diff --git a/texinfo-4.8-texindex.patch b/texinfo-4.8-texindex.patch new file mode 100644 index 0000000..4c84eb7 --- /dev/null +++ b/texinfo-4.8-texindex.patch @@ -0,0 +1,576 @@ +--- texinfo-4.8/util/texindex.c.texindex 2004-04-11 19:56:47.000000000 +0200 ++++ texinfo-4.8/util/texindex.c 2006-11-05 01:35:07.000000000 +0100 +@@ -37,16 +37,12 @@ + #define memset(ptr, ignore, count) bzero (ptr, count) + #endif + +-char *mktemp (char *); +- + #if !defined (SEEK_SET) + # define SEEK_SET 0 + # define SEEK_CUR 1 + # define SEEK_END 2 + #endif /* !SEEK_SET */ + +-struct linebuffer; +- + /* When sorting in core, this structure describes one line + and the position and length of its first keyfield. */ + struct lineinfo +@@ -96,16 +92,6 @@ + /* The allocated length of `linearray'. */ + long nlines; + +-/* Directory to use for temporary files. On Unix, it ends with a slash. */ +-char *tempdir; +- +-/* Number of last temporary file. */ +-int tempcount; +- +-/* Number of last temporary file already deleted. +- Temporary files are deleted by `flush_tempfiles' in order of creation. */ +-int last_deleted_tempcount; +- + /* During in-core sort, this points to the base of the data block + which contains all the lines of data. */ + char *text_base; +@@ -117,15 +103,9 @@ + determine whether we need initials in the sorted form. */ + char first_initial; + +-/* Additional command switches .*/ +- +-/* Nonzero means do not delete tempfiles -- for debugging. */ +-int keep_tempfiles; +- + /* Forward declarations of functions in this file. */ + void decode_command (int argc, char **argv); + void sort_in_core (char *infile, int total, char *outfile); +-void sort_offline (char *infile, off_t total, char *outfile); + char **parsefile (char *filename, char **nextline, char *data, long int size); + char *find_field (struct keyfield *keyfield, char *str, long int *lengthptr); + char *find_pos (char *str, int words, int chars, int ignore_blanks); +@@ -137,26 +117,17 @@ + long int length1, long int pos1, char *start2, + long int length2, long int pos2); + int compare_full (const void *, const void *); +-long readline (struct linebuffer *linebuffer, FILE *stream); +-int merge_files (char **infiles, int nfiles, char *outfile); +-int merge_direct (char **infiles, int nfiles, char *outfile); + void pfatal_with_name (const char *name); + void fatal (const char *format, const char *arg); + void error (const char *format, const char *arg); + void *xmalloc (), *xrealloc (); + char *concat (char *s1, char *s2); +-void flush_tempfiles (int to_count); + +-#define MAX_IN_CORE_SORT 500000 +- + int + main (int argc, char **argv) + { + int i; + +- tempcount = 0; +- last_deleted_tempcount = 0; +- + #ifdef HAVE_SETLOCALE + /* Set locale via LC_ALL. */ + setlocale (LC_ALL, ""); +@@ -225,14 +196,15 @@ + need_initials = 0; + first_initial = '\0'; + +- if (ptr < MAX_IN_CORE_SORT) +- /* Sort a small amount of data. */ +- sort_in_core (infiles[i], (int)ptr, outfile); +- else +- sort_offline (infiles[i], ptr, outfile); ++ if (ptr != (int)ptr) ++ { ++ fprintf (stderr, "%s: %s: file too large\n", program_name, ++ infiles[i]); ++ xexit (1); ++ } ++ sort_in_core (infiles[i], (int)ptr, outfile); + } + +- flush_tempfiles (tempcount); + xexit (0); + return 0; /* Avoid bogus warnings. */ + } +@@ -250,10 +222,6 @@ + TEXINDEX_OPTION