Update to version 0.60.8.1
This commit is contained in:
Peter Oliver
Parag Nemade
parent
0006ad9edc
commit
8d766c5bf5
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,3 +1,4 @@
|
||||
/aspell-0.60.6.1.tar.gz
|
||||
/aspell-0.60.7.tar.gz
|
||||
/aspell-0.60.8.tar.gz
|
||||
/aspell-0.60.8.1.tar.gz
|
||||
|
||||
@ -2,10 +2,9 @@ diff --git a/manual/aspell.1 b/manual/aspell.1
|
||||
index 854debf..b1106ca 100644
|
||||
--- a/manual/aspell.1
|
||||
+++ b/manual/aspell.1
|
||||
@@ -328,7 +328,6 @@ are also allowed. The \fI/etc/aspell.conf\fR file is a good example of
|
||||
@@ -328,6 +328,5 @@ are also allowed. The \fI/etc/aspell.conf\fR file is a good example of
|
||||
how to set these options and the Aspell Manual has more detailed info.
|
||||
.SH SEE ALSO
|
||||
.PP
|
||||
-.BR aspell\-import (1),
|
||||
.BR prezip\-bin (1),
|
||||
.BR run\-with\-aspell (1),
|
||||
@ -26,9 +25,8 @@ diff --git a/manual/run-with-aspell.1 b/manual/run-with-aspell.1
|
||||
index 8dea131..67f3117 100644
|
||||
--- a/manual/run-with-aspell.1
|
||||
+++ b/manual/run-with-aspell.1
|
||||
@@ -28,7 +28,6 @@ such as ispell's own scripts.
|
||||
@@ -28,6 +28,5 @@ such as ispell's own scripts.
|
||||
.SH SEE ALSO
|
||||
.PP
|
||||
.BR aspell (1),
|
||||
-.BR aspell\-import (1),
|
||||
.BR word\-list\-compress (1)
|
||||
|
||||
@ -1,99 +0,0 @@
|
||||
From d60fc73a370c64209bd0ae6fc6d002f55be6eac9 Mon Sep 17 00:00:00 2001
|
||||
From: Kevin Atkinson <kevina@gnu.org>
|
||||
Date: Sat, 21 Dec 2019 20:32:47 +0000
|
||||
Subject: [PATCH] objstack: assert that the alloc size will fit within a chunk
|
||||
to prevent a buffer overflow
|
||||
|
||||
Bug found using OSS-Fuze.
|
||||
---
|
||||
common/objstack.hpp | 18 ++++++++++++++----
|
||||
1 file changed, 14 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/common/objstack.hpp b/common/objstack.hpp
|
||||
index 3997bf7..bd97ccd 100644
|
||||
--- a/common/objstack.hpp
|
||||
+++ b/common/objstack.hpp
|
||||
@@ -5,6 +5,7 @@
|
||||
#include "parm_string.hpp"
|
||||
#include <stdlib.h>
|
||||
#include <assert.h>
|
||||
+#include <stddef.h>
|
||||
|
||||
namespace acommon {
|
||||
|
||||
@@ -26,6 +27,12 @@ class ObjStack
|
||||
byte * temp_end;
|
||||
void setup_chunk();
|
||||
void new_chunk();
|
||||
+ bool will_overflow(size_t sz) const {
|
||||
+ return offsetof(Node,data) + sz > chunk_size;
|
||||
+ }
|
||||
+ void check_size(size_t sz) {
|
||||
+ assert(!will_overflow(sz));
|
||||
+ }
|
||||
|
||||
ObjStack(const ObjStack &);
|
||||
void operator=(const ObjStack &);
|
||||
@@ -56,7 +63,7 @@ public:
|
||||
void * alloc_bottom(size_t size) {
|
||||
byte * tmp = bottom;
|
||||
bottom += size;
|
||||
- if (bottom > top) {new_chunk(); tmp = bottom; bottom += size;}
|
||||
+ if (bottom > top) {check_size(size); new_chunk(); tmp = bottom; bottom += size;}
|
||||
return tmp;
|
||||
}
|
||||
// This alloc_bottom will insure that the object is aligned based on the
|
||||
@@ -66,7 +73,7 @@ public:
|
||||
align_bottom(align);
|
||||
byte * tmp = bottom;
|
||||
bottom += size;
|
||||
- if (bottom > top) {new_chunk(); goto loop;}
|
||||
+ if (bottom > top) {check_size(size); new_chunk(); goto loop;}
|
||||
return tmp;
|
||||
}
|
||||
char * dup_bottom(ParmString str) {
|
||||
@@ -79,7 +86,7 @@ public:
|
||||
// always be aligned as such.
