summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSam James <sam@gentoo.org>2024-06-12 02:57:18 +0100
committerSam James <sam@gentoo.org>2024-06-12 02:57:18 +0100
commit1c52fc05c6b46b242e64eb746af429892b986d0a (patch)
tree47b405e16ea03332d0c9423aa7773172c2f56ca3 /dev-db/libdbi-drivers
parentnet-dns/c-ares: update SRC_URI (diff)
downloadgentoo-1c52fc05c6b46b242e64eb746af429892b986d0a.tar.gz
gentoo-1c52fc05c6b46b242e64eb746af429892b986d0a.tar.bz2
gentoo-1c52fc05c6b46b242e64eb746af429892b986d0a.zip
dev-db/libdbi-drivers: fix memory corruption issues w/ sqlite
Backport some memory corruption fixes for sqlite3. Note that I haven't fixed bug #920440 - I have essentially no idea about this package and I'd really prefer someone investigate what it's even trying to do there. Bug: https://bugs.gentoo.org/920440 Closes: https://bugs.gentoo.org/920460 Closes: https://bugs.gentoo.org/933427 Signed-off-by: Sam James <sam@gentoo.org>
Diffstat (limited to 'dev-db/libdbi-drivers')
-rw-r--r--dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch14
-rw-r--r--dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-c99.patch11
-rw-r--r--dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-fortify-source-sqlite.patch13
-rw-r--r--dev-db/libdbi-drivers/libdbi-drivers-0.9.0-r3.ebuild90
4 files changed, 128 insertions, 0 deletions
diff --git a/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch b/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch
new file mode 100644
index 000000000000..3bec6d958bc6
--- /dev/null
+++ b/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-buffer-overflow-sqlite.patch
@@ -0,0 +1,14 @@
+https://bugs.gentoo.org/933427
+https://sourceforge.net/p/libdbi-drivers/libdbi-drivers/ci/7657c4c688c021d5f42a38e998c876d1739d5d8f
+--- a/drivers/sqlite3/dbd_sqlite3.c
++++ b/drivers/sqlite3/dbd_sqlite3.c
+@@ -585,7 +585,8 @@
+ unsigned char *temp;
+ size_t len;
+
+- if ((temp = malloc(from_length*2)) == NULL) {
++ /* allocate an extra byte for NULL and two for the quotes */
++ if ((temp = malloc(2*from_length+1+2)) == NULL) {
+ return 0;
+ }
+
diff --git a/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-c99.patch b/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-c99.patch
new file mode 100644
index 000000000000..c75e9f405aec
--- /dev/null
+++ b/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-c99.patch
@@ -0,0 +1,11 @@
+https://bugs.gentoo.org/920460
+--- a/drivers/firebird/dbd_firebird.c
++++ b/drivers/firebird/dbd_firebird.c
+@@ -43,6 +43,7 @@
+ #include <string.h>
+ #include <time.h>
+ #include <ibase.h>
++#include <ctype.h>
+
+ #include "dbd_firebird.h"
+ #include "firebird_charsets.h"
diff --git a/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-fortify-source-sqlite.patch b/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-fortify-source-sqlite.patch
new file mode 100644
index 000000000000..9624a8c039b6
--- /dev/null
+++ b/dev-db/libdbi-drivers/files/libdbi-drivers-0.9.0-fortify-source-sqlite.patch
@@ -0,0 +1,13 @@
+https://bugs.gentoo.org/933427
+https://sourceforge.net/p/libdbi-drivers/libdbi-drivers/ci/24f48b86c8988ee3aaebc5f303d71e9d789f77b6/
+--- a/drivers/sqlite3/dbd_sqlite3.c
++++ b/drivers/sqlite3/dbd_sqlite3.c
+@@ -1451,7 +1451,7 @@ static int getTables(char** tables, int
+ break;
+ }
+
+- word_lower[item-start+1];
++ char word_lower[item-start+1];
+ strncpy(word_lower,start,item-start);
+ word_lower[item-start] = '\0';
+ int i = 0;
diff --git a/dev-db/libdbi-drivers/libdbi-drivers-0.9.0-r3.ebuild b/dev-db/libdbi-drivers/libdbi-drivers-0.9.0-r3.ebuild
new file mode 100644
index 000000000000..d82a8c964d2e
--- /dev/null
+++ b/dev-db/libdbi-drivers/libdbi-drivers-0.9.0-r3.ebuild
@@ -0,0 +1,90 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools
+
+DESCRIPTION="The libdbi-drivers project maintains drivers for libdbi"
+HOMEPAGE="https://libdbi-drivers.sourceforge.net/"
+SRC_URI="https://downloads.sourceforge.net/project/${PN}/${PN}/${P}/${P}.tar.gz"
+
+LICENSE="LGPL-2.1+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="doc firebird mysql oci8 postgres +sqlite static-libs"
+
+REQUIRED_USE="|| ( mysql postgres sqlite firebird oci8 )"
+RESTRICT="firebird? ( bindist )"
+
+RDEPEND="
+ >=dev-db/libdbi-0.9.0
+ firebird? ( dev-db/firebird )
+ mysql? ( dev-db/mysql-connector-c:= )
+ postgres? ( dev-db/postgresql:* )
+ sqlite? ( dev-db/sqlite:3 )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="doc? ( app-text/openjade )"
+
+DOCS=( AUTHORS ChangeLog NEWS README README.osx TODO )
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-0.9.0-doc-build-fix.patch
+ "${FILESDIR}"/${PN}-0.9.0-slibtool-libdir.patch
+ "${FILESDIR}"/${PN}-0.9.0-clang16-build-fix.patch
+ "${FILESDIR}"/${PN}-0.9.0-fortify-source-sqlite.patch
+ "${FILESDIR}"/${PN}-0.9.0-buffer-overflow-sqlite.patch
+ "${FILESDIR}"/${PN}-0.9.0-c99.patch
+)
+
+pkg_setup() {
+ use oci8 && [[ -z "${ORACLE_HOME}" ]] && die "\$ORACLE_HOME is not set!"
+}
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_configure() {
+ local myconf=""
+ # WARNING: the configure script does NOT work correctly
+ # --without-$driver does NOT work
+ # so do NOT use `use_with...`
+ # Future additions:
+ # msql
+ # freetds
+ # ingres
+ # db2
+ use mysql && myconf+=" --with-mysql"
+ use postgres && myconf+=" --with-pgsql"
+ use sqlite && myconf+=" --with-sqlite3"
+ use firebird && myconf+=" --with-firebird"
+ if use oci8; then
+ [[ -z "${ORACLE_HOME}" ]] && die "\$ORACLE_HOME is not set!"
+ myconf+=" --with-oracle-dir=${ORACLE_HOME} --with-oracle"
+ fi
+
+ econf \
+ $(use_enable doc docs) \
+ $(use_enable static-libs static) \
+ --with-dbi-libdir=/usr/$(get_libdir) \
+ ${myconf}
+}
+
+src_test() {
+ if [[ -z "${WANT_INTERACTIVE_TESTS}" ]]; then
+ ewarn "Tests disabled due to interactivity."
+ ewarn "Run with WANT_INTERACTIVE_TESTS=1 if you want them."
+ return 0
+ fi
+ einfo "Running interactive tests"
+ emake check
+}
+
+src_install() {
+ default
+
+ find "${ED}" -name '*.la' -type f -delete || die
+}