texindex_options[] = { + { "--help", "-h", (int *)NULL, 0, (char *)NULL, + N_("display this help and exit") }, +- { "--keep", "-k", &keep_tempfiles, 1, (char *)NULL, +- N_("keep temporary files around after processing") }, +- { "--no-keep", 0, &keep_tempfiles, 0, (char *)NULL, +- N_("do not keep temporary files around after processing (default)") }, + { "--output", "-o", (int *)NULL, 0, "FILE", + N_("send output to FILE") }, + { "--version", (char *)NULL, (int *)NULL, 0, (char *)NULL, +@@ -308,20 +276,6 @@ + char **ip; + char **op; + +- /* Store default values into parameter variables. */ +- +- tempdir = getenv ("TMPDIR"); +- if (tempdir == NULL) +- tempdir = getenv ("TEMP"); +- if (tempdir == NULL) +- tempdir = getenv ("TMP"); +- if (tempdir == NULL) +- tempdir = DEFAULT_TMPDIR; +- else +- tempdir = concat (tempdir, "/"); +- +- keep_tempfiles = 0; +- + /* Allocate ARGC input files, which must be enough. */ + + infiles = (char **) xmalloc (argc * sizeof (char *)); +@@ -348,7 +302,7 @@ + else if ((strcmp (arg, "--keep") == 0) || + (strcmp (arg, "-k") == 0)) + { +- keep_tempfiles = 1; ++ /* Ignore, for backward compatibility */ + } + else if ((strcmp (arg, "--help") == 0) || + (strcmp (arg, "-h") == 0)) +@@ -384,41 +338,6 @@ + usage (1); + } + +-/* Return a name for temporary file COUNT. */ +- +-static char * +-maketempname (int count) +-{ +- static char *tempbase = NULL; +- char tempsuffix[10]; +- +- if (!tempbase) +- { +- int fd; +- tempbase = concat (tempdir, "txidxXXXXXX"); +- +- fd = mkstemp (tempbase); +- if (fd == -1) +- pfatal_with_name (tempbase); +- } +- +- sprintf (tempsuffix, ".%d", count); +- return concat (tempbase, tempsuffix); +-} +- +- +-/* Delete all temporary files up to TO_COUNT. */ +- +-void +-flush_tempfiles (int to_count) +-{ +- if (keep_tempfiles) +- return; +- while (last_deleted_tempcount < to_count) +- unlink (maketempname (++last_deleted_tempcount)); +-} +- +- + /* Compare LINE1 and LINE2 according to the specified set of keyfields. */ + + int +@@ -801,150 +720,6 @@ + } + } + +-/* A `struct linebuffer' is a structure which holds a line of text. +- `readline' reads a line from a stream into a linebuffer +- and works regardless of the length of the line. */ +- +-struct linebuffer +-{ +- long size; +- char *buffer; +-}; +- +-/* Initialize LINEBUFFER for use. */ +- +-void +-initbuffer (struct linebuffer *linebuffer) +-{ +- linebuffer->size = 200; +- linebuffer->buffer = (char *) xmalloc (200); +-} +- +-/* Read a line of text from STREAM into LINEBUFFER. +- Return the length of the line. */ +- +-long +-readline (struct linebuffer *linebuffer, FILE *stream) +-{ +- char *buffer = linebuffer->buffer; +- char *p = linebuffer->buffer; +- char *end = p + linebuffer->size; +- +- while (1) +- { +- int c = getc (stream); +- if (p == end) +- { +- buffer = (char *) xrealloc (buffer, linebuffer->size *= 2); +- p += buffer - linebuffer->buffer; +- end += buffer - linebuffer->buffer; +- linebuffer->buffer = buffer; +- } +- if (c < 0 || c == '\n') +- { +- *p = 0; +- break; +- } +- *p++ = c; +- } +- +- return p - buffer; +-} +- +-/* Sort an input file too big to sort in core. */ +- +-void +-sort_offline (char *infile, off_t total, char *outfile) +-{ +- /* More than enough. */ +- int ntemps = 2 * (total + MAX_IN_CORE_SORT - 1) / MAX_IN_CORE_SORT; +- char **tempfiles = (char **) xmalloc (ntemps * sizeof (char *)); +- FILE *istream = fopen (infile, "r"); +- int i; +- struct linebuffer lb; +- long linelength; +- int failure = 0; +- +- initbuffer (&lb); +- +- /* Read in one line of input data. */ +- +- linelength = readline (&lb, istream); +- +- if (lb.buffer[0] != '\\' && lb.buffer[0] != '@') +- { +- error (_("%s: not a texinfo index file"), infile); +- return; +- } +- +- /* Split up the input into `ntemps' temporary files, or maybe fewer, +- and put the new files' names into `tempfiles' */ +- +- for (i = 0; i < ntemps; i++) +- { +- char *outname = maketempname (++tempcount); +- FILE *ostream = fopen (outname, "w"); +- long tempsize = 0; +- +- if (!ostream) +- pfatal_with_name (outname); +- tempfiles[i] = outname; +- +- /* Copy lines into this temp file as long as it does not make file +- "too big" or until there are no more lines. */ +- +- while (tempsize + linelength + 1 <= MAX_IN_CORE_SORT) +- { +- tempsize += linelength + 1; +- fputs (lb.buffer, ostream); +- putc ('\n', ostream); +- +- /* Read another line of input data. */ +- +- linelength = readline (&lb, istream); +- if (!linelength && feof (istream)) +- break; +- +- if (lb.buffer[0] != '\\' && lb.buffer[0] != '@') +- { +- error (_("%s: not a texinfo index file"), infile); +- failure = 1; +- goto fail; +- } +- } +- fclose (ostream); +- if (feof (istream)) +- break; +- } +- +- free (lb.buffer); +- +-fail: +- /* Record number of temp files we actually needed. */ +- +- ntemps = i; +- +- /* Sort each tempfile into another tempfile. +- Delete the first set of tempfiles and put the names of the second +- into `tempfiles'. */ +- +- for (i = 0; i < ntemps; i++) +- { +- char *newtemp = maketempname (++tempcount); +- sort_in_core (tempfiles[i], MAX_IN_CORE_SORT, newtemp); +- if (!keep_tempfiles) +- unlink (tempfiles[i]); +- tempfiles[i] = newtemp; +- } +- +- if (failure) +- return; +- +- /* Merge the tempfiles together and indexify. */ +- +- merge_files (tempfiles, ntemps, outfile); +-} +- + /* Sort INFILE, whose size is TOTAL, + assuming that is small enough to be done in-core, + then indexify it and send the output to OUTFILE (or to stdout). */ +@@ -1348,8 +1123,7 @@ + + for (next_line = linearray; next_line != stop_line; next_line++) + { +- /* If -u was specified, output the line only if distinct from +- previous one. */ ++ /* Output the line only if distinct from previous one. */ + if (next_line == linearray + /* Compare previous line with this one, using only the + explicitly specd keyfields. */ +@@ -1369,215 +1143,6 @@ + finish_index (ostream); + } + +-/* Assume (and optionally verify) that each input file is sorted; +- merge them and output the result. +- Returns nonzero if any input file fails to be sorted. +- +- This is the high-level interface that can handle an unlimited +- number of files. */ +- +-#define MAX_DIRECT_MERGE 10 +- +-int +-merge_files (char **infiles, int nfiles, char *outfile) +-{ +- char **tempfiles; +- int ntemps; +- int i; +- int value = 0; +- int start_tempcount = tempcount; +- +- if (nfiles <= MAX_DIRECT_MERGE) +- return merge_direct (infiles, nfiles, outfile); +- +- /* Merge groups of MAX_DIRECT_MERGE input files at a time, +- making a temporary file to hold each group's result. */ +- +- ntemps = (nfiles + MAX_DIRECT_MERGE - 