Commit 70859841 authored by Łukasz Nowak's avatar Łukasz Nowak

Avoid using gets (...at all) on recent glibc.

Because "gets is a security hole - use fgets instead" and this function is not
available anymore in recent environments.

Also depend on patch change, as it shall lead to recompilation.
parent c902ed4b
...@@ -4,7 +4,19 @@ extends = ...@@ -4,7 +4,19 @@ extends =
parts = parts =
bison bison
[bison-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = ac06cbaa298ac686d0b0c04bc03e6ad8
download-only = true
filename = drop.gets.patch
[bison] [bison]
virtual-depends = ${bison-drop.gets.patch:md5sum}
patch-options = -p1
patches =
${bison-drop.gets.patch:location}/${bison-drop.gets.patch:filename}
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/bison/bison-2.5.tar.bz2 url = http://ftp.gnu.org/gnu/bison/bison-2.5.tar.bz2
md5sum = 9dba20116b13fc61a0846b0058fbe004 md5sum = 9dba20116b13fc61a0846b0058fbe004
......
diff -ur bison-2.5.orig/lib/stdio.in.h bison-2.5/lib/stdio.in.h
--- bison-2.5.orig/lib/stdio.in.h 2011-05-15 00:23:46.000000000 +0200
+++ bison-2.5/lib/stdio.in.h 2012-07-23 16:30:56.366722487 +0200
@@ -181,7 +181,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
...@@ -2,10 +2,23 @@ ...@@ -2,10 +2,23 @@
parts = parts =
coreutils coreutils
[coreutils-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 63c2299d92d23e4748abb9668b7e62ea
download-only = true
filename = drop.gets.patch
[coreutils] [coreutils]
virtual-depends = ${coreutils-drop.gets.patch:md5sum}
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/coreutils/coreutils-8.12.tar.gz url = http://ftp.gnu.org/gnu/coreutils/coreutils-8.12.tar.gz
md5sum = fce7999953a67243d00d75cc86dbcaa6 md5sum = fce7999953a67243d00d75cc86dbcaa6
patch-options = -p1
patches =
${coreutils-drop.gets.patch:location}/${coreutils-drop.gets.patch:filename}
configure-options = configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_} --enable-install-program=tr,basename,uname,cat,cp,ls --prefix=${buildout:parts-directory}/${:_buildout_section_name_} --enable-install-program=tr,basename,uname,cat,cp,ls
environment = environment =
......
diff -ur coreutils-8.12.old/lib/stdio.in.h coreutils-8.12/lib/stdio.in.h
--- coreutils-8.12.old/lib/stdio.in.h 2011-04-25 11:01:29.000000000 +0200
+++ coreutils-8.12/lib/stdio.in.h 2012-07-23 16:02:17.591610452 +0200
@@ -181,7 +181,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
...@@ -2,7 +2,19 @@ ...@@ -2,7 +2,19 @@
[buildout] [buildout]
parts = cpio parts = cpio
[cpio-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 6c79cb9caf407063543efff93647c450
download-only = true
filename = drop.gets.patch
[cpio] [cpio]
virtual-depends =
${cpio-drop.gets.patch:md5sum}
patch-options = -p1
patches =
${cpio-drop.gets.patch:location}/${cpio-drop.gets.patch:filename}
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/cpio/cpio-2.11.tar.bz2 url = http://ftp.gnu.org/gnu/cpio/cpio-2.11.tar.bz2
md5sum = 20fc912915c629e809f80b96b2e75d7d md5sum = 20fc912915c629e809f80b96b2e75d7d
diff -ur cpio-2.11.orig/gnu/stdio.in.h cpio-2.11/gnu/stdio.in.h
--- cpio-2.11.orig/gnu/stdio.in.h 2010-03-10 10:27:03.000000000 +0100
+++ cpio-2.11/gnu/stdio.in.h 2012-07-23 13:04:56.075242094 +0200
@@ -139,7 +139,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
...@@ -6,10 +6,23 @@ extends = ...@@ -6,10 +6,23 @@ extends =
../libxml2/buildout.cfg ../libxml2/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
[gettext-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 1a17a2e6c1539927304379dfa0f149c5
download-only = true
filename = drop.gets.patch
[gettext] [gettext]
virtual-depends = ${gettext-drop.gets.patch:md5sum}
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/pub/gnu/gettext/gettext-0.18.1.1.tar.gz url = http://ftp.gnu.org/pub/gnu/gettext/gettext-0.18.1.1.tar.gz
md5sum = 3dd55b952826d2b32f51308f2f91aa89 md5sum = 3dd55b952826d2b32f51308f2f91aa89
patch-options = -p1
patches =
${gettext-drop.gets.patch:location}/${gettext-drop.gets.patch:filename}
configure-options = configure-options =
--disable-static --disable-static
--disable-java --disable-java
......
diff -ur gettext-0.18.1.1.orig/gettext-runtime/gnulib-lib/stdio.in.h gettext-0.18.1.1/gettext-runtime/gnulib-lib/stdio.in.h
