diff --git a/packages/network/avahi/package.mk b/packages/network/avahi/package.mk index 098ceccabb..cc9b6cc851 100644 --- a/packages/network/avahi/package.mk +++ b/packages/network/avahi/package.mk @@ -17,21 +17,18 @@ ################################################################################ PKG_NAME="avahi" -PKG_VERSION="0.6.32" -PKG_SHA256="ad0900c122083b99862779df2d674189ba2bf516737acc9575174eb4913cd2ff" +PKG_VERSION="0.7" +PKG_SHA256="fd45480cef0559b3eab965ea3ad4fe2d7a8f27db32c851a032ee0b487c378329" PKG_ARCH="any" PKG_LICENSE="GPL" PKG_SITE="http://avahi.org/" -PKG_URL="http://sources.openelec.tv/mirror/avahi/$PKG_NAME-$PKG_VERSION.tar.gz" +PKG_URL="https://github.com/lathiat/avahi/archive/v$PKG_VERSION.tar.gz" PKG_DEPENDS_TARGET="toolchain expat libdaemon dbus connman" PKG_SECTION="network" PKG_SHORTDESC="avahi: A Zeroconf mDNS/DNS-SD responder" PKG_LONGDESC="Avahi is a framework for Multicast DNS Service Discovery (mDNS/DNS-SD a.k.a. Zeroconf) on Linux. It allows programs to publish and discover services running on a local network with no specific configuration. For example, you can plug into a network and instantly find printers to print to, files to look at, and people to talk to." -#broken PKG_TOOLCHAIN="configure" -MAKEFLAGS="-j1" - PKG_CONFIGURE_OPTS_TARGET="py_cv_mod_gtk_=yes \ py_cv_mod_dbus_=yes \ ac_cv_func_chroot=no \ @@ -104,7 +101,6 @@ post_makeinstall_target() { mkdir -p $INSTALL/usr/share/services cp -P $PKG_DIR/default.d/*.conf $INSTALL/usr/share/services - } post_install() { diff --git a/packages/network/nss-mdns/package.mk b/packages/network/nss-mdns/package.mk index 78b3b89d42..53848cd1de 100644 --- a/packages/network/nss-mdns/package.mk +++ b/packages/network/nss-mdns/package.mk @@ -17,22 +17,22 @@ ################################################################################ PKG_NAME="nss-mdns" -PKG_VERSION="0.10" -PKG_SHA256="1e683c2e7c3921814706d62fbbd3e9cbf493a75fa00255e0e715508d8134fa6d" +PKG_VERSION="47edc38" +PKG_SHA256="f02e8baeceea30e82a2ecdaa8cafdbcabfdaa33a766f6942e7dc8aa81948f7b6" PKG_ARCH="any" PKG_LICENSE="GPL" -PKG_SITE="http://0pointer.de/lennart/projects/nss-mdns/" -# PKG_URL="http://0pointer.de/lennart/projects/nss-mdns/$PKG_NAME-$PKG_VERSION.tar.gz" -PKG_URL="http://sources.openelec.tv/mirror/nss-mdns/$PKG_NAME-$PKG_VERSION.tar.gz" +PKG_SITE="https://github.com/lathiat/nss-mdns" +PKG_URL="https://github.com/lathiat/nss-mdns/archive/$PKG_VERSION.tar.gz" PKG_DEPENDS_TARGET="toolchain avahi" PKG_SECTION="network" PKG_SHORTDESC="nss-mdns is a plugin for nss to allow name resolution via Multicast DNS." -PKG_LONGDESC="nss-mdns is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing host name resolution via Multicast DNS (aka Zeroconf, aka Apple Rendezvous, aka Apple Bonjour), effectively allowing name resolution by common Unix/Linux programs in the ad-hoc mDNS domain .local." +PKG_LONGDESC="nss-mdns is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing host name resolution via Multicast DNS" +PKG_TOOLCHAIN="autotools" -PKG_CONFIGURE_OPTS_TARGET="--disable-lynx \ - --enable-avahi \ - --disable-legacy \ - --disable-search-domains" +makeinstall_target() { + mkdir -p $SYSROOT_PREFIX/usr/lib + cp -P $PKG_BUILD/.$TARGET_NAME/src/.libs/libnss_mdns_minimal.so.2 $SYSROOT_PREFIX/usr/lib +} post_makeinstall_target() { mkdir -p $INSTALL/etc diff --git a/packages/network/nss-mdns/patches/nss-mdns-fix-out-of-bounds.patch b/packages/network/nss-mdns/patches/nss-mdns-fix-out-of-bounds.patch new file mode 100644 index 0000000000..a7fe5edb79 --- /dev/null +++ b/packages/network/nss-mdns/patches/nss-mdns-fix-out-of-bounds.patch @@ -0,0 +1,70 @@ +From 29fdeb2387e3a9cd49d5b1aa09ca23cdea60b91a Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich +Date: Tue, 15 Aug 2017 09:45:29 +0100 +Subject: [PATCH] src/nss.c: fix out-of-bounds memset() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +out-of-bounds