From d832efe0225a524ed86bab423bf90cef980a6480 Mon Sep 17 00:00:00 2001
From: Lars Wendler <polynomial-c@gentoo.org>
Date: Fri, 6 Mar 2020 13:35:45 +0100
Subject: sys-process/procps: Revbump for toprc backwards compatibility

Thanks-to: Massimo Burcheri <burcheri.massimo+bugs-gentoo@gmail.com>
Closes: https://bugs.gentoo.org/711676
Package-Manager: Portage-2.3.92, Repoman-2.3.20
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
---
 ...ocps-3.3.16-toprc_backwards_compatibility.patch | 71 ++++++++++++++++++
 sys-process/procps/procps-3.3.16-r1.ebuild         | 86 ---------------------
 sys-process/procps/procps-3.3.16-r2.ebuild         | 87 ++++++++++++++++++++++
 3 files changed, 158 insertions(+), 86 deletions(-)
 create mode 100644 sys-process/procps/files/procps-3.3.16-toprc_backwards_compatibility.patch
 delete mode 100644 sys-process/procps/procps-3.3.16-r1.ebuild
 create mode 100644 sys-process/procps/procps-3.3.16-r2.ebuild

diff --git a/sys-process/procps/files/procps-3.3.16-toprc_backwards_compatibility.patch b/sys-process/procps/files/procps-3.3.16-toprc_backwards_compatibility.patch
new file mode 100644
index 000000000000..19721205dfe7
--- /dev/null
+++ b/sys-process/procps/files/procps-3.3.16-toprc_backwards_compatibility.patch
@@ -0,0 +1,71 @@
+From 5cd29e5093efa3c6ee9c5310b64347f1d54b707d Mon Sep 17 00:00:00 2001
+From: Jim Warner <james.warner@comcast.net>
+Date: Sat, 15 Feb 2020 00:00:00 -0600
+Subject: [PATCH] top: restore configuration file backward compatibility
+
+The Debian bug referenced below has nothing to do with
+locales. In fact, top was made locale independent back
+in release 3.3.13 (April, 2018). However, that bug did
+reveal some misplaced logic which this patch corrects.
+
+Prompted by the Qualys audit, all rcfile field strings
+were checked for potential duplicates which could only
+have resulted from some user's manual/malicious edits.
+
+Unfortunately, that code was executed before top had a
+chance to enforce the proper/maximum string length (in
+the event an extremely old rcfile had just been read).
+This created some potential string overrun references.
+
+In top's original 3.3.15 implementation, the potential
+overrun extended for 15 characters. That is the number
+of field characters added with 3.3.9 (December, 2013).
+But, since strchr() was used, no error exit was taken.
+
+In the revised 3.3.16 implementation, the strchr() was
+replaced with '&w->rc.fieldscur[n]'. This held overrun
+to a single position while producing an error message.
+
+So, this commit just moves that logic to a point where
+fieldscur is guaranteed to be longer than EU_MAXPFLGS.
+
+Reference(s):
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951335
+. revised 3.3.16 validation logic
+commit 291d98ee5036567f93d21bc11142b0a7e2ee70ae
+. original 3.3.15 validation logic
+commit fdb58974e24c025a1f866f324c62f1d8f96234f8
+
+Signed-off-by: Jim Warner <james.warner@comcast.net>
+---
+diff --git a/top/top.c b/top/top.c
+index 63ec5fe..b4fe21e 100644
+--- a/top/top.c
++++ b/top/top.c
+@@ -3939,11 +3939,6 @@ static const char *configs_file (FILE *fp, const char *name, float *delay) {
+  // too bad fscanf is not as flexible with his format string as snprintf
+  #error Hey, fix the above fscanf 'PFLAGSSIZ' dependency !
