Commit 8e65104b authored by Łukasz Nowak's avatar Łukasz Nowak

Avoid using gets (...at all) on recent glibc.

Because "gets is a security hole - use fgets instead" and this function is not
available anymore in recent environments.

Also depend on patch change, as it shall lead to recompilation.
(cherry picked from commit 70859841)
parent 1202986d
......@@ -4,7 +4,19 @@ extends =
parts =
bison
[bison-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = ac06cbaa298ac686d0b0c04bc03e6ad8
download-only = true
filename = drop.gets.patch
[bison]
virtual-depends = ${bison-drop.gets.patch:md5sum}
patch-options = -p1
patches =
${bison-drop.gets.patch:location}/${bison-drop.gets.patch:filename}
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/bison/bison-2.5.tar.bz2
md5sum = 9dba20116b13fc61a0846b0058fbe004
......
diff -ur bison-2.5.orig/lib/stdio.in.h bison-2.5/lib/stdio.in.h
--- bison-2.5.orig/lib/stdio.in.h 2011-05-15 00:23:46.000000000 +0200
+++ bison-2.5/lib/stdio.in.h 2012-07-23 16:30:56.366722487 +0200
@@ -181,7 +181,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
......@@ -2,10 +2,23 @@
parts =
coreutils
[coreutils-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 63c2299d92d23e4748abb9668b7e62ea
download-only = true
filename = drop.gets.patch
[coreutils]
virtual-depends = ${coreutils-drop.gets.patch:md5sum}
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/coreutils/coreutils-8.12.tar.gz
md5sum = fce7999953a67243d00d75cc86dbcaa6
patch-options = -p1
patches =
${coreutils-drop.gets.patch:location}/${coreutils-drop.gets.patch:filename}
configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_} --enable-install-program=tr,basename,uname,cat,cp,ls
environment =
......
diff -ur coreutils-8.12.old/lib/stdio.in.h coreutils-8.12/lib/stdio.in.h
--- coreutils-8.12.old/lib/stdio.in.h 2011-04-25 11:01:29.000000000 +0200
+++ coreutils-8.12/lib/stdio.in.h 2012-07-23 16:02:17.591610452 +0200
@@ -181,7 +181,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
......@@ -2,7 +2,19 @@
[buildout]
parts = cpio
[cpio-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 6c79cb9caf407063543efff93647c450
download-only = true
filename = drop.gets.patch
[cpio]
virtual-depends =
${cpio-drop.gets.patch:md5sum}
patch-options = -p1
patches =
${cpio-drop.gets.patch:location}/${cpio-drop.gets.patch:filename}
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/cpio/cpio-2.11.tar.bz2
md5sum = 20fc912915c629e809f80b96b2e75d7d
diff -ur cpio-2.11.orig/gnu/stdio.in.h cpio-2.11/gnu/stdio.in.h
--- cpio-2.11.orig/gnu/stdio.in.h 2010-03-10 10:27:03.000000000 +0100
+++ cpio-2.11/gnu/stdio.in.h 2012-07-23 13:04:56.075242094 +0200
@@ -139,7 +139,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
......@@ -6,10 +6,23 @@ extends =
../libxml2/buildout.cfg
../zlib/buildout.cfg
[gettext-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 1a17a2e6c1539927304379dfa0f149c5
download-only = true
filename = drop.gets.patch
[gettext]
virtual-depends = ${gettext-drop.gets.patch:md5sum}
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/pub/gnu/gettext/gettext-0.18.1.1.tar.gz
md5sum = 3dd55b952826d2b32f51308f2f91aa89
patch-options = -p1
patches =
${gettext-drop.gets.patch:location}/${gettext-drop.gets.patch:filename}
configure-options =
--disable-static
--disable-java
......
diff -ur gettext-0.18.1.1.orig/gettext-runtime/gnulib-lib/stdio.in.h gettext-0.18.1.1/gettext-runtime/gnulib-lib/stdio.in.h
