From ebfc2ecc3c6ac4ea2a853154aba34a86c6a06742 Mon Sep 17 00:00:00 2001 From: ng0 Date: Wed, 23 Nov 2016 19:04:37 +0000 Subject: gnu: Move content of (gnu packages psyc) into (gnu packages messaging). * gnu/packages/psyc.scm (perl-net-psyc, libpsyc, psyclpc): Move this ... * gnu/packages/messaging.scm (perl-net-psyc, libpsyc, psyclpc): ... here. * gnu/local.mk (GNU_SYSTEM_MODULES): Remove psyc.scm. Signed-off-by: Leo Famulari --- gnu/local.mk | 1 - 1 file changed, 1 deletion(-) (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 49137277f1..1b2bb4786d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -305,7 +305,6 @@ GNU_SYSTEM_MODULES = \ %D%/packages/pumpio.scm \ %D%/packages/pretty-print.scm \ %D%/packages/protobuf.scm \ - %D%/packages/psyc.scm \ %D%/packages/pv.scm \ %D%/packages/python.scm \ %D%/packages/qemu.scm \ -- cgit 1.4.1 From 5305ed20027a32ff1221cac6a131849852e807ba Mon Sep 17 00:00:00 2001 From: Julien Lepiller Date: Wed, 23 Nov 2016 21:43:42 +0100 Subject: services: Factorize configuration abstraction. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/services/mail.scm and gnu/services/cups.scm (&configuration-error) (configuration-error, configuration-field-error) (configuration-missing-field, configuration-field, serialize-configuration) (validate-configuration, define-configuration, uglify-field-name) (serialize-field, serialize-package, serialize-string) (serialize-space-separated-string-list, space-separated-string-list?) (serialize-file-name, file-name?, serialize-field-name) (generate-documentation): Move duplicate code... * gnu/services/configuration.scm: ...to this new file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add configuration.scm. Signed-off-by: Ludovic Courtès --- gnu/local.mk | 1 + gnu/services/configuration.scm | 205 +++++++++++++++++++++++++++++++++++++++++ gnu/services/cups.scm | 180 +++--------------------------------- gnu/services/mail.scm | 183 +++--------------------------------- 4 files changed, 233 insertions(+), 336 deletions(-) create mode 100644 gnu/services/configuration.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 1b2bb4786d..f3f8772337 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -399,6 +399,7 @@ GNU_SYSTEM_MODULES = \ %D%/services/admin.scm \ %D%/services/avahi.scm \ %D%/services/base.scm \ + %D%/services/configuration.scm \ %D%/services/cups.scm \ %D%/services/databases.scm \ %D%/services/dbus.scm \ diff --git a/gnu/services/configuration.scm b/gnu/services/configuration.scm new file mode 100644 index 0000000000..9f28aabc96 --- /dev/null +++ b/gnu/services/configuration.scm @@ -0,0 +1,205 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2015 Andy Wingo +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu services configuration) + #:use-module (guix packages) + #:use-module (guix records) + #:use-module (guix gexp) + #:autoload (texinfo) (texi-fragment->stexi) + #:autoload (texinfo serialize) (stexi->texi) + #:use-module (ice-9 match) + #:use-module ((srfi srfi-1) #:select (append-map)) + #:use-module (srfi srfi-34) + #:use-module (srfi srfi-35) + #:export (configuration-field + configuration-field-name + configuration-missing-field + configuration-field-error + serialize-configuration + define-configuration + validate-configuration + generate-documentation + serialize-field + serialize-string + serialize-name + serialize-space-separated-string-list + space-separated-string-list? + serialize-file-name + file-name? + serialize-boolean + serialize-package)) + +;;; Commentary: +;;; +;;; Syntax for creating Scheme bindings to complex configuration files. +;;; +;;; Code: + +(define-condition-type &configuration-error &error + configuration-error?) + +(define (configuration-error message) + (raise (condition (&message (message message)) + (&configuration-error)))) +(define (configuration-field-error field val) + (configuration-error + (format #f "Invalid value for field ~a: ~s" field val))) +(define (configuration-missing-field kind field) + (configuration-error + (format #f "~a configuration missing required field ~a" kind field))) + +(define-record-type* + configuration-field make-configuration-field configuration-field? + (name configuration-field-name) + (type configuration-field-type) + (getter configuration-field-getter) + (predicate configuration-field-predicate) + (serializer configuration-field-serializer) + (default-value-thunk configuration-field-default-value-thunk) + (documentation configuration-field-documentation)) + +(define (serialize-configuration config fields) + (for-each (lambda (field) + ((configuration-field-serializer field) + (configuration-field-name field) + ((configuration-field-getter field) config))) + fields)) + +(define (validate-configuration config fields) + (for-each (lambda (field) + (let ((val ((configuration-field-getter field) config))) + (unless ((configuration-field-predicate field) val) + (configuration-field-error + (configuration-field-name field) val)))) + fields)) + +(define-syntax define-configuration + (lambda (stx) + (define (id ctx part . parts) + (let ((part (syntax->datum part))) + (datum->syntax + ctx + (match parts + (() part) + (parts (symbol-append part + (syntax->datum (apply id ctx parts)))))))) + (syntax-case stx () + ((_ stem (field (field-type def) doc) ...) + (with-syntax (((field-getter ...) + (map (lambda (field) + (id #'stem #'stem #'- field)) + #'(field ...))) + ((field-predicate ...) + (map (lambda (type) + (id #'stem type #'?)) + #'(field-type ...))) + ((field-serializer ...) + (map (lambda (type) + (id #'stem #'serialize- type)) + #'(field-type ...)))) + #`(begin + (define-record-type* #,(id #'stem #'< #'stem #'>) + #,(id #'stem #'% #'stem) + #,(id #'stem #'make- #'stem) + #,(id #'stem #'stem #'?) + (field field-getter (default def)) + ...) + (define #,(id #'stem #'stem #'-fields) + (list (configuration-field + (name 'field) + (type 'field-type) + (getter field-getter) + (predicate field-predicate) + (serializer field-serializer) + (default-value-thunk (lambda () def)) + (documentation doc)) + ...)) + (define-syntax-rule (stem arg (... ...)) + (let ((conf (#,(id #'stem #'% #'stem) arg (... ...)))) + (validate-configuration conf + #,(id #'stem #'stem #'-fields)) + conf)))))))) + +(define (uglify-field-name field-name) + (let ((str (symbol->string field-name))) + (string-concatenate + (map string-titlecase + (string-split (if (string-suffix? "?" str) + (substring str 0 (1- (string-length str))) + str) + #\-))))) + +(define (serialize-field field-name val) + (format #t "~a ~a\n" (uglify-field-name field-name) val)) + +(define (serialize-package field-name val) + #f) + +(define (serialize-string field-name val) + (serialize-field field-name val)) + +(define (space-separated-string-list? val) + (and (list? val) + (and-map (lambda (x) + (and (string? x) (not (string-index x #\space)))) + val))) +(define (serialize-space-separated-string-list field-name val) + (serialize-field field-name (string-join val " "))) + +(define (file-name? val) + (and (string? val) + (string-prefix? "/" val))) +(define (serialize-file-name field-name val) + (serialize-string field-name val)) + +(define (serialize-boolean field-name val) + (serialize-string field-name (if val "yes" "no"))) + +;; A little helper to make it easier to document all those fields. +(define (generate-documentation documentation documentation-name) + (define (str x) (object->string x)) + (define (generate configuration-name) + (match (assq-ref documentation configuration-name) + ((fields . sub-documentation) + `((para "Available " (code ,(str configuration-name)) " fields are:") + ,@(map + (lambda (f) + (let ((field-name (configuration-field-name f)) + (field-type (configuration-field-type f)) + (field-docs (cdr (texi-fragment->stexi + (configuration-field-documentation f)))) + (default (catch #t + (configuration-field-default-value-thunk f) + (lambda _ '%invalid)))) + (define (show-default? val) + (or (string? default) (number? default) (boolean? default) + (and (symbol? val) (not (eq? val '%invalid))) + (and (list? val) (and-map show-default? val)))) + `(deftypevr (% (category + (code ,(str configuration-name)) " parameter") + (data-type ,(str field-type)) + (name ,(str field-name))) + ,@field-docs + ,@(if (show-default? default) + `((para "Defaults to " (samp ,(str default)) ".")) + '()) + ,@(append-map + generate + (or (assq-ref sub-documentation field-name) '()))))) + fields))))) + (stexi->texi `(*fragment* . ,(generate documentation-name)))) diff --git a/gnu/services/cups.scm b/gnu/services/cups.scm index 7542ee26c0..391046a75f 100644 --- a/gnu/services/cups.scm +++ b/gnu/services/cups.scm @@ -19,6 +19,7 @@ (define-module (gnu services cups) #:use-module (gnu services) #:use-module (gnu services shepherd) + #:use-module (gnu services configuration) #:use-module (gnu system shadow) #:use-module (gnu packages admin) #:use-module (gnu packages cups) @@ -26,16 +27,9 @@ #:use-module (guix packages) #:use-module (guix records) #:use-module (guix gexp) - #:use-module (texinfo) - #:use-module (texinfo serialize) #:use-module (ice-9 match) #:use-module ((srfi srfi-1) #:select (append-map)) - #:use-module (srfi srfi-34) - #:use-module (srfi srfi-35) - #:export (&cups-configuation-error - cups-configuration-error? - - cups-service-type + #:export (cups-service-type cups-configuration opaque-cups-configuration @@ -51,91 +45,6 @@ ;;; ;;; Code: -(define-condition-type &cups-configuration-error &error - cups-configuration-error?) - -(define (cups-error message) - (raise (condition (&message (message message)) - (&cups-configuration-error)))) -(define (cups-configuration-field-error field val) - (cups-error - (format #f "Invalid value for field ~a: ~s" field val))) -(define (cups-configuration-missing-field kind field) - (cups-error - (format #f "~a configuration missing required field ~a" kind field))) - -(define-record-type* - configuration-field make-configuration-field configuration-field? - (name configuration-field-name) - (type configuration-field-type) - (getter configuration-field-getter) - (predicate configuration-field-predicate) - (serializer configuration-field-serializer) - (default-value-thunk configuration-field-default-value-thunk) - (documentation configuration-field-documentation)) - -(define (serialize-configuration config fields) - (for-each (lambda (field) - ((configuration-field-serializer field) - (configuration-field-name field) - ((configuration-field-getter field) config))) - fields)) - -(define (validate-configuration config fields) - (for-each (lambda (field) - (let ((val ((configuration-field-getter field) config))) - (unless ((configuration-field-predicate field) val) - (cups-configuration-field-error - (configuration-field-name field) val)))) - fields)) - -(define-syntax define-configuration - (lambda (stx) - (define (id ctx part . parts) - (let ((part (syntax->datum part))) - (datum->syntax - ctx - (match parts - (() part) - (parts (symbol-append part - (syntax->datum (apply id ctx parts)))))))) - (syntax-case stx () - ((_ stem (field (field-type def) doc) ...) - (with-syntax (((field-getter ...) - (map (lambda (field) - (id #'stem #'stem #'- field)) - #'(field ...))) - ((field-predicate ...) - (map (lambda (type) - (id #'stem type #'?)) - #'(field-type ...))) - ((field-serializer ...) - (map (lambda (type) - (id #'stem #'serialize- type)) - #'(field-type ...)))) - #`(begin - (define-record-type* #,(id #'stem #'< #'stem #'>) - #,(id #'stem #'% #'stem) - #,(id #'stem #'make- #'stem) - #,(id #'stem #'stem #'?) - (field field-getter (default def)) - ...) - (define #,(id #'stem #'stem #'-fields) - (list (configuration-field - (name 'field) - (type 'field-type) - (getter field-getter) - (predicate field-predicate) - (serializer field-serializer) - (default-value-thunk (lambda () def)) - (documentation doc)) - ...)) - (define-syntax-rule (stem arg (... ...)) - (let ((conf (#,(id #'stem #'% #'stem) arg (... ...)))) - (validate-configuration conf - #,(id #'stem #'stem #'-fields)) - conf)))))))) - (define %cups-accounts (list (user-group (name "lp") (system? #t)) (user-group (name "lpadmin") (system? #t)) @@ -147,24 +56,6 @@ (home-directory "/var/empty") (shell (file-append shadow "/sbin/nologin"))))) -(define (uglify-field-name field-name) - (let ((str (symbol->string field-name))) - (string-concatenate - (map string-titlecase - (string-split (if (string-suffix? "?" str) - (substring str 0 (1- (string-length str))) - str) - #\-))))) - -(define (serialize-field field-name val) - (format #t "~a ~a\n" (uglify-field-name field-name) val)) - -(define (serialize-package field-name val) - #f) - -(define (serialize-string field-name val) - (serialize-field field-name val)) - (define (multiline-string-list? val) (and (list? val) (and-map (lambda (x) @@ -173,28 +64,11 @@ (define (serialize-multiline-string-list field-name val) (for-each (lambda (str) (serialize-field field-name str)) val)) -(define (space-separated-string-list? val) - (and (list? val) - (and-map (lambda (x) - (and (string? x) (not (string-index x #\space)))) - val))) -(define (serialize-space-separated-string-list field-name val) - (serialize-field field-name (string-join val " "))) - (define (space-separated-symbol-list? val) (and (list? val) (and-map symbol? val))) (define (serialize-space-separated-symbol-list field-name val) (serialize-field field-name (string-join (map symbol->string val) " "))) -(define (file-name? val) - (and (string? val) - (string-prefix? "/" val))) -(define (serialize-file-name field-name val) - (serialize-string field-name val)) - -(define (serialize-boolean field-name val) - (serialize-string field-name (if val "yes" "no"))) - (define (non-negative-integer? val) (and (exact-integer? val) (not (negative? val)))) (define (serialize-non-negative-integer field-name val) @@ -333,7 +207,7 @@ methods. Otherwise apply to only the listed methods.") (define-configuration location-access-control (path - (file-name (cups-configuration-missing-field 'location-access-control 'path)) + (file-name (configuration-missing-field 'location-access-control 'path)) "Specifies the URI path to which the access control applies.") (access-controls (access-control-list '()) @@ -359,7 +233,7 @@ methods. Otherwise apply to only the listed methods.") (define-configuration policy-configuration (name - (string (cups-configuration-missing-field 'policy-configuration 'name)) + (string (configuration-missing-field 'policy-configuration 'name)) "Name of the policy.") (job-private-access (string "@OWNER @SYSTEM") @@ -925,12 +799,12 @@ IPP specifications.") (package-list '()) "Drivers and other extensions to the CUPS package.") (cupsd.conf - (string (cups-configuration-missing-field 'opaque-cups-configuration - 'cupsd.conf)) + (string (configuration-missing-field 'opaque-cups-configuration + 'cupsd.conf)) "The contents of the @code{cupsd.conf} to use.") (cups-files.conf - (string (cups-configuration-missing-field 'opaque-cups-configuration - 'cups-files.conf)) + (string (configuration-missing-field 'opaque-cups-configuration + 'cups-files.conf)) "The contents of the @code{cups-files.conf} to use.")) (define %cups-activation @@ -1117,8 +991,8 @@ extensions that it uses." extensions))))))))) ;; A little helper to make it easier to document all those fields. -(define (generate-documentation) - (define documentation +(define (generate-cups-documentation) + (generate-documentation `((cups-configuration ,cups-configuration-fields (files-configuration files-configuration) @@ -1132,35 +1006,5 @@ extensions that it uses." ,location-access-control-fields (method-access-controls method-access-controls)) (operation-access-controls ,operation-access-control-fields) - (method-access-controls ,method-access-control-fields))) - (define (str x) (object->string x)) - (define (generate configuration-name) - (match (assq-ref documentation configuration-name) - ((fields . sub-documentation) - `((para "Available " (code ,(str configuration-name)) " fields are:") - ,@(map - (lambda (f) - (let ((field-name (configuration-field-name f)) - (field-type (configuration-field-type f)) - (field-docs (cdr (texi-fragment->stexi - (configuration-field-documentation f)))) - (default (catch #t - (configuration-field-default-value-thunk f) - (lambda _ '%invalid)))) - (define (show-default? val) - (or (string? default) (number? default) (boolean? default) - (and (symbol? val) (not (eq? val '%invalid))) - (and (list? val) (and-map show-default? val)))) - `(deftypevr (% (category - (code ,(str configuration-name)) " parameter") - (data-type ,(str field-type)) - (name ,(str field-name))) - ,@field-docs - ,@(if (show-default? default) - `((para "Defaults to " (samp ,(str default)) ".")) - '()) - ,@(append-map - generate - (or (assq-ref sub-documentation field-name) '()))))) - fields))))) - (stexi->texi `(*fragment* . ,(generate 'cups-configuration)))) + (method-access-controls ,method-access-control-fields)) + 'cups-configuration)) diff --git a/gnu/services/mail.scm b/gnu/services/mail.scm index f7ab9516ba..c1381405d8 100644 --- a/gnu/services/mail.scm +++ b/gnu/services/mail.scm @@ -21,6 +21,7 @@ (define-module (gnu services mail) #:use-module (gnu services) #:use-module (gnu services base) + #:use-module (gnu services configuration) #:use-module (gnu services shepherd) #:use-module (gnu system pam) #:use-module (gnu system shadow) @@ -30,13 +31,8 @@ #:use-module (guix records) #:use-module (guix packages) #:use-module (guix gexp) - #:use-module (srfi srfi-34) - #:use-module (srfi srfi-35) #:use-module (ice-9 match) - #:export (&dovecot-configuation-error - dovecot-configuration-error? - - dovecot-service + #:export (dovecot-service dovecot-service-type dovecot-configuration opaque-dovecot-configuration @@ -65,112 +61,6 @@ ;;; ;;; Code: -(define-condition-type &dovecot-configuration-error &error - dovecot-configuration-error?) - -(define (dovecot-error message) - (raise (condition (&message (message message)) - (&dovecot-configuration-error)))) -(define (dovecot-configuration-field-error field val) - (dovecot-error - (format #f "Invalid value for field ~a: ~s" field val))) -(define (dovecot-configuration-missing-field kind field) - (dovecot-error - (format #f "~a configuration missing required field ~a" kind field))) - -(define-record-type* - configuration-field make-configuration-field configuration-field? - (name configuration-field-name) - (type configuration-field-type) - (getter configuration-field-getter) - (predicate configuration-field-predicate) - (serializer configuration-field-serializer) - (default-value-thunk configuration-field-default-value-thunk) - (documentation configuration-field-documentation)) - -(define-syntax define-configuration - (lambda (stx) - (define (id ctx part . parts) - (let ((part (syntax->datum part))) - (datum->syntax - ctx - (match parts - (() part) - (parts (symbol-append part - (syntax->datum (apply id ctx parts)))))))) - (syntax-case stx () - ((_ stem (field (field-type def) doc) ...) - (with-syntax (((field-getter ...) - (map (lambda (field) - (id #'stem #'stem #'- field)) - #'(field ...))) - ((field-predicate ...) - (map (lambda (type) - (id #'stem type #'?)) - #'(field-type ...))) - ((field-serializer ...) - (map (lambda (type) - (id #'stem #'serialize- type)) - #'(field-type ...)))) - #`(begin - (define-record-type* #,(id #'stem #'< #'stem #'>) - stem #,(id #'stem #'make- #'stem) #,(id #'stem #'stem #'?) - (field field-getter (default def)) - ...) - (define #,(id #'stem #'stem #'-fields) - (list (configuration-field - (name 'field) - (type 'field-type) - (getter field-getter) - (predicate field-predicate) - (serializer field-serializer) - (default-value-thunk (lambda () def)) - (documentation doc)) - ...)))))))) - -(define (serialize-configuration config fields) - (for-each (lambda (field) - ((configuration-field-serializer field) - (configuration-field-name field) - ((configuration-field-getter field) config))) - fields)) - -(define (validate-configuration config fields) - (for-each (lambda (field) - (let ((val ((configuration-field-getter field) config))) - (unless ((configuration-field-predicate field) val) - (dovecot-configuration-field-error - (configuration-field-name field) val)))) - fields)) - -(define (validate-package field-name package) - (unless (package? package) - (dovecot-configuration-field-error field-name package))) - -(define (uglify-field-name field-name) - (let ((str (symbol->string field-name))) - (string-join (string-split (if (string-suffix? "?" str) - (substring str 0 (1- (string-length str))) - str) - #\-) - "_"))) - -(define (serialize-package field-name val) - #f) - -(define (serialize-field field-name val) - (format #t "~a=~a\n" (uglify-field-name field-name) val)) - -(define (serialize-string field-name val) - (serialize-field field-name val)) - -(define (space-separated-string-list? val) - (and (list? val) - (and-map (lambda (x) - (and (string? x) (not (string-index x #\space)))) - val))) -(define (serialize-space-separated-string-list field-name val) - (serialize-field field-name (string-join val " "))) (define (comma-separated-string-list? val) (and (list? val) @@ -180,12 +70,6 @@ (define (serialize-comma-separated-string-list field-name val) (serialize-field field-name (string-join val ","))) -(define (file-name? val) - (and (string? val) - (string-prefix? "/" val))) -(define (serialize-file-name field-name val) - (serialize-string field-name val)) - (define (colon-separated-file-name-list? val) (and (list? val) ;; Trailing slashes not needed and not @@ -193,9 +77,6 @@ (define (serialize-colon-separated-file-name-list field-name val) (serialize-field field-name (string-join val ":"))) -(define (serialize-boolean field-name val) - (serialize-string field-name (if val "yes" "no"))) - (define (non-negative-integer? val) (and (exact-integer? val) (not (negative? val)))) (define (serialize-non-negative-integer field-name val) @@ -276,7 +157,7 @@ (define-configuration unix-listener-configuration (path - (file-name (dovecot-configuration-missing-field 'unix-listener 'path)) + (file-name (configuration-missing-field 'unix-listener 'path)) "The file name on which to listen.") (mode (string "0600") @@ -295,7 +176,7 @@ (define-configuration fifo-listener-configuration (path - (file-name (dovecot-configuration-missing-field 'fifo-listener 'path)) + (file-name (configuration-missing-field 'fifo-listener 'path)) "The file name on which to listen.") (mode (string "0600") @@ -314,14 +195,14 @@ (define-configuration inet-listener-configuration (protocol - (string (dovecot-configuration-missing-field 'inet-listener 'protocol)) + (string (configuration-missing-field 'inet-listener 'protocol)) "The protocol to listen for.") (address (string "") "The address on which to listen, or empty for all addresses.") (port (non-negative-integer - (dovecot-configuration-missing-field 'inet-listener 'port)) + (configuration-missing-field 'inet-listener 'port)) "The port on which to listen.") (ssl? (boolean #t) @@ -345,7 +226,7 @@ (serialize-fifo-listener-configuration field-name val)) ((inet-listener-configuration? val) (serialize-inet-listener-configuration field-name val)) - (else (dovecot-configuration-field-error field-name val)))) + (else (configuration-field-error field-name val)))) (define (listener-configuration-list? val) (and (list? val) (and-map listener-configuration? val))) (define (serialize-listener-configuration-list field-name val) @@ -355,7 +236,7 @@ (define-configuration service-configuration (kind - (string (dovecot-configuration-missing-field 'service 'kind)) + (string (configuration-missing-field 'service 'kind)) "The service kind. Valid values include @code{director}, @code{imap-login}, @code{pop3-login}, @code{lmtp}, @code{imap}, @code{pop3}, @code{auth}, @code{auth-worker}, @code{dict}, @@ -393,7 +274,7 @@ this.")) (define-configuration protocol-configuration (name - (string (dovecot-configuration-missing-field 'protocol 'name)) + (string (configuration-missing-field 'protocol 'name)) "The name of the protocol.") (auth-socket-path (string "/var/run/dovecot/auth-userdb") @@ -1497,8 +1378,8 @@ greyed out, instead of only later giving \"not selectable\" popup error. "The dovecot package.") (string - (string (dovecot-configuration-missing-field 'opaque-dovecot-configuration - 'string)) + (string (configuration-missing-field 'opaque-dovecot-configuration + 'string)) "The contents of the @code{dovecot.conf} to use.")) (define %dovecot-accounts @@ -1634,8 +1515,8 @@ by @code{dovecot-configuration}. @var{config} may also be created by (service dovecot-service-type config)) ;; A little helper to make it easier to document all those fields. -(define (generate-documentation) - (define documentation +(define (generate-dovecot-documentation) + (generate-documentation `((dovecot-configuration ,dovecot-configuration-fields (dict dict-configuration) @@ -1660,42 +1541,8 @@ by @code{dovecot-configuration}. @var{config} may also be created by ,service-configuration-fields (listeners unix-listener-configuration fifo-listener-configuration inet-listener-configuration)) - (protocol-configuration ,protocol-configuration-fields))) - (define (generate configuration-name) - (match (assq-ref documentation configuration-name) - ((fields . sub-documentation) - (format #t "\nAvailable @code{~a} fields are:\n\n" configuration-name) - (for-each - (lambda (f) - (let ((field-name (configuration-field-name f)) - (field-type (configuration-field-type f)) - (field-docs (string-trim-both - (configuration-field-documentation f))) - (default (catch #t - (configuration-field-default-value-thunk f) - (lambda _ 'nope)))) - (define (escape-chars str chars escape) - (with-output-to-string - (lambda () - (string-for-each (lambda (c) - (when (char-set-contains? chars c) - (display escape)) - (display c)) - str)))) - (define (show-default? val) - (or (string? default) (number? default) (boolean? default) - (and (list? val) (and-map show-default? val)))) - (format #t "@deftypevr {@code{~a} parameter} ~a ~a\n~a\n" - configuration-name field-type field-name field-docs) - (when (show-default? default) - (format #t "Defaults to @samp{~a}.\n" - (escape-chars (format #f "~s" default) - (char-set #\@ #\{ #\}) - #\@))) - (for-each generate (or (assq-ref sub-documentation field-name) '())) - (format #t "@end deftypevr\n\n"))) - fields)))) - (generate 'dovecot-configuration)) + (protocol-configuration ,protocol-configuration-fields)) + 'dovecot-configuration)) ;;; -- cgit 1.4.1 From 9e46245b89e0f30397f69391a2219a29caa336a2 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Fri, 25 Nov 2016 01:47:14 -0500 Subject: gnu: gst-plugins-good: Fix CVE-2016-{9634,9635,9636} and other security issues. * gnu/packages/patches/gst-plugins-good-fix-crashes.patch, gnu/packages/patches/gst-plugins-good-fix-invalid-read.patch, gnu/packages/patches/gst-plugins-good-fix-signedness.patch, gnu/packages/patches/gst-plugins-good-flic-bounds-check.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/gstreamer.scm (gst-plugins-good): Use them. --- gnu/local.mk | 4 + gnu/packages/gstreamer.scm | 5 + .../patches/gst-plugins-good-fix-crashes.patch | 1047 ++++++++++++++++++++ .../gst-plugins-good-fix-invalid-read.patch | 37 + .../patches/gst-plugins-good-fix-signedness.patch | 58 ++ .../gst-plugins-good-flic-bounds-check.patch | 319 ++++++ 6 files changed, 1470 insertions(+) create mode 100644 gnu/packages/patches/gst-plugins-good-fix-crashes.patch create mode 100644 gnu/packages/patches/gst-plugins-good-fix-invalid-read.patch create mode 100644 gnu/packages/patches/gst-plugins-good-fix-signedness.patch create mode 100644 gnu/packages/patches/gst-plugins-good-flic-bounds-check.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index f3f8772337..8ca4d932d3 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -585,6 +585,10 @@ dist_patch_DATA = \ %D%/packages/patches/grub-gets-undeclared.patch \ %D%/packages/patches/grub-freetype.patch \ %D%/packages/patches/gsl-test-i686.patch \ + %D%/packages/patches/gst-plugins-good-fix-crashes.patch \ + %D%/packages/patches/gst-plugins-good-fix-invalid-read.patch \ + %D%/packages/patches/gst-plugins-good-fix-signedness.patch \ + %D%/packages/patches/gst-plugins-good-flic-bounds-check.patch \ %D%/packages/patches/guile-1.8-cpp-4.5.patch \ %D%/packages/patches/guile-arm-fixes.patch \ %D%/packages/patches/guile-default-utf8.patch \ diff --git a/gnu/packages/gstreamer.scm b/gnu/packages/gstreamer.scm index 5fe84ec2fc..86ea690e8b 100644 --- a/gnu/packages/gstreamer.scm +++ b/gnu/packages/gstreamer.scm @@ -4,6 +4,7 @@ ;;; Copyright © 2015, 2016 Sou Bunnbu ;;; Copyright © 2015 Mark H Weaver ;;; Copyright © 2016 Efraim Flashner +;;; Copyright © 2016 Leo Famulari ;;; ;;; This file is part of GNU Guix. ;;; @@ -207,6 +208,10 @@ for the GStreamer multimedia library.") (uri (string-append "https://gstreamer.freedesktop.org/src/" name "/" name "-" version ".tar.xz")) + (patches (search-patches "gst-plugins-good-flic-bounds-check.patch" + "gst-plugins-good-fix-signedness.patch" + "gst-plugins-good-fix-invalid-read.patch" + "gst-plugins-good-fix-crashes.patch")) (sha256 (base32 "1hkcap9l2603266gyi6jgvx7frbvfmb7xhfhjizbczy1wykjwr57")))) diff --git a/gnu/packages/patches/gst-plugins-good-fix-crashes.patch b/gnu/packages/patches/gst-plugins-good-fix-crashes.patch new file mode 100644 index 0000000000..c36a595608 --- /dev/null +++ b/gnu/packages/patches/gst-plugins-good-fix-crashes.patch @@ -0,0 +1,1047 @@ +Fixes upstream bug #774859 (flic decoder: Invalid memory read in +flx_decode_chunks): + +https://bugzilla.gnome.org/show_bug.cgi?id=774859 + +Patch copied from upstream source repository: + +https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=be670f0daf67304fb92c76aa09c30cae0bfd1fe4 + +From be670f0daf67304fb92c76aa09c30cae0bfd1fe4 Mon Sep 17 00:00:00 2001 +From: Matthew Waters +Date: Wed, 23 Nov 2016 07:09:06 +1100 +Subject: [PATCH] flxdec: rewrite logic based on GstByteReader/Writer + +Solves overreading/writing the given arrays and will error out if the +streams asks to do that. + +Also does more error checking that the stream is valid and won't +overrun any allocated arrays. Also mitigate integer overflow errors +calculating allocation sizes. + +https://bugzilla.gnome.org/show_bug.cgi?id=774859 +--- + gst/flx/flx_color.c | 1 - + gst/flx/flx_fmt.h | 72 ------- + gst/flx/gstflxdec.c | 610 ++++++++++++++++++++++++++++++++++++---------------- + gst/flx/gstflxdec.h | 4 +- + 4 files changed, 427 insertions(+), 260 deletions(-) + +diff --git a/gst/flx/flx_color.c b/gst/flx/flx_color.c +index 047bfdf..3a58135 100644 +--- a/gst/flx/flx_color.c ++++ b/gst/flx/flx_color.c +@@ -101,7 +101,6 @@ flx_set_palette_vector (FlxColorSpaceConverter * flxpal, guint start, guint num, + } else { + memcpy (&flxpal->palvec[start * 3], newpal, grab * 3); + } +- + } + + void +diff --git a/gst/flx/flx_fmt.h b/gst/flx/flx_fmt.h +index 9ab31ba..abff200 100644 +--- a/gst/flx/flx_fmt.h ++++ b/gst/flx/flx_fmt.h +@@ -123,78 +123,6 @@ typedef struct _FlxFrameType + } FlxFrameType; + #define FlxFrameTypeSize 10 + +-#if G_BYTE_ORDER == G_BIG_ENDIAN +-#define LE_TO_BE_16(i16) ((guint16) (((i16) << 8) | ((i16) >> 8))) +-#define LE_TO_BE_32(i32) \ +- (((guint32) (LE_TO_BE_16((guint16) (i32))) << 16) | (LE_TO_BE_16((i32) >> 16))) +- +-#define FLX_FRAME_TYPE_FIX_ENDIANNESS(frm_type_p) \ +- do { \ +- (frm_type_p)->chunks = LE_TO_BE_16((frm_type_p)->chunks); \ +- (frm_type_p)->delay = LE_TO_BE_16((frm_type_p)->delay); \ +- } while(0) +- +-#define FLX_HUFFMAN_TABLE_FIX_ENDIANNESS(hffmn_table_p) \ +- do { \ +- (hffmn_table_p)->codelength = \ +- LE_TO_BE_16((hffmn_table_p)->codelength); \ +- (hffmn_table_p)->numcodes = LE_TO_BE_16((hffmn_table_p)->numcodes); \ +- } while(0) +- +-#define FLX_SEGMENT_TABLE_FIX_ENDIANNESS(sgmnt_table_p) \ +- ((sgmnt_table_p)->segments = LE_TO_BE_16((sgmnt_table_p)->segments)) +- +-#define FLX_PREFIX_CHUNK_FIX_ENDIANNESS(prfx_chnk_p) \ +- do { \ +- (prfx_chnk_p)->chunks = LE_TO_BE_16((prfx_chnk_p)->chunks); \ +- } while(0) +- +-#define FLX_FRAME_CHUNK_FIX_ENDIANNESS(frm_chnk_p) \ +- do { \ +- (frm_chnk_p)->size = LE_TO_BE_32((frm_chnk_p)->size); \ +- (frm_chnk_p)->id = LE_TO_BE_16((frm_chnk_p)->id); \ +- } while(0) +- +-#define FLX_HDR_FIX_ENDIANNESS(hdr_p) \ +- do { \ +- (hdr_p)->size = LE_TO_BE_32((hdr_p)->size); \ +- (hdr_p)->type = LE_TO_BE_16((hdr_p)->type); \ +- (hdr_p)->frames = LE_TO_BE_16((hdr_p)->frames); \ +- (hdr_p)->width = LE_TO_BE_16((hdr_p)->width); \ +- (hdr_p)->height = LE_TO_BE_16((hdr_p)->height); \ +- (hdr_p)->depth = LE_TO_BE_16((hdr_p)->depth); \ +- (hdr_p)->flags = LE_TO_BE_16((hdr_p)->flags); \ +- (hdr_p)->speed = LE_TO_BE_32((hdr_p)->speed); \ +- (hdr_p)->reserved1 = LE_TO_BE_16((hdr_p)->reserved1); \ +- (hdr_p)->created = LE_TO_BE_32((hdr_p)->created); \ +- (hdr_p)->creator = LE_TO_BE_32((hdr_p)->creator); \ +- (hdr_p)->updated = LE_TO_BE_32((hdr_p)->updated); \ +- (hdr_p)->updater = LE_TO_BE_32((hdr_p)->updater); \ +- (hdr_p)->aspect_dx = LE_TO_BE_16((hdr_p)->aspect_dx); \ +- (hdr_p)->aspect_dy = LE_TO_BE_16((hdr_p)->aspect_dy); \ +- (hdr_p)->ext_flags = LE_TO_BE_16((hdr_p)->ext_flags); \ +- (hdr_p)->keyframes = LE_TO_BE_16((hdr_p)->keyframes); \ +- (hdr_p)->totalframes = LE_TO_BE_16((hdr_p)->totalframes); \ +- (hdr_p)->req_memory = LE_TO_BE_32((hdr_p)->req_memory); \ +- (hdr_p)->max_regions = LE_TO_BE_16((hdr_p)->max_regions); \ +- (hdr_p)->transp_num = LE_TO_BE_16((hdr_p)->transp_num); \ +- (hdr_p)->oframe1 = LE_TO_BE_32((hdr_p)->oframe1); \ +- (hdr_p)->oframe2 = LE_TO_BE_32((hdr_p)->oframe2); \ +- } while(0) +-#else +- +-#define LE_TO_BE_16(i16) ((i16)) +-#define LE_TO_BE_32(i32) ((i32)) +- +-#define FLX_FRAME_TYPE_FIX_ENDIANNESS(frm_type_p) +-#define FLX_HUFFMAN_TABLE_FIX_ENDIANNESS(hffmn_table_p) +-#define FLX_SEGMENT_TABLE_FIX_ENDIANNESS(sgmnt_table_p) +-#define FLX_PREFIX_CHUNK_FIX_ENDIANNESS(prfx_chnk_p) +-#define FLX_FRAME_CHUNK_FIX_ENDIANNESS(frm_chnk_p) +-#define FLX_HDR_FIX_ENDIANNESS(hdr_p) +- +-#endif /* G_BYTE_ORDER == G_BIG_ENDIAN */ +- + G_END_DECLS + + #endif /* __GST_FLX_FMT_H__ */ +diff --git a/gst/flx/gstflxdec.c b/gst/flx/gstflxdec.c +index a237976..aa1bed5 100644 +--- a/gst/flx/gstflxdec.c ++++ b/gst/flx/gstflxdec.c +@@ -1,5 +1,6 @@ + /* GStreamer + * Copyright (C) <1999> Erik Walthinsen ++ * Copyright (C) <2016> Matthew Waters + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Library General Public +@@ -24,6 +25,7 @@ + /* + * http://www.coolutils.com/Formats/FLI + * http://woodshole.er.usgs.gov/operations/modeling/flc.html ++ * http://www.compuphase.com/flic.htm + */ + + #ifdef HAVE_CONFIG_H +@@ -73,10 +75,14 @@ static GstStateChangeReturn gst_flxdec_change_state (GstElement * element, + static gboolean gst_flxdec_src_query_handler (GstPad * pad, GstObject * parent, + GstQuery * query); + +-static void flx_decode_color (GstFlxDec *, guchar *, guchar *, gint); +-static gboolean flx_decode_brun (GstFlxDec *, guchar *, guchar *); +-static gboolean flx_decode_delta_fli (GstFlxDec *, guchar *, guchar *); +-static gboolean flx_decode_delta_flc (GstFlxDec *, guchar *, guchar *); ++static gboolean flx_decode_color (GstFlxDec * flxdec, GstByteReader * reader, ++ GstByteWriter * writer, gint scale); ++static gboolean flx_decode_brun (GstFlxDec * flxdec, ++ GstByteReader * reader, GstByteWriter * writer); ++static gboolean flx_decode_delta_fli (GstFlxDec * flxdec, ++ GstByteReader * reader, GstByteWriter * writer); ++static gboolean flx_decode_delta_flc (GstFlxDec * flxdec, ++ GstByteReader * reader, GstByteWriter * writer); + + #define rndalign(off) ((off) + ((off) & 1)) + +@@ -204,57 +210,59 @@ gst_flxdec_sink_event_handler (GstPad * pad, GstObject * parent, + } + + static gboolean +-flx_decode_chunks (GstFlxDec * flxdec, gulong count, guchar * data, +- guchar * dest) ++flx_decode_chunks (GstFlxDec * flxdec, gulong n_chunks, GstByteReader * reader, ++ GstByteWriter * writer) + { +- FlxFrameChunk *hdr; + gboolean ret = TRUE; + +- g_return_val_if_fail (data != NULL, FALSE); +- +- while (count--) { +- hdr = (FlxFrameChunk *) data; +- FLX_FRAME_CHUNK_FIX_ENDIANNESS (hdr); +- data += FlxFrameChunkSize; ++ while (n_chunks--) { ++ GstByteReader chunk; ++ guint32 size; ++ guint16 type; ++ ++ if (!gst_byte_reader_get_uint32_le (reader, &size)) ++ goto parse_error; ++ if (!gst_byte_reader_get_uint16_le (reader, &type)) ++ goto parse_error; ++ GST_LOG_OBJECT (flxdec, "chunk has type 0x%02x size %d", type, size); ++ ++ if (!gst_byte_reader_get_sub_reader (reader, &chunk, ++ size - FlxFrameChunkSize)) { ++ GST_ERROR_OBJECT (flxdec, "Incorrect size in the chunk header"); ++ goto error; ++ } + +- switch (hdr->id) { ++ switch (type) { + case FLX_COLOR64: +- flx_decode_color (flxdec, data, dest, 2); +- data += rndalign (hdr->size) - FlxFrameChunkSize; ++ ret = flx_decode_color (flxdec, &chunk, writer, 2); + break; + + case FLX_COLOR256: +- flx_decode_color (flxdec, data, dest, 0); +- data += rndalign (hdr->size) - FlxFrameChunkSize; ++ ret = flx_decode_color (flxdec, &chunk, writer, 0); + break; + + case FLX_BRUN: +- ret = flx_decode_brun (flxdec, data, dest); +- data += rndalign (hdr->size) - FlxFrameChunkSize; ++ ret = flx_decode_brun (flxdec, &chunk, writer); + break; + + case FLX_LC: +- ret = flx_decode_delta_fli (flxdec, data, dest); +- data += rndalign (hdr->size) - FlxFrameChunkSize; ++ ret = flx_decode_delta_fli (flxdec, &chunk, writer); + break; + + case FLX_SS2: +- ret = flx_decode_delta_flc (flxdec, data, dest); +- data += rndalign (hdr->size) - FlxFrameChunkSize; ++ ret = flx_decode_delta_flc (flxdec, &chunk, writer); + break; + + case FLX_BLACK: +- memset (dest, 0, flxdec->size); ++ ret = gst_byte_writer_fill (writer, 0, flxdec->size); + break; + + case FLX_MINI: +- data += rndalign (hdr->size) - FlxFrameChunkSize; + break; + + default: +- GST_WARNING ("Unimplented chunk type: 0x%02x size: %d - skipping", +- hdr->id, hdr->size); +- data += rndalign (hdr->size) - FlxFrameChunkSize; ++ GST_WARNING ("Unimplemented chunk type: 0x%02x size: %d - skipping", ++ type, size); + break; + } + +@@ -263,43 +271,60 @@ flx_decode_chunks (GstFlxDec * flxdec, gulong count, guchar * data, + } + + return ret; ++ ++parse_error: ++ GST_ERROR_OBJECT (flxdec, "Failed to decode chunk"); ++error: ++ return FALSE; + } + + +-static void +-flx_decode_color (GstFlxDec * flxdec, guchar * data, guchar * dest, gint scale) ++static gboolean ++flx_decode_color (GstFlxDec * flxdec, GstByteReader * reader, ++ GstByteWriter * writer, gint scale) + { +- guint packs, count, indx; ++ guint8 count, indx; ++ guint16 packs; + +- g_return_if_fail (flxdec != NULL); +- +- packs = (data[0] + (data[1] << 8)); +- +- data += 2; ++ if (!gst_byte_reader_get_uint16_le (reader, &packs)) ++ goto error; + indx = 0; + +- GST_LOG ("GstFlxDec: cmap packs: %d", packs); ++ GST_LOG ("GstFlxDec: cmap packs: %d", (guint) packs); + while (packs--) { ++ const guint8 *data; ++ guint16 actual_count; ++ + /* color map index + skip count */ +- indx += *data++; ++ if (!gst_byte_reader_get_uint8 (reader, &indx)) ++ goto error; + + /* number of rgb triplets */ +- count = *data++ & 0xff; +- if (count == 0) +- count = 256; ++ if (!gst_byte_reader_get_uint8 (reader, &count)) ++ goto error; + +- GST_LOG ("GstFlxDec: cmap count: %d (indx: %d)", count, indx); +- flx_set_palette_vector (flxdec->converter, indx, count, data, scale); ++ actual_count = count == 0 ? 