main/cvechecker: fix build with gcc 14 / binutils 2.43

2024-09-20 11:23:16 +00:00 · 2024-08-08 13:27:16 +02:00 · 2024-08-08 13:27:16 +02:00 · 1fd16605c2
commit 1fd16605c2
parent bae4206891
3 changed files with 242 additions and 4 deletions
--- a/main/cvechecker/APKBUILD
+++ b/main/cvechecker/APKBUILD
@ -3,7 +3,7 @@
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=cvechecker
 pkgver=4.0
-pkgrel=4
+pkgrel=5
 pkgdesc="A local CVE checker tool"
 url="https://github.com/sjvermeu/cvechecker/wiki"
 arch="all"
@ -14,7 +14,10 @@ makedepends="libconfig-dev sqlite-dev mariadb-connector-c-dev
 install="$pkgname.pre-install $pkgname.post-install"
 subpackages="$pkgname-doc"
 pkggroups="$pkgname"
-source="$pkgname-$pkgver.zip::https://github.com/sjvermeu/cvechecker/archive/cvechecker-$pkgver.zip"
+source="$pkgname-$pkgver.zip::https://github.com/sjvermeu/cvechecker/archive/cvechecker-$pkgver.zip
+	port-to-OpenBSD-and-Alpine-Linux.patch
+	gcc14.patch
+	"
 builddir="$srcdir"/$pkgname-$pkgname-$pkgver

 prepare() {
@ -26,7 +29,6 @@ prepare() {
 }

 build() {
-	export LIBS="-largp"
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@ -49,4 +51,8 @@ package() {
 	chmod -R g+w "$pkgdir"/var/cvechecker &>/dev/null
 }

-sha512sums="f2c4e8ca5cbeed00b543b64e9173c64bd7d423e4cdda0731e7e79a85b81468f066bbd9903c630b58342c24e19c11b8a6b9f4c7fafe109c129d6b0baadb65aeb2  cvechecker-4.0.zip"
+sha512sums="
+f2c4e8ca5cbeed00b543b64e9173c64bd7d423e4cdda0731e7e79a85b81468f066bbd9903c630b58342c24e19c11b8a6b9f4c7fafe109c129d6b0baadb65aeb2  cvechecker-4.0.zip
+3efd22a874d3bb968de959c20c48b47e8e055b05454975d850428d9a318261545b0e97253980196d1fd10d2089eae32acbf93f19f0848a19b67db0a76ad8b8a6  port-to-OpenBSD-and-Alpine-Linux.patch
+c9ef65d7774679117bd4ca47b4f426d9765af717eabb6aab5887405baf762a420d8b42252e84f81a5111b6163bbe472344ad8fd73a344207270a7902cd4c36ac  gcc14.patch
+"
--- a/main/cvechecker/gcc14.patch
+++ b/main/cvechecker/gcc14.patch
@ -0,0 +1,92 @@
+diff --git a/src/cvecheck.h b/src/cvecheck.h
+index affedb1..6cb20e1 100644
+--- a/src/cvecheck.h
+++ b/src/cvecheck.h
+@@ -104,3 +104,5 @@ void initialize_arguments(struct arguments * arg);
+ 
+ // initialize_workstate - Initialize the workstate variable OKOK
+ int initialize_workstate(struct workstate * ws, struct arguments * arg);
+
+int copy_cpe_bare(struct cpe_data * target, struct cpe_data * source);
+diff --git a/src/mysql/mysql_impl.c b/src/mysql/mysql_impl.c
+index 479f121..4566eb3 100644
+--- a/src/mysql/mysql_impl.c
+++ b/src/mysql/mysql_impl.c
+@@ -1,5 +1,5 @@
+ #include "mysql_impl.h"
+-
+#include "cvecheck.h"
+ /*
+  * Copyright 2011-2020 Sven Vermeulen.
+  * Subject to the GNU Public License, version 3.