--- gettext-0.18.1.1.orig/gettext-runtime/gnulib-lib/stdio.in.h 2010-05-17 21:56:12.000000000 +0200
+++ gettext-0.18.1.1/gettext-runtime/gnulib-lib/stdio.in.h 2012-07-20 17:42:29.940524198 +0200
@@ -141,7 +141,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
diff -ur gettext-0.18.1.1.orig/gettext-tools/gnulib-lib/stdio.in.h gettext-0.18.1.1/gettext-tools/gnulib-lib/stdio.in.h
--- gettext-0.18.1.1.orig/gettext-tools/gnulib-lib/stdio.in.h 2010-05-24 11:42:46.000000000 +0200
+++ gettext-0.18.1.1/gettext-tools/gnulib-lib/stdio.in.h 2012-07-20 17:45:20.550461064 +0200
@@ -141,7 +141,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
diff -ur gettext-0.18.1.1.orig/gettext-tools/libgettextpo/stdio.in.h gettext-0.18.1.1/gettext-tools/libgettextpo/stdio.in.h
--- gettext-0.18.1.1.orig/gettext-tools/libgettextpo/stdio.in.h 2010-05-17 21:58:03.000000000 +0200
+++ gettext-0.18.1.1/gettext-tools/libgettextpo/stdio.in.h 2012-07-20 17:45:15.937129402 +0200
@@ -141,7 +141,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
......@@ -2,7 +2,20 @@
parts =
gzip
[gzip-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = d9b1156f912c8cf006f140482918ebc9
download-only = true
filename = drop.gets.patch
[gzip]
virtual-depends = ${gzip-drop.gets.patch:md5sum}
recipe = hexagonit.recipe.cmmi
patch-options = -p1
patches =
${gzip-drop.gets.patch:location}/${gzip-drop.gets.patch:filename}
url = ftp://ftp.gnu.org/pub/gnu/gzip/gzip-1.4.tar.gz
md5sum = e381b8506210c794278f5527cba0e765
diff -ur gzip-1.4.orig/lib/stdio.in.h gzip-1.4/lib/stdio.in.h
--- gzip-1.4.orig/lib/stdio.in.h 2010-01-20 14:20:36.000000000 +0100
+++ gzip-1.4/lib/stdio.in.h 2012-07-23 16:20:24.299373437 +0200
@@ -125,7 +125,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
......@@ -2,7 +2,19 @@
parts =
m4
[m4-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = dc5f06fb42649e181c40177eb1edc333
download-only = true
filename = drop.gets.patch
[m4]
virtual-depends = ${m4-drop.gets.patch:md5sum}
patch-options = -p1
patches =
${m4-drop.gets.patch:location}/${m4-drop.gets.patch:filename}
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/m4/m4-1.4.16.tar.bz2
md5sum = 8a7cef47fecab6272eb86a6be6363b2f
diff -ur m4-1.4.16.orig/lib/stdio.in.h m4-1.4.16/lib/stdio.in.h
--- m4-1.4.16.orig/lib/stdio.in.h 2011-03-01 17:39:29.000000000 +0100
+++ m4-1.4.16/lib/stdio.in.h 2012-07-23 09:28:57.945703705 +0200
@@ -162,7 +162,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
......@@ -6,7 +6,19 @@ extends =
parts =
wget
[wget-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 866907ebc89fc2e76b44c519cb84930f
download-only = true
filename = drop.gets.patch
[wget]
virtual-depends = ${wget-drop.gets.patch:md5sum}
patch-options = -p1
patches =
${wget-drop.gets.patch:location}/${wget-drop.gets.patch:filename}
recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/wget/wget-1.13.4.tar.bz2
md5sum = 12115c3750a4d92f9c6ac62bac372e85
......
diff -ur wget-1.13.4.orig/lib/stdio.in.h wget-1.13.4/lib/stdio.in.h
--- wget-1.13.4.orig/lib/stdio.in.h 2011-09-13 10:15:14.000000000 +0200
+++ wget-1.13.4/lib/stdio.in.h 2012-07-23 14:47:39.793579086 +0200
@@ -697,8 +697,10 @@
/* It is very rare that the developer ever has full control of stdin,
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
#endif
+#endif
#if @GNULIB_OBSTACK_PRINTF@ || @GNULIB_OBSTACK_PRINTF_POSIX@
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment