diff options
Diffstat (limited to 'network/rhapsody/rhapsody.SlackBuild')
-rw-r--r-- | network/rhapsody/rhapsody.SlackBuild | 47 |
1 files changed, 33 insertions, 14 deletions
diff --git a/network/rhapsody/rhapsody.SlackBuild b/network/rhapsody/rhapsody.SlackBuild index 747f403192..f23ad5dce9 100644 --- a/network/rhapsody/rhapsody.SlackBuild +++ b/network/rhapsody/rhapsody.SlackBuild @@ -2,15 +2,31 @@ # Slackware build script for rhapsody -# Written by B. Watson (yalhcru@gmail.com) +# Written by B. Watson (urchlay@slackware.uk) # Licensed under the WTFPL. See http://www.wtfpl.net/txt/copying/ for details. +# 20230103 bkw: BUILD=3 +# - use https URL for homepage in info file. +# - remove useless INSTALL from doc dir. + +# 20210923 bkw: fix build on -current, mitigate buffer overflow. + +# TODO: see if there's anything to these: +# https://www.cvedetails.com/cve/CVE-2007-1502/ +# https://www.cvedetails.com/cve/CVE-2007-1503/ +# ...these appear to be the same CVE. Huh. +# It looks autogenerated, and there's no POC. Pretty much all the +# buffer overflows would depend on the user typing >1024 characters. +# The patch below prevents that, at least. There are a bunch of +# format string warnings from gcc that deserve looking at, but I +# don't have the time right now. + cd $(dirname $0) ; CWD=$(pwd) PRGNAM=rhapsody VERSION=${VERSION:-0.28b} -BUILD=${BUILD:-1} +BUILD=${BUILD:-3} TAG=${TAG:-_SBo} PKGTYPE=${PKGTYPE:-tgz} @@ -22,9 +38,6 @@ if [ -z "$ARCH" ]; then esac fi -# If the variable PRINT_PACKAGE_NAME is set, then this script will report what -# the name of the created package would be, and then exit. This information -# could be useful to other scripts. if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" exit 0 @@ -58,21 +71,27 @@ rm -rf $PRGNAM-$VERSION tar xvf $CWD/${PRGNAM}_$VERSION.tgz cd $PRGNAM-$VERSION chown -R root:root . -find -L . \ - \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ - -o -perm 511 \) -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ - -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; +find -L . -perm /111 -a \! -perm 755 -a -exec chmod 755 {} \+ -o \ + \! -perm /111 -a \! -perm 644 -a -exec chmod 644 {} \+ + +PKGDOC=$PKG/usr/doc/$PRGNAM-$VERSION + +# This patch does: +# - prevent input buffer overflow if user types/pastes > 1023 chars +# into the input window. +# - ignore incoming DCC files, if their names contain a / +patch -p1 < $CWD/securityfix.diff ./configure -i /usr/bin -d /usr/doc/$PRGNAM-$VERSION -make LOCALFLAGS="$SLKCFLAGS" +make LOCALFLAGS="$SLKCFLAGS -fcommon" strip $PRGNAM make install \ INSTALLPATH=$PKG/usr/bin \ - INSTDOCSPATH=$PKG/usr/doc/$PRGNAM-$VERSION + INSTDOCSPATH=$PKGDOC -cp README $PKG/usr/doc/$PRGNAM-$VERSION -cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +cp README $PKGDOC +rm -f $PKGDOC/INSTALL +cat $CWD/$PRGNAM.SlackBuild > $PKGDOC/$PRGNAM.SlackBuild # Man page borrowed from Ubuntu and modified a bit. # rhapsody doesn't really need a man page, |