sys-apps/sandbox: Clean old up

4 files changed, 0 insertions, 322 deletions

diff --git a/sys-apps/sandbox/files/sandbox-2.10-disable-same.patch b/sys-apps/sandbox/files/sandbox-2.10-disable-same.patch
deleted file mode 100644
index 296b322b0c50..000000000000
--- a/sys-apps/sandbox/files/sandbox-2.10-disable-same.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-From 7a923f646ce10b7dec3c7ae5fe2079c10aa21752 Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Sun, 20 Dec 2015 16:08:16 -0500
-Subject: [PATCH] libsbutil: gnulib: hand disable same_name usage
-
-We don't provide same_name because the one caller we don't use, but it
-relies on gc-sections to avoid link errors.  That flag doesn't work on
-ia64 though, so we need to hand delete the one caller.  Ugh.
-
-Signed-off-by: Mike Frysinger <vapier@gentoo.org>
----
- libsbutil/gnulib/hash-triple.c |  9 ---------
- libsbutil/gnulib/same.h        | 25 -------------------------
- 2 files changed, 34 deletions(-)
- delete mode 100644 libsbutil/gnulib/same.h
-
-diff --git a/libsbutil/gnulib/hash-triple.c b/libsbutil/gnulib/hash-triple.c
-index c3b6d9f..06cfbdf 100644
---- a/libsbutil/gnulib/hash-triple.c
-+++ b/libsbutil/gnulib/hash-triple.c
-@@ -24,7 +24,6 @@
- #include <string.h>
- 
- #include "hash-pjw.h"
--#include "same.h"
- #include "same-inode.h"
- 
- #define STREQ(a, b) (strcmp (a, b) == 0)
-@@ -52,14 +51,6 @@ triple_hash_no_name (void const *x, size_t table_size)
- 
- /* Compare two F_triple structs.  */
- bool
--triple_compare (void const *x, void const *y)
--{
--  struct F_triple const *a = x;
--  struct F_triple const *b = y;
--  return (SAME_INODE (*a, *b) && same_name (a->name, b->name)) ? true : false;
--}
--
--bool
- triple_compare_ino_str (void const *x, void const *y)
- {
-   struct F_triple const *a = x;
-diff --git a/libsbutil/gnulib/same.h b/libsbutil/gnulib/same.h
-deleted file mode 100644
-index ee313c5..0000000
---- a/libsbutil/gnulib/same.h
-+++ /dev/null
-@@ -1,25 +0,0 @@
--/* Determine whether two file names refer to the same file.
--
--   Copyright (C) 1997-2000, 2003-2004, 2009-2015 Free Software Foundation, Inc.
--
--   This program is free software: you can redistribute it and/or modify
--   it under the terms of the GNU General Public License as published by
--   the Free Software Foundation; either version 3 of the License, or
--   (at your option) any later version.
--
--   This program is distributed in the hope that it will be useful,
--   but WITHOUT ANY WARRANTY; without even the implied warranty of
--   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
--   GNU General Public License for more details.
--
--   You should have received a copy of the GNU General Public License
--   along with this program.  If not, see <http://www.gnu.org/licenses/>.  */
--
--#ifndef SAME_H_
--# define SAME_H_ 1
--
--# include <stdbool.h>
--
--bool same_name (const char *source, const char *dest);
--
--#endif /* SAME_H_ */
--- 
-2.6.2
-
diff --git a/sys-apps/sandbox/files/sandbox-2.10-fix-opendir.patch b/sys-apps/sandbox/files/sandbox-2.10-fix-opendir.patch
deleted file mode 100644
index 2ff89bcdfcba..000000000000
--- a/sys-apps/sandbox/files/sandbox-2.10-fix-opendir.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From 3f668dc6ba1910085e61b3a24167ab1352c60d92 Mon Sep 17 00:00:00 2001
-From: Mart Raudsepp <leio@gentoo.org>
-Date: Fri, 11 Nov 2016 12:34:48 +0200
-Subject: [PATCH] libsandbox: do not abort with a long name to opendir
-
-Add a pre-check for opendir that catches too long name arguments
-given to opendir, as it would get messed up and abort before it
-even gets to the open*() syscall (which would handle it correctly),
-due to opendir going through before_syscall/check_syscall, even
-though it isn't a true syscall and it getting cut to SB_PATH_MAX
-inbetween and getting confused somewhere.