+@@ -104,21 +104,6 @@ int mysql_dbimpl_load_databases(struct workstate * ws) {
+   };
+ };
+ 
+-/**
+- * Add the selected CPE to the database
+- */
+-int mysql_dbimpl_add_cpe_to_database(struct workstate * ws, struct cpe_data cpe) {
+-  char buffer[BUFFERSIZE];
+-  int rc;
+-
+-  rc = add_to_mysql_database(ws, cpe);
+-  update_binmatch_files(ws, rc);
+-  cpe_to_string(buffer, BUFFERSIZE, cpe);
+-  fprintf(stdout, " - Added watch for %s\n", buffer);
+-
+-  return 0;
+-};
+-
+ /**
+  * Delete the binary
+  *
+@@ -262,6 +247,21 @@ int update_binmatch_files(struct workstate * ws, int cpeid) {
+   MYSQL_QUERY(ws->conn, stmt)
+ };
+ 
+/**
+ * Add the selected CPE to the database
+ */
+int mysql_dbimpl_add_cpe_to_database(struct workstate * ws, struct cpe_data cpe) {
+  char buffer[BUFFERSIZE];
+  int rc;
+
+  rc = add_to_mysql_database(ws, cpe);
+  update_binmatch_files(ws, rc);
+  cpe_to_string(buffer, BUFFERSIZE, cpe);
+  fprintf(stdout, " - Added watch for %s\n", buffer);
+
+  return 0;
+};
+
+ 
+ /**
+  * Process the binary
+diff --git a/src/cvecheck.c b/src/cvecheck.c
+index 58aedb9..36b280e 100644
+--- a/src/cvecheck.c
+++ b/src/cvecheck.c
+@@ -1,4 +1,8 @@
+ #include "cvecheck.h"
+
+const char * argp_program_version     = "cvechecker 4.0";
+const char * argp_program_bug_address = "<sven.vermeulen@siphos.be>";
+
+ /*
+  * Copyright 2010-2020 Sven Vermeulen.
+  * Subject to the GNU Public License, version 3.
+diff --git a/src/cvecheck.h b/src/cvecheck.h
+index 6cb20e1..7922486 100644
+--- a/src/cvecheck.h
+++ b/src/cvecheck.h
+@@ -35,9 +35,6 @@ static error_t parse_opt (int key, char * arg, struct argp_state *state);
+ #include "dummy/dummy_mysql.h"
+ #endif
+ 
+-const char * argp_program_version     = "cvechecker 4.0";
+-const char * argp_program_bug_address = "<sven.vermeulen@siphos.be>";
+-
+ static char doc[]      = "cvechecker -- Verify the state of the system against a CVE database";
+ static char args_doc[] = "";
+ 
--- a/main/cvechecker/port-to-OpenBSD-and-Alpine-Linux.patch
+++ b/main/cvechecker/port-to-OpenBSD-and-Alpine-Linux.patch
@ -0,0 +1,140 @@
+From 79f1af7f972386e3c9da60acd14a5764efeec058 Mon Sep 17 00:00:00 2001
+From: Guilherme Janczak <guilherme.janczak@yandex.com>
+Date: Mon, 23 May 2022 19:40:34 +0000
+Subject: [PATCH] port to OpenBSD and Alpine Linux
+
+To do that, I switched to libbsd-overlay, added feature testing to only
+depend on libbsd if strlcpy() is not in the libc, added a trick for
+automatically getting the include/lib paths for packages without adding
+them by hand, and added a dependency on argp-standalone on systems that
+don't have glibc's argp API.
+---
+ configure.ac            | 50 ++++++++++++++++++++---------------------
+ src/cvecheck_common.h   |  5 ++---
+ src/output/stringscmd.h |  3 +--
+ 3 files changed, 28 insertions(+), 30 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 2539aa8..8b8fadd 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -4,24 +4,6 @@ AM_INIT_AUTOMAKE([subdir-objects foreign])
+ AC_CONFIG_SRCDIR([config.h.in])
+ AC_CONFIG_HEADERS([config.h])
+ 
+-AC_MSG_CHECKING([Determining host operating system])
+-OSNAME=`uname -s`
+-AC_MSG_RESULT($OSNAME)
+-case "$OSNAME" in
+-  FreeBSD*)
+-    # Include the packages - needed for argp_standalone
+-    export CPPFLAGS="$CPPFLAGS -I/usr/local/include"
+-    export LDFLAGS="$LDFLAGS -L /usr/local/lib"
+-    AC_MSG_RESULT([FreeBSD: adding /usr/local])
+-    ;;
+-  NetBSD*)
+-    # Include the packages - needed for argp
+-    export CPPFLAGS="$CPPFLAGS -I/usr/pkg/include"
+-    export LDFLAGS="$LDFLAGS -L /usr/pkg/lib"
+-    AC_MSG_RESULT([NetBSD: adding /usr/pkg])
+-    ;;
+-esac
+-
+ # Checks for programs.