+ #endif
+-      // ensure there's been no manual alteration of fieldscur
+-      for (n = 0 ; n < EU_MAXPFLGS; n++) {
+-         if (&w->rc.fieldscur[n] != strrchr(w->rc.fieldscur, w->rc.fieldscur[n]))
+-            return p;
+-      }
+       // be tolerant of missing release 3.3.10 graph modes additions
+       if (3 > fscanf(fp, "\twinflags=%d, sortindx=%d, maxtasks=%d, graph_cpus=%d, graph_mems=%d\n"
+          , &w->rc.winflags, &w->rc.sortindx, &w->rc.maxtasks, &w->rc.graph_cpus, &w->rc.graph_mems))
+@@ -3989,6 +3984,11 @@ static const char *configs_file (FILE *fp, const char *name, float *delay) {
+                   return p;
+             break;
+       }
++      // ensure there's been no manual alteration of fieldscur
++      for (n = 0 ; n < EU_MAXPFLGS; n++) {
++         if (&w->rc.fieldscur[n] != strrchr(w->rc.fieldscur, w->rc.fieldscur[n]))
++            return p;
++      }
+ #ifndef USE_X_COLHDR
+       OFFw(w, NOHIFND_xxx | NOHISEL_xxx);
+ #endif
+-- 
+2.24.1
+
diff --git a/sys-process/procps/procps-3.3.16-r1.ebuild b/sys-process/procps/procps-3.3.16-r1.ebuild
deleted file mode 100644
index b7c8b18e2320..000000000000
--- a/sys-process/procps/procps-3.3.16-r1.ebuild
+++ /dev/null
@@ -1,86 +0,0 @@
-# Copyright 1999-2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-inherit toolchain-funcs flag-o-matic multilib-minimal usr-ldscript
-
-DESCRIPTION="standard informational utilities and process-handling tools"
-HOMEPAGE="http://procps-ng.sourceforge.net/ https://gitlab.com/procps-ng/procps"
-SRC_URI="mirror://sourceforge/${PN}-ng/${PN}-ng-${PV}.tar.xz"
-
-LICENSE="GPL-2"
-SLOT="0/8" # libprocps.so
-KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux"
-IUSE="elogind +kill modern-top +ncurses nls selinux static-libs systemd test unicode"
-RESTRICT="!test? ( test )"
-
-COMMON_DEPEND="
-	elogind? ( sys-auth/elogind )
-	ncurses? ( >=sys-libs/ncurses-5.7-r7:=[unicode?] )
-	selinux? ( sys-libs/libselinux[${MULTILIB_USEDEP}] )
-	systemd? ( sys-apps/systemd[${MULTILIB_USEDEP}] )
-"
-DEPEND="${COMMON_DEPEND}
-	elogind? ( virtual/pkgconfig )
-	ncurses? ( virtual/pkgconfig )
-	systemd? ( virtual/pkgconfig )
-	test? ( dev-util/dejagnu )"
-RDEPEND="
-	${COMMON_DEPEND}
-	kill? (
-		!sys-apps/coreutils[kill]
-		!sys-apps/util-linux[kill]
-	)
-	!<app-i18n/man-pages-de-2.12-r1
-	!<app-i18n/man-pages-pl-0.7-r1
-"
-
-S="${WORKDIR}/${PN}-ng-${PV}"
-
-PATCHES=(
-	"${FILESDIR}"/${PN}-3.3.11-sysctl-manpage.patch # 565304
-	"${FILESDIR}"/${PN}-3.3.12-proc-tests.patch # 583036
-
-	# Upstream fixes
-)
-
-multilib_src_configure() {
-	# http://www.freelists.org/post/procps/PATCH-enable-transparent-large-file-support
-	append-lfs-flags #471102
-	local myeconfargs=(
-		$(multilib_native_use_with elogind) # No elogind multilib support
-		$(multilib_native_use_enable kill)
-		$(multilib_native_use_enable modern-top)
-		$(multilib_native_use_with ncurses)
-		$(use_enable nls)
-		$(use_enable selinux libselinux)
-		$(use_enable static-libs static)
-		$(use_with systemd)
-		$(use_enable unicode watch8bit)
-	)
-	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
-}
-
-multilib_src_test() {
-	emake check </dev/null #461302
-}
-
-multilib_src_install() {
-	default
-	#dodoc sysctl.conf
-
-	if multilib_is_native_abi ; then
-		dodir /bin
-		mv "${ED}"/usr/bin/ps "${ED}"/bin/ || die
-		if use kill; then
-			mv "${ED}"/usr/bin/kill "${ED}"/bin/ || die
-		fi
-
-		gen_usr_ldscript -a procps
-	fi
-}
-
-multilib_src_install_all() {
-	find "${ED}" -type f -name '*.la' -delete || die
-}
diff --git a/sys-process/procps/procps-3.3.16-r2.ebuild b/sys-process/procps/procps-3.3.16-r2.ebuild
new file mode 100644
index 000000000000..8a5e2ae740e2
--- /dev/null
+++ b/sys-process/procps/procps-3.3.16-r2.ebuild
@@ -0,0 +1,87 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit toolchain-funcs flag-o-matic multilib-minimal usr-ldscript
+
+DESCRIPTION="standard informational utilities and process-handling tools"
+HOMEPAGE="http://procps-ng.sourceforge.net/ https://gitlab.com/procps-ng/procps"
+SRC_URI="mirror://sourceforge/${PN}-ng/${PN}-ng-${PV}.tar.xz"
+
+LICENSE="GPL-2"
+SLOT="0/8" # libprocps.so
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="elogind +kill modern-top +ncurses nls selinux static-libs systemd test unicode"
+RESTRICT="!test? ( test )"
+
+COMMON_DEPEND="
+	elogind? ( sys-auth/elogind )
+	ncurses? ( >=sys-libs/ncurses-5.7-r7:=[unicode?] )
+	selinux? ( sys-libs/libselinux[${MULTILIB_USEDEP}] )
+	systemd? ( sys-apps/systemd[${MULTILIB_USEDEP}] )
+"
+DEPEND="${COMMON_DEPEND}
+	elogind? ( virtual/pkgconfig )
+	ncurses? ( virtual/pkgconfig )
+	systemd? ( virtual/pkgconfig )
+	test? ( dev-util/dejagnu )"
+RDEPEND="
+	${COMMON_DEPEND}
+	kill? (
+		!sys-apps/coreutils[kill]
+		!sys-apps/util-linux[kill]
+	)
+	!<app-i18n/man-pages-de-2.12-r1
+	!<app-i18n/man-pages-pl-0.7-r1
+"
+
+S="${WORKDIR}/${PN}-ng-${PV}"
+
+PATCHES=(
+	"${FILESDIR}"/${PN}-3.3.11-sysctl-manpage.patch # 565304
+	"${FILESDIR}"/${PN}-3.3.12-proc-tests.patch # 583036
+
+	# Upstream fixes
+	"${FILESDIR}"/${P}-toprc_backwards_compatibility.patch #711676
+)
+
+multilib_src_configure() {
+	# http://www.freelists.org/post/procps/PATCH-enable-transparent-large-file-support
+	append-lfs-flags #471102
+	local myeconfargs=(
+		$(multilib_native_use_with elogind) # No elogind multilib support
+		$(multilib_native_use_enable kill)
+		$(multilib_native_use_enable modern-top)
+		$(multilib_native_use_with ncurses)
+		$(use_enable nls)
+		$(use_enable selinux libselinux)
+		$(use_enable static-libs static)
+		$(use_with systemd)
+		$(use_enable unicode watch8bit)
+	)
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+multilib_src_test() {
+	emake check </dev/null #461302
+}
+
+multilib_src_install() {
+	default
+	#dodoc sysctl.conf
+
+	if multilib_is_native_abi ; then
+		dodir /bin
+		mv "${ED}"/usr/bin/ps "${ED}"/bin/ || die
+		if use kill; then
+			mv "${ED}"/usr/bin/kill "${ED}"/bin/ || die
+		fi
+
+		gen_usr_ldscript -a procps
+	fi
+}
+
+multilib_src_install_all() {
+	find "${ED}" -type f -name '*.la' -delete || die
+}
-- 
cgit v1.2.3-65-gdbad