256 : count; + +- data += (count * 3); ++ if (!gst_byte_reader_get_data (reader, count * 3, &data)) ++ goto error; ++ ++ GST_LOG_OBJECT (flxdec, "cmap count: %d (indx: %d)", actual_count, indx); ++ flx_set_palette_vector (flxdec->converter, indx, actual_count, ++ (guchar *) data, scale); + } ++ ++ return TRUE; ++ ++error: ++ GST_ERROR_OBJECT (flxdec, "Error decoding color palette"); ++ return FALSE; + } + + static gboolean +-flx_decode_brun (GstFlxDec * flxdec, guchar * data, guchar * dest) ++flx_decode_brun (GstFlxDec * flxdec, GstByteReader * reader, ++ GstByteWriter * writer) + { +- gulong count, lines, row; +- guchar x; ++ gulong lines, row; + + g_return_val_if_fail (flxdec != NULL, FALSE); + +@@ -310,82 +335,125 @@ flx_decode_brun (GstFlxDec * flxdec, guchar * data, guchar * dest) + * contain more then 255 RLE packets. we use the frame + * width instead. + */ +- data++; ++ if (!gst_byte_reader_skip (reader, 1)) ++ goto error; + + row = flxdec->hdr.width; + while (row) { +- count = *data++; ++ gint8 count; ++ ++ if (!gst_byte_reader_get_int8 (reader, &count)) ++ goto error; ++ ++ if (count <= 0) { ++ const guint8 *data; + +- if (count > 0x7f) { + /* literal run */ +- count = 0x100 - count; +- if ((glong) row - (glong) count < 0) { +- GST_ERROR_OBJECT (flxdec, "Invalid BRUN packet detected."); ++ count = ABS (count); ++ ++ GST_LOG_OBJECT (flxdec, "have literal run of size %d", count); ++ ++ if (count > row) { ++ GST_ERROR_OBJECT (flxdec, "Invalid BRUN line detected. " ++ "bytes to write exceeds the end of the row"); + return FALSE; + } + row -= count; + +- while (count--) +- *dest++ = *data++; +- ++ if (!gst_byte_reader_get_data (reader, count, &data)) ++ goto error; ++ if (!gst_byte_writer_put_data (writer, data, count)) ++ goto error; + } else { +- if ((glong) row - (glong) count < 0) { +- GST_ERROR_OBJECT (flxdec, "Invalid BRUN packet detected."); ++ guint8 x; ++ ++ GST_LOG_OBJECT (flxdec, "have replicate run of size %d", count); ++ ++ if (count > row) { ++ GST_ERROR_OBJECT (flxdec, "Invalid BRUN packet detected." ++ "bytes to write exceeds the end of the row"); + return FALSE; + } + + /* replicate run */ + row -= count; +- x = *data++; + +- while (count--) +- *dest++ = x; ++ if (!gst_byte_reader_get_uint8 (reader, &x)) ++ goto error; ++ if (!gst_byte_writer_fill (writer, x, count)) ++ goto error; + } + } + } + + return TRUE; ++ ++error: ++ GST_ERROR_OBJECT (flxdec, "Failed to decode BRUN packet"); ++ return FALSE; + } + + static gboolean +-flx_decode_delta_fli (GstFlxDec * flxdec, guchar * data, guchar * dest) ++flx_decode_delta_fli (GstFlxDec * flxdec, GstByteReader * reader, ++ GstByteWriter * writer) + { +- gulong count, packets, lines, start_line; +- guchar *start_p, x; ++ guint16 start_line, lines; ++ guint line_start_i; + + g_return_val_if_fail (flxdec != NULL, FALSE); + g_return_val_if_fail (flxdec->delta_data != NULL, FALSE); + + /* use last frame for delta */ +- memcpy (dest, flxdec->delta_data, flxdec->size); ++ if (!gst_byte_writer_put_data (writer, flxdec->delta_data, flxdec->size)) ++ goto error; ++ ++ if (!gst_byte_reader_get_uint16_le (reader, &start_line)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &lines)) ++ goto error; ++ GST_LOG_OBJECT (flxdec, "height %d start line %d line count %d", ++ flxdec->hdr.height, start_line, lines); + +- start_line = (data[0] + (data[1] << 8)); +- lines = (data[2] + (data[3] << 8)); + if (start_line + lines > flxdec->hdr.height) { + GST_ERROR_OBJECT (flxdec, "Invalid FLI packet detected. too many lines."); + return FALSE; + } +- data += 4; + +- /* start position of delta */ +- dest += (flxdec->hdr.width * start_line); +- start_p = dest; ++ line_start_i = flxdec->hdr.width * start_line; ++ if (!gst_byte_writer_set_pos (writer, line_start_i)) ++ goto error; + + while (lines--) { ++ guint8 packets; ++ + /* packet count */ +- packets = *data++; ++ if (!gst_byte_reader_get_uint8 (reader, &packets)) ++ goto error; ++ GST_LOG_OBJECT (flxdec, "have %d packets", packets); + + while (packets--) { + /* skip count */ +- guchar skip = *data++; +- dest += skip; ++ guint8 skip; ++ gint8 count; ++ if (!gst_byte_reader_get_uint8 (reader, &skip)) ++ goto error; ++ ++ /* skip bytes */ ++ if (!gst_byte_writer_set_pos (writer, ++ gst_byte_writer_get_pos (writer) + skip)) ++ goto error; + + /* RLE count */ +- count = *data++; ++ if (!gst_byte_reader_get_int8 (reader, &count)) ++ goto error; ++ ++ if (count < 0) { ++ guint8 x; + +- if (count > 0x7f) { + /* literal run */ +- count = 0x100 - count; ++ count = ABS (count); ++ GST_LOG_OBJECT (flxdec, "have literal run of size %d at offset %d", ++ count, skip); + + if (skip + count > flxdec->hdr.width) { + GST_ERROR_OBJECT (flxdec, "Invalid FLI packet detected. " +@@ -393,11 +461,16 @@ flx_decode_delta_fli (GstFlxDec * flxdec, guchar * data, guchar * dest) + return FALSE; + } + +- x = *data++; +- while (count--) +- *dest++ = x; +- ++ if (!gst_byte_reader_get_uint8 (reader, &x)) ++ goto error; ++ if (!gst_byte_writer_fill (writer, x, count)) ++ goto error; + } else { ++ const guint8 *data; ++ ++ GST_LOG_OBJECT (flxdec, "have replicate run of size %d at offset %d", ++ count, skip); ++ + if (skip + count > flxdec->hdr.width) { + GST_ERROR_OBJECT (flxdec, "Invalid FLI packet detected. " + "line too long."); +@@ -405,45 +478,60 @@ flx_decode_delta_fli (GstFlxDec * flxdec, guchar * data, guchar * dest) + } + + /* replicate run */ +- while (count--) +- *dest++ = *data++; ++ if (!gst_byte_reader_get_data (reader, count, &data)) ++ goto error; ++ if (!gst_byte_writer_put_data (writer, data, count)) ++ goto error; + } + } +- start_p += flxdec->hdr.width; +- dest = start_p; ++ line_start_i += flxdec->hdr.width; ++ if (!gst_byte_writer_set_pos (writer, line_start_i)) ++ goto error; + } + + return TRUE; ++ ++error: ++ GST_ERROR_OBJECT (flxdec, "Failed to decode FLI packet"); ++ return FALSE; + } + + static gboolean +-flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) ++flx_decode_delta_flc (GstFlxDec * flxdec, GstByteReader * reader, ++ GstByteWriter * writer) + { +- gulong count, lines, start_l, opcode; +- guchar *start_p; ++ guint16 lines, start_l; + + g_return_val_if_fail (flxdec != NULL, FALSE); + g_return_val_if_fail (flxdec->delta_data != NULL, FALSE); + + /* use last frame for delta */ +- memcpy (dest, flxdec->delta_data, flxdec->size); ++ if (!gst_byte_writer_put_data (writer, flxdec->delta_data, flxdec->size)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &lines)) ++ goto error; + +- lines = (data[0] + (data[1] << 8)); + if (lines > flxdec->hdr.height) { + GST_ERROR_OBJECT (flxdec, "Invalid FLC packet detected. too many lines."); + return FALSE; + } +- data += 2; + +- start_p = dest; + start_l = lines; + + while (lines) { +- dest = start_p + (flxdec->hdr.width * (start_l - lines)); ++ guint16 opcode; ++ ++ if (!gst_byte_writer_set_pos (writer, ++ flxdec->hdr.width * (start_l - lines))) ++ goto error; + + /* process opcode(s) */ +- while ((opcode = (data[0] + (data[1] << 8))) & 0xc000) { +- data += 2; ++ while (TRUE) { ++ if (!gst_byte_reader_get_uint16_le (reader, &opcode)) ++ goto error; ++ if ((opcode & 0xc000) == 0) ++ break; ++ + if ((opcode & 0xc000) == 0xc000) { + /* line skip count */ + gulong skip = (0x10000 - opcode); +@@ -453,27 +541,44 @@ flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) + return FALSE; + } + start_l += skip; +- dest += flxdec->hdr.width * skip; ++ if (!gst_byte_writer_set_pos (writer, ++ gst_byte_writer_get_pos (writer) + flxdec->hdr.width * skip)) ++ goto error; + } else { + /* last pixel */ +- dest += flxdec->hdr.width; +- *dest++ = (opcode & 0xff); ++ if (!gst_byte_writer_set_pos (writer, ++ gst_byte_writer_get_pos (writer) + flxdec->hdr.width)) ++ goto error; ++ if (!gst_byte_writer_put_uint8 (writer, opcode & 0xff)) ++ goto error; + } + } +- data += 2; + + /* last opcode is the packet count */ ++ GST_LOG_OBJECT (flxdec, "have %d packets", opcode); + while (opcode--) { + /* skip count */ +- guchar skip = *data++; +- dest += skip; ++ guint8 skip; ++ gint8 count; ++ ++ if (!gst_byte_reader_get_uint8 (reader, &skip)) ++ goto error; ++ if (!gst_byte_writer_set_pos (writer, ++ gst_byte_writer_get_pos (writer) + skip)) ++ goto error; + + /* RLE count */ +- count = *data++; ++ if (!gst_byte_reader_get_int8 (reader, &count)) ++ goto error; ++ ++ if (count < 0) { ++ guint16 x; + +- if (count > 0x7f) { + /* replicate word run */ +- count = 0x100 - count; ++ count = ABS (count); ++ ++ GST_LOG_OBJECT (flxdec, "have replicate run of size %d at offset %d", ++ count, skip); + + if (skip + count > flxdec->hdr.width) { + GST_ERROR_OBJECT (flxdec, "Invalid FLC packet detected. " +@@ -481,22 +586,31 @@ flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) + return FALSE; + } + ++ if (!gst_byte_reader_get_uint16_le (reader, &x)) ++ goto error; ++ + while (count--) { +- *dest++ = data[0]; +- *dest++ = data[1]; ++ if (!gst_byte_writer_put_uint16_le (writer, x)) { ++ goto error; ++ } + } +- data += 2; + } else { ++ GST_LOG_OBJECT (flxdec, "have literal run of size %d at offset %d", ++ count, skip); ++ + if (skip + count > flxdec->hdr.width) { + GST_ERROR_OBJECT (flxdec, "Invalid FLC packet detected. " + "line too long."); + return FALSE; + } + +- /* literal word run */ + while (count--) { +- *dest++ = *data++; +- *dest++ = *data++; ++ guint16 x; ++ ++ if (!gst_byte_reader_get_uint16_le (reader, &x)) ++ goto error; ++ if (!gst_byte_writer_put_uint16_le (writer, x)) ++ goto error; + } + } + } +@@ -504,13 +618,91 @@ flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) + } + + return TRUE; ++ ++error: ++ GST_ERROR_OBJECT (flxdec, "Failed to decode FLI packet"); ++ return FALSE; ++} ++ ++static gboolean ++_read_flx_header (GstFlxDec * flxdec, GstByteReader * reader, FlxHeader * flxh) ++{ ++ memset (flxh, 0, sizeof (*flxh)); ++ ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->size)) ++ goto error; ++ if (flxh->size < FlxHeaderSize) { ++ GST_ERROR_OBJECT (flxdec, "Invalid file size in the header"); ++ return FALSE; ++ } ++ ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->type)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->frames)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->width)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->height)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->depth)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->flags)) ++ goto error; ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->speed)) ++ goto error; ++ if (!gst_byte_reader_skip (reader, 2)) /* reserved */ ++ goto error; ++ /* FLC */ ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->created)) ++ goto error; ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->creator)) ++ goto error; ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->updated)) ++ goto error; ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->updater)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->aspect_dx)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->aspect_dy)) ++ goto error; ++ /* EGI */ ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->ext_flags)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->keyframes)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->totalframes)) ++ goto error; ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->req_memory)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->max_regions)) ++ goto error; ++ if (!gst_byte_reader_get_uint16_le (reader, &flxh->transp_num)) ++ goto error; ++ if (!gst_byte_reader_skip (reader, 24)) /* reserved */ ++ goto error; ++ /* FLC */ ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->oframe1)) ++ goto error; ++ if (!gst_byte_reader_get_uint32_le (reader, &flxh->oframe2)) ++ goto error; ++ if (!gst_byte_reader_skip (reader, 40)) /* reserved */ ++ goto error; ++ ++ return TRUE; ++ ++error: ++ GST_ERROR_OBJECT (flxdec, "Error reading file header"); ++ return FALSE; + } + + static GstFlowReturn + gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf) + { ++ GstByteReader reader; ++ GstBuffer *input; ++ GstMapInfo map_info; + GstCaps *caps; +- guint avail; ++ guint available; + GstFlowReturn res = GST_FLOW_OK; + + GstFlxDec *flxdec; +@@ -521,31 +713,50 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf) + g_return_val_if_fail (flxdec != NULL, GST_FLOW_ERROR); + + gst_adapter_push (flxdec->adapter, buf); +- avail = gst_adapter_available (flxdec->adapter); ++ available = gst_adapter_available (flxdec->adapter); ++ input = gst_adapter_get_buffer (flxdec->adapter, available); ++ if (!gst_buffer_map (input, &map_info, GST_MAP_READ)) { ++ GST_ELEMENT_ERROR (flxdec, STREAM, DECODE, ++ ("%s", "Failed to map buffer"), (NULL)); ++ goto error; ++ } ++ gst_byte_reader_init (&reader, map_info.data, map_info.size); + + if (flxdec->state == GST_FLXDEC_READ_HEADER) { +- if (avail >= FlxHeaderSize) { +- const guint8 *data = gst_adapter_map (flxdec->adapter, FlxHeaderSize); ++ if (available >= FlxHeaderSize) { ++ GstByteReader header; + GstCaps *templ; + +- memcpy ((gchar *) & flxdec->hdr, data, FlxHeaderSize); +- FLX_HDR_FIX_ENDIANNESS (&(flxdec->hdr)); +- gst_adapter_unmap (flxdec->adapter); ++ if (!gst_byte_reader_get_sub_reader (&reader, &header, FlxHeaderSize)) { ++ GST_ELEMENT_ERROR (flxdec, STREAM, DECODE, ++ ("%s", "Could not read header"), (NULL)); ++ goto unmap_input_error; ++ } + gst_adapter_flush (flxdec->adapter, FlxHeaderSize); ++ available -= FlxHeaderSize; ++ ++ if (!_read_flx_header (flxdec, &header, &flxdec->hdr)) { ++ GST_ELEMENT_ERROR (flxdec, STREAM, DECODE, ++ ("%s", "Failed to parse header"), (NULL)); ++ goto unmap_input_error; ++ } + + flxh = &flxdec->hdr; + + /* check header */ + if (flxh->type != FLX_MAGICHDR_FLI && +- flxh->type != FLX_MAGICHDR_FLC && flxh->type != FLX_MAGICHDR_FLX) +- goto wrong_type; ++ flxh->type != FLX_MAGICHDR_FLC && flxh->type != FLX_MAGICHDR_FLX) { ++ GST_ELEMENT_ERROR (flxdec, STREAM, WRONG_TYPE, (NULL), ++ ("not a flx file (type %x)", flxh->type)); ++ goto unmap_input_error; ++ } + +- GST_LOG ("size : %d", flxh->size); +- GST_LOG ("frames : %d", flxh->frames); +- GST_LOG ("width : %d", flxh->width); +- GST_LOG ("height : %d", flxh->height); +- GST_LOG ("depth : %d", flxh->depth); +- GST_LOG ("speed : %d", flxh->speed); ++ GST_INFO_OBJECT (flxdec, "size : %d", flxh->size); ++ GST_INFO_OBJECT (flxdec, "frames : %d", flxh->frames); ++ GST_INFO_OBJECT (flxdec, "width : %d", flxh->width); ++ GST_INFO_OBJECT (flxdec, "height : %d", flxh->height); ++ GST_INFO_OBJECT (flxdec, "depth : %d", flxh->depth); ++ GST_INFO_OBJECT (flxdec, "speed : %d", flxh->speed); + + flxdec->next_time = 0; + +@@ -573,18 +784,32 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf) + gst_pad_set_caps (flxdec->srcpad, caps); + gst_caps_unref (caps); + +- if (flxh->depth <= 8) +- flxdec->converter = +- flx_colorspace_converter_new (flxh->width, flxh->height); ++ /* zero means 8 */ ++ if (flxh->depth == 0) ++ flxh->depth = 8; ++ ++ if (flxh->depth != 8) { ++ GST_ELEMENT_ERROR (flxdec, STREAM, WRONG_TYPE, ++ ("%s", "Don't know how to decode non 8 bit depth streams"), (NULL)); ++ goto unmap_input_error; ++ } ++ ++ flxdec->converter = ++ flx_colorspace_converter_new (flxh->width, flxh->height); + + if (flxh->type == FLX_MAGICHDR_FLC || flxh->type == FLX_MAGICHDR_FLX) { +- GST_LOG ("(FLC) aspect_dx : %d", flxh->aspect_dx); +- GST_LOG ("(FLC) aspect_dy : %d", flxh->aspect_dy); +- GST_LOG ("(FLC) oframe1 : 0x%08x", flxh->oframe1); +- GST_LOG ("(FLC) oframe2 : 0x%08x", flxh->oframe2); ++ GST_INFO_OBJECT (flxdec, "(FLC) aspect_dx : %d", flxh->aspect_dx); ++ GST_INFO_OBJECT (flxdec, "(FLC) aspect_dy : %d", flxh->aspect_dy); ++ GST_INFO_OBJECT (flxdec, "(FLC) oframe1 : 0x%08x", flxh->oframe1); ++ GST_INFO_OBJECT (flxdec, "(FLC) oframe2 : 0x%08x", flxh->oframe2); + } + + flxdec->size = ((guint) flxh->width * (guint) flxh->height); ++ if (flxdec->size >= G_MAXSIZE / 4) { ++ GST_ELEMENT_ERROR (flxdec, STREAM, DECODE, ++ ("%s", "Cannot allocate required memory"), (NULL)); ++ goto unmap_input_error; ++ } + + /* create delta and output frame */ + flxdec->frame_data = g_malloc (flxdec->size); +@@ -596,55 +821,66 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf) + GstBuffer *out; + + /* while we have enough data in the adapter */ +- while (avail >= FlxFrameChunkSize && res == GST_FLOW_OK) { +- FlxFrameChunk flxfh; +- guchar *chunk; +- const guint8 *data; +- GstMapInfo map; +- +- chunk = NULL; +- data = gst_adapter_map (flxdec->adapter, FlxFrameChunkSize); +- memcpy (&flxfh, data, FlxFrameChunkSize); +- FLX_FRAME_CHUNK_FIX_ENDIANNESS (&flxfh); +- gst_adapter_unmap (flxdec->adapter); +- +- switch (flxfh.id) { +- case FLX_FRAME_TYPE: +- /* check if we have the complete frame */ +- if (avail < flxfh.size) +- goto need_more_data; +- +- /* flush header */ +- gst_adapter_flush (flxdec->adapter, FlxFrameChunkSize); +- +- chunk = gst_adapter_take (flxdec->adapter, +- flxfh.size - FlxFrameChunkSize); +- FLX_FRAME_TYPE_FIX_ENDIANNESS ((FlxFrameType *) chunk); +- if (((FlxFrameType *) chunk)->chunks == 0) +- break; ++ while (available >= FlxFrameChunkSize && res == GST_FLOW_OK) { ++ guint32 size; ++ guint16 type; + +- /* create 32 bits output frame */ +-// res = gst_pad_alloc_buffer_and_set_caps (flxdec->srcpad, +-// GST_BUFFER_OFFSET_NONE, +-// flxdec->size * 4, GST_PAD_CAPS (flxdec->srcpad), &out); +-// if (res != GST_FLOW_OK) +-// break; ++ if (!gst_byte_reader_get_uint32_le (&reader, &size)) ++ goto parse_error; ++ if (available < size) ++ goto need_more_data; + +- out = gst_buffer_new_and_alloc (flxdec->size * 4); ++ available -= size; ++ gst_adapter_flush (flxdec->adapter, size); ++ ++ if (!gst_byte_reader_get_uint16_le (&reader, &type)) ++ goto parse_error; ++ ++ switch (type) { ++ case FLX_FRAME_TYPE:{ ++ GstByteReader chunks; ++ GstByteWriter writer; ++ guint16 n_chunks; ++ GstMapInfo map; ++ ++ GST_LOG_OBJECT (flxdec, "Have frame type 0x%02x of size %d", type, ++ size); ++ ++ if (!gst_byte_reader_get_sub_reader (&reader, &chunks, ++ size - FlxFrameChunkSize)) ++ goto parse_error; ++ ++ if (!gst_byte_reader_get_uint16_le (&chunks, &n_chunks)) ++ goto parse_error; ++ GST_LOG_OBJECT (flxdec, "Have %d chunks", n_chunks); ++ ++ if (n_chunks == 0) ++ break; ++ if (!gst_byte_reader_skip (&chunks, 8)) /* reserved */ ++ goto parse_error; ++ ++ gst_byte_writer_init_with_data (&writer, flxdec->frame_data, ++ flxdec->size, TRUE); + + /* decode chunks */ +- if (!flx_decode_chunks (flxdec, +- ((FlxFrameType *) chunk)->chunks, +- chunk + FlxFrameTypeSize, flxdec->frame_data)) { ++ if (!flx_decode_chunks (flxdec, n_chunks, &chunks, &writer)) { + GST_ELEMENT_ERROR (flxdec, STREAM, DECODE, + ("%s", "Could not decode chunk"), NULL); +- return GST_FLOW_ERROR; ++ goto unmap_input_error; + } ++ gst_byte_writer_reset (&writer); + + /* save copy of the current frame for possible delta. */ + memcpy (flxdec->delta_data, flxdec->frame_data, flxdec->size); + +- gst_buffer_map (out, &map, GST_MAP_WRITE); ++ out = gst_buffer_new_and_alloc (flxdec->size * 4); ++ if (!gst_buffer_map (out, &map, GST_MAP_WRITE)) { ++ GST_ELEMENT_ERROR (flxdec, STREAM, DECODE, ++ ("%s", "Could not map output buffer"), NULL); ++ gst_buffer_unref (out); ++ goto unmap_input_error; ++ } ++ + /* convert current frame. */ + flx_colorspace_convert (flxdec->converter, flxdec->frame_data, + map.data); +@@ -655,30 +891,32 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf) + + res = gst_pad_push (flxdec->srcpad, out); + break; ++ } + default: +- /* check if we have the complete frame */ +- if (avail < flxfh.size) +- goto need_more_data; +- +- gst_adapter_flush (flxdec->adapter, flxfh.size); ++ GST_DEBUG_OBJECT (flxdec, "Unknown frame type 0x%02x, skipping %d", ++ type, size); ++ if (!gst_byte_reader_skip (&reader, size - FlxFrameChunkSize)) ++ goto parse_error; + break; + } +- +- g_free (chunk); +- +- avail = gst_adapter_available (flxdec->adapter); + } + } ++ ++ gst_buffer_unmap (input, &map_info); ++ gst_buffer_unref (input); ++ + need_more_data: + return res; + + /* ERRORS */ +-wrong_type: +- { +- GST_ELEMENT_ERROR (flxdec, STREAM, WRONG_TYPE, (NULL), +- ("not a flx file (type %x)", flxh->type)); +- return GST_FLOW_ERROR; +- } ++parse_error: ++ GST_ELEMENT_ERROR (flxdec, STREAM, DECODE, ++ ("%s", "Failed to parse stream"), (NULL)); ++unmap_input_error: ++ gst_buffer_unmap (input, &map_info); ++ gst_buffer_unref (input); ++error: ++ return GST_FLOW_ERROR; + } + + static GstStateChangeReturn +diff --git a/gst/flx/gstflxdec.h b/gst/flx/gstflxdec.h +index 3f9a0aa..4fd8dfd 100644 +--- a/gst/flx/gstflxdec.h ++++ b/gst/flx/gstflxdec.h +@@ -23,6 +23,8 @@ + #include + + #include ++#include ++#include + #include "flx_color.h" + + G_BEGIN_DECLS +@@ -45,7 +47,7 @@ struct _GstFlxDec { + + guint8 *delta_data, *frame_data; + GstAdapter *adapter; +- gulong size; ++ gsize size; + GstFlxDecState state; + gint64 frame_time; + gint64 next_time; +-- +2.10.2 + diff --git a/gnu/packages/patches/gst-plugins-good-fix-invalid-read.patch b/gnu/packages/patches/gst-plugins-good-fix-invalid-read.patch new file mode 100644 index 0000000000..1daaa2ae15 --- /dev/null +++ b/gnu/packages/patches/gst-plugins-good-fix-invalid-read.patch @@ -0,0 +1,37 @@ +Fixes upstream bug #774897 (flxdec: Unreferences itself one time too many on +invalid files): + +https://bugzilla.gnome.org/show_bug.cgi?id=774897 + +Patch copied from upstream source repository: + +https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=b31c504645a814c59d91d49e4fe218acaf93f4ca + +From b31c504645a814c59d91d49e4fe218acaf93f4ca Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= +Date: Wed, 23 Nov 2016 11:20:49 +0200 +Subject: [PATCH] flxdec: Don't unref() parent in the chain function + +We don't own the reference here, it is owned by the caller and given to +us for the scope of this function. Leftover mistake from 0.10 porting. + +https://bugzilla.gnome.org/show_bug.cgi?id=774897 +--- + gst/flx/gstflxdec.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/gst/flx/gstflxdec.c b/gst/flx/gstflxdec.c +index e675c99..a237976 100644 +--- a/gst/flx/gstflxdec.c ++++ b/gst/flx/gstflxdec.c +@@ -677,7 +677,6 @@ wrong_type: + { + GST_ELEMENT_ERROR (flxdec, STREAM, WRONG_TYPE, (NULL), + ("not a flx file (type %x)", flxh->type)); +- gst_object_unref (flxdec); + return GST_FLOW_ERROR; + } + } +-- +2.10.2 + diff --git a/gnu/packages/patches/gst-plugins-good-fix-signedness.patch b/gnu/packages/patches/gst-plugins-good-fix-signedness.patch new file mode 100644 index 0000000000..a3e20e19dd --- /dev/null +++ b/gnu/packages/patches/gst-plugins-good-fix-signedness.patch @@ -0,0 +1,58 @@ +This is a followup fix for upstream bug #774834 (flic decoder: Buffer overflow +in flx_decode_delta_fli): + +https://bugzilla.gnome.org/show_bug.cgi?id=774834#c2 + +Patch copied from upstream source repository: + +https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=1ab2b26193861b124426e2f8eb62b75b59ec5488 + +From 1ab2b26193861b124426e2f8eb62b75b59ec5488 Mon Sep 17 00:00:00 2001 +From: Matthew Waters +Date: Tue, 22 Nov 2016 23:46:00 +1100 +Subject: [PATCH] flxdec: fix some warnings comparing unsigned < 0 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +bf43f44fcfada5ec4a3ce60cb374340486fe9fac was comparing an unsigned +expression to be < 0 which was always false. + +gstflxdec.c: In function ‘flx_decode_brun’: +gstflxdec.c:322:33: warning: comparison of unsigned expression < 0 is always false [-Wtype-limits] + if ((glong) row - count < 0) { + ^ +gstflxdec.c:332:33: warning: comparison of unsigned expression < 0 is always false [-Wtype-limits] + if ((glong) row - count < 0) { + ^ + +https://bugzilla.gnome.org/show_bug.cgi?id=774834 +--- + gst/flx/gstflxdec.