-
-URL: https://bugs.gentoo.org/553092
-Signed-off-by: Mart Raudsepp <leio@gentoo.org>
----
- libsandbox/wrapper-funcs/opendir.c           |  2 ++
- libsandbox/wrapper-funcs/opendir_pre_check.c | 26 ++++++++++++++++++++++++++
- libsandbox/wrappers.h                        |  1 +
- 3 files changed, 29 insertions(+)
- create mode 100644 libsandbox/wrapper-funcs/opendir_pre_check.c
-
-diff --git a/libsandbox/wrapper-funcs/opendir.c b/libsandbox/wrapper-funcs/opendir.c
-index 7670775..70c2692 100644
---- a/libsandbox/wrapper-funcs/opendir.c
-+++ b/libsandbox/wrapper-funcs/opendir.c
-@@ -10,4 +10,6 @@
- #define WRAPPER_SAFE() SB_SAFE(name)
- #define WRAPPER_RET_TYPE DIR *
- #define WRAPPER_RET_DEFAULT NULL
-+#define WRAPPER_PRE_CHECKS() sb_opendir_pre_check(STRING_NAME, name)
-+
- #include "__wrapper_simple.c"
-diff --git a/libsandbox/wrapper-funcs/opendir_pre_check.c b/libsandbox/wrapper-funcs/opendir_pre_check.c
-new file mode 100644
-index 0000000..60c869f
---- /dev/null
-+++ b/libsandbox/wrapper-funcs/opendir_pre_check.c
-@@ -0,0 +1,26 @@
-+/*
-+ * opendir() pre-check.
-+ *
-+ * Copyright 1999-2016 Gentoo Foundation
-+ * Licensed under the GPL-2
-+ */
-+
-+bool sb_opendir_pre_check(const char *func, const char *name)
-+{
-+	/* If length of name is larger than PATH_MAX, we would mess it up
-+	 * before it reaches the open syscall, which would cleanly error out
-+	 * via sandbox as well (actually with much smaller lengths than even
-+	 * PATH_MAX).
-+	 * So error out early in this case, in order to avoid an abort in
-+	 * check_syscall later on, which gets ran for opendir, despite it not
-+	 * being a syscall.
-+	 */
-+	if (strnlen(name, PATH_MAX) == PATH_MAX) {
-+		errno = ENAMETOOLONG;
-+		sb_debug_dyn("EARLY FAIL: %s(%s): %s\n",
-+			func, name, strerror(errno));
-+		return false;
-+	}
-+
-+	return true;
-+}
-diff --git a/libsandbox/wrappers.h b/libsandbox/wrappers.h
-index 0aa58bb..bf5bf64 100644
---- a/libsandbox/wrappers.h
-+++ b/libsandbox/wrappers.h
-@@ -27,6 +27,7 @@ attribute_hidden bool sb_fopen64_pre_check  (const char *func, const char *pathn
- attribute_hidden bool sb_mkdirat_pre_check  (const char *func, const char *pathname, int dirfd);
- attribute_hidden bool sb_openat_pre_check   (const char *func, const char *pathname, int dirfd, int flags);
- attribute_hidden bool sb_openat64_pre_check (const char *func, const char *pathname, int dirfd, int flags);
-+attribute_hidden bool sb_opendir_pre_check  (const char *func, const char *name);
- attribute_hidden bool sb_unlinkat_pre_check (const char *func, const char *pathname, int dirfd);
- attribute_hidden bool sb_common_at_pre_check(const char *func, const char **pathname, int dirfd,
-                                              char *dirfd_path, size_t dirfd_path_len);
--- 
-2.9.0
-
diff --git a/sys-apps/sandbox/files/sandbox-2.10-memory-corruption.patch b/sys-apps/sandbox/files/sandbox-2.10-memory-corruption.patch
deleted file mode 100644
index 7dd27c9d2246..000000000000
--- a/sys-apps/sandbox/files/sandbox-2.10-memory-corruption.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From 529a388ebb1b4e9d6ad8a1bb61dd8211833a5976 Mon Sep 17 00:00:00 2001
-From: Denis Lisov <dennis.lissov@gmail.com>
-Date: Sat, 19 Dec 2015 19:13:58 +0300
-Subject: [PATCH] libsandbox: fix old_malloc_size check on realloc
-
-Realloc uses SB_MALLOC_TO_SIZE assuming it returns the usable size,
-while it is really the mmap size, which is greater. Thus it may fail
-to reallocate even if required.
