commit 95c17b8e72da5b9b668a6fa69cc6ee73151b8d8d · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

lout: 3.40 -> 3.42.2

https://github.com/william8000/lout/blob/3.42.2/whatsnew#L621

It seems that lout is now maintained on GitHub:
https://lists.nongnu.org/archive/html/lout-users/2021-04/msg00001.html

The recent changes made to the repository seems to be reasonable:
https://github.com/william8000/lout/commits/3.42.2

Comparing the content of svn://svn.savannah.nongnu.org/lout/tags/3.39
with the `3.39` tag in the GitHub repo shows no significant differences.

Thomas Gerbet 3 years ago 95c17b8e 02dac2ef

+10 -158

3 changed files

expand all

unified split

pkgs

tools

typesetting

lout

CVE-2019-19917-and-CVE-2019-19918.patch

builder.sh

default.nix

-95

pkgs/tools/typesetting/lout/CVE-2019-19917-and-CVE-2019-19918.patch

··· 1 - --- a/externs.h 2 - +++ b/externs.h 3 - @@ -260,6 +260,9 @@ If you're compiling this, you've got the 4 - /* that can appear correctly on one page. Can be */ 5 - /* increased to any small positive integer. */ 6 - /* */ 7 - +/* MAX_FORMAT The maximum number of characters for sscanf formats */ 8 - +/* for splitting strings with tab-delimited fields. */ 9 - +/* */ 10 - /*****************************************************************************/ 11 - 12 - #define MAX_FULL_LENGTH 8388607 /* 2**23 - 1, about 148 metres */ 13 - @@ -275,6 +278,7 @@ If you're compiling this, you've got the 14 - #define MAX_LEX_STACK 20 15 - #define MAX_CHARS 256 16 - #define MAX_HCOPIES 3 17 - +#define MAX_FORMAT 100 18 - 19 - /*****************************************************************************/ 20 - /* */ 21 - --- a/z02.c 22 - +++ b/z02.c 23 - @@ -378,7 +378,7 @@ static void srcnext(void) 24 - if( blksize != 0 && chpt < limit ) 25 - { debugcond0(DLA, DD, stack_free <= 1, "srcnext: transferring."); 26 - col = buf; 27 - - while( chtbl[(*--col = *--limit)] != NEWLINE ); 28 - + while( col > mem_block && chtbl[(*--col = *--limit)] != NEWLINE ); 29 - frst = col + 1; limit++; blksize = 0; 30 - } 31 - 32 - --- a/z33.c 33 - +++ b/z33.c 34 - @@ -847,6 +847,7 @@ BOOLEAN DbRetrieve(OBJECT db, BOOLEAN ga 35 - BOOLEAN DbRetrieveNext(OBJECT db, BOOLEAN *gall, OBJECT *sym, FULL_CHAR *tag, 36 - FULL_CHAR *seq, FILE_NUM *dfnum, long *dfpos, int *dlnum, long *cont) 37 - { FULL_CHAR line[MAX_BUFF], *cline, fname[MAX_BUFF]; int symnum; 38 - + char format[MAX_FORMAT]; 39 - ifdebug(DPP, D, ProfileOn("DbRetrieveNext")); 40 - debug2(DBS, DD, "DbRetrieveNext( %s, %ld )", string(db), *cont); 41 - assert(reading(db), "DbRetrieveNext: not reading"); 42 - @@ -858,6 +859,8 @@ BOOLEAN DbRetrieveNext(OBJECT db, BOOLEA 43 - return FALSE; 44 - } 45 - 46 - + sprintf(format, "%%d&%%%d[^\t]\t%%%d[^\t]\t%%*[^\t]\t%%ld\t%%d\t%%%d[^\n\f]", MAX_BUFF-1, MAX_BUFF-1, MAX_BUFF-1); 47 - + 48 - if( in_memory(db) ) 49 - { 50 - /* get next entry from internal database */ 51 - @@ -868,7 +871,7 @@ BOOLEAN DbRetrieveNext(OBJECT db, BOOLEA 52 - } 53 - cline = (FULL_CHAR *) db_lines(db)[*cont]; 54 - *gall = (cline[0] == '0' ? 1 : 0); 55 - - sscanf((char *)&cline[*gall], "%d&%[^\t]\t%[^\t]\t%*[^\t]\t%ld\t%d\t%[^\n\f]", 56 - + sscanf((char *)&cline[*gall], format, 57 - &symnum, tag, seq, dfpos, dlnum, fname); 58 - *cont = *cont + 1; 59 - } 60 - @@ -882,7 +885,7 @@ BOOLEAN DbRetrieveNext(OBJECT db, BOOLEA 61 - return FALSE; 62 - } 63 - *gall = (line[0] == '0' ? 1 : 0); 64 - - sscanf((char *)&line[*gall], "%d&%[^\t]\t%[^\t]\t%*[^\t]\t%ld\t%d\t%[^\n\f]", 65 - + sscanf((char *)&line[*gall], format, 66 - &symnum, tag, seq, dfpos, dlnum, fname); 67 - *cont = ftell(db_filep(db)); 68 - } 69 - --- a/z39.c 70 - +++ b/z39.c 71 - @@ -79,11 +79,13 @@ int strcollcmp(char *a, char *b) 72 - int strcollcmp(char *a, char *b) 73 - { char a1[MAX_BUFF], a2[MAX_BUFF], a3[MAX_BUFF]; 74 - char b1[MAX_BUFF], b2[MAX_BUFF], b3[MAX_BUFF]; 75 - + char format[MAX_FORMAT]; 76 - int order; 77 - + sprintf(format, "%%%d[^\t]\t%%%d[^\t]\t%%%d[^\t]", MAX_BUFF-1, MAX_BUFF-1, MAX_BUFF-1); 78 - a1[0] = a2[0] = a3[0] = '\0'; 79 - - sscanf(a, "%[^\t]\t%[^\t]\t%[^\t]", a1, a2, a3); 80 - + sscanf(a, format, a1, a2, a3); 81 - b1[0] = b2[0] = b3[0] = '\0'; 82 - - sscanf(b, "%[^\t]\t%[^\t]\t%[^\t]", b1, b2, b3); 83 - + sscanf(b, format, b1, b2, b3); 84 - order = strcoll(a1, b1); 85 - if( order == 0 ) 86 - { 87 - @@ -251,7 +253,7 @@ FULL_CHAR *StringQuotedWord(OBJECT x) 88 - *q++ = CH_QUOTE; 89 - for( p = string(x); *p != '\0'; p++ ) 90 - { 91 - - for( r = (FULL_CHAR *) quoted_string[*p]; *r != '\0'; *q++ = *r++ ); 92 - + for( r = (FULL_CHAR *) quoted_string[*p]; *r != '\0' && q < &buff[MAX_BUFF-2]; *q++ = *r++ ); 93 - } 94 - *q++ = CH_QUOTE; 95 - *q++ = '\0';

