const char *, const char *); - static char *concat (const char *, const char *, const char *); - static char *skip_spaces (char *); -@@ -1658,13 +1659,16 @@ - else - { - #if MSDOS || defined (DOS_NT) -- char *cmd1 = concat (compr->command, " \"", real_name); -- char *cmd = concat (cmd1, "\" > ", tmp_name); -+ int buf_len = strlen (compr->command) + strlen (" \"\" > \"\"") + strlen (real_name) + strlen (tmp_name) + 1; -+ char *cmd = xmalloc (buf_len); -+ snprintf (cmd, buf_len, "%s \"%s\" > \"%s\"", compr->command, real_name, tmp_name); - #else -- char *cmd1 = concat (compr->command, " '", real_name); -- char *cmd = concat (cmd1, "' > ", tmp_name); -+ char *new_real_name = escape_shell_arg_string (real_name); -+ char *new_tmp_name = escape_shell_arg_string (tmp_name); -+ int buf_len = strlen (compr->command) + strlen (" > ") + strlen (new_real_name) + strlen (new_tmp_name) + 1; -+ char *cmd = xmalloc (buf_len); -+ snprintf (cmd, buf_len, "%s %s > %s", compr->command, new_real_name, new_tmp_name); - #endif -- free (cmd1); - int tmp_errno; - if (system (cmd) == -1) - { -@@ -6876,6 +6880,55 @@ - return templt; - } - -+/* -+ * Adds single quotes around a string, if found single quotes, escaped it. -+ * Return a newly-allocated string. -+ * -+ * For example: -+ * escape_shell_arg_string("test.txt") => 'test.txt' -+ * escape_shell_arg_string("'test.txt") => ''\''test.txt' -+ */ -+static char * -+escape_shell_arg_string (char *str) -+{ -+ char *p = str; -+ int need_space = 2; /* ' at begin and end */ -+ -+ while (*p != '\0') -+ { -+ if (*p == '\'') -+ need_space += 4; /* ' to '\'', length is 4 */ -+ else -+ need_space++; -+ -+ p++; -+ } -+ -+ char *new_str = xnew (need_space + 1, char); -+ new_str[0] = '\''; -+ new_str[need_space-1] = '\''; -+ -+ int i = 1; /* skip first byte */ -+ p = str; -+ while (*p != '\0') -+ { -+ new_str[i] = *p; -+ if (*p == '\'') -+ { -+ new_str[i+1] = '\\'; -+ new_str[i+2] = '\''; -+ new_str[i+3] = '\''; -+ i += 3; -+ } -+ -+ i++; -+ p++; -+ } -+ -+ new_str[need_space] = '\0'; -+ return new_str; -+} -+ - static void - do_move_file(const char *src_file, const char *dst_file) - { diff --git a/emacs/25.3/06_all_htmlfontify.patch b/emacs/25.3/06_all_htmlfontify.patch deleted file mode 100644 index 6870c0b..0000000 --- a/emacs/25.3/06_all_htmlfontify.patch +++ /dev/null @@ -1,22 +0,0 @@ -Fix htmlfontify.el command injection vulnerability (CVE-2022-48339) -Backported from emacs-28 branch -https://bugs.gentoo.org/897950 -https://debbugs.gnu.org/60295 - -commit 807d2d5b3a7cd1d0e3f7dd24de22770f54f5ae16 -Author: Xi Lu -Date: Sat Dec 24 16:28:54 2022 +0800 - - Fix htmlfontify.el command injection vulnerability. - ---- emacs-25.3/lisp/htmlfontify.el -+++ emacs-25.3/lisp/htmlfontify.el -@@ -1898,7 +1898,7 @@ - - (defun hfy-text-p (srcdir file) - "Is SRCDIR/FILE text? Uses `hfy-istext-command' to determine this." -- (let* ((cmd (format hfy-istext-command (expand-file-name file srcdir))) -+ (let* ((cmd (format hfy-istext-command (shell-quote-argument (expand-file-name file srcdir)))) - (rsp (shell-command-to-string cmd))) - (string-match "text" rsp))) - -- cgit v1.2.3-65-gdbad