access happens at memset() call site: + + @@ -272,9 +272,9 @@ enum nss_status _nss_mdns_gethostbyname4_r( + // Copy address + memcpy(&(tuple->addr), &(u.data.result[i].address), address_length); + if(address_length < sizeof(ipv6_address_t)) { + memset((&(tuple->addr) + address_length - sizeof(ipv6_address_t)), 0, + (sizeof(ipv6_address_t) - address_length) + ); + } + +The problem here is in 'addr' type: + struct gaih_addrtuple { + ... + uint32_t addr[4]; + ... + }; + +It means pointer addressing is not byte-based as offsets imply and memset() +wipes 12 bytes in hearby memory (of stack in glibc case). + +valgrind detects the overflow as: + + ==12732== Invalid write of size 1 + ==12732== at 0x4C11A29: memset (vg_replace_strmem.c:1239) + ==12732== by 0x57FA348: _nss_mdns_minimal_gethostbyname4_r (nss.c:292) + ==12732== by 0x4F016D8: gaih_inet.constprop.7 (getaddrinfo.c:806) + ==12732== by 0x4F02673: getaddrinfo (getaddrinfo.c:2317) + ==12732== by 0x4800B3B: main (a.c:34) + +The effect is SIGSEGV-ing getaddrinfo() call on systems with +the following nsswitch.conf: + + hosts: files mdns_minimal [NOTFOUND=return] dns + +The fix is to simplify memset()/memcpy() sequence. + +Reported-by: Michał Górny +Bug: https://bugs.gentoo.org/627770 +Signed-off-by: Sergei Trofimovich +--- + src/nss.c | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/src/nss.c b/src/nss.c +index ebb887c..1f50bad 100644 +--- a/src/nss.c ++++ b/src/nss.c +@@ -271,12 +271,8 @@ enum nss_status _nss_mdns_gethostbyname4_r( + tuple->family = u.data.result[i].af; + + // Copy address ++ memset(&(tuple->addr), 0, sizeof(ipv6_address_t)); + memcpy(&(tuple->addr), &(u.data.result[i].address), address_length); +- if(address_length < sizeof(ipv6_address_t)) { +- memset((&(tuple->addr) + address_length - sizeof(ipv6_address_t)), 0, +- (sizeof(ipv6_address_t) - address_length) +- ); +- } + + // Assign interface scope id + tuple->scopeid = u.data.result[i].scopeid; diff --git a/packages/textproc/jsoncpp/config/CMakeLists.txt b/packages/textproc/jsoncpp/config/CMakeLists.txt deleted file mode 100644 index ffcfd8a5b2..0000000000 --- a/packages/textproc/jsoncpp/config/CMakeLists.txt +++ /dev/null @@ -1,15 +0,0 @@ -project(jsoncpp) - -cmake_minimum_required(VERSION 2.6) -enable_language(CXX) - -set(SOURCES src/lib_json/json_reader.cpp - src/lib_json/json_value.cpp - src/lib_json/json_writer.cpp) - -include_directories(${PROJECT_SOURCE_DIR}/include) - -add_library(jsoncpp ${SOURCES}) - -install(TARGETS jsoncpp DESTINATION ${CMAKE_INSTALL_PREFIX}/lib) -install(DIRECTORY include/json DESTINATION ${CMAKE_INSTALL_PREFIX}/include/jsoncpp) diff --git a/packages/textproc/jsoncpp/package.mk b/packages/textproc/jsoncpp/package.mk index 2ed2fff2a7..6156380cce 100644 --- a/packages/textproc/jsoncpp/package.mk +++ b/packages/textproc/jsoncpp/package.mk @@ -17,22 +17,20 @@ ################################################################################ PKG_NAME="jsoncpp" -PKG_VERSION="src-0.5.0" -PKG_SHA256="22b14ecd0de8cdad2b6b6839f6d0804d3b84e91f42861ebd843832a26a927433" +PKG_VERSION="1.8.3" +PKG_SHA256="3671ba6051e0f30849942cc66d1798fdf0362d089343a83f704c09ee7156604f" PKG_ARCH="any" PKG_LICENSE="GPL" -PKG_SITE="http://www.kodi.tv" -PKG_URL="http://sources.openelec.tv/mirror/jsoncpp/$PKG_NAME-$PKG_VERSION.tar.gz" +PKG_SITE="https://github.com/open-source-parsers/jsoncpp/" +PKG_URL="https://github.com/open-source-parsers/jsoncpp/archive/$PKG_VERSION.tar.gz" PKG_DEPENDS_TARGET="toolchain" PKG_SECTION="multimedia" -PKG_SHORTDESC="jsoncpp" -PKG_LONGDESC="jsoncpp" +PKG_SHORTDESC="A C++ library for interacting with JSON." +PKG_LONGDESC="A C++ library for interacting with JSON." PKG_TOOLCHAIN="cmake" +PKG_CMAKE_OPTS_TARGET="-DJSONCPP_WITH_TESTS=OFF" + pre_configure_target() { export CFLAGS="$CFLAGS -fPIC" } - -pre_build_target() { - cp $PKG_DIR/config/CMakeLists.txt $PKG_BUILD -}