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/gst/flx/gstflxdec.c b/gst/flx/gstflxdec.c +index d51a8e6..e675c99 100644 +--- a/gst/flx/gstflxdec.c ++++ b/gst/flx/gstflxdec.c +@@ -319,7 +319,7 @@ flx_decode_brun (GstFlxDec * flxdec, guchar * data, guchar * dest) + if (count > 0x7f) { + /* literal run */ + count = 0x100 - count; +- if ((glong) row - count < 0) { ++ if ((glong) row - (glong) count < 0) { + GST_ERROR_OBJECT (flxdec, "Invalid BRUN packet detected."); + return FALSE; + } +@@ -329,7 +329,7 @@ flx_decode_brun (GstFlxDec * flxdec, guchar * data, guchar * dest) + *dest++ = *data++; + + } else { +- if ((glong) row - count < 0) { ++ if ((glong) row - (glong) count < 0) { + GST_ERROR_OBJECT (flxdec, "Invalid BRUN packet detected."); + return FALSE; + } +-- +2.10.2 + diff --git a/gnu/packages/patches/gst-plugins-good-flic-bounds-check.patch b/gnu/packages/patches/gst-plugins-good-flic-bounds-check.patch new file mode 100644 index 0000000000..f77dca2cd6 --- /dev/null +++ b/gnu/packages/patches/gst-plugins-good-flic-bounds-check.patch @@ -0,0 +1,319 @@ +Fix CVE-2016-{9634,9635,9636}. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9634 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9635 +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9636 + +This fixes upstream bug #774834 (flic decoder: Buffer overflow in +flx_decode_delta_fli): + +https://bugzilla.gnome.org/show_bug.cgi?id=774834 + +Patch copied from upstream source repository: + +https://cgit.freedesktop.org/gstreamer/gst-plugins-good/commit/?id=2e203a79b7d9af4029307c1a845b3c148d5f5e62 + +From 2e203a79b7d9af4029307c1a845b3c148d5f5e62 Mon Sep 17 00:00:00 2001 +From: Matthew Waters +Date: Tue, 22 Nov 2016 19:05:00 +1100 +Subject: [PATCH] flxdec: add some write bounds checking + +Without checking the bounds of the frame we are writing into, we can +write off the end of the destination buffer. + +https://scarybeastsecurity.blogspot.dk/2016/11/0day-exploit-advancing-exploitation.html + +https://bugzilla.gnome.org/show_bug.cgi?id=774834 +--- + gst/flx/gstflxdec.c | 116 +++++++++++++++++++++++++++++++++++++++++----------- + 1 file changed, 91 insertions(+), 25 deletions(-) + +diff --git a/gst/flx/gstflxdec.c b/gst/flx/gstflxdec.c +index 604be2f..d51a8e6 100644 +--- a/gst/flx/gstflxdec.c ++++ b/gst/flx/gstflxdec.c +@@ -74,9 +74,9 @@ static gboolean gst_flxdec_src_query_handler (GstPad * pad, GstObject * parent, + GstQuery * query); + + static void flx_decode_color (GstFlxDec *, guchar *, guchar *, gint); +-static void flx_decode_brun (GstFlxDec *, guchar *, guchar *); +-static void flx_decode_delta_fli (GstFlxDec *, guchar *, guchar *); +-static void flx_decode_delta_flc (GstFlxDec *, guchar *, guchar *); ++static gboolean flx_decode_brun (GstFlxDec *, guchar *, guchar *); ++static gboolean flx_decode_delta_fli (GstFlxDec *, guchar *, guchar *); ++static gboolean flx_decode_delta_flc (GstFlxDec *, guchar *, guchar *); + + #define rndalign(off) ((off) + ((off) & 1)) + +@@ -203,13 +203,14 @@ gst_flxdec_sink_event_handler (GstPad * pad, GstObject * parent, + return ret; + } + +-static void ++static gboolean + flx_decode_chunks (GstFlxDec * flxdec, gulong count, guchar * data, + guchar * dest) + { + FlxFrameChunk *hdr; ++ gboolean ret = TRUE; + +- g_return_if_fail (data != NULL); ++ g_return_val_if_fail (data != NULL, FALSE); + + while (count--) { + hdr = (FlxFrameChunk *) data; +@@ -228,17 +229,17 @@ flx_decode_chunks (GstFlxDec * flxdec, gulong count, guchar * data, + break; + + case FLX_BRUN: +- flx_decode_brun (flxdec, data, dest); ++ ret = flx_decode_brun (flxdec, data, dest); + data += rndalign (hdr->size) - FlxFrameChunkSize; + break; + + case FLX_LC: +- flx_decode_delta_fli (flxdec, data, dest); ++ ret = flx_decode_delta_fli (flxdec, data, dest); + data += rndalign (hdr->size) - FlxFrameChunkSize; + break; + + case FLX_SS2: +- flx_decode_delta_flc (flxdec, data, dest); ++ ret = flx_decode_delta_flc (flxdec, data, dest); + data += rndalign (hdr->size) - FlxFrameChunkSize; + break; + +@@ -256,7 +257,12 @@ flx_decode_chunks (GstFlxDec * flxdec, gulong count, guchar * data, + data += rndalign (hdr->size) - FlxFrameChunkSize; + break; + } ++ ++ if (!ret) ++ break; + } ++ ++ return ret; + } + + +@@ -289,13 +295,13 @@ flx_decode_color (GstFlxDec * flxdec, guchar * data, guchar * dest, gint scale) + } + } + +-static void ++static gboolean + flx_decode_brun (GstFlxDec * flxdec, guchar * data, guchar * dest) + { + gulong count, lines, row; + guchar x; + +- g_return_if_fail (flxdec != NULL); ++ g_return_val_if_fail (flxdec != NULL, FALSE); + + lines = flxdec->hdr.height; + while (lines--) { +@@ -313,12 +319,21 @@ flx_decode_brun (GstFlxDec * flxdec, guchar * data, guchar * dest) + if (count > 0x7f) { + /* literal run */ + count = 0x100 - count; ++ if ((glong) row - count < 0) { ++ GST_ERROR_OBJECT (flxdec, "Invalid BRUN packet detected."); ++ return FALSE; ++ } + row -= count; + + while (count--) + *dest++ = *data++; + + } else { ++ if ((glong) row - count < 0) { ++ GST_ERROR_OBJECT (flxdec, "Invalid BRUN packet detected."); ++ return FALSE; ++ } ++ + /* replicate run */ + row -= count; + x = *data++; +@@ -328,22 +343,28 @@ flx_decode_brun (GstFlxDec * flxdec, guchar * data, guchar * dest) + } + } + } ++ ++ return TRUE; + } + +-static void ++static gboolean + flx_decode_delta_fli (GstFlxDec * flxdec, guchar * data, guchar * dest) + { + gulong count, packets, lines, start_line; + guchar *start_p, x; + +- g_return_if_fail (flxdec != NULL); +- g_return_if_fail (flxdec->delta_data != NULL); ++ g_return_val_if_fail (flxdec != NULL, FALSE); ++ g_return_val_if_fail (flxdec->delta_data != NULL, FALSE); + + /* use last frame for delta */ + memcpy (dest, flxdec->delta_data, flxdec->size); + + start_line = (data[0] + (data[1] << 8)); + lines = (data[2] + (data[3] << 8)); ++ if (start_line + lines > flxdec->hdr.height) { ++ GST_ERROR_OBJECT (flxdec, "Invalid FLI packet detected. too many lines."); ++ return FALSE; ++ } + data += 4; + + /* start position of delta */ +@@ -356,7 +377,8 @@ flx_decode_delta_fli (GstFlxDec * flxdec, guchar * data, guchar * dest) + + while (packets--) { + /* skip count */ +- dest += *data++; ++ guchar skip = *data++; ++ dest += skip; + + /* RLE count */ + count = *data++; +@@ -364,12 +386,24 @@ flx_decode_delta_fli (GstFlxDec * flxdec, guchar * data, guchar * dest) + if (count > 0x7f) { + /* literal run */ + count = 0x100 - count; +- x = *data++; + ++ if (skip + count > flxdec->hdr.width) { ++ GST_ERROR_OBJECT (flxdec, "Invalid FLI packet detected. " ++ "line too long."); ++ return FALSE; ++ } ++ ++ x = *data++; + while (count--) + *dest++ = x; + + } else { ++ if (skip + count > flxdec->hdr.width) { ++ GST_ERROR_OBJECT (flxdec, "Invalid FLI packet detected. " ++ "line too long."); ++ return FALSE; ++ } ++ + /* replicate run */ + while (count--) + *dest++ = *data++; +@@ -378,21 +412,27 @@ flx_decode_delta_fli (GstFlxDec * flxdec, guchar * data, guchar * dest) + start_p += flxdec->hdr.width; + dest = start_p; + } ++ ++ return TRUE; + } + +-static void ++static gboolean + flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) + { + gulong count, lines, start_l, opcode; + guchar *start_p; + +- g_return_if_fail (flxdec != NULL); +- g_return_if_fail (flxdec->delta_data != NULL); ++ g_return_val_if_fail (flxdec != NULL, FALSE); ++ g_return_val_if_fail (flxdec->delta_data != NULL, FALSE); + + /* use last frame for delta */ + memcpy (dest, flxdec->delta_data, flxdec->size); + + lines = (data[0] + (data[1] << 8)); ++ if (lines > flxdec->hdr.height) { ++ GST_ERROR_OBJECT (flxdec, "Invalid FLC packet detected. too many lines."); ++ return FALSE; ++ } + data += 2; + + start_p = dest; +@@ -405,9 +445,15 @@ flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) + while ((opcode = (data[0] + (data[1] << 8))) & 0xc000) { + data += 2; + if ((opcode & 0xc000) == 0xc000) { +- /* skip count */ +- start_l += (0x10000 - opcode); +- dest += flxdec->hdr.width * (0x10000 - opcode); ++ /* line skip count */ ++ gulong skip = (0x10000 - opcode); ++ if (skip > flxdec->hdr.height) { ++ GST_ERROR_OBJECT (flxdec, "Invalid FLC packet detected. " ++ "skip line count too big."); ++ return FALSE; ++ } ++ start_l += skip; ++ dest += flxdec->hdr.width * skip; + } else { + /* last pixel */ + dest += flxdec->hdr.width; +@@ -419,7 +465,8 @@ flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) + /* last opcode is the packet count */ + while (opcode--) { + /* skip count */ +- dest += *data++; ++ guchar skip = *data++; ++ dest += skip; + + /* RLE count */ + count = *data++; +@@ -427,12 +474,25 @@ flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) + if (count > 0x7f) { + /* replicate word run */ + count = 0x100 - count; ++ ++ if (skip + count > flxdec->hdr.width) { ++ GST_ERROR_OBJECT (flxdec, "Invalid FLC packet detected. " ++ "line too long."); ++ return FALSE; ++ } ++ + while (count--) { + *dest++ = data[0]; + *dest++ = data[1]; + } + data += 2; + } else { ++ if (skip + count > flxdec->hdr.width) { ++ GST_ERROR_OBJECT (flxdec, "Invalid FLC packet detected. " ++ "line too long."); ++ return FALSE; ++ } ++ + /* literal word run */ + while (count--) { + *dest++ = *data++; +@@ -442,6 +502,8 @@ flx_decode_delta_flc (GstFlxDec * flxdec, guchar * data, guchar * dest) + } + lines--; + } ++ ++ return TRUE; + } + + static GstFlowReturn +@@ -571,9 +633,13 @@ gst_flxdec_chain (GstPad * pad, GstObject * parent, GstBuffer * buf) + out = gst_buffer_new_and_alloc (flxdec->size * 4); + + /* decode chunks */ +- flx_decode_chunks (flxdec, +- ((FlxFrameType *) chunk)->chunks, +- chunk + FlxFrameTypeSize, flxdec->frame_data); ++ if (!flx_decode_chunks (flxdec, ++ ((FlxFrameType *) chunk)->chunks, ++ chunk + FlxFrameTypeSize, flxdec->frame_data)) { ++ GST_ELEMENT_ERROR (flxdec, STREAM, DECODE, ++ ("%s", "Could not decode chunk"), NULL); ++ return GST_FLOW_ERROR; ++ } + + /* save copy of the current frame for possible delta. */ + memcpy (flxdec->delta_data, flxdec->frame_data, flxdec->size); +-- +2.10.2 + -- cgit 1.4.1 From cd65d600ac6e8701ef9c54f5d09a45cd6c149949 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Sat, 26 Nov 2016 15:03:06 -0500 Subject: gnu: cyrus-sasl: Fix CVE-2013-4122. * gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/cyrus-sasl.scm (cyrus-sasl)[replacement]: New field. (cyrus-sasl/fixed): New variable. [source]: Use patch. --- gnu/local.mk | 1 + gnu/packages/cyrus-sasl.scm | 9 ++ .../patches/cyrus-sasl-CVE-2013-4122.patch | 130 +++++++++++++++++++++ 3 files changed, 140 insertions(+) create mode 100644 gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 8ca4d932d3..dfa9c0077d 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -506,6 +506,7 @@ dist_patch_DATA = \ %D%/packages/patches/cssc-missing-include.patch \ %D%/packages/patches/clucene-contribs-lib.patch \ %D%/packages/patches/cursynth-wave-rand.patch \ + %D%/packages/patches/cyrus-sasl-CVE-2013-4122.patch \ %D%/packages/patches/dbus-helper-search-path.patch \ %D%/packages/patches/devil-CVE-2009-3994.patch \ %D%/packages/patches/devil-fix-libpng.patch \ diff --git a/gnu/packages/cyrus-sasl.scm b/gnu/packages/cyrus-sasl.scm index 99ff1e228e..89a4a49797 100644 --- a/gnu/packages/cyrus-sasl.scm +++ b/gnu/packages/cyrus-sasl.scm @@ -1,6 +1,7 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015 Ludovic Courtès ;;; Copyright © 2013 Andreas Enge +;;; Copyright © 2016 Leo Famulari ;;; ;;; This file is part of GNU Guix. ;;; @@ -30,6 +31,7 @@ (define-public cyrus-sasl (package (name "cyrus-sasl") + (replacement cyrus-sasl/fixed) (version "2.1.26") (source (origin (method url-fetch) @@ -64,3 +66,10 @@ server writers.") (license (license:non-copyleft "file://COPYING" "See COPYING in the distribution.")) (home-page "http://cyrusimap.web.cmu.edu"))) + +(define cyrus-sasl/fixed + (package + (inherit cyrus-sasl) + (source (origin + (inherit (package-source cyrus-sasl)) + (patches (search-patches "cyrus-sasl-CVE-2013-4122.patch")))))) diff --git a/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch new file mode 100644 index 0000000000..fc72e42e03 --- /dev/null +++ b/gnu/packages/patches/cyrus-sasl-CVE-2013-4122.patch @@ -0,0 +1,130 @@ +Fix CVE-2013-4122. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4122 + +Patch copied from upstream source repository: +https://github.com/cyrusimap/cyrus-sasl/commit/dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d + +From dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d Mon Sep 17 00:00:00 2001 +From: mancha +Date: Thu, 11 Jul 2013 10:08:07 +0100 +Subject: Handle NULL returns from glibc 2.17+ crypt() + +Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL +(w/ NULL return) if the salt violates specifications. Additionally, +on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords +passed to crypt() fail with EPERM (w/ NULL return). + +When using glibc's crypt(), check return value to avoid a possible +NULL pointer dereference. + +Patch by mancha1@hush.com. +--- + pwcheck/pwcheck_getpwnam.c | 3 ++- + pwcheck/pwcheck_getspnam.c | 4 +++- + saslauthd/auth_getpwent.c | 4 +++- + saslauthd/auth_shadow.c | 8 +++----- + 4 files changed, 11 insertions(+), 8 deletions(-) + +diff --git a/pwcheck/pwcheck_getpwnam.c b/pwcheck/pwcheck_getpwnam.c +index 4b34222..400289c 100644 +--- a/pwcheck/pwcheck_getpwnam.c ++++ b/pwcheck/pwcheck_getpwnam.c +@@ -32,6 +32,7 @@ char *userid; + char *password; + { + char* r; ++ char* crpt_passwd; + struct passwd *pwd; + + pwd = getpwnam(userid); +@@ -41,7 +42,7 @@ char *password; + else if (pwd->pw_passwd[0] == '*') { + r = "Account disabled"; + } +- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { ++ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) { + r = "Incorrect password"; + } + else { +diff --git a/pwcheck/pwcheck_getspnam.c b/pwcheck/pwcheck_getspnam.c +index 2b11286..6d607bb 100644 +--- a/pwcheck/pwcheck_getspnam.c ++++ b/pwcheck/pwcheck_getspnam.c +@@ -32,13 +32,15 @@ char *userid; + char *password; + { + struct spwd *pwd; ++ char *crpt_passwd; + + pwd = getspnam(userid); + if (!pwd) { + return "Userid not found"; + } + +- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) { ++ crpt_passwd = crypt(password, pwd->sp_pwdp); ++ if (!crpt_passwd || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) { + return "Incorrect password"; + } + else { +diff --git a/saslauthd/auth_getpwent.c b/saslauthd/auth_getpwent.c +index fc8029d..d4ebe54 100644 +--- a/saslauthd/auth_getpwent.c ++++ b/saslauthd/auth_getpwent.c +@@ -77,6 +77,7 @@ auth_getpwent ( + { + /* VARIABLES */ + struct passwd *pw; /* pointer to passwd file entry */ ++ char *crpt_passwd; /* encrypted password */ + int errnum; + /* END VARIABLES */ + +@@ -105,7 +106,8 @@ auth_getpwent ( + } + } + +- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { ++ crpt_passwd = crypt(password, pw->pw_passwd); ++ if (!crpt_passwd || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login); + } +diff --git a/saslauthd/auth_shadow.c b/saslauthd/auth_shadow.c +index 677131b..1988afd 100644 +--- a/saslauthd/auth_shadow.c ++++ b/saslauthd/auth_shadow.c +@@ -210,8 +210,8 @@ auth_shadow ( + RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)"); + } + +- cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); +- if (strcmp(sp->sp_pwdp, cpw)) { ++ cpw = crypt(password, sp->sp_pwdp); ++ if (!cpw || strcmp(sp->sp_pwdp, (const char *)cpw)) { + if (flags & VERBOSE) { + /* + * This _should_ reveal the SHADOW_PW_LOCKED prefix to an +@@ -221,10 +221,8 @@ auth_shadow ( + syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", + sp->sp_pwdp, cpw); + } +- free(cpw); + RETURN("NO Incorrect password"); + } +- free(cpw); + + /* + * The following fields will be set to -1 if: +@@ -286,7 +284,7 @@ auth_shadow ( + RETURN("NO Invalid username"); + } + +- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { ++ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", + password, upw->upw_passwd); +-- +cgit v0.12 + -- cgit 1.4.1 From a82f0b36177848eda340d880ae0802c3e26c4ea8 Mon Sep 17 00:00:00 2001 From: 宋文武 Date: Sat, 26 Nov 2016 13:51:58 +0800 Subject: tests: Add 'opensmtpd-service-type' test. * gnu/tests/mail.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 1 + gnu/tests/mail.scm | 159 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 160 insertions(+) create mode 100644 gnu/tests/mail.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index dfa9c0077d..821533837a 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -447,6 +447,7 @@ GNU_SYSTEM_MODULES = \ %D%/tests.scm \ %D%/tests/base.scm \ %D%/tests/install.scm \ + %D%/tests/mail.scm \ %D%/tests/ssh.scm diff --git a/gnu/tests/mail.scm b/gnu/tests/mail.scm new file mode 100644 index 0000000000..47328a54ae --- /dev/null +++ b/gnu/tests/mail.scm @@ -0,0 +1,159 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Sou Bunnbu +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu tests mail) + #:use-module (gnu tests) + #:use-module (gnu system) + #:use-module (gnu system file-systems) + #:use-module (gnu system grub) + #:use-module (gnu system vm) + #:use-module (gnu services) + #:use-module (gnu services base) + #:use-module (gnu services mail) + #:use-module (gnu services networking) + #:use-module (guix gexp) + #:use-module (guix monads) + #:use-module (guix store) + #:export (%test-opensmtpd)) + +(define %opensmtpd-os + (operating-system + (host-name "komputilo") + (timezone "Europe/Berlin") + (locale "en_US.UTF-8") + (bootloader (grub-configuration (device #f))) + (file-systems %base-file-systems) + (firmware '()) + (services (cons* + (dhcp-client-service) + (service opensmtpd-service-type + (opensmtpd-configuration + (config-file + (plain-file "smtpd.conf" " +listen on 0.0.0.0 +accept from any for local deliver to mbox +")))) + %base-services)))) + +(define (run-opensmtpd-test) + "Return a test of an OS running OpenSMTPD service." + (mlet* %store-monad ((command (system-qemu-image/shared-store-script + (marionette-operating-system + %opensmtpd-os + #:imported-modules '((gnu services herd))) + #:graphic? #f))) + (define test + (with-imported-modules '((gnu build marionette)) + #~(begin + (use-modules (rnrs base) + (srfi srfi-64) + (ice-9 rdelim) + (ice-9 regex) + (gnu build marionette)) + + (define marionette + (make-marionette + ;; Enable TCP forwarding of the guest's port 25. + '(#$command "-net" "user,hostfwd=tcp::1025-:25"))) + + (define (read-reply-code port) + "Read a SMTP reply from PORT and return its reply code." + (let* ((line (read-line port)) + (mo (string-match "([0-9]+)([ -]).*" line)) + (code (string->number (match:substring mo 1))) + (finished? (string= " " (match:substring mo 2)))) + (if finished? + code + (read-reply-code port)))) + + (mkdir #$output) + (chdir #$output) + + (test-begin "opensmptd") + + (test-assert "service is running" + (marionette-eval + '(begin + (use-modules (gnu services herd)) + (start-service 'smtpd) + #t) + marionette)) + + (test-assert "mbox is empty" + (marionette-eval + '(and (file-exists? "/var/mail") + (not (file-exists? "/var/mail/root"))) + marionette)) + + (test-eq "accept an email" + #t + (let* ((smtp (socket AF_INET SOCK_STREAM 0)) + (addr (make-socket-address AF_INET INADDR_LOOPBACK 1025))) + (connect smtp addr) + ;; Be greeted. + (read-reply-code smtp) ;220 + ;; Greet the server. + (write-line "EHLO somehost" smtp) + (read-reply-code smtp) ;250 + ;; Set sender email. + (write-line "MAIL FROM: " smtp) + (read-reply-code smtp) ;250 + ;; Set recipient email. + (write-line "RCPT TO: " smtp) + (read-reply-code smtp) ;250 + ;; Send message. + (write-line "DATA" smtp) + (read-reply-code smtp) ;354 + (write-line "Subject: Hello" smtp) + (newline smtp) + (write-line "Nice to meet you!" smtp) + (write-line "." smtp) + (read-reply-code smtp) ;250 + ;; Say goodbye. + (write-line "QUIT" smtp) + (read-reply-code smtp) ;221 + (close smtp) + #t)) + + (test-assert "mail arrived" + (marionette-eval + '(begin + (use-modules (ice-9 popen) + (ice-9 rdelim)) + + (define (queue-empty?) + (eof-object? + (read-line + (open-input-pipe "smtpctl show queue")))) + + (let wait () + (if (queue-empty?) + (file-exists? "/var/mail/root") + (begin (sleep 1) (wait))))) + marionette)) + + (test-end) + (exit (= (test-runner-fail-count (test-runner-current)) 0))))) + + (gexp->derivation "opensmtpd-test" test))) + +(define %test-opensmtpd + (system-test + (name "opensmtpd") + (description "Send an email to a running OpenSMTPD server.") + (value (run-opensmtpd-test)))) -- cgit 1.4.1 From d4ba9a5f210e62742fbd2e9a0cbcde3c1b504fd6 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Wed, 23 Nov 2016 16:00:58 +0100 Subject: gnu: Add perl-mojolicious. * gnu/packages/perl-web.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 1 + gnu/packages/perl-web.scm | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 48 insertions(+) create mode 100644 gnu/packages/perl-web.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 821533837a..5a9001b6d4 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -294,6 +294,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/pdf.scm \ %D%/packages/pem.scm \ %D%/packages/perl.scm \ + %D%/packages/perl-web.scm \ %D%/packages/photo.scm \ %D%/packages/php.scm \ %D%/packages/pkg-config.scm \ diff --git a/gnu/packages/perl-web.scm b/gnu/packages/perl-web.scm new file mode 100644 index 0000000000..9c92a95dad --- /dev/null +++ b/gnu/packages/perl-web.scm @@ -0,0 +1,47 @@ +;;; GNU Guix --- Functional package management for GNU +;;; Copyright © 2016 Ricardo Wurmus +;;; +;;; This file is part of GNU Guix. +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages perl-web) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (gnu packages) + #:use-module (guix packages) + #:use-module (guix download) + #:use-module (guix build-system perl)) + +(define-public perl-mojolicious + (package + (name "perl-mojolicious") + (version "7.10") + (source + (origin + (method url-fetch) + (uri (string-append "mirror://cpan/authors/id/S/SR/SRI/Mojolicious-" + version ".tar.gz")) + (sha256 + (base32 + "0811f3wajgf71y02dr2khqnaswjh582pcvhv93k101qpg61syihn")))) + (build-system perl-build-system) + (home-page "http://mojolicious.org/") + (synopsis "Real-time web framework") + (description "Back in the early days of the web, many people learned Perl +because of a wonderful Perl library called @code{CGI}. It was simple enough +to get started without knowing much about the language and powerful enough to +keep you going, learning by doing was much fun. While most of the techniques +used are outdated now, the idea behind it is not. Mojolicious is a new +endeavor to implement this idea using modern technologies.") + (license license:artistic2.0))) -- cgit 1.4.1 From dbf8f84f15fb80fa41caeed073460853083e48d3 Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Fri, 25 Nov 2016 22:29:41 +0100 Subject: gnu: gcj: Fix build on armhf. * gnu/packages/patches/gcj-arm-mode.patch: New file. * gnu/local.mk (dist_patch_DATA): Add patch. * gnu/packages/gcc.scm (gcj): Add patch. [arguments]: Delete failing tests. --- gnu/local.mk | 1 + gnu/packages/gcc.scm | 14 +++++++++++++ gnu/packages/patches/gcj-arm-mode.patch | 36 +++++++++++++++++++++++++++++++++ 3 files changed, 51 insertions(+) create mode 100644 gnu/packages/patches/gcj-arm-mode.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 5a9001b6d4..5ab9c3b036 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -554,6 +554,7 @@ dist_patch_DATA = \ %D%/packages/patches/gcc-5.0-libvtv-runpath.patch \ %D%/packages/patches/gcc-6-arm-none-eabi-multilib.patch \ %D%/packages/patches/gcc-6-cross-environment-variables.patch \ + %D%/packages/patches/gcj-arm-mode.patch \ %D%/packages/patches/gd-CVE-2016-7568.patch \ %D%/packages/patches/gd-CVE-2016-8670.patch \ %D%/packages/patches/gd-fix-chunk-size-on-boundaries.patch \ diff --git a/gnu/packages/gcc.scm b/gnu/packages/gcc.scm index c26cc4f497..ead270a3b5 100644 --- a/gnu/packages/gcc.scm +++ b/gnu/packages/gcc.scm @@ -521,6 +521,16 @@ as the 'native-search-paths' field." (define-public gcj (package (inherit gcc) (name "gcj") + (version (package-version gcc)) + (source (origin + (method url-fetch) + (uri (string-append "mirror://gnu/gcc/gcc-" + version "/gcc-" version ".tar.bz2")) + (sha256 + (base32 + "0zmnm00d2a1hsd41g34bhvxzvxisa2l584q3p447bd91lfjv4ci3")) + (patches (cons (search-patch "gcj-arm-mode.diff") + (origin-patches (package-source gcc)))))) (inputs `(("fastjar" ,fastjar) ("perl" ,perl) @@ -568,6 +578,10 @@ as the 'native-search-paths' field." 'unpack 'patch-testsuite ;; dejagnu-1.6 removes the 'absolute' command (lambda _ + ;; This test fails on armhf. It seems harmless enough to disable it. + (for-each delete-file '("libjava/testsuite/libjava.lang/Throw_2.java" + "libjava/testsuite/libjava.lang/Throw_2.out" + "libjava/testsuite/libjava.lang/Throw_2.jar")) (substitute* "libjava/testsuite/lib/libjava.exp" (("absolute") "file normalize")) #t)) diff --git a/gnu/packages/patches/gcj-arm-mode.patch b/gnu/packages/patches/gcj-arm-mode.patch new file mode 100644 index 0000000000..16fdb5ecac --- /dev/null +++ b/gnu/packages/patches/gcj-arm-mode.patch @@ -0,0 +1,36 @@ +Taken from +https://sources.debian.net/data/main/g/gcc-4.9/4.9.2-10/debian/patches/gcj-arm-mode.diff + +# DP: For armhf, force arm mode instead of thumb mode + +--- a/src/libjava/configure.host ++++ b/src/libjava/configure.host +@@ -66,6 +66,9 @@ + ;; + esac + ++# on armhf force arm mode ++libgcj_flags="${libgcj_flags} -marm" ++ + AM_RUNTESTFLAGS= + + # Set any host dependent compiler flags. +--- a/src/gcc/java/lang-specs.h ++++ b/src/gcc/java/lang-specs.h +@@ -47,7 +47,7 @@ + %{.class|.zip|.jar|!fsyntax-only:jc1 \ + %{.java|fsaw-java-file:%U.jar -fsource-filename=%i % Date: Sun, 27 Nov 2016 00:19:21 -0500 Subject: gnu: python-rarfile: Update to 2.8. * gnu/packages/python.scm (python-rarfile, python2-rarfile): Update to 2.8. [source]: Remove obsolete patch. * gnu/packages/patches/python-rarfile-fix-tests.