[gentoo-commits] repo/gentoo:master commit in: sci-mathematics/spin/, sci-mathematics/spin/files/

["Marek Szuba" <marecki@gentoo.org>]

commit:     69c2ae786d9151a8358198a73a8bcd0583ac9a1f
Author:     Marek Szuba <marecki <AT> gentoo <DOT> org>
AuthorDate: Sun Jan 16 08:56:16 2022 +0000
Commit:     Marek Szuba <marecki <AT> gentoo <DOT> org>
CommitDate: Sun Jan 16 08:57:12 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=69c2ae78

sci-mathematics/spin: backport upstream fix for CVE-2021-46168

Closes: https://bugs.gentoo.org/831220
Signed-off-by: Marek Szuba <marecki <AT> gentoo.org>

 .../spin/files/spin-6.5.2-nesting_limit.patch      | 55 ++++++++++++++++++++++
 .../{spin-6.5.2.ebuild => spin-6.5.2-r1.ebuild}    |  3 +-
 2 files changed, 57 insertions(+), 1 deletion(-)

diff --git a/sci-mathematics/spin/files/spin-6.5.2-nesting_limit.patch b/sci-mathematics/spin/files/spin-6.5.2-nesting_limit.patch
new file mode 100644
index 000000000000..c73152e8485c
--- /dev/null
+++ b/sci-mathematics/spin/files/spin-6.5.2-nesting_limit.patch
@@ -0,0 +1,55 @@
+Backported upstream changes to address CVE-2021-46168.
+
+From 62cf91c944ea457c218528e9021443a0cbe05758 Mon Sep 17 00:00:00 2001
+From: nimble-code <gerard.holzmann@gmail.com>
+Date: Sun, 2 Jan 2022 11:26:40 -0800
+Subject: [PATCH] fix
+
+--- a/sched.c
++++ b/sched.c
+@@ -18,7 +18,7 @@ extern int	lineno, nr_errs, dumptab, xspin, jumpsteps, columns;
+ extern int	u_sync, Elcnt, interactive, TstOnly, cutoff;
+ extern short	has_enabled, has_priority, has_code, replay;
+ extern int	limited_vis, product, nclaims, old_priority_rules;
+-extern int	old_scope_rules, scope_seq[128], scope_level, has_stdin;
++extern int	old_scope_rules, scope_seq[256], scope_level, has_stdin;
+ 
+ extern int	pc_highest(Lextok *n);
+ extern void	putpostlude(void);
+--- a/spinlex.c
++++ b/spinlex.c
+@@ -51,7 +51,7 @@ extern int	implied_semis, ltl_mode, in_seq, par_cnt;
+ 
+ short	has_stack = 0;
+ int	lineno  = 1;
+-int	scope_seq[128], scope_level = 0;
++int	scope_seq[256], scope_level = 0;
+ char	CurScope[MAXSCOPESZ];
+ char	yytext[2048];
+ FILE	*yyin, *yyout;
+From 9ecb1af6d174532f3a77acae3a1d424fe7345a3e Mon Sep 17 00:00:00 2001
+From: nimble-code <gerard.holzmann@gmail.com>
+Date: Sat, 15 Jan 2022 10:39:38 -0800
+Subject: [PATCH] nesting limit
+
+--- a/spinlex.c
++++ b/spinlex.c
+@@ -1704,8 +1704,16 @@ lex(void)
+ 	case '|': c = follow('|', OR, '|'); break;
+ 	case ';': c = SEMI; break;
+ 	case '.': c = follow('.', DOTDOT, '.'); break;
+-	case '{': scope_seq[scope_level++]++; set_cur_scope(); break;
+-	case '}': scope_level--; set_cur_scope(); break;
++	case '{':
++		assert(scope_level < sizeof(scope_seq)-1);
++		scope_seq[scope_level++]++;
++		set_cur_scope();
++		break;
++	case '}':
++		assert(scope_level > 0);
++		scope_level--;
++		set_cur_scope();
++		break;
+ 	default : break;
+ 	}
+ 	ValToken(0, c)

diff --git a/sci-mathematics/spin/spin-6.5.2.ebuild b/sci-mathematics/spin/spin-6.5.2-r1.ebuild
similarity index 92%
rename from sci-mathematics/spin/spin-6.5.2.ebuild
rename to sci-mathematics/spin/spin-6.5.2-r1.ebuild
index 5e4110e9abeb..0e1f17681a7c 100644
--- a/sci-mathematics/spin/spin-6.5.2.ebuild
+++ b/sci-mathematics/spin/spin-6.5.2-r1.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
 EAPI=8
@@ -27,6 +27,7 @@ BDEPEND="virtual/yacc"
 
 PATCHES=(
 	"${FILESDIR}"/${PN}-6.5.2-makefile.patch
+	"${FILESDIR}"/${PN}-6.5.2-nesting_limit.patch
 )
 
 S="${WORKDIR}"/${MY_P}/Src