summaryrefslogtreecommitdiffstats
path: root/network/rhapsody/rhapsody.SlackBuild
diff options
context:
space:
mode:
Diffstat (limited to 'network/rhapsody/rhapsody.SlackBuild')
-rw-r--r--network/rhapsody/rhapsody.SlackBuild47
1 files changed, 33 insertions, 14 deletions
diff --git a/network/rhapsody/rhapsody.SlackBuild b/network/rhapsody/rhapsody.SlackBuild
index 747f403192..f23ad5dce9 100644
--- a/network/rhapsody/rhapsody.SlackBuild
+++ b/network/rhapsody/rhapsody.SlackBuild
@@ -2,15 +2,31 @@
# Slackware build script for rhapsody
-# Written by B. Watson (yalhcru@gmail.com)
+# Written by B. Watson (urchlay@slackware.uk)
# Licensed under the WTFPL. See http://www.wtfpl.net/txt/copying/ for details.
+# 20230103 bkw: BUILD=3
+# - use https URL for homepage in info file.
+# - remove useless INSTALL from doc dir.
+
+# 20210923 bkw: fix build on -current, mitigate buffer overflow.
+
+# TODO: see if there's anything to these:
+# https://www.cvedetails.com/cve/CVE-2007-1502/
+# https://www.cvedetails.com/cve/CVE-2007-1503/
+# ...these appear to be the same CVE. Huh.
+# It looks autogenerated, and there's no POC. Pretty much all the
+# buffer overflows would depend on the user typing >1024 characters.
+# The patch below prevents that, at least. There are a bunch of
+# format string warnings from gcc that deserve looking at, but I
+# don't have the time right now.
+
cd $(dirname $0) ; CWD=$(pwd)
PRGNAM=rhapsody
VERSION=${VERSION:-0.28b}
-BUILD=${BUILD:-1}
+BUILD=${BUILD:-3}
TAG=${TAG:-_SBo}
PKGTYPE=${PKGTYPE:-tgz}
@@ -22,9 +38,6 @@ if [ -z "$ARCH" ]; then
esac
fi
-# If the variable PRINT_PACKAGE_NAME is set, then this script will report what
-# the name of the created package would be, and then exit. This information
-# could be useful to other scripts.
if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then
echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE"
exit 0
@@ -58,21 +71,27 @@ rm -rf $PRGNAM-$VERSION
tar xvf $CWD/${PRGNAM}_$VERSION.tgz
cd $PRGNAM-$VERSION
chown -R root:root .
-find -L . \
- \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \
- -o -perm 511 \) -exec chmod 755 {} \; -o \
- \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
- -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
+find -L . -perm /111 -a \! -perm 755 -a -exec chmod 755 {} \+ -o \
+ \! -perm /111 -a \! -perm 644 -a -exec chmod 644 {} \+
+
+PKGDOC=$PKG/usr/doc/$PRGNAM-$VERSION
+
+# This patch does:
+# - prevent input buffer overflow if user types/pastes > 1023 chars
+# into the input window.
+# - ignore incoming DCC files, if their names contain a /
+patch -p1 < $CWD/securityfix.diff
./configure -i /usr/bin -d /usr/doc/$PRGNAM-$VERSION
-make LOCALFLAGS="$SLKCFLAGS"
+make LOCALFLAGS="$SLKCFLAGS -fcommon"
strip $PRGNAM
make install \
INSTALLPATH=$PKG/usr/bin \
- INSTDOCSPATH=$PKG/usr/doc/$PRGNAM-$VERSION
+ INSTDOCSPATH=$PKGDOC
-cp README $PKG/usr/doc/$PRGNAM-$VERSION
-cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+cp README $PKGDOC
+rm -f $PKGDOC/INSTALL
+cat $CWD/$PRGNAM.SlackBuild > $PKGDOC/$PRGNAM.SlackBuild
# Man page borrowed from Ubuntu and modified a bit.
# rhapsody doesn't really need a man page,