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk | 1 - gnu/packages/patches/python-rarfile-fix-tests.patch | 14 -------------- gnu/packages/python.scm | 6 ++---- 3 files changed, 2 insertions(+), 19 deletions(-) delete mode 100644 gnu/packages/patches/python-rarfile-fix-tests.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 5ab9c3b036..c50ef254e0 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -827,7 +827,6 @@ dist_patch_DATA = \ %D%/packages/patches/python-file-double-encoding-bug.patch \ %D%/packages/patches/python-fix-tests.patch \ %D%/packages/patches/python-parse-too-many-fields.patch \ - %D%/packages/patches/python-rarfile-fix-tests.patch \ %D%/packages/patches/python2-rdflib-drop-sparqlwrapper.patch \ %D%/packages/patches/python-statsmodels-fix-tests.patch \ %D%/packages/patches/python-configobj-setuptools.patch \ diff --git a/gnu/packages/patches/python-rarfile-fix-tests.patch b/gnu/packages/patches/python-rarfile-fix-tests.patch deleted file mode 100644 index 8ae8894009..0000000000 --- a/gnu/packages/patches/python-rarfile-fix-tests.patch +++ /dev/null @@ -1,14 +0,0 @@ -There is no test.sh, but there are test1.sh and test2.sh. - -diff --git a/test/Makefile b/test/Makefile -index 027bc5f..5383db3 100644 ---- a/test/Makefile -+++ b/test/Makefile -@@ -1,5 +1,6 @@ - test: -- ./test.sh -+ ./test1.sh -+ ./test2.sh - - clean: - rm -rf __pycache__ diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm index 5c27b90402..e3cde11ab4 100644 --- a/gnu/packages/python.scm +++ b/gnu/packages/python.scm @@ -9816,15 +9816,13 @@ module, adding support for Unicode strings.") (define-public python-rarfile (package (name "python-rarfile") - (version "2.7") + (version "2.8") (source (origin (method url-fetch) (uri (pypi-uri "rarfile" version)) (sha256 (base32 - "0d8n1dlpiz7av8dmbp0vclrwl9cnxizr4f2c9xvj1h5nvn480527")) - ;; https://github.com/markokr/rarfile/pull/17/ - (patches (search-patches "python-rarfile-fix-tests.patch")))) + "0qfad483kcbga0bn4qmcz953xjk16r52fahiy46zzn56v80y89ra")))) (build-system python-build-system) (arguments '(#:phases -- cgit 1.4.1 From eb55f018219e5912fc5606c4e1881a64f8fa5710 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 21 Nov 2016 22:16:43 +0200 Subject: gnu: Add viewnior. * gnu/packages/image-viewers.scm (viewnior): New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add it. --- gnu/local.mk | 1 + gnu/packages/image-viewers.scm | 78 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 79 insertions(+) create mode 100644 gnu/packages/image-viewers.scm (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index c50ef254e0..49609cd68f 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -187,6 +187,7 @@ GNU_SYSTEM_MODULES = \ %D%/packages/icu4c.scm \ %D%/packages/idutils.scm \ %D%/packages/image.scm \ + %D%/packages/image-viewers.scm \ %D%/packages/imagemagick.scm \ %D%/packages/indent.scm \ %D%/packages/inklingreader.scm \ diff --git a/gnu/packages/image-viewers.scm b/gnu/packages/image-viewers.scm new file mode 100644 index 0000000000..4be0ebbc2d --- /dev/null +++ b/gnu/packages/image-viewers.scm @@ -0,0 +1,78 @@ +;;; Copyright © 2016 Efraim Flashner +;;; +;;; GNU Guix is free software; you can redistribute it and/or modify it +;;; under the terms of the GNU General Public License as published by +;;; the Free Software Foundation; either version 3 of the License, or (at +;;; your option) any later version. +;;; +;;; GNU Guix is distributed in the hope that it will be useful, but +;;; WITHOUT ANY WARRANTY; without even the implied warranty of +;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +;;; GNU General Public License for more details. +;;; +;;; You should have received a copy of the GNU General Public License +;;; along with GNU Guix. If not, see . + +(define-module (gnu packages image-viewers) + #:use-module ((guix licenses) #:prefix license:) + #:use-module (guix download) + #:use-module (guix packages) + #:use-module (guix build-system gnu) + #:use-module (gnu packages autotools) + #:use-module (gnu packages base) + #:use-module (gnu packages geeqie) + #:use-module (gnu packages glib) + #:use-module (gnu packages gnome) + #:use-module (gnu packages gtk) + #:use-module (gnu packages pkg-config)) + +(define-public viewnior + (package + (name "viewnior") + (version "1.6") + (source + (origin + (method url-fetch) + (uri (string-append "https://github.com/xsisqox/Viewnior/archive/" + name "-" version ".tar.gz")) + (sha256 + (base32 + "18309qjgwak3kn228z3p3nx7yxasqgzx69v3rgc23hf161nky0c9")))) + (build-system gnu-build-system) + (arguments + '(#:phases + (modify-phases %standard-phases + (add-after 'unpack 'autogen + (lambda _ + (zero? (system* "sh" "autogen.sh"))))))) + (native-inputs + `(("automake" ,automake) + ("autoconf" ,autoconf) + ("intltool" ,intltool) + ("glib" ,glib "bin") ; glib-genmarshal + ("gnome-common" ,gnome-common) + ("libtool" ,libtool) + ("pkg-config" ,pkg-config) + ("shared-mime-info" ,shared-mime-info) + ("which" ,which))) + (inputs + `(("exiv2" ,exiv2) + ("gdk-pixbuf" ,gdk-pixbuf) + ("gtk+-2" ,gtk+-2))) + (home-page "http://siyanpanayotov.com/project/viewnior/") + (synopsis "Simple, fast and elegant image viewer") + (description "Viewnior is an image viewer program. Created to be simple, +fast and elegant. Its minimalistic interface provides more screenspace for +your images. Among its features are: +@enumerate +@item Fullscreen & Slideshow +@item Rotate, flip, crop, save, delete images +@item Animation support +@item Browse only selected images +@item Navigation window +@item Set image as wallpaper (Gnome 2, Gnome 3, XFCE, LXDE, FluxBox, Nitrogen) +@item Simple interface +@item EXIF and IPTC metadata +@item Configurable mouse actions +@end enumerate\n") + (license license:gpl3+))) -- cgit 1.4.1 From c51d926c740f98883ce3332852e826f57fdf4566 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 28 Nov 2016 19:25:21 +0200 Subject: gnu: cairo: Fix CVE-2016-9082. * gnu/packages/gtk.scm (cairo)[replacement]: New field. (cairo/fixed): New variable. (cairo-xcb)[source]: Use patch. [replacement]: New field, set false. * gnu/packages/pdf.scm (poppler)[inputs]: Custom cairo should be replaced by a new custom patched cairo. * gnu/packages/patches/cairo-CVE-2016-9082.patch: New file. * gnu/local.mk (dist_patch_DATA): Register it. --- gnu/local.mk | 1 + gnu/packages/gtk.scm | 12 +++ gnu/packages/patches/cairo-CVE-2016-9082.patch | 122 +++++++++++++++++++++++++ gnu/packages/pdf.scm | 11 +++ 4 files changed, 146 insertions(+) create mode 100644 gnu/packages/patches/cairo-CVE-2016-9082.patch (limited to 'gnu/local.mk') diff --git a/gnu/local.mk b/gnu/local.mk index 49609cd68f..9d0e4c5094 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -489,6 +489,7 @@ dist_patch_DATA = \ %D%/packages/patches/binutils-loongson-workaround.patch \ %D%/packages/patches/binutils-mips-bash-bug.patch \ %D%/packages/patches/byobu-writable-status.patch \ + %D%/packages/patches/cairo-CVE-2016-9082.patch \ %D%/packages/patches/calibre-drop-unrar.patch \ %D%/packages/patches/calibre-no-updates-dialog.patch \ %D%/packages/patches/cdparanoia-fpic.patch \ diff --git a/gnu/packages/gtk.scm b/gnu/packages/gtk.scm index 17bd9c9b00..8a258b54cc 100644 --- a/gnu/packages/gtk.scm +++ b/gnu/packages/gtk.scm @@ -100,6 +100,7 @@ tools have full access to view and control running applications.") (define-public cairo (package (name "cairo") + (replacement cairo/fixed) (version "1.14.6") (source (origin (method url-fetch) @@ -153,6 +154,10 @@ affine transformation (scale, rotation, shear, etc.).") (package (inherit cairo) (name "cairo-xcb") + (source (origin + (inherit (package-source cairo)) + (patches (search-patches "cairo-CVE-2016-9082.patch")))) + (replacement #f) (inputs `(("mesa" ,mesa) ,@(package-inputs cairo))) @@ -162,6 +167,13 @@ affine transformation (scale, rotation, shear, etc.).") '("--enable-xlib-xcb" "--enable-gl" "--enable-egl"))) (synopsis "2D graphics library (with X11 support)"))) +(define cairo/fixed + (package + (inherit cairo) + (source (origin + (inherit (package-source cairo)) + (patches (search-patches "cairo-CVE-2016-9082.patch")))))) + (define-public harfbuzz (package (name "harfbuzz") diff --git a/gnu/packages/patches/cairo-CVE-2016-9082.patch b/gnu/packages/patches/cairo-CVE-2016-9082.patch new file mode 100644 index 0000000000..ad83404194 --- /dev/null +++ b/gnu/packages/patches/cairo-CVE-2016-9082.patch @@ -0,0 +1,122 @@ +From: Adrian Johnson +Date: Thu, 20 Oct 2016 21:12:30 +1030 +Subject: [PATCH] image: prevent invalid ptr access for > 4GB images + +Image data is often accessed using: + + image->data + y * image->stride + +On 64-bit achitectures if the image data is > 4GB, this computation +will overflow since both y and stride are 32-bit types. + +bug report: https://bugs.freedesktop.org/show_bug.cgi?id=98165 +patch: https://bugs.freedesktop.org/attachment.cgi?id=127421 +--- + boilerplate/cairo-boilerplate.c | 4 +++- + src/cairo-image-compositor.c | 4 ++-- + src/cairo-image-surface-private.h | 2 +- + src/cairo-mesh-pattern-rasterizer.c | 2 +- + src/cairo-png.c | 2 +- + src/cairo-script-surface.c | 3 ++- + 6 files changed, 10 insertions(+), 7 deletions(-) + +diff --git a/boilerplate/cairo-boilerplate.c b/boilerplate/cairo-boilerplate.c +index 7fdbf79..4804dea 100644 +--- a/boilerplate/cairo-boilerplate.c ++++ b/boilerplate/cairo-boilerplate.c +@@ -42,6 +42,7 @@ + #undef CAIRO_VERSION_H + #include "../cairo-version.h" + ++#include + #include + #include + #include +@@ -976,7 +977,8 @@ cairo_surface_t * + cairo_boilerplate_image_surface_create_from_ppm_stream (FILE *file) + { + char format; +- int width, height, stride; ++ int width, height; ++ ptrdiff_t stride; + int x, y; + unsigned char *data; + cairo_surface_t *image = NULL; +diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c +index 48072f8..3ca0006 100644 +--- a/src/cairo-image-compositor.c ++++ b/src/cairo-image-compositor.c +@@ -1575,7 +1575,7 @@ typedef struct _cairo_image_span_renderer { + pixman_image_t *src, *mask; + union { + struct fill { +- int stride; ++ ptrdiff_t stride; + uint8_t *data; + uint32_t pixel; + } fill; +@@ -1594,7 +1594,7 @@ typedef struct _cairo_image_span_renderer { + struct finish { + cairo_rectangle_int_t extents; + int src_x, src_y; +- int stride; ++ ptrdiff_t stride; + uint8_t *data; + } mask; + } u; +diff --git a/src/cairo-image-surface-private.h b/src/cairo-image-surface-private.h +index 8ca694c..7e78d61 100644 +--- a/src/cairo-image-surface-private.h ++++ b/src/cairo-image-surface-private.h +@@ -71,7 +71,7 @@ struct _cairo_image_surface { + + int width; + int height; +- int stride; ++ ptrdiff_t stride; + int depth; + + unsigned owns_data : 1; +diff --git a/src/cairo-mesh-pattern-rasterizer.c b/src/cairo-mesh-pattern-rasterizer.c +index 1b63ca8..e7f0db6 100644 +--- a/src/cairo-mesh-pattern-rasterizer.c ++++ b/src/cairo-mesh-pattern-rasterizer.c +@@ -470,7 +470,7 @@ draw_pixel (unsigned char *data, int width, int height, int stride, + tg += tg >> 16; + tb += tb >> 16; + +- *((uint32_t*) (data + y*stride + 4*x)) = ((ta << 16) & 0xff000000) | ++ *((uint32_t*) (data + y*(ptrdiff_t)stride + 4*x)) = ((ta << 16) & 0xff000000) | + ((tr >> 8) & 0xff0000) | ((tg >> 16) & 0xff00) | (tb >> 24); + } + } +diff --git a/src/cairo-png.c b/src/cairo-png.c +index 562b743..aa8c227 100644 +--- a/src/cairo-png.c ++++ b/src/cairo-png.c +@@ -673,7 +673,7 @@ read_png (struct png_read_closure_t *png_closure) + } + + for (i = 0; i < png_height; i++) +- row_pointers[i] = &data[i * stride]; ++ row_pointers[i] = &data[i * (ptrdiff_t)stride]; + + png_read_image (png, row_pointers); + png_read_end (png, info); +diff --git a/src/cairo-script-surface.c b/src/cairo-script-surface.c +index ea0117d..91e4baa 100644 +--- a/src/cairo-script-surface.c ++++ b/src/cairo-script-surface.c +@@ -1202,7 +1202,8 @@ static cairo_status_t + _write_image_surface (cairo_output_stream_t *output, + const cairo_image_surface_t *image) + { +- int stride, row, width; ++ int row, width; ++ ptrdiff_t stride; + uint8_t row_stack[CAIRO_STACK_BUFFER_SIZE]; + uint8_t *rowdata; + uint8_t *data; +-- +2.1.4 + diff --git a/gnu/packages/pdf.scm b/gnu/packages/pdf.scm index 39f4d021de..6442f08af9 100644 --- a/gnu/packages/pdf.scm +++ b/gnu/packages/pdf.scm @@ -95,6 +95,17 @@ ;; To build poppler-glib (as needed by Evince), we need Cairo and ;; GLib. But of course, that Cairo must not depend on Poppler. ("cairo" ,(package (inherit cairo) + (replacement + (package + (inherit cairo) + (replacement #f) + (source + (origin + (inherit (package-source cairo)) + (patches (search-patches + "cairo-CVE-2016-9082.patch")))) + (inputs (alist-delete "poppler" + (package-inputs cairo))))) (inputs (alist-delete "poppler" (package-inputs cairo))))) ("glib" ,glib))) -- cgit 1.4.1