Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
aports
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
657
Issues
657
List
Boards
Labels
Service Desk
Milestones
Merge Requests
222
Merge Requests
222
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
alpine
aports
Commits
8acec4cd
Commit
8acec4cd
authored
May 04, 2017
by
Sören Tempel
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
main/ctags: security fix for CVE-2014-7204
parent
e1425464
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
118 additions
and
23 deletions
+118
-23
main/ctags/APKBUILD
main/ctags/APKBUILD
+16
-23
main/ctags/CVE-2014-7204.patch
main/ctags/CVE-2014-7204.patch
+102
-0
No files found.
main/ctags/APKBUILD
View file @
8acec4cd
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
# Contributor: Michael Mason <ms13sp@gmail.com>
# Maintainer: Fabian Affolter <fabian@affolter-engineering.ch>
pkgname
=
ctags
pkgver
=
5.8
pkgrel
=
4
pkgrel
=
5
pkgdesc
=
"Generator of tags for all types of C/C++ languages"
url
=
"http://ctags.sourceforge.net/"
arch
=
"all"
...
...
@@ -12,43 +13,35 @@ makedepends=""
install
=
""
subpackages
=
"
$pkgname
-doc"
source
=
"http://prdownloads.sourceforge.net/ctags/
$pkgname
-
$pkgver
.tar.gz
CVE-2014-7204.patch
error-format.patch"
builddir
=
"
$srcdir
"
/
$pkgname
-
$pkgver
_builddir
=
"
$srcdir
"
/
$pkgname
-
$pkgver
prepare
()
{
cd
"
$_builddir
"
for
i
in
$source
;
do
case
$i
in
*
.patch
)
msg
$i
;
patch
-p1
-i
"
$srcdir
"
/
$i
||
return
1
;;
esac
done
}
# secfixes:
# 5.8-r5:
# - CVE-2014-7204
build
()
{
cd
"
$
_
builddir
"
cd
"
$builddir
"
./configure
\
--build
=
$CBUILD
\
--host
=
$CHOST
\
--prefix
=
/usr
\
--mandir
=
/usr/share/man
\
--sysconfdir
=
/etc
\
--infodir
=
/usr/share/info
\
||
return
1
make
||
return
1
--mandir
=
/usr/share/man
\
--localstatedir
=
/var
\
--disable-external-sort
make
}
package
()
{
cd
"
$
_
builddir
"
cd
"
$builddir
"
mkdir
-p
"
$pkgdir
"
/usr/bin
make
-j1
\
DEST_CTAGS
=
"
$pkgdir
"
/usr/bin
\
make
-j1
DEST_CTAGS
=
"
$pkgdir
"
/usr/bin
\
mandir
=
"
$pkgdir
"
/usr/share/man
\
install
||
return
1
install
}
md5sums
=
"c00f82ecdcc357434731913e5b48630d ctags-5.8.tar.gz
f0b35e99098aba05128c12859fa44e9e error-format.patch"
sha256sums
=
"0e44b45dcabe969e0bbbb11e30c246f81abe5d32012db37395eb57d66e9e99c7 ctags-5.8.tar.gz
30339f93cdf0da56fe746703330332d0f345a677c38025c4be6d56d56b82414c error-format.patch"
sha512sums
=
"981912cd335978cde22864e977947fc75326572fb29518e559cc4a8ac1edc84b3604165218a666e36353f17da4f89f8e967acdb88696f816748eb946d79eaa15 ctags-5.8.tar.gz
7593aa9ca8857b09127a842752d214764734215b42b58c8a44e2a320b21b5a4923dd05a3d14a9053e570f07297d77b3d2fa8f5d41c500e9aadf993413a66be76 CVE-2014-7204.patch
bc861fa7fe401e5f5845c39d8ec714268898fafcd76afa54bebfc7965d4ef66e227e7bab80733c8f95a79a131b05fbdd4024d05139f2f9bd67914ff4c9e0e9b9 error-format.patch"
main/ctags/CVE-2014-7204.patch
0 → 100644
View file @
8acec4cd
From a499a10833d525c9af794c616dc40f7425110c71 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sat, 27 Sep 2014 14:37:19 +0100
Subject: Changed the javascript parser to set the tag's scope rather than
including it in the tag name.
Patch from Colomban.
Author: David Fishburn
Origin: upstream, http://sourceforge.net/p/ctags/code/791/
Bug-Debian: https://bugs.debian.org/742605
Last-Update: 2014-09-27
Patch-Name: jscript-set-tag-scope.patch
---
jscript.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 51 insertions(+), 3 deletions(-)
diff --git a/jscript.c b/jscript.c
index 5de3367..a790355 100644
--- a/jscript.c
+++ b/jscript.c
@@ -215,6 +215,7 @@
static void deleteToken (tokenInfo *const token)
* Tag generation functions
*/
+/*
static void makeConstTag (tokenInfo *const token, const jsKind kind)
{
if (JsKinds [kind].enabled && ! token->ignoreTag )
@@ -238,12 +239,13 @@
static void makeJsTag (tokenInfo *const token, const jsKind kind)
if (JsKinds [kind].enabled && ! token->ignoreTag )
{
- /*
+ *
* If a scope has been added to the token, change the token
* string to include the scope when making the tag.
- */
+ *
if ( vStringLength(token->scope) > 0 )
{
+ *
fulltag = vStringNew ();
vStringCopy(fulltag, token->scope);
vStringCatS (fulltag, ".");
@@ -251,8 +253,54 @@
static void makeJsTag (tokenInfo *const token, const jsKind kind)
vStringTerminate(fulltag);
vStringCopy(token->string, fulltag);
vStringDelete (fulltag);
+ *
+ jsKind parent_kind = JSTAG_CLASS;
+
+ *
+ * if we're creating a function (and not a method),
+ * guess we're inside another function
+ *
+ if (kind == JSTAG_FUNCTION)
+ parent_kind = JSTAG_FUNCTION;
+
+ e.extensionFields.scope[0] = JsKinds [parent_kind].name;
+ e.extensionFields.scope[1] = vStringValue (token->scope);
+ }
+ * makeConstTag (token, kind); *
+ makeTagEntry (&e);
+ }
+}
+*/
+
+static void makeJsTag (tokenInfo *const token, const jsKind kind)
+{
+ if (JsKinds [kind].enabled && ! token->ignoreTag )
+ {
+ const char *const name = vStringValue (token->string);
+ tagEntryInfo e;
+ initTagEntry (&e, name);
+
+ e.lineNumber = token->lineNumber;
+ e.filePosition = token->filePosition;
+ e.kindName = JsKinds [kind].name;
+ e.kind = JsKinds [kind].letter;
+
+ if ( vStringLength(token->scope) > 0 )
+ {
+ jsKind parent_kind = JSTAG_CLASS;
+
+ /*
+ * If we're creating a function (and not a method),
+ * guess we're inside another function
+ */
+ if (kind == JSTAG_FUNCTION)
+ parent_kind = JSTAG_FUNCTION;
+
+ e.extensionFields.scope[0] = JsKinds [parent_kind].name;
+ e.extensionFields.scope[1] = vStringValue (token->scope);
}
- makeConstTag (token, kind);
+
+ makeTagEntry (&e);
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment