[arch-commits] Commit in gdbm/trunk (PKGBUILD gdbm-1.8.3-zeroheaders.patch)

Fri Jan 7 13:58:42 UTC 2011

Date: Friday, January 7, 2011 @ 08:58:42
  Author: stephane
Revision: 105198

upgpkg: gdbm 1.8.3-8
Tidy up PKGBUILD, Rebuild of old package, Use fcntl instead of flock for locking to make nfs safe, Prevent gdbm from storing uninitialized memory content to db files

Added:
  gdbm/trunk/gdbm-1.8.3-zeroheaders.patch
Modified:
  gdbm/trunk/PKGBUILD

------------------------------+
 PKGBUILD                     |   39 +++++++++++++++++++++++++++---------
 gdbm-1.8.3-zeroheaders.patch |   44 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 74 insertions(+), 9 deletions(-)

Modified: PKGBUILD
===================================================================

--- PKGBUILD	2011-01-07 13:51:23 UTC (rev 105197)
+++ PKGBUILD	2011-01-07 13:58:42 UTC (rev 105198)
@@ -4,30 +4,51 @@
 
 pkgname=gdbm
 pkgver=1.8.3
-pkgrel=7
+pkgrel=8
 pkgdesc="GNU database library"
 url="http://www.gnu.org/software/gdbm/gdbm.html"
 license=('GPL')
 arch=('i686' 'x86_64')
 depends=('glibc' 'sh')
-source=(ftp://ftp.gnu.org/gnu/gdbm/$pkgname-$pkgver.tar.gz
-	gdbm-1.8.3-fhs.patch)
+source=(ftp://ftp.gnu.org/gnu/gdbm/${pkgname}-${pkgver}.tar.gz
+        gdbm-1.8.3-zeroheaders.patch
+        gdbm-1.8.3-fhs.patch)
 options=('!libtool' '!makeflags')
 install=gdbm.install
 md5sums=('1d1b1d5c0245b1c00aff92da751e9aa1'
+         'a2ed344be9258775bd718074cf2e4ec6'
          '66a7c235416c136dc89efc7d03352514')
 
 build() {
-  cd $srcdir/$pkgname-$pkgver
-  patch -Np1 -i $srcdir/gdbm-1.8.3-fhs.patch
-  
+  cd "${srcdir}/${pkgname}-${pkgver}"
+
+  # Prevent gdbm from storing uninitialized memory content
+  # to database files. This patch improves security, as the
+  # uninitialized memory might contain sensitive informations
+  # from other applications.
+  # https://bugzilla.redhat.com/show_bug.cgi?id=4457
+  # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208927
+  patch -Np1 -i ../gdbm-1.8.3-zeroheaders.patch
+
+  # Make gdbm buildable.
+  patch -Np1 -i ../gdbm-1.8.3-fhs.patch
+
   libtoolize --force --copy
   aclocal
-  autoconf 
-  
+  autoconf
+
   ./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info
-  make prefix=/usr || return 1
 
+  # flock does not work on nfs, we use fcntl instead
+  # https://bugzilla.redhat.com/show_bug.cgi?id=477300
+  echo "/* We use fcntl locking (POSIX) instead of flock (BSD) */" >> autoconf.h
+  echo "#undef HAVE_FLOCK" >> autoconf.h
+
+  make prefix=/usr
+}
+
+package() {
+  cd "${srcdir}/${pkgname}-${pkgver}"
   make prefix=$pkgdir/usr \
        manprefix=$pkgdir/usr/share/man \
        man3dir=$pkgdir/usr/share/man/man3 \

Added: gdbm-1.8.3-zeroheaders.patch
===================================================================
--- gdbm-1.8.3-zeroheaders.patch	                        (rev 0)
+++ gdbm-1.8.3-zeroheaders.patch	2011-01-07 13:58:42 UTC (rev 105198)
@@ -0,0 +1,44 @@
+02_zero-headers.patch by Jeff Johnson <jbj at redhat.com> and Colin Watson <cjwatson at debian.org>
+
+diff -urNad a/falloc.c b/falloc.c
+--- a/falloc.c	2001-02-28 06:52:33.000000000 +0000
++++ b/falloc.c	2003-09-08 23:58:43.000000000 +0100
+@@ -272,7 +272,7 @@
+ 
+ 
+   /* Split the header block. */
+-  temp = (avail_block *) malloc (av_size);
++  temp = (avail_block *) calloc (1, av_size);
+   if (temp == NULL) _gdbm_fatal (dbf, "malloc error");
+   /* Set the size to be correct AFTER the pop_avail_block. */
+   temp->size = dbf->header->avail.size;
+diff -urNad a/gdbmopen.c b/gdbmopen.c
+--- a/gdbmopen.c	2003-09-08 23:58:01.000000000 +0100
++++ b/gdbmopen.c	2003-09-08 23:58:43.000000000 +0100
+@@ -212,7 +212,7 @@
+ 	file_block_size = block_size;
+ 
+       /* Get space for the file header. */
+-      dbf->header = (gdbm_file_header *) malloc (file_block_size);
++      dbf->header = (gdbm_file_header *) calloc (1, file_block_size);
+       if (dbf->header == NULL)
+ 	{
+ 	  gdbm_close (dbf);
+@@ -256,7 +256,7 @@
+ 	(dbf->header->block_size - sizeof (hash_bucket))
+ 	/ sizeof (bucket_element) + 1;
+       dbf->header->bucket_size  = dbf->header->block_size;
+-      dbf->bucket = (hash_bucket *) malloc (dbf->header->bucket_size);
++      dbf->bucket = (hash_bucket *) calloc (1, dbf->header->bucket_size);
+       if (dbf->bucket == NULL)
+ 	{
+ 	  gdbm_close (dbf);
+@@ -420,7 +420,7 @@
+       for(index = 0; index < size; index++)
+         {
+           (dbf->bucket_cache[index]).ca_bucket
+-            = (hash_bucket *) malloc (dbf->header->bucket_size);
++            = (hash_bucket *) calloc (1, dbf->header->bucket_size);
+           if ((dbf->bucket_cache[index]).ca_bucket == NULL)
+ 	    {
+               gdbm_errno = GDBM_MALLOC_ERROR;