-
-URL: https://bugs.gentoo.org/568714
-Signed-off-by: Denis Lisov <dennis.lissov@gmail.com>
-Signed-off-by: Mike Frysinger <vapier@gentoo.org>
----
- libsandbox/memory.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/libsandbox/memory.c b/libsandbox/memory.c
-index 8581128..a2d69a2 100644
---- a/libsandbox/memory.c
-+++ b/libsandbox/memory.c
-@@ -40,7 +40,8 @@ static int sb_munmap(void *addr, size_t length)
- 
- #define SB_MALLOC_TO_MMAP(ptr) ((void*)((uintptr_t)(ptr) - MIN_ALIGN))
- #define SB_MMAP_TO_MALLOC(ptr) ((void*)((uintptr_t)(ptr) + MIN_ALIGN))
--#define SB_MALLOC_TO_SIZE(ptr) (*((size_t*)SB_MALLOC_TO_MMAP(ptr)))
-+#define SB_MALLOC_TO_MMAP_SIZE(ptr) (*((size_t*)SB_MALLOC_TO_MMAP(ptr)))
-+#define SB_MALLOC_TO_SIZE(ptr) (SB_MALLOC_TO_MMAP_SIZE(ptr) - MIN_ALIGN)
- 
- void *malloc(size_t size)
- {
-@@ -57,7 +58,7 @@ void free(void *ptr)
- {
- 	if (ptr == NULL)
- 		return;
--	if (munmap(SB_MALLOC_TO_MMAP(ptr), SB_MALLOC_TO_SIZE(ptr)))
-+	if (munmap(SB_MALLOC_TO_MMAP(ptr), SB_MALLOC_TO_MMAP_SIZE(ptr)))
- 		sb_ebort("sandbox memory corruption with free(%p): %s\n",
- 			ptr, strerror(errno));
- }
--- 
-2.6.2
-
diff --git a/sys-apps/sandbox/files/sandbox-2.11-symlinkat-renameat.patch b/sys-apps/sandbox/files/sandbox-2.11-symlinkat-renameat.patch
deleted file mode 100644
index e33011f74959..000000000000
--- a/sys-apps/sandbox/files/sandbox-2.11-symlinkat-renameat.patch
+++ /dev/null
@@ -1,124 +0,0 @@
-From 4c47cfa22802fd8201586bef233d8161df4ff61b Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Fri, 10 Mar 2017 10:15:50 -0800
-Subject: [PATCH] libsandbox: whitelist renameat/symlinkat as symlink funcs
-
-These funcs don't deref their path args, so flag them as such.
