diff --git a/backports/openscad/0001-fix-CVE-2022-0496.patch b/backports/openscad/0001-fix-CVE-2022-0496.patch deleted file mode 100644 index 8f8a1e8..0000000 --- a/backports/openscad/0001-fix-CVE-2022-0496.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 00a4692989c4e2f191525f73f24ad8727bacdf41 Mon Sep 17 00:00:00 2001 -From: Torsten Paul -Date: Sat, 5 Feb 2022 18:38:31 +0100 -Subject: [PATCH] CVE-2022-0496 Out-of-bounds memory access in DXF loader. - -Public issue: -https://github.com/openscad/openscad/issues/4037 - -Fix in master branch: -https://github.com/openscad/openscad/pull/4090 ---- - src/dxfdata.cc | 27 +++++++++++++++++++++++---- - 1 file changed, 23 insertions(+), 4 deletions(-) - -diff --git a/src/dxfdata.cc b/src/dxfdata.cc -index 2bb7236746..aa6b6f3976 100644 ---- a/src/dxfdata.cc -+++ b/src/dxfdata.cc -@@ -441,6 +441,11 @@ DxfData::DxfData(double fn, double fs, double fa, - auto lv = grid.data(this->points[lines[idx].idx[j]][0], this->points[lines[idx].idx[j]][1]); - for (size_t ki = 0; ki < lv.size(); ++ki) { - int k = lv.at(ki); -+ if (k < 0 || k >= lines.size()) { -+ LOG(message_group::Warning,Location::NONE,"", -+ "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string())); -+ continue; -+ } - if (k == idx || lines[k].disabled) continue; - goto next_open_path_j; - } -@@ -466,13 +471,20 @@ DxfData::DxfData(double fn, double fs, double fa, - auto lv = grid.data(ref_point[0], ref_point[1]); - for (size_t ki = 0; ki < lv.size(); ++ki) { - int k = lv.at(ki); -+ if (k < 0 || k >= lines.size()) { -+ LOG(message_group::Warning,Location::NONE,"", -+ "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string())); -+ continue; -+ } - if (lines[k].disabled) continue; -- if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[0]][0], this->points[lines[k].idx[0]][1])) { -+ auto idk0 = lines[k].idx[0]; // make it easier to read and debug -+ auto idk1 = lines[k].idx[1]; -+ if (grid.eq(ref_point[0], ref_point[1], this->points[idk0][0], this->points[idk0][1])) { - current_line = k; - current_point = 0; - goto found_next_line_in_open_path; - } -- if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[1]][0], this->points[lines[k].idx[1]][1])) { -+ if (grid.eq(ref_point[0], ref_point[1], this->points[idk1][0], this->points[idk1][1])) { - current_line = k; - current_point = 1; - goto found_next_line_in_open_path; -@@ -501,13 +513,20 @@ DxfData::DxfData(double fn, double fs, double fa, - auto lv = grid.data(ref_point[0], ref_point[1]); - for (size_t ki = 0; ki < lv.size(); ++ki) { - int k = lv.at(ki); -+ if (k < 0 || k >= lines.size()) { -+ LOG(message_group::Warning,Location::NONE,"", -+ "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string())); -+ continue; -+ } - if (lines[k].disabled) continue; -- if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[0]][0], this->points[lines[k].idx[0]][1])) { -+ auto idk0 = lines[k].idx[0]; // make it easier to read and debug -+ auto idk1 = lines[k].idx[1]; -+ if (grid.eq(ref_point[0], ref_point[1], this->points[idk0][0], this->points[idk0][1])) { - current_line = k; - current_point = 0; - goto found_next_line_in_closed_path; - } -- if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[1]][0], this->points[lines[k].idx[1]][1])) { -+ if (grid.eq(ref_point[0], ref_point[1], this->points[idk1][0], this->points[idk1][1])) { - current_line = k; - current_point = 1; - goto found_next_line_in_closed_path; diff --git a/backports/openscad/0002-fix-CVE-2022-0497.patch b/backports/openscad/0002-fix-CVE-2022-0497.patch deleted file mode 100644 index fac3024..0000000 --- a/backports/openscad/0002-fix-CVE-2022-0497.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 84addf3c1efbd51d8ff424b7da276400bbfa1a4b Mon Sep 17 00:00:00 2001 -From: Torsten Paul -Date: Sat, 5 Feb 2022 18:45:29 +0100 -Subject: [PATCH] CVE-2022-0497 Out-of-bounds memory access in comment parser. - -Public issue: -https://github.com/openscad/openscad/issues/4043 - -Fix in master branch: -https://github.com/openscad/openscad/pull/4044 ---- - src/comment.cpp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/comment.cpp b/src/comment.cpp -index f02ad2c5f6..1ce3ab547b 100644 ---- a/src/comment.cpp -+++ b/src/comment.cpp -@@ -92,7 +92,7 @@ static std::string getComment(const std::string &fulltext, int line) - } - - int end = start + 1; -- while (fulltext[end] != '\n') end++; -+ while (end < fulltext.size() && fulltext[end] != '\n') end++; - - std::string comment = fulltext.substr(start, end - start); - diff --git a/backports/openscad/0003-fix-build-with-cgal-5.3.patch b/backports/openscad/0003-fix-build-with-cgal-5.3.patch deleted file mode 100644 index dc3c1ca..0000000 --- a/backports/openscad/0003-fix-build-with-cgal-5.3.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 9aa0d7e9f2914fe5f547bdde69202161d1c6064d Mon Sep 17 00:00:00 2001 -From: Jordan Brown -Date: Sun, 18 Jul 2021 21:01:46 -0700 -Subject: [PATCH] Fix build failure with "generic_print_polyhedron" on - CGAL-5.3. - ---- - src/cgalutils-polyhedron.cc | 13 ------------- - src/cgalutils.h | 1 - - 2 files changed, 14 deletions(-) - -diff --git a/src/cgalutils-polyhedron.cc b/src/cgalutils-polyhedron.cc -index 9f4f98f623..41cca4b3f2 100644 ---- a/src/cgalutils-polyhedron.cc -+++ b/src/cgalutils-polyhedron.cc -@@ -337,19 +337,6 @@ namespace CGALUtils { - } - }; - -- template -- std::string printPolyhedron(const Polyhedron &p) { -- std::ostringstream sstream; -- sstream.precision(20); -- -- Polyhedron_writer writer; -- generic_print_polyhedron(sstream, p, writer); -- -- return sstream.str(); -- } -- -- template std::string printPolyhedron(const CGAL_Polyhedron &p); -- - }; // namespace CGALUtils - - #endif /* ENABLE_CGAL */ -diff --git a/src/cgalutils.h b/src/cgalutils.h -index 21a01cdba6..c08a3aa7df 100644 ---- a/src/cgalutils.h -+++ b/src/cgalutils.h -@@ -45,7 +45,6 @@ namespace CGALUtils { - bool is_approximately_convex(const PolySet &ps); - Geometry const* applyMinkowski(const Geometry::Geometries &children); - -- template std::string printPolyhedron(const Polyhedron &p); - template bool createPolySetFromPolyhedron(const Polyhedron &p, PolySet &ps); - template bool createPolyhedronFromPolySet(const PolySet &ps, Polyhedron &p); - template diff --git a/backports/openscad/0004-fix-build-with-cgal-5.4.patch b/backports/openscad/0004-fix-build-with-cgal-5.4.patch deleted file mode 100644 index f1fedc2..0000000 --- a/backports/openscad/0004-fix-build-with-cgal-5.4.patch +++ /dev/null @@ -1,38 +0,0 @@ -From abfebc651343909b534ef337aacc7604c99cf0ea Mon Sep 17 00:00:00 2001 -From: Torsten Paul -Date: Wed, 2 Feb 2022 02:30:59 +0100 -Subject: [PATCH] CGAL build fix, v5.4 renames projection traits header files - and classes. - ---- - src/cgalutils-tess.cc | 9 +++++---- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/src/cgalutils-tess.cc b/src/cgalutils-tess.cc -index ec1cc1eeb3..37f8cf08b1 100644 ---- a/src/cgalutils-tess.cc -+++ b/src/cgalutils-tess.cc -@@ -6,10 +6,12 @@ - #pragma push_macro("NDEBUG") - #undef NDEBUG - #include --#if CGAL_VERSION_NR >= CGAL_VERSION_NUMBER(4,11,0) -- #include -+#if CGAL_VERSION_NR < 1050401000 -+#include -+typedef CGAL::Triangulation_2_filtered_projection_traits_3 Projection; - #else -- #include -+#include -+typedef CGAL::Filtered_projection_traits_3 Projection; - #endif - #include - #pragma pop_macro("NDEBUG") -@@ -19,7 +21,6 @@ struct FaceInfo { - bool in_domain() { return nesting_level%2 == 1; } - }; - --typedef CGAL::Triangulation_2_filtered_projection_traits_3 Projection; - typedef CGAL::Triangulation_face_base_with_info_2 Fbb; - typedef CGAL::Triangulation_data_structure_2< - CGAL::Triangulation_vertex_base_2, diff --git a/backports/openscad/0005-fix-boost-join.patch b/backports/openscad/0005-fix-boost-join.patch deleted file mode 100644 index 1347c27..0000000 --- a/backports/openscad/0005-fix-boost-join.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 08bf69b4115c989fc5671254e0d05735d01bcca5 Mon Sep 17 00:00:00 2001 -From: Torsten Paul -Date: Wed, 2 Feb 2022 00:50:43 +0100 -Subject: [PATCH] Fix build issue with overloaded join(). - ---- - src/openscad.cc | 11 +++++------ - 1 file changed, 5 insertions(+), 6 deletions(-) - -diff --git a/src/openscad.cc b/src/openscad.cc -index a6f648d2a2..3c46cda2af 100644 ---- a/src/openscad.cc -+++ b/src/openscad.cc -@@ -65,7 +65,6 @@ - #include - #include - #include --#include - #include - #include - #include -@@ -307,7 +306,7 @@ void set_render_color_scheme(const std::string color_scheme, const bool exit_if_ - } - - if (exit_if_not_found) { -- LOG(message_group::None,Location::NONE,"",(boost::join(ColorMap::inst()->colorSchemeNames(), "\n"))); -+ LOG(message_group::None,Location::NONE,"",(boost::algorithm::join(ColorMap::inst()->colorSchemeNames(), "\n"))); - - exit(1); - } else { -@@ -885,7 +884,7 @@ struct CommaSeparatedVector - }; - - template --std::string join(const Seq &seq, const std::string &sep, const ToString &toString) -+std::string str_join(const Seq &seq, const std::string &sep, const ToString &toString) - { - return boost::algorithm::join(boost::adaptors::transform(seq, toString), sep); - } -@@ -947,7 +946,7 @@ int main(int argc, char **argv) - ("P,P", po::value(), "customizer parameter set") - #ifdef ENABLE_EXPERIMENTAL - ("enable", po::value>(), ("enable experimental features: " + -- join(boost::make_iterator_range(Feature::begin(), Feature::end()), " | ", -+ str_join(boost::make_iterator_range(Feature::begin(), Feature::end()), " | ", - [](const Feature *feature) { - return feature->get_name(); - }) + -@@ -964,11 +963,11 @@ int main(int argc, char **argv) - ("render", po::value()->implicit_value(""), "for full geometry evaluation when exporting png") - ("preview", po::value()->implicit_value(""), "[=throwntogether] -for ThrownTogether preview png") - ("animate", po::value(), "export N animated frames") -- ("view", po::value(), ("=view options: " + boost::join(viewOptions.names(), " | ")).c_str()) -+ ("view", po::value(), ("=view options: " + boost::algorithm::join(viewOptions.names(), " | ")).c_str()) - ("projection", po::value(), "=(o)rtho or (p)erspective when exporting png") - ("csglimit", po::value(), "=n -stop rendering at n CSG elements when exporting png") - ("colorscheme", po::value(), ("=colorscheme: " + -- join(ColorMap::inst()->colorSchemeNames(), " | ", -+ str_join(ColorMap::inst()->colorSchemeNames(), " | ", - [](const std::string& colorScheme) { - return (colorScheme == ColorMap::inst()->defaultColorSchemeName() ? "*" : "") + colorScheme; - }) + diff --git a/backports/openscad/APKBUILD b/backports/openscad/APKBUILD deleted file mode 100644 index 0e037f1..0000000 --- a/backports/openscad/APKBUILD +++ /dev/null @@ -1,143 +0,0 @@ -# Maintainer: Marian Buschsieweke -pkgname=openscad -pkgver=2021.01 -pkgrel=11 -pkgdesc="The programmers solid 3D CAD modeller" -url="http://openscad.org/" -# Glew and GLES on ARM don't play well with each other -arch="all !armv7 !aarch64 !armhf" -license="GPL-2.0-only" -subpackages="$pkgname-doc" -makedepends=" - bison - boost-dev - cairo-dev - cgal-dev - cmake - double-conversion-dev - eigen-dev - flex - glew-dev - gmp-dev - harfbuzz-dev - libxml2-dev - libzip-dev - libspnav-dev - mpfr-dev - opencsg-dev - qscintilla-dev - qt5-qtbase-dev - qt5-qtmultimedia-dev - " -checkdepends=" - imagemagick - mesa - mesa-dri-gallium - python3 - xvfb-run - " -source=" - https://files.openscad.org/openscad-$pkgver.src.tar.gz - - 0001-fix-CVE-2022-0496.patch - 0002-fix-CVE-2022-0497.patch - 0003-fix-build-with-cgal-5.3.patch - 0004-fix-build-with-cgal-5.4.patch - 0005-fix-boost-join.patch - " - -# Handle tests failing only on some arch's, or building against libs only -# provided by some arch's. -case "$CARCH" in - x86_64) - makedepends="$makedepends lib3mf-dev" - export LIB3MF_INCLUDEPATH="/usr/include/lib3mf/Bindings/Cpp" - ;; - x86) - makedepends="$makedepends lib3mf-dev" - export LIB3MF_INCLUDEPATH="/usr/include/lib3mf/Bindings/Cpp" - _arch_failing_tests=" - 3mfpngtest_cube10 - " - ;; - s390x) - _arch_failing_tests=" - 3mfpngtest_cube10 - cgalbinstlcgalpngtest_bad-stl-pcbvicebar - cgalbinstlcgalpngtest_bad-stl-tardis - cgalbinstlcgalpngtest_fn_bug - cgalbinstlcgalpngtest_issue1225 - cgalpngtest_import_3mf-tests - csgpngtest_import_3mf-tests - opencsgtest_import_3mf-tests - throwntogethertest_import_3mf-tests - " - ;; - *) - # lib3mf is not available on all other archs - _arch_failing_tests=" - 3mfpngtest_cube10 - cgalpngtest_import_3mf-tests - csgpngtest_import_3mf-tests - opencsgtest_import_3mf-tests - throwntogethertest_import_3mf-tests - " - ;; -esac - -# secfixes: -# 2021.01-r2: -# - CVE-2022-0496 -# - CVE-2022-0497 - -build() { - qmake-qt5 PREFIX="/usr" - make -} - -check() { - cd tests - # collect failing tests in a way that creates friendly git diffs - local failing_tests - failing_tests=" - 3mfexport_3mf-export - astdumptest_allexpressions - cgalbinstlcgalpngtest_polyhedron-nonplanar-tests - cgalpngtest_nef3_broken - cgalpngtest_polyhedron-nonplanar-tests - cgalstlcgalpngtest_polyhedron-nonplanar-tests - csgpngtest_nef3_broken - csgpngtest_polyhedron-nonplanar-tests - echotest_allexpressions - echotest_function-literal-.* - lazyunion-.* - monotonepngtest_polyhedron-nonplanar-tests - opencsgtest_nef3_broken - pdfexporttest_centered - pdfexporttest_simple-pdf - throwntogethertest_nef3_broken - $_arch_failing_tests - " - - # trim whitespace before and after list and separate expressions by | (regex or) - failing_tests="$(echo "$failing_tests" | tr -d '\n' | sed -e 's/^\s*//' -e 's/\s*$//' -e 's/\s\+/|/g')" - - cmake \ - -DEXPERIMENTAL=OFF \ - . - make - xvfb-run ctest -E "$failing_tests" -} - -package() { - make INSTALL_ROOT="$pkgdir" install -} - -sha512sums=" -8deaa26bf4c295c12da38f323d2b2e6f827851337f5bc1cc9c79afc083c9f913c19a263086e6e853bf2c8434c1ccc705ea22ddb02dc99d39bb1e5e03fc58d128 openscad-2021.01.src.tar.gz -369353f13bb6d2bf123af1e25b5f264cd757efa5d0cd8c226a3803a41a0fdb74aff7411ddf91cb394f9cd295e10e05159487fb6e9c2d661280bf060e391bc3da 0001-fix-CVE-2022-0496.patch -708a491c5a6166bdf92419bce68dbcb4eccbb97ce1880c5a3c919a90ae5af19aa9092e46b81fe8705e8470189d43c4ecad19dece9f1e405681a186c0bd8f5ca4 0002-fix-CVE-2022-0497.patch -090b8a8e53cc7560695d4065db891a3602923d893d752e3d007a42f2cd32c5f6f444d735d716658fb6f3d979e8cf2489cbff3a58a9070621ab5448a6dbf3372b 0003-fix-build-with-cgal-5.3.patch -7d3067bcadf5a56b3b21b80f36e8d1fd99047029b86db6803b71760d47a8b199d3485c6486767707273aa57f9a83aaafcb763fe7a1ee295b01a776f7e5db038f 0004-fix-build-with-cgal-5.4.patch -f0538eb98543a2a15534794f91c35f10d21fe04a8696639a4f08cd98daf63e6efc855b102f41ecb05a1e1bffeecc7c445fcfad7c3a90f32ec28c5a1646863466 0005-fix-boost-join.patch -"