|
||||
void * alloc_top(size_t size) {
|
||||
top -= size;
|
||||
- if (top < bottom) {new_chunk(); top -= size;}
|
||||
+ if (top < bottom) {check_size(size); new_chunk(); top -= size;}
|
||||
return top;
|
||||
}
|
||||
// This alloc_top will insure that the object is aligned based on
|
||||
@@ -88,7 +95,7 @@ public:
|
||||
{loop:
|
||||
top -= size;
|
||||
align_top(align);
|
||||
- if (top < bottom) {new_chunk(); goto loop;}
|
||||
+ if (top < bottom) {check_size(size); new_chunk(); goto loop;}
|
||||
return top;
|
||||
}
|
||||
char * dup_top(ParmString str) {
|
||||
@@ -117,6 +124,7 @@ public:
|
||||
void * alloc_temp(size_t size) {
|
||||
temp_end = bottom + size;
|
||||
if (temp_end > top) {
|
||||
+ check_size(size);
|
||||
new_chunk();
|
||||
temp_end = bottom + size;
|
||||
}
|
||||
@@ -131,6 +139,7 @@ public:
|
||||
} else {
|
||||
size_t s = temp_end - bottom;
|
||||
byte * p = bottom;
|
||||
+ check_size(size);
|
||||
new_chunk();
|
||||
memcpy(bottom, p, s);
|
||||
temp_end = bottom + size;
|
||||
@@ -150,6 +159,7 @@ public:
|
||||
} else {
|
||||
size_t s = temp_end - bottom;
|
||||
byte * p = bottom;
|
||||
+ check_size(size);
|
||||
new_chunk();
|
||||
memcpy(bottom, p, s);
|
||||
temp_end = bottom + size;
|
||||
--
|
||||
2.31.1
|
||||
|
||||
15
aspell.spec
15
aspell.spec
@ -1,7 +1,7 @@
|
||||
Summary: Spell checker
|
||||
Name: aspell
|
||||
Version: 0.60.8
|
||||
Release: 14%{?dist}
|
||||
Version: 0.60.8.1
|
||||
Release: 1%{?dist}
|
||||
Epoch: 12
|
||||
# LGPLv2+ .. common/gettext.h
|
||||
# LGPLv2 .. modules/speller/default/phonet.hpp,
|
||||
@ -11,17 +11,16 @@ Epoch: 12
|
||||
# BSD .. myspell/munch.c
|
||||
License: LGPL-2.0-or-later AND LGPL-2.1-only AND GPL-2.0-or-later AND BSD-2-Clause
|
||||
URL: http://aspell.net/
|
||||
Source: ftp://ftp.gnu.org/gnu/aspell/aspell-%{version}.tar.gz
|
||||
Source: https://ftp.gnu.org/gnu/aspell/aspell-%{version}.tar.gz
|
||||
|
||||
Patch0: aspell-0.60.7-fileconflict.patch
|
||||
Patch1: aspell-0.60.7-pspell_conf.patch
|
||||
Patch2: aspell-0.60.7-mp.patch
|
||||
Patch3: aspell-0.60.8-CVE-2019-25051.patch
|
||||
|
||||
# IMPORTANT
|
||||
# This package has been deprecated since Fedora 39
|
||||
# The reason behind this is that upstream has been inactive for more than 4 years
|
||||
# and there are other variants like hunspell or enchant which has active upstream
|
||||
# The reason behind this was that there were no upstream releases for 4 years
|
||||
# and there are other variants like hunspell or enchant which had active upstream
|
||||
# FESCo approval is located here: https://pagure.io/fesco/issue/3009
|
||||
# Change proposal is located here: https://fedoraproject.org/wiki/Changes/AspellDeprecation
|
||||
Provides: deprecated()
|
||||
@ -57,7 +56,6 @@ and header files needed for Aspell development.
|
||||
%patch0 -p1 -b .fc
|
||||
%patch1 -p1 -b .mlib
|
||||
%patch2 -p1 -b .ai
|
||||
%patch3 -p1 -b .CVE-2019-25051
|
||||
iconv -f iso-8859-2 -t utf-8 < manual/aspell.info > manual/aspell.info.aux
|
||||
mv manual/aspell.info.aux manual/aspell.info
|
||||
|
||||
@ -124,6 +122,9 @@ rm -f ${RPM_BUILD_ROOT}%{_infodir}/dir
|
||||
%{_mandir}/man1/pspell-config.1*
|
||||
|
||||
%changelog
|
||||
* Mon May 20 2024 Peter Oliver <rpm@mavit.org.uk> - 12:0.60.8.1-1
|
||||
- Update to version 0.60.8.1
|
||||
|
||||
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 12:0.60.8-14
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
|
||||
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (aspell-0.60.8.tar.gz) = 8ef4952c553b6234dfe777240d2d97beb13ef9201e18d56bee3b5068d13525db3625b7130d9f5122f7c529da0ccb0c70eb852a81472a7d15fb7c4ee5ba21cd29
|
||||
SHA512 (aspell-0.60.8.1.tar.gz) = 80fa9d7f5f4b8bf66388825ae28403713a2e3eda81fc31f2f452c3e2fe8349cd0fa8f0e4d0d3f8cffe215817229af25aa7be2dba358cb9cdc97e9d2834ba5ca7
|
||||
|
||||
Loading…
Reference in New Issue
Block a user