math/readstat: Update to 1.1.9

MFH: 2024Q1 Security: 388eefc0-c93f-11ee-92ce-4ccc6adda413
freebsd · Feb 12, 2024 · 013b958 · 013b958
1 parent 221e9b7
commit 013b958
Show file tree

Hide file tree

Showing 7 changed files with 35 additions and 46 deletions.
diff --git a/math/readstat/Makefile b/math/readstat/Makefile
@@ -1,6 +1,5 @@
 PORTNAME=	readstat
-DISTVERSION=	1.1.8
-PORTREVISION=	4
+DISTVERSION=	1.1.9
 CATEGORIES=	math kde
 MASTER_SITES=	https://github.com/WizardMac/ReadStat/releases/download/v${DISTVERSION}/
 
@@ -10,9 +9,10 @@ WWW=		https://github.com/WizardMac/ReadStat
 
 LICENSE=	MIT
 
-USES=		libtool
-HAS_CONFIGURE=	yes
+USES=		cpe libtool
+CPE_VENDOR=	wizardmac
 
+HAS_CONFIGURE=	yes
 CFLAGS+=	-Werror -Wstrict-prototypes
 
 .include <bsd.port.mk>
diff --git a/math/readstat/distinfo b/math/readstat/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1661500384
-SHA256 (readstat-1.1.8.tar.gz) = b18a0d68059d9665491e53838b3ca89b06c3bdaa3b0a11d4ba87d830b743e178
-SIZE (readstat-1.1.8.tar.gz) = 615498
+TIMESTAMP = 1707695225
+SHA256 (readstat-1.1.9.tar.gz) = 3a232b9e852d10173e2f25da9155afe2e129a30d1fc6c9aac142cdc5cbfe527e
+SIZE (readstat-1.1.9.tar.gz) = 617234
diff --git a/math/readstat/files/patch-src_readstat__bits.h b/math/readstat/files/patch-src_readstat__bits.h
diff --git a/math/readstat/files/patch-src_readstat__variable.c b/math/readstat/files/patch-src_readstat__variable.c
@@ -1,11 +1,7 @@
---- src/readstat_variable.c.orig	2020-08-25 16:29:50 UTC
+--- src/readstat_variable.c.orig	2023-02-20 19:09:20 UTC
 +++ src/readstat_variable.c
-@@ -2,10 +2,10 @@
- #include <stdlib.h>
- #include "readstat.h"
-
--static readstat_value_t make_blank_value();
-+static readstat_value_t make_blank_value(void);
+@@ -5,7 +5,7 @@ static readstat_value_t make_double_value(double dval)
+ static readstat_value_t make_blank_value(void);
  static readstat_value_t make_double_value(double dval);
 
 -static readstat_value_t make_blank_value() {

diff --git a/math/readstat/files/patch-src_sas_ieee.c b/math/readstat/files/patch-src_sas_ieee.c
@@ -1,14 +1,5 @@
---- src/sas/ieee.c.orig	2018-12-15 15:27:55 UTC
+--- src/sas/ieee.c.orig	2023-02-20 19:09:20 UTC
 +++ src/sas/ieee.c
-@@ -16,7 +16,7 @@ static void ieee2xpt(unsigned char *ieee, unsigned cha
-
- #ifndef FLOATREP
- #define FLOATREP get_native()
--int get_native();
-+int get_native(void);
- #endif
-
- void memreverse(void *intp_void, int l) {
 @@ -96,7 +96,7 @@ int cnxptiee(const void *from_bytes, int fromtype, voi
      return(0);
  }

diff --git a/math/readstat/files/patch-src_spss_readstat__por.h b/math/readstat/files/patch-src_spss_readstat__por.h
diff --git a/math/readstat/files/patch-src_spss_readstat__sav__read.c b/math/readstat/files/patch-src_spss_readstat__sav__read.c
@@ -0,0 +1,24 @@
+From d9b3c922d664d03100b9f37da129b382054ea3b2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?G=C3=A1bor=20Cs=C3=A1rdi?= <csardi.gabor@gmail.com>
+Date: Fri, 9 Feb 2024 18:31:01 -0500
+Subject: [PATCH] Fix a buffer overflow
+
+It happens if raw_str_used underflows and ends up a very large number,
+which is then used as the size of a string.
+
+Closes #285.
+
+https://github.com/WizardMac/ReadStat/issues/285
+https://github.com/WizardMac/ReadStat/pull/311
+
+--- src/spss/readstat_sav_read.c.orig	2023-01-15 21:33:14 UTC
++++ src/spss/readstat_sav_read.c
+@@ -717,7 +717,7 @@ static readstat_error_t sav_process_row(unsigned char 
+             }
+             if (++offset == col_info->width) {
+                 if (++segment_offset < var_info->n_segments) {
+-                    raw_str_used--;
++                    if (raw_str_used > 0) raw_str_used--;
+                 }
+                 offset = 0;
+                 col++;