--- gettext-0.18.1.1.orig/gettext-runtime/gnulib-lib/stdio.in.h 2010-05-17 21:56:12.000000000 +0200
+++ gettext-0.18.1.1/gettext-runtime/gnulib-lib/stdio.in.h 2012-07-20 17:42:29.940524198 +0200
@@ -141,7 +141,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
diff -ur gettext-0.18.1.1.orig/gettext-tools/gnulib-lib/stdio.in.h gettext-0.18.1.1/gettext-tools/gnulib-lib/stdio.in.h
--- gettext-0.18.1.1.orig/gettext-tools/gnulib-lib/stdio.in.h 2010-05-24 11:42:46.000000000 +0200
+++ gettext-0.18.1.1/gettext-tools/gnulib-lib/stdio.in.h 2012-07-20 17:45:20.550461064 +0200
@@ -141,7 +141,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
diff -ur gettext-0.18.1.1.orig/gettext-tools/libgettextpo/stdio.in.h gettext-0.18.1.1/gettext-tools/libgettextpo/stdio.in.h
--- gettext-0.18.1.1.orig/gettext-tools/libgettextpo/stdio.in.h 2010-05-17 21:58:03.000000000 +0200
+++ gettext-0.18.1.1/gettext-tools/libgettextpo/stdio.in.h 2012-07-20 17:45:15.937129402 +0200
@@ -141,7 +141,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
...@@ -2,7 +2,20 @@ ...@@ -2,7 +2,20 @@
parts = parts =
gzip gzip
[gzip-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = d9b1156f912c8cf006f140482918ebc9
download-only = true
filename = drop.gets.patch
[gzip] [gzip]
virtual-depends = ${gzip-drop.gets.patch:md5sum}
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
patch-options = -p1
patches =
${gzip-drop.gets.patch:location}/${gzip-drop.gets.patch:filename}
url = ftp://ftp.gnu.org/pub/gnu/gzip/gzip-1.4.tar.gz url = ftp://ftp.gnu.org/pub/gnu/gzip/gzip-1.4.tar.gz
md5sum = e381b8506210c794278f5527cba0e765 md5sum = e381b8506210c794278f5527cba0e765
diff -ur gzip-1.4.orig/lib/stdio.in.h gzip-1.4/lib/stdio.in.h
--- gzip-1.4.orig/lib/stdio.in.h 2010-01-20 14:20:36.000000000 +0100
+++ gzip-1.4/lib/stdio.in.h 2012-07-23 16:20:24.299373437 +0200
@@ -125,7 +125,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
...@@ -2,7 +2,19 @@ ...@@ -2,7 +2,19 @@
parts = parts =
m4 m4
[m4-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = dc5f06fb42649e181c40177eb1edc333
download-only = true
filename = drop.gets.patch
[m4] [m4]
virtual-depends = ${m4-drop.gets.patch:md5sum}
patch-options = -p1
patches =
${m4-drop.gets.patch:location}/${m4-drop.gets.patch:filename}
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/m4/m4-1.4.16.tar.bz2 url = http://ftp.gnu.org/gnu/m4/m4-1.4.16.tar.bz2
md5sum = 8a7cef47fecab6272eb86a6be6363b2f md5sum = 8a7cef47fecab6272eb86a6be6363b2f
diff -ur m4-1.4.16.orig/lib/stdio.in.h m4-1.4.16/lib/stdio.in.h
--- m4-1.4.16.orig/lib/stdio.in.h 2011-03-01 17:39:29.000000000 +0100
+++ m4-1.4.16/lib/stdio.in.h 2012-07-23 09:28:57.945703705 +0200
@@ -162,7 +162,9 @@
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
#undef gets
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
+#endif
#if @GNULIB_FOPEN@
# if @REPLACE_FOPEN@
...@@ -6,7 +6,19 @@ extends = ...@@ -6,7 +6,19 @@ extends =
parts = parts =
wget wget
[wget-drop.gets.patch]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = 866907ebc89fc2e76b44c519cb84930f
download-only = true
filename = drop.gets.patch
[wget] [wget]
virtual-depends = ${wget-drop.gets.patch:md5sum}
patch-options = -p1
patches =
${wget-drop.gets.patch:location}/${wget-drop.gets.patch:filename}
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
url = http://ftp.gnu.org/gnu/wget/wget-1.13.4.tar.bz2 url = http://ftp.gnu.org/gnu/wget/wget-1.13.4.tar.bz2
md5sum = 12115c3750a4d92f9c6ac62bac372e85 md5sum = 12115c3750a4d92f9c6ac62bac372e85
......
diff -ur wget-1.13.4.orig/lib/stdio.in.h wget-1.13.4/lib/stdio.in.h
--- wget-1.13.4.orig/lib/stdio.in.h 2011-09-13 10:15:14.000000000 +0200
+++ wget-1.13.4/lib/stdio.in.h 2012-07-23 14:47:39.793579086 +0200
@@ -697,8 +697,10 @@
/* It is very rare that the developer ever has full control of stdin,
so any use of gets warrants an unconditional warning. Assume it is
always declared, since it is required by C89. */
+#if defined(__GLIBC__) && !defined(__UCLIBC__) && !__GLIBC_PREREQ(2, 16)
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
#endif
+#endif
#if @GNULIB_OBSTACK_PRINTF@ || @GNULIB_OBSTACK_PRINTF_POSIX@
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment