From 34ef8dc985f57f58e36f72c01d4e07839024922b Mon Sep 17 00:00:00 2001 From: dmcmahill Date: Fri, 28 Jan 2005 23:37:42 +0000 Subject: update to f2c-20001205nb8 This addresses a temp file symlink race vulnerability. The f2c patch is adapted from the debian one. The f2c-f77 (wrapper script which emulates a fortran compiler) patch was done a bit differently. --- lang/f2c/Makefile | 4 +- lang/f2c/buildlink3.mk | 4 +- lang/f2c/distinfo | 9 +++-- lang/f2c/patches/patch-ac | 96 ++++++++++++++++++++++++++++++++--------------- lang/f2c/patches/patch-ae | 4 +- lang/f2c/patches/patch-ag | 4 +- lang/f2c/patches/patch-ak | 69 ++++++++++++++++++++++++++++++++++ 7 files changed, 148 insertions(+), 42 deletions(-) create mode 100644 lang/f2c/patches/patch-ak (limited to 'lang') diff --git a/lang/f2c/Makefile b/lang/f2c/Makefile index 07b552beb14..ae38c885339 100644 --- a/lang/f2c/Makefile +++ b/lang/f2c/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.32 2004/10/03 00:15:00 tv Exp $ +# $NetBSD: Makefile,v 1.33 2005/01/28 23:37:42 dmcmahill Exp $ DISTNAME= f2c-20001205 -PKGREVISION= 7 +PKGREVISION= 8 CATEGORIES= lang MASTER_SITES= ${MASTER_SITE_LOCAL} diff --git a/lang/f2c/buildlink3.mk b/lang/f2c/buildlink3.mk index 8ee050019f5..43fbc0df4ca 100644 --- a/lang/f2c/buildlink3.mk +++ b/lang/f2c/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.3 2005/01/12 15:43:39 jlam Exp $ +# $NetBSD: buildlink3.mk,v 1.4 2005/01/28 23:37:42 dmcmahill Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ F2C_BUILDLINK3_MK:= ${F2C_BUILDLINK3_MK}+ @@ -12,7 +12,7 @@ BUILDLINK_PACKAGES+= f2c .if !empty(F2C_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.f2c+= f2c>=20001205nb3 -BUILDLINK_RECOMMENDED.f2c+= f2c>=20001205nb7 +BUILDLINK_RECOMMENDED.f2c+= f2c>=20001205nb8 BUILDLINK_PKGSRCDIR.f2c?= ../../lang/f2c .endif # F2C_BUILDLINK3_MK diff --git a/lang/f2c/distinfo b/lang/f2c/distinfo index 2edbe3d23ae..b1fd81aa6a8 100644 --- a/lang/f2c/distinfo +++ b/lang/f2c/distinfo @@ -1,14 +1,15 @@ -$NetBSD: distinfo,v 1.12 2004/09/15 20:56:31 dmcmahill Exp $ +$NetBSD: distinfo,v 1.13 2005/01/28 23:37:42 dmcmahill Exp $ SHA1 (f2c-20001205.tar.gz) = f3cc1653eb962fee45d850df50890fc53448a17f Size (f2c-20001205.tar.gz) = 988607 bytes SHA1 (patch-aa) = ca2ced3179b4866ab6d1f8ffa6d7a4e08221cc9a SHA1 (patch-ab) = 97c676fa452daa674e11348412ccb26d38a7baa4 -SHA1 (patch-ac) = 3bdc1873b4990ff7d542ce5474f23137d2dc5d54 +SHA1 (patch-ac) = a80ca0b5be4bc675405db8f50bbf1ff6660004fe SHA1 (patch-ad) = 7f204a45891e3632589ea8fb0e4e379a0a792dea -SHA1 (patch-ae) = 037cc8aed72a3088771ab24077ff19b009e63ebf +SHA1 (patch-ae) = f17254cab1449273ca44e652ed2f1a586a9a3e19 SHA1 (patch-af) = fe24139c21862e85c576118166b7deab8e421572 -SHA1 (patch-ag) = 5f294e491ba4730aa7047ad53fa710a0698c2649 +SHA1 (patch-ag) = 08d145e598ea5d376cee34ec42c7a98cae80668d SHA1 (patch-ah) = 54e4679e33cf3adc3b0d2b8b5b4e98cf26370319 SHA1 (patch-ai) = 641d3720c80cfb7d1c23981bb845b0a9bee3e6d7 SHA1 (patch-aj) = c58361fbbfc06e033b2a47e1d1e370716c4b185c +SHA1 (patch-ak) = 5d95d88cb7118ee7b1047db24880cbd49a782807 diff --git a/lang/f2c/patches/patch-ac b/lang/f2c/patches/patch-ac index ffc265108c0..71ac39da7ef 100644 --- a/lang/f2c/patches/patch-ac +++ b/lang/f2c/patches/patch-ac @@ -1,4 +1,4 @@ -$NetBSD: patch-ac,v 1.14 2004/09/15 20:56:31 dmcmahill Exp $ +$NetBSD: patch-ac,v 1.15 2005/01/28 23:37:42 dmcmahill Exp $ Much cleanup of the script. Added various options such as -O for optimization @@ -12,9 +12,11 @@ Much cleanup of the script. Added various options such as Also only pass -m* to the C compiler not f2c. ---- fc.orig Fri Jul 7 17:47:06 2000 -+++ fc Tue Jan 22 11:39:39 2002 -@@ -1,178 +1,262 @@ +Unknown options are passed on to the C compiler and C preprocessor. + +--- fc.orig 2000-07-07 21:47:06.000000000 +0000 ++++ fc +@@ -1,179 +1,276 @@ -#! /bin/sh - -# NOTE: you may need to adjust the references to /usr/local/... below @@ -150,21 +152,34 @@ Also only pass -m* to the C compiler not f2c. -# -N tnnn allow nnn entries in table t - -# -P emit .P files -+# if no input arguments, then spit out the help stuff from the beginning -+# of this file. -+if [ $# = 0 ]; then -+ cat $0 | awk '$1 == "#USAGESTART", $1 == ""' | tail +2 | sed 's/#//g' -+fi - +- -# -U def passed to C compiler (for .c files) -# or to cpp (for .F files) to remove def - - s=/tmp/stderr_$$ - t=/tmp/f77_$$.o +- +-s=/tmp/stderr_$$ +-t=/tmp/f77_$$.o -### On some systems (e.g., IRIX), -common prevents complaints -### about multiple definitions of COMMON blocks. -#CC=${CC_f2c:-'cc -common'} -CC=${CC_f2c:-'cc'} ++# if no input arguments, then spit out the help stuff from the beginning ++# of this file. ++if [ $# = 0 ]; then ++ cat $0 | awk '$1 == "#USAGESTART", $1 == ""' | tail +2 | sed 's/#//g' ++fi ++ ++ ++tmpd=${TMPDIR:-/tmp} ++mytmp=${tmpd}/f2c_$$ ++mkdir -m 0700 $mytmp ++if test $? -ne 0 ; then ++ echo "ERROR: Could not create temporary directory ${mytmp}" ++ echo "Either you do not have write permission to ${tmpd} or" ++ echo "${mytmp} already exists" ++ exit 1 ++fi ++s=${mytmp}/stderr ++t=${mytmp}/f77.o +CC=${CC_f2c:-'@CC@ '} EFL=${EFL:-efl} EFLFLAGS=${EFLFLAGS:-'system=portable deltastno=10'} @@ -178,7 +193,8 @@ Also only pass -m* to the C compiler not f2c. +S2DBLFLAG="-R" +CPP=${CPP:-'@CPP@ '} rc=0 - trap "rm -f $s $t; exit \$rc" 0 +-trap "rm -f $s $t; exit \$rc" 0 ++trap "rm -fr $s $t $mytmp ; exit \$rc" 0 OUTF=a.out -OUTO= cOPT=1 @@ -324,21 +340,25 @@ Also only pass -m* to the C compiler not f2c. - -S) CFLAGS="$CFLAGS -S" - cOPT=0 + -w66) F2CFLAGS="$F2CFLAGS -w66" - shift - ;; - -+ -Wl*) CFLAGS="$CFLAGS $1" + shift + ;; + -+ -W*) CFLAGS="$CFLAGS $1" ++ -Wl*) CFLAGS="$CFLAGS $1" + shift + ;; + -+ -*) echo "ERROR: $1 is not a valid option" -+ exit 1 ++ -W*) CFLAGS="$CFLAGS $1" ++ shift + ;; + ++ -*) CFLAGS="$CFLAGS $1" ++ CPPFLAGS="$CPPFLAGS $1" ++ if test $VERBOSE = "yes"; then ++ echo "Warning: Passing unknown option $1 on to the c compiler" ++ fi + shift + ;; + *) - echo "invalid parameter $1" 1>&2 + ARGS="$ARGS $1" @@ -374,7 +394,9 @@ Also only pass -m* to the C compiler not f2c. + while test -n "$1" -@@ -184,4 +268,7 @@ + do +@@ -183,6 +280,9 @@ do + case "$1" in *.f) f=".f";; *.F) f=".F";; esac case "$1" in *.f) b=`basename $1 .f` + if test $VERBOSE = "yes"; then @@ -382,7 +404,9 @@ Also only pass -m* to the C compiler not f2c. + fi $F2C $F2CFLAGS $1 rc=$? -@@ -191,4 +278,7 @@ + ;; +@@ -190,6 +290,9 @@ do + $CPP $CPPFLAGS $1 >$b.i rc=$? case $rc in 0) + if test $VERBOSE="yes"; then @@ -390,35 +414,45 @@ Also only pass -m* to the C compiler not f2c. + fi $F2C $F2CFLAGS <$b.i >$b.c rc=$? -@@ -198,5 +288,5 @@ + ;;esac +@@ -197,7 +300,7 @@ do + ;; esac case $rc in 0);; *) exit;; esac - $CC -c $CFLAGSF2C $CFLAGS $b.c 2>$s + $CC -c $CFLAGS $b.c 2>$s rc=$? sed '/parameter .* is not referenced/d;/warning: too many parameters/d' $s 1>&2 -@@ -213,5 +303,5 @@ + case $rc in 0);; *) exit;; esac +@@ -212,7 +315,7 @@ do + case $? in 0);; *) rc=$?; exit;; esac $F2C $F2CFLAGS $b.f case $? in 0);; *) rc=$?; exit;; esac - $CC -c $CFLAGSF2C $CFLAGS $b.c + $CC -c $CFLAGS $b.c case $? in 0);; *) rc=$?; exit;; esac OFILES="$OFILES $b.o" -@@ -226,5 +316,5 @@ + rm $b.[cf] +@@ -225,7 +328,7 @@ do + case $? in 0);; *) rc=$?; exit;; esac $F2C $F2CFLAGS $b.f case $? in 0);; *) rc=$?; exit;; esac - $CC -c $CFLAGSF2C $CFLAGS $b.c + $CC -c $CFLAGS $b.c case $? in 0);; *) rc=$?; exit;; esac OFILES="$OFILES $b.o" -@@ -245,5 +335,5 @@ + rm $b.[cf] +@@ -244,7 +347,7 @@ do + *.c) echo $1: 1>&2 OFILE=`basename $1 .c`.o - $CC -c $CFLAGSF2C $CPPFLAGS $CFLAGS $1 + $CC -c $CPPFLAGS $CFLAGS $1 rc=$?; case $rc in 0);; *) rc=$?; exit;; esac OFILES="$OFILES $OFILE" -@@ -261,10 +351,10 @@ + case $cOPT in 1) cOPT=2;; esac +@@ -260,19 +363,18 @@ do + case $cOPT in 1) cOPT=2;; esac shift ;; - -[lL]) @@ -432,7 +466,7 @@ Also only pass -m* to the C compiler not f2c. + -l*) OFILES="$OFILES $1" shift -@@ -272,6 +362,5 @@ + case $cOPT in 1) cOPT=2;; esac ;; -o) - case $cOPT in 0) CFLAGS="$CFLAGS -o $2";; *) OUTF=$2;; esac @@ -440,7 +474,9 @@ Also only pass -m* to the C compiler not f2c. + OUTF=$2; shift 2;; *.P) F2CFLAGS="$F2CFLAGS $1" -@@ -286,9 +375,11 @@ + shift +@@ -285,10 +387,12 @@ do + esac done -### On some (IRIX) systems, -Wl,-dont_warn_unused prevents complaints diff --git a/lang/f2c/patches/patch-ae b/lang/f2c/patches/patch-ae index cd7a1e32c86..fb0c6f98008 100644 --- a/lang/f2c/patches/patch-ae +++ b/lang/f2c/patches/patch-ae @@ -1,4 +1,4 @@ -$NetBSD: patch-ae,v 1.9 2004/09/14 22:09:40 dmcmahill Exp $ +$NetBSD: patch-ae,v 1.10 2005/01/28 23:37:42 dmcmahill Exp $ --- libF77/makefile.orig Tue Sep 14 18:38:32 2004 +++ libF77/makefile @@ -72,7 +72,7 @@ $NetBSD: patch-ae,v 1.9 2004/09/14 22:09:40 dmcmahill Exp $ - mv libF77.a $(LIBDIR)/libF77.a - ranlib $(LIBDIR)/libF77.a || true +install: libF77.la -+ ${LIBTOOL} --mode=install ${BSD_INSTALL_DATA} libF77.la ${LIBDIR} ++ ${LIBTOOL} --mode=install ${BSD_INSTALL_LIB} libF77.la ${LIBDIR} clean: rm -f libF77.a *.o diff --git a/lang/f2c/patches/patch-ag b/lang/f2c/patches/patch-ag index 97498700516..8c8db36171d 100644 --- a/lang/f2c/patches/patch-ag +++ b/lang/f2c/patches/patch-ag @@ -1,4 +1,4 @@ -$NetBSD: patch-ag,v 1.9 2004/09/14 22:09:40 dmcmahill Exp $ +$NetBSD: patch-ag,v 1.10 2005/01/28 23:37:42 dmcmahill Exp $ --- libI77/makefile.orig Tue Sep 14 17:11:44 2004 +++ libI77/makefile @@ -42,7 +42,7 @@ $NetBSD: patch-ag,v 1.9 2004/09/14 22:09:40 dmcmahill Exp $ - cp libI77.a $(LIBDIR)/libI77.a - ranlib $(LIBDIR)/libI77.a || true +install: libI77.la -+ ${LIBTOOL} --mode=install ${BSD_INSTALL_DATA} libI77.la ${LIBDIR} ++ ${LIBTOOL} --mode=install ${BSD_INSTALL_LIB} libI77.la ${LIBDIR} -Version.o: Version.c - $(CC) -c Version.c diff --git a/lang/f2c/patches/patch-ak b/lang/f2c/patches/patch-ak new file mode 100644 index 00000000000..48485114a9a --- /dev/null +++ b/lang/f2c/patches/patch-ak @@ -0,0 +1,69 @@ +$NetBSD: patch-ak,v 1.1 2005/01/28 23:37:42 dmcmahill Exp $ + +--- src/sysdep.c.orig 2000-07-04 22:54:54.000000000 +0000 ++++ src/sysdep.c +@@ -22,6 +22,7 @@ use or performance of this software. + ****************************************************************/ + #include "defs.h" + #include "usignal.h" ++#include + + char binread[] = "rb", textread[] = "r"; + char binwrite[] = "wb", textwrite[] = "w"; +@@ -95,8 +96,10 @@ Un_link_all(int cdelete) + { + if (!debugflag) { + unlink(c_functions); ++ unlink(initbname); + unlink(initfname); + unlink(p1_file); ++ unlink(p1_bakfile); + unlink(sortfname); + unlink(blkdfname); + if (cdelete && coutput) +@@ -118,6 +121,15 @@ set_tmp_names(Void) + p1_file = blkdfname + k; + p1_bakfile = p1_file + k; + sortfname = p1_bakfile + k; ++#if !defined(MSDOS) ++ sprintf(c_functions, "%s/f2c_func_XXXXXX", tmpdir); ++ sprintf(initfname, "%s/f2c_rc_XXXXXX", tmpdir); ++ sprintf(initbname, "%s/f2c_rc.b_XXXXXX", tmpdir); ++ sprintf(blkdfname, "%s/f2c_blkd_XXXXXX", tmpdir); ++ sprintf(p1_file, "%s/f2c_p1f_XXXXXX", tmpdir); ++ sprintf(p1_bakfile, "%s/f2c_p1fb_XXXXXX", tmpdir); ++ sprintf(sortfname, "%s/f2c_sort_XXXXXX", tmpdir); ++#endif + { + #ifdef MSDOS + char buf[64], *s, *t; +@@ -156,16 +168,21 @@ set_tmp_names(Void) + sprintf(p1_file, "%s%sp1f", t, f2c); + sprintf(p1_bakfile, "%s%sp1fb", t, f2c); + sprintf(sortfname, "%s%ssort", t, f2c); ++ sprintf(initbname, "%s.b", initfname); + #else +- long pid = getpid(); +- sprintf(c_functions, "%s/f2c%ld_func", tmpdir, pid); +- sprintf(initfname, "%s/f2c%ld_rd", tmpdir, pid); +- sprintf(blkdfname, "%s/f2c%ld_blkd", tmpdir, pid); +- sprintf(p1_file, "%s/f2c%ld_p1f", tmpdir, pid); +- sprintf(p1_bakfile, "%s/f2c%ld_p1fb", tmpdir, pid); +- sprintf(sortfname, "%s/f2c%ld_sort", tmpdir, pid); ++ ++ if (mkstemp(c_functions) == -1 ++ || mkstemp(initfname) == -1 ++ || mkstemp(initbname) == -1 ++ || mkstemp(blkdfname) == -1 ++ || mkstemp(p1_file) == -1 ++ || mkstemp(p1_bakfile) == -1 ++ || mkstemp(sortfname) == -1) { ++ fprintf(stderr, "Cannot create temporary files\n"); ++ Un_link_all(0); ++ exit(1); ++ } + #endif +- sprintf(initbname, "%s.b", initfname); + } + if (debugflag) + fprintf(diagfile, "%s %s %s %s %s %s\n", c_functions, -- cgit v1.2.3