+ AC_PROG_CC
+ AC_GNU_SOURCE
+@@ -30,21 +12,39 @@ AC_GNU_SOURCE
+ AC_CHECK_HEADERS([stdlib.h],,[AC_MSG_ERROR([stdlib.h header missing])])
+ AC_CHECK_HEADERS([string.h],,[AC_MSG_ERROR([string.h header missing])])
+ AC_CHECK_HEADERS([unistd.h],,[AC_MSG_ERROR([unistd.h header missing])])
+-AC_CHECK_HEADERS([argp.h],,[AC_MSG_ERROR([argp.h header missing (part of GNU coreutils)])])
+-AC_CHECK_HEADERS([string.h],,[AC_MSG_ERROR([string.h header missing])])
+ 
+ # Checks for library functions.
+-AC_CHECK_FUNCS([gethostname memset regcomp strchr strrchr strstr strlcpy],,
+-  [PKG_CHECK_MODULES([BSD], [libbsd])])
+AC_CHECK_FUNCS([gethostname memset regcomp strchr strrchr strstr])
+ 
+ # Checks for typedefs, structures, and compiler characteristics.
+ AC_TYPE_SIZE_T
+ 
+# Checks for dependencies.
+ AC_MSG_WARN([Please make sure pkg-config is installed and autoreconf run])
+-PKG_CHECK_MODULES([BSD], [libbsd])
+
+# libbsd is obligatory on systems where strlcpy is not in libc.
+# https://man.openbsd.org/strlcpy.3
+# https://libbsd.freedesktop.org/wiki/
+AC_CHECK_FUNC([strlcpy],, [LIBBSD_NEEDED=yes])
+AS_IF([test "x$LIBBSD_NEEDED" = "xyes"], [
+  PKG_CHECK_MODULES([LIBBSD], [libbsd-overlay])
+])
+
+ PKG_CHECK_MODULES([CONFIG], [libconfig >= 1.3])
+-CFLAGS="$CFLAGS $CONFIG_CFLAGS"
+-LIBS="$LIBS $CONFIG_LIBS $BSD_LIBS"
+
+# The BSD systems don't have packages in the default include/library
+# paths. Let our pkg-config dependencies add those paths for us BEFORE we look
+# for argp.
+CFLAGS="$CFLAGS $CONFIG_CFLAGS $LIBBSD_CFLAGS"
+LIBS="$LIBS $CONFIG_LIBS $LIBBSD_LIBS"
+
+# argp-standalone is obligatory on systems where argp is not in libc.
+# https://www.gnu.org/software/libc/manual/html_node/Argp.html
+# https://github.com/argp-standalone/argp-standalone
+AC_SEARCH_LIBS([argp_parse], [argp],,
+  [AC_MSG_ERROR([argp-standalone dependency missing])]
+)
+
+ ## --with configs
+ # mysql
+ AC_ARG_ENABLE(mysql, [  --enable-mysql	Enable MySQL support])
+diff --git a/src/cvecheck_common.h b/src/cvecheck_common.h
+index 7627c94..1e40723 100644
+--- a/src/cvecheck_common.h
+++ b/src/cvecheck_common.h
+@@ -1,7 +1,6 @@
+ #include <stdio.h>
+ #include <libconfig.h>
+ #include <string.h>
+-#include <bsd/string.h>
+ 
+ #ifdef _USE_SQLITE3
+ #include <sqlite3.h>
+@@ -15,7 +14,7 @@
+  * Copyright 2010-2020 Sven Vermeulen.
+  * Subject to the GNU Public License, