forge/ayaports
1
0
Fork 0
Code Issues 44 Pull requests 15 Projects Releases Packages Wiki Activity Actions

backports/openscad: drop for in community

Browse source
This commit is contained in:
Antoine Martin 2024-04-14 18:19:09 -04:00
parent 715c1f545a
commit 21d4c1908e
6 changed files with 0 additions and 393 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

76
backports/openscad/0001-fix-CVE-2022-0496.patch
View file

@ -1,76 +0,0 @@
From 00a4692989c4e2f191525f73f24ad8727bacdf41 Mon Sep 17 00:00:00 2001
From: Torsten Paul <Torsten.Paul@gmx.de>
Date: Sat, 5 Feb 2022 18:38:31 +0100
Subject: [PATCH] CVE-2022-0496 Out-of-bounds memory access in DXF loader.
Public issue:
https://github.com/openscad/openscad/issues/4037
Fix in master branch:
https://github.com/openscad/openscad/pull/4090
---
src/dxfdata.cc | 27 +++++++++++++++++++++++----
1 file changed, 23 insertions(+), 4 deletions(-)
diff --git a/src/dxfdata.cc b/src/dxfdata.cc
index 2bb7236746..aa6b6f3976 100644
--- a/src/dxfdata.cc
+++ b/src/dxfdata.cc
@@ -441,6 +441,11 @@ DxfData::DxfData(double fn, double fs, double fa,
auto lv = grid.data(this->points[lines[idx].idx[j]][0], this->points[lines[idx].idx[j]][1]);
for (size_t ki = 0; ki < lv.size(); ++ki) {
int k = lv.at(ki);
+ if (k < 0 || k >= lines.size()) {
+ LOG(message_group::Warning,Location::NONE,"",
+ "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string()));
+ continue;
+ }
if (k == idx || lines[k].disabled) continue;
goto next_open_path_j;
}
@@ -466,13 +471,20 @@ DxfData::DxfData(double fn, double fs, double fa,
auto lv = grid.data(ref_point[0], ref_point[1]);
for (size_t ki = 0; ki < lv.size(); ++ki) {
int k = lv.at(ki);
+ if (k < 0 || k >= lines.size()) {
+ LOG(message_group::Warning,Location::NONE,"",
+ "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string()));
+ continue;
+ }
if (lines[k].disabled) continue;
- if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[0]][0], this->points[lines[k].idx[0]][1])) {
+ auto idk0 = lines[k].idx[0]; // make it easier to read and debug
+ auto idk1 = lines[k].idx[1];
+ if (grid.eq(ref_point[0], ref_point[1], this->points[idk0][0], this->points[idk0][1])) {
current_line = k;
current_point = 0;
goto found_next_line_in_open_path;
}
- if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[1]][0], this->points[lines[k].idx[1]][1])) {
+ if (grid.eq(ref_point[0], ref_point[1], this->points[idk1][0], this->points[idk1][1])) {
current_line = k;
current_point = 1;
goto found_next_line_in_open_path;
@@ -501,13 +513,20 @@ DxfData::DxfData(double fn, double fs, double fa,
auto lv = grid.data(ref_point[0], ref_point[1]);
for (size_t ki = 0; ki < lv.size(); ++ki) {
int k = lv.at(ki);
+ if (k < 0 || k >= lines.size()) {
+ LOG(message_group::Warning,Location::NONE,"",
+ "Bad DXF line index in %1$s.",QuotedString(boostfs_uncomplete(filename, fs::current_path()).generic_string()));
+ continue;
+ }
if (lines[k].disabled) continue;
- if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[0]][0], this->points[lines[k].idx[0]][1])) {
+ auto idk0 = lines[k].idx[0]; // make it easier to read and debug
+ auto idk1 = lines[k].idx[1];
+ if (grid.eq(ref_point[0], ref_point[1], this->points[idk0][0], this->points[idk0][1])) {
current_line = k;
current_point = 0;
goto found_next_line_in_closed_path;
}
- if (grid.eq(ref_point[0], ref_point[1], this->points[lines[k].idx[1]][0], this->points[lines[k].idx[1]][1])) {
+ if (grid.eq(ref_point[0], ref_point[1], this->points[idk1][0], this->points[idk1][1])) {
current_line = k;
current_point = 1;
goto found_next_line_in_closed_path;

27
backports/openscad/0002-fix-CVE-2022-0497.patch
View file

@ -1,27 +0,0 @@
From 84addf3c1efbd51d8ff424b7da276400bbfa1a4b Mon Sep 17 00:00:00 2001
From: Torsten Paul <Torsten.Paul@gmx.de>
Date: Sat, 5 Feb 2022 18:45:29 +0100
Subject: [PATCH] CVE-2022-0497 Out-of-bounds memory access in comment parser.
Public issue:
https://github.com/openscad/openscad/issues/4043
Fix in master branch:
https://github.com/openscad/openscad/pull/4044
---
src/comment.cpp | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/comment.cpp b/src/comment.cpp
index f02ad2c5f6..1ce3ab547b 100644
--- a/src/comment.cpp
+++ b/src/comment.cpp
@@ -92,7 +92,7 @@ static std::string getComment(const std::string &fulltext, int line)
}
int end = start + 1;
- while (fulltext[end] != '\n') end++;
+ while (end < fulltext.size() && fulltext[end] != '\n') end++;
std::string comment = fulltext.substr(start, end - start);

47
backports/openscad/0003-fix-build-with-cgal-5.3.patch
View file

@ -1,47 +0,0 @@
From 9aa0d7e9f2914fe5f547bdde69202161d1c6064d Mon Sep 17 00:00:00 2001
From: Jordan Brown <github@jordan.maileater.net>
Date: Sun, 18 Jul 2021 21:01:46 -0700
Subject: [PATCH] Fix build failure with "generic_print_polyhedron" on
CGAL-5.3.
---
src/cgalutils-polyhedron.cc | 13 -------------
src/cgalutils.h | 1 -
2 files changed, 14 deletions(-)
diff --git a/src/cgalutils-polyhedron.cc b/src/cgalutils-polyhedron.cc
index 9f4f98f623..41cca4b3f2 100644
--- a/src/cgalutils-polyhedron.cc
+++ b/src/cgalutils-polyhedron.cc
@@ -337,19 +337,6 @@ namespace CGALUtils {
}
};
- template <typename Polyhedron>
- std::string printPolyhedron(const Polyhedron &p) {
- std::ostringstream sstream;
- sstream.precision(20);
-
- Polyhedron_writer writer;
- generic_print_polyhedron(sstream, p, writer);
-
- return sstream.str();
- }
-
- template std::string printPolyhedron(const CGAL_Polyhedron &p);
-
}; // namespace CGALUtils
#endif /* ENABLE_CGAL */
diff --git a/src/cgalutils.h b/src/cgalutils.h
index 21a01cdba6..c08a3aa7df 100644
--- a/src/cgalutils.h
+++ b/src/cgalutils.h
@@ -45,7 +45,6 @@ namespace CGALUtils {
bool is_approximately_convex(const PolySet &ps);
Geometry const* applyMinkowski(const Geometry::Geometries &children);
- template <typename Polyhedron> std::string printPolyhedron(const Polyhedron &p);
template <typename Polyhedron> bool createPolySetFromPolyhedron(const Polyhedron &p, PolySet &ps);
template <typename Polyhedron> bool createPolyhedronFromPolySet(const PolySet &ps, Polyhedron &p);
template <class Polyhedron_A, class Polyhedron_B>

38
backports/openscad/0004-fix-build-with-cgal-5.4.patch
View file

@ -1,38 +0,0 @@
From abfebc651343909b534ef337aacc7604c99cf0ea Mon Sep 17 00:00:00 2001
From: Torsten Paul <Torsten.Paul@gmx.de>
Date: Wed, 2 Feb 2022 02:30:59 +0100
Subject: [PATCH] CGAL build fix, v5.4 renames projection traits header files
and classes.
---
src/cgalutils-tess.cc | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/cgalutils-tess.cc b/src/cgalutils-tess.cc
index ec1cc1eeb3..37f8cf08b1 100644
--- a/src/cgalutils-tess.cc
+++ b/src/cgalutils-tess.cc
@@ -6,10 +6,12 @@
#pragma push_macro("NDEBUG")
#undef NDEBUG
#include <CGAL/Constrained_Delaunay_triangulation_2.h>
-#if CGAL_VERSION_NR >= CGAL_VERSION_NUMBER(4,11,0)
- #include <CGAL/Triangulation_2_projection_traits_3.h>
+#if CGAL_VERSION_NR < 1050401000
+#include <CGAL/Triangulation_2_projection_traits_3.h>
+typedef CGAL::Triangulation_2_filtered_projection_traits_3<K> Projection;
#else
- #include <CGAL/Triangulation_2_filtered_projection_traits_3.h>
+#include <CGAL/Projection_traits_3.h>
+typedef CGAL::Filtered_projection_traits_3<K> Projection;
#endif
#include <CGAL/Triangulation_face_base_with_info_2.h>
#pragma pop_macro("NDEBUG")
@@ -19,7 +21,6 @@ struct FaceInfo {
bool in_domain() { return nesting_level%2 == 1; }
};
-typedef CGAL::Triangulation_2_filtered_projection_traits_3<K> Projection;
typedef CGAL::Triangulation_face_base_with_info_2<FaceInfo, K> Fbb;
typedef CGAL::Triangulation_data_structure_2<
CGAL::Triangulation_vertex_base_2<Projection>,

62
backports/openscad/0005-fix-boost-join.patch
View file

@ -1,62 +0,0 @@
From 08bf69b4115c989fc5671254e0d05735d01bcca5 Mon Sep 17 00:00:00 2001
From: Torsten Paul <Torsten.Paul@gmx.de>
Date: Wed, 2 Feb 2022 00:50:43 +0100
Subject: [PATCH] Fix build issue with overloaded join().
---
src/openscad.cc | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/src/openscad.cc b/src/openscad.cc
index a6f648d2a2..3c46cda2af 100644
--- a/src/openscad.cc
+++ b/src/openscad.cc
@@ -65,7 +65,6 @@
#include <chrono>
#include <boost/algorithm/string.hpp>
#include <boost/algorithm/string/split.hpp>
-#include <boost/algorithm/string/join.hpp>
#include <boost/range/adaptor/transformed.hpp>
#include <boost/program_options.hpp>
#include <boost/filesystem.hpp>
@@ -307,7 +306,7 @@ void set_render_color_scheme(const std::string color_scheme, const bool exit_if_
}
if (exit_if_not_found) {
- LOG(message_group::None,Location::NONE,"",(boost::join(ColorMap::inst()->colorSchemeNames(), "\n")));
+ LOG(message_group::None,Location::NONE,"",(boost::algorithm::join(ColorMap::inst()->colorSchemeNames(), "\n")));
exit(1);
} else {
@@ -885,7 +884,7 @@ struct CommaSeparatedVector
};
template <class Seq, typename ToString>
-std::string join(const Seq &seq, const std::string &sep, const ToString &toString)
+std::string str_join(const Seq &seq, const std::string &sep, const ToString &toString)
{
return boost::algorithm::join(boost::adaptors::transform(seq, toString), sep);
}
@@ -947,7 +946,7 @@ int main(int argc, char **argv)
("P,P", po::value<string>(), "customizer parameter set")
#ifdef ENABLE_EXPERIMENTAL
("enable", po::value<vector<string>>(), ("enable experimental features: " +
- join(boost::make_iterator_range(Feature::begin(), Feature::end()), " | ",
+ str_join(boost::make_iterator_range(Feature::begin(), Feature::end()), " | ",
[](const Feature *feature) {
return feature->get_name();
}) +
@@ -964,11 +963,11 @@ int main(int argc, char **argv)
("render", po::value<string>()->implicit_value(""), "for full geometry evaluation when exporting png")
("preview", po::value<string>()->implicit_value(""), "[=throwntogether] -for ThrownTogether preview png")
("animate", po::value<unsigned>(), "export N animated frames")
- ("view", po::value<CommaSeparatedVector>(), ("=view options: " + boost::join(viewOptions.names(), " | ")).c_str())
+ ("view", po::value<CommaSeparatedVector>(), ("=view options: " + boost::algorithm::join(viewOptions.names(), " | ")).c_str())
("projection", po::value<string>(), "=(o)rtho or (p)erspective when exporting png")
("csglimit", po::value<unsigned int>(), "=n -stop rendering at n CSG elements when exporting png")
("colorscheme", po::value<string>(), ("=colorscheme: " +
- join(ColorMap::inst()->colorSchemeNames(), " | ",
+ str_join(ColorMap::inst()->colorSchemeNames(), " | ",
[](const std::string& colorScheme) {
return (colorScheme == ColorMap::inst()->defaultColorSchemeName() ? "*" : "") + colorScheme;
}) +

143
backports/openscad/APKBUILD
View file

@ -1,143 +0,0 @@
# Maintainer: Marian Buschsieweke <marian.buschsieweke@ovgu.de>
pkgname=openscad
pkgver=2021.01
pkgrel=11
pkgdesc="The programmers solid 3D CAD modeller"
url="http://openscad.org/"
# Glew and GLES on ARM don't play well with each other
arch="all !armv7 !aarch64 !armhf"
license="GPL-2.0-only"
subpackages="$pkgname-doc"
makedepends="
bison
boost-dev
cairo-dev
cgal-dev
cmake
double-conversion-dev
eigen-dev
flex
glew-dev
gmp-dev
harfbuzz-dev
libxml2-dev
libzip-dev
libspnav-dev
mpfr-dev
opencsg-dev
qscintilla-dev
qt5-qtbase-dev
qt5-qtmultimedia-dev
"
checkdepends="
imagemagick
mesa
mesa-dri-gallium
python3
xvfb-run
"
source="
https://files.openscad.org/openscad-$pkgver.src.tar.gz
0001-fix-CVE-2022-0496.patch
0002-fix-CVE-2022-0497.patch
0003-fix-build-with-cgal-5.3.patch
0004-fix-build-with-cgal-5.4.patch
0005-fix-boost-join.patch
"
# Handle tests failing only on some arch's, or building against libs only
# provided by some arch's.
case "$CARCH" in
x86_64)
makedepends="$makedepends lib3mf-dev"
export LIB3MF_INCLUDEPATH="/usr/include/lib3mf/Bindings/Cpp"
;;
x86)
makedepends="$makedepends lib3mf-dev"
export LIB3MF_INCLUDEPATH="/usr/include/lib3mf/Bindings/Cpp"
_arch_failing_tests="
3mfpngtest_cube10
"
;;
s390x)
_arch_failing_tests="
3mfpngtest_cube10
cgalbinstlcgalpngtest_bad-stl-pcbvicebar
cgalbinstlcgalpngtest_bad-stl-tardis
cgalbinstlcgalpngtest_fn_bug
cgalbinstlcgalpngtest_issue1225
cgalpngtest_import_3mf-tests
csgpngtest_import_3mf-tests
opencsgtest_import_3mf-tests
throwntogethertest_import_3mf-tests
"
;;
*)
# lib3mf is not available on all other archs
_arch_failing_tests="
3mfpngtest_cube10
cgalpngtest_import_3mf-tests
csgpngtest_import_3mf-tests
opencsgtest_import_3mf-tests
throwntogethertest_import_3mf-tests
"
;;
esac
# secfixes:
# 2021.01-r2:
# - CVE-2022-0496
# - CVE-2022-0497
build() {
qmake-qt5 PREFIX="/usr"
make
}
check() {
cd tests
# collect failing tests in a way that creates friendly git diffs
local failing_tests
failing_tests="
3mfexport_3mf-export
astdumptest_allexpressions
cgalbinstlcgalpngtest_polyhedron-nonplanar-tests
cgalpngtest_nef3_broken
cgalpngtest_polyhedron-nonplanar-tests
cgalstlcgalpngtest_polyhedron-nonplanar-tests
csgpngtest_nef3_broken
csgpngtest_polyhedron-nonplanar-tests
echotest_allexpressions
echotest_function-literal-.*
lazyunion-.*
monotonepngtest_polyhedron-nonplanar-tests
opencsgtest_nef3_broken
pdfexporttest_centered
pdfexporttest_simple-pdf
throwntogethertest_nef3_broken
$_arch_failing_tests
"
# trim whitespace before and after list and separate expressions by | (regex or)
failing_tests="$(echo "$failing_tests" | tr -d '\n' | sed -e 's/^\s*//' -e 's/\s*$//' -e 's/\s\+/|/g')"
cmake \
-DEXPERIMENTAL=OFF \
.
make
xvfb-run ctest -E "$failing_tests"
}
package() {
make INSTALL_ROOT="$pkgdir" install
}
sha512sums="
8deaa26bf4c295c12da38f323d2b2e6f827851337f5bc1cc9c79afc083c9f913c19a263086e6e853bf2c8434c1ccc705ea22ddb02dc99d39bb1e5e03fc58d128 openscad-2021.01.src.tar.gz
369353f13bb6d2bf123af1e25b5f264cd757efa5d0cd8c226a3803a41a0fdb74aff7411ddf91cb394f9cd295e10e05159487fb6e9c2d661280bf060e391bc3da 0001-fix-CVE-2022-0496.patch
708a491c5a6166bdf92419bce68dbcb4eccbb97ce1880c5a3c919a90ae5af19aa9092e46b81fe8705e8470189d43c4ecad19dece9f1e405681a186c0bd8f5ca4 0002-fix-CVE-2022-0497.patch
090b8a8e53cc7560695d4065db891a3602923d893d752e3d007a42f2cd32c5f6f444d735d716658fb6f3d979e8cf2489cbff3a58a9070621ab5448a6dbf3372b 0003-fix-build-with-cgal-5.3.patch
7d3067bcadf5a56b3b21b80f36e8d1fd99047029b86db6803b71760d47a8b199d3485c6486767707273aa57f9a83aaafcb763fe7a1ee295b01a776f7e5db038f 0004-fix-build-with-cgal-5.4.patch
f0538eb98543a2a15534794f91c35f10d21fe04a8696639a4f08cd98daf63e6efc855b102f41ecb05a1e1bffeecc7c445fcfad7c3a90f32ec28c5a1646863466 0005-fix-boost-join.patch
"