-43

pkgs/tools/typesetting/lout/builder.sh

··· 1 - # Prepare a makefile specifying the appropriate output directories. 2 - # 3 - # Written by Ludovic Courtès <ludo@gnu.org>. 4 - if [ -e .attrs.sh ]; then source .attrs.sh; fi 5 - 6 - source "$stdenv/setup" || exit 1 7 - 8 - nixMakefile="nix-makefile" 9 - 10 - # Build and install documentation, PS and PDF. 11 - installDoc () 12 - { 13 - echo "building and installing documentation..." 14 - for doc in design expert slides user 15 - do 16 - echo "building \`$doc' document..." 17 - if [ ! -f "doc/$doc/outfile.ps" ] 18 - then 19 - ( PATH="$PWD:$PATH" ; \ 20 - cd "doc/$doc" && lout -r4 -o outfile.ps all ) \ 21 - || return 1 22 - fi 23 - cp "doc/$doc/outfile.ps" "$out/doc/lout/$doc.ps" && \ 24 - ps2pdf -dPDFSETTINGS=/prepress -sPAPERSIZE=a4 \ 25 - "doc/$doc/outfile.ps" "$out/doc/lout/$doc.pdf" 26 - done 27 - 28 - return 0 29 - } 30 - 31 - unpackPhase && \ 32 - cd lout-*.* && \ 33 - cat makefile | \ 34 - sed -e "s|^PREFIX[[:blank:]]*=.*\$|PREFIX = $out|g ; \ 35 - s|^LOUTLIBDIR[[:blank:]]*=.*$|LOUTLIBDIR = \$(PREFIX)/lib/lout|g ; \ 36 - s|^LOUTDOCDIR[[:blank:]]*=.*$|LOUTDOCDIR = \$(PREFIX)/doc/lout|g ; \ 37 - s|^MANDIR[[:blank:]]*=.*$|MANDIR = \$(PREFIX)/man|g" \ 38 - > "$nixMakefile" && \ 39 - mkdir -p "$out/bin" && mkdir -p "$out/lib" \ 40 - mkdir -p "$out/man" && mkdir -p "$out/doc/lout" && \ 41 - make -f "$nixMakefile" CC=cc install installman && \ 42 - installDoc && \ 43 - fixupPhase

+10 -20

pkgs/tools/typesetting/lout/default.nix

··· 1 - {lib, stdenv, fetchurl, ghostscript}: 1 + {lib, stdenv, fetchFromGitHub, ghostscript}: 2 2 3 3 stdenv.mkDerivation rec { 4 4 pname = "lout"; 5 - version = "3.40"; 5 + version = "3.42.2"; 6 6 7 - src = fetchurl { 8 - urls = [ 9 - "ftp://ftp.cs.usyd.edu.au/jeff/lout/${pname}-${version}.tar.gz" 10 - "mirror://savannah/lout/${pname}-${version}.tar.gz" # new! 11 - "mirror://sourceforge/lout/${pname}-${version}.tar.gz" # to be phased out 12 - # XXX: We could add the CTAN mirrors 13 - # (see https://www.ctan.org/tex-archive/support/lout/). 14 - ]; 15 - sha256 = "1gb8vb1wl7ikn269dd1c7ihqhkyrwk19jwx5kd0rdvbk6g7g25ix"; 7 + src = fetchFromGitHub { 8 + owner = "william8000"; 9 + repo = pname; 10 + rev = version; 11 + hash = "sha256-rzCRxmwppBno6o4RM2GjE0pe/5yvyzyo375XdfX04As="; 16 12 }; 17 13 18 - patches = [ 19 - # https://build.opensuse.org/request/show/843612 20 - ./CVE-2019-19917-and-CVE-2019-19918.patch 21 - ]; 14 + buildInputs = [ ghostscript ]; 22 15 23 - buildInputs = [ ghostscript ]; 24 - builder = ./builder.sh; 16 + makeFlags = [ "PREFIX=$(out)/" "CC=${stdenv.cc.targetPrefix}cc" ]; 25 17 26 18 meta = { 27 19 description = "Document layout system similar in style to LaTeX"; ··· 46 38 went back to the beginning. 47 39 ''; 48 40 49 - # Author's page: http://jeffreykingston.id.au/lout/ 50 - # Wiki: https://sourceforge.net/p/lout/wiki/ 51 - homepage = "https://savannah.nongnu.org/projects/lout/"; 41 + homepage = "https://github.com/william8000/lout"; 52 42 53 43 license = lib.licenses.gpl3Plus; 54 44