1) / MAX_DIRECT_MERGE; +- tempfiles = (char **) xmalloc (ntemps * sizeof (char *)); +- for (i = 0; i < ntemps; i++) +- { +- int nf = MAX_DIRECT_MERGE; +- if (i + 1 == ntemps) +- nf = nfiles - i * MAX_DIRECT_MERGE; +- tempfiles[i] = maketempname (++tempcount); +- value |= merge_direct (&infiles[i * MAX_DIRECT_MERGE], nf, tempfiles[i]); +- } +- +- /* All temporary files that existed before are no longer needed +- since their contents have been merged into our new tempfiles. +- So delete them. */ +- flush_tempfiles (start_tempcount); +- +- /* Now merge the temporary files we created. */ +- +- merge_files (tempfiles, ntemps, outfile); +- +- free (tempfiles); +- +- return value; +-} +- +-/* Assume (and optionally verify) that each input file is sorted; +- merge them and output the result. +- Returns nonzero if any input file fails to be sorted. +- +- This version of merging will not work if the number of +- input files gets too high. Higher level functions +- use it only with a bounded number of input files. */ +- +-int +-merge_direct (char **infiles, int nfiles, char *outfile) +-{ +- struct linebuffer *lb1, *lb2; +- struct linebuffer **thisline, **prevline; +- FILE **streams; +- int i; +- int nleft; +- int lossage = 0; +- int *file_lossage; +- struct linebuffer *prev_out = 0; +- FILE *ostream = stdout; +- +- if (outfile) +- { +- ostream = fopen (outfile, "w"); +- } +- if (!ostream) +- pfatal_with_name (outfile); +- +- init_index (); +- +- if (nfiles == 0) +- { +- if (outfile) +- fclose (ostream); +- return 0; +- } +- +- /* For each file, make two line buffers. Also, for each file, there +- is an element of `thisline' which points at any time to one of the +- file's two buffers, and an element of `prevline' which points to +- the other buffer. `thisline' is supposed to point to the next +- available line from the file, while `prevline' holds the last file +- line used, which is remembered so that we can verify that the file +- is properly sorted. */ +- +- /* lb1 and lb2 contain one buffer each per file. */ +- lb1 = (struct linebuffer *) xmalloc (nfiles * sizeof (struct linebuffer)); +- lb2 = (struct linebuffer *) xmalloc (nfiles * sizeof (struct linebuffer)); +- +- /* thisline[i] points to the linebuffer holding the next available +- line in file i, or is zero if there are no lines left in that file. */ +- thisline = (struct linebuffer **) +- xmalloc (nfiles * sizeof (struct linebuffer *)); +- /* prevline[i] points to the linebuffer holding the last used line +- from file i. This is just for verifying that file i is properly +- sorted. */ +- prevline = (struct linebuffer **) +- xmalloc (nfiles * sizeof (struct linebuffer *)); +- /* streams[i] holds the input stream for file i. */ +- streams = (FILE **) xmalloc (nfiles * sizeof (FILE *)); +- /* file_lossage[i] is nonzero if we already know file i is not +- properly sorted. */ +- file_lossage = (int *) xmalloc (nfiles * sizeof (int)); +- +- /* Allocate and initialize all that storage. */ +- +- for (i = 0; i < nfiles; i++) +- { +- initbuffer (&lb1[i]); +- initbuffer (&lb2[i]); +- thisline[i] = &lb1[i]; +- prevline[i] = &lb2[i]; +- file_lossage[i] = 0; +- streams[i] = fopen (infiles[i], "r"); +- if (!streams[i]) +- pfatal_with_name (infiles[i]); +- +- readline (thisline[i], streams[i]); +- } +- +- /* Keep count of number of files not at eof. */ +- nleft = nfiles; +- +- while (nleft) +- { +- struct linebuffer *best = 0; +- struct linebuffer *exch; +- int bestfile = -1; +- int i; +- +- /* Look at the next avail line of each file; choose the least one. */ +- +- for (i = 0; i < nfiles; i++) +- { +- if (thisline[i] && +- (!best || +- 0 < compare_general (best->buffer, thisline[i]->buffer, +- (long) bestfile, (long) i, num_keyfields))) +- { +- best = thisline[i]; +- bestfile = i; +- } +- } +- +- /* Output that line, unless it matches the previous one and we +- don't want duplicates. */ +- +- if (!(prev_out && +- !compare_general (prev_out->buffer, +- best->buffer, 0L, 1L, num_keyfields - 1))) +- indexify (best->buffer, ostream); +- prev_out = best; +- +- /* Now make the line the previous of its file, and fetch a new +- line from that file. */ +- +- exch = prevline[bestfile]; +- prevline[bestfile] = thisline[bestfile]; +- thisline[bestfile] = exch; +- +- while (1) +- { +- /* If the file has no more, mark it empty. */ +- +- if (feof (streams[bestfile])) +- { +- thisline[bestfile] = 0; +- /* Update the number of files still not empty. */ +- nleft--; +- break; +- } +- readline (thisline[bestfile], streams[bestfile]); +- if (thisline[bestfile]->buffer[0] || !feof (streams[bestfile])) +- break; +- } +- } +- +- finish_index (ostream); +- +- /* Free all storage and close all input streams. */ +- +- for (i = 0; i < nfiles; i++) +- { +- fclose (streams[i]); +- free (lb1[i].buffer); +- free (lb2[i].buffer); +- } +- free (file_lossage); +- free (lb1); +- free (lb2); +- free (thisline); +- free (prevline); +- free (streams); +- +- if (outfile) +- fclose (ostream); +- +- return lossage; +-} +- + /* Print error message and exit. */ + + void +--- texinfo-4.8/doc/texindex.1.texindex 2004-12-31 19:02:16.000000000 +0100 ++++ texinfo-4.8/doc/texindex.1 2006-11-05 01:31:56.000000000 +0100 +@@ -13,12 +13,6 @@ + \fB\-h\fR, \fB\-\-help\fR + display this help and exit + .TP +-\fB\-k\fR, \fB\-\-keep\fR +-keep temporary files around after processing +-.TP +-\fB\-\-no\-keep\fR +-do not keep temporary files around after processing (default) +-.TP + \fB\-o\fR, \fB\-\-output\fR FILE + send output to FILE + .TP diff --git a/texinfo.spec b/texinfo.spec index d8c6c1c..f04631b 100644 --- a/texinfo.spec +++ b/texinfo.spec @@ -1,15 +1,15 @@ Summary: Tools needed to create Texinfo format documentation files. Name: texinfo Version: 4.8 -Release: 13 +Release: 14%{?dist} License: GPL Group: Applications/Publishing Url: http://www.gnu.org/software/texinfo/ Source0: ftp://ftp.gnu.org/gnu/texinfo/texinfo-%{version}.tar.bz2 Source1: info-dir Source2: texi2pdf.man -Patch1: texinfo-4.8-zlib.patch -Patch2: texinfo-CAN-2005-3011.patch +Patch0: texinfo-4.8-zlib.patch +Patch1: texinfo-4.8-texindex.patch Prereq: /sbin/install-info Buildroot: %{_tmppath}/%{name}-%{version}-root BuildRequires: zlib-devel, ncurses-devel @@ -58,8 +58,8 @@ for printing using TeX. %prep %setup -q -%patch1 -p1 -b .zlib -%patch2 -p1 -b .CAN-2005-3011 +%patch0 -p1 -b .zlib +%patch1 -p1 -b .texindex %build @@ -137,6 +137,9 @@ fi %{_mandir}/man1/texi2pdf.1* %changelog +* Sun Nov 5 2006 Miloslav Trmac - 4.8-14 +- Remove off-line sorting from texindex (fixes CVE 2006-4810) + * Mon Oct 9 2006 Miloslav Trmac - 4.8-13 - Don't use mode 0666 for the texindex temporary files