-
-URL: https://bugs.gentoo.org/612202
-Signed-off-by: Mike Frysinger <vapier@gentoo.org>
----
- libsandbox/libsandbox.c |  4 +++-
- tests/renameat-2.sh     | 12 ++++++++++++
- tests/renameat-3.sh     | 11 +++++++++++
- tests/renameat.at       |  2 ++
- tests/symlinkat-2.sh    | 10 ++++++++++
- tests/symlinkat-3.sh    |  9 +++++++++
- tests/symlinkat.at      |  2 ++
- 7 files changed, 49 insertions(+), 1 deletion(-)
- create mode 100755 tests/renameat-2.sh
- create mode 100755 tests/renameat-3.sh
- create mode 100755 tests/symlinkat-2.sh
- create mode 100755 tests/symlinkat-3.sh
-
-diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c
-index e809308d717d..de48bd79ba53 100644
---- a/libsandbox/libsandbox.c
-+++ b/libsandbox/libsandbox.c
-@@ -650,8 +650,10 @@ static bool symlink_func(int sb_nr, int flags, const char *abs_path)
- 	      sb_nr == SB_NR_LCHOWN   ||
- 	      sb_nr == SB_NR_REMOVE   ||
- 	      sb_nr == SB_NR_RENAME   ||
-+	      sb_nr == SB_NR_RENAMEAT ||
- 	      sb_nr == SB_NR_RMDIR    ||
--	      sb_nr == SB_NR_SYMLINK))
-+	      sb_nr == SB_NR_SYMLINK  ||
-+	      sb_nr == SB_NR_SYMLINKAT))
- 	{
- 		/* These funcs sometimes operate on symlinks */
- 		if (!((sb_nr == SB_NR_FCHOWNAT ||
-diff --git a/tests/renameat-2.sh b/tests/renameat-2.sh
-new file mode 100755
-index 000000000000..d0fbe8ae4574
---- /dev/null
-+++ b/tests/renameat-2.sh
-@@ -0,0 +1,12 @@
-+#!/bin/sh
-+# make sure we can clobber symlinks #612202
-+
-+addwrite $PWD
-+
-+ln -s /asdf sym || exit 1
-+touch file
-+renameat-0 0 AT_FDCWD file AT_FDCWD sym || exit 1
-+[ ! -e file ]
-+[ ! -L sym ]
-+[ -e sym ]
-+test ! -s "${SANDBOX_LOG}"
-diff --git a/tests/renameat-3.sh b/tests/renameat-3.sh
-new file mode 100755
-index 000000000000..9ae5c9a6511a
---- /dev/null
-+++ b/tests/renameat-3.sh
-@@ -0,0 +1,11 @@
-+#!/bin/sh
-+# make sure we reject bad renames #612202
-+
-+addwrite $PWD
-+mkdir deny
-+adddeny $PWD/deny
-+
-+touch file
-+renameat-0 -1,EACCES AT_FDCWD file AT_FDCWD deny/file || exit 1
-+[ -e file ]
-+test -s "${SANDBOX_LOG}"
-diff --git a/tests/renameat.at b/tests/renameat.at
-index 081d7d20277e..eec4638deeaa 100644
---- a/tests/renameat.at
-+++ b/tests/renameat.at
-@@ -1 +1,3 @@
- SB_CHECK(1)
-+SB_CHECK(2)
-+SB_CHECK(3)
-diff --git a/tests/symlinkat-2.sh b/tests/symlinkat-2.sh
-new file mode 100755
-index 000000000000..168362e8806f
---- /dev/null
-+++ b/tests/symlinkat-2.sh
-@@ -0,0 +1,10 @@
-+#!/bin/sh
-+# make sure we can clobber symlinks #612202
-+
-+addwrite $PWD
-+
-+symlinkat-0 0 /asdf AT_FDCWD ./sym || exit 1
-+[ -L sym ]
-+symlinkat-0 -1,EEXIST /asdf AT_FDCWD ./sym || exit 1
-+[ -L sym ]
-+test ! -s "${SANDBOX_LOG}"
-diff --git a/tests/symlinkat-3.sh b/tests/symlinkat-3.sh
-new file mode 100755
-index 000000000000..a01c750dd2b6
---- /dev/null
-+++ b/tests/symlinkat-3.sh
-@@ -0,0 +1,9 @@
-+#!/bin/sh
-+# make sure we reject bad symlinks #612202
-+
-+addwrite $PWD
-+mkdir deny
-+adddeny $PWD/deny
-+
-+symlinkat-0 -1,EACCES ./ AT_FDCWD deny/sym || exit 1
-+test -s "${SANDBOX_LOG}"
-diff --git a/tests/symlinkat.at b/tests/symlinkat.at
-index 081d7d20277e..eec4638deeaa 100644
---- a/tests/symlinkat.at
-+++ b/tests/symlinkat.at
-@@ -1 +1,3 @@
- SB_CHECK(1)
-+SB_CHECK(2)
-+SB_CHECK(3)
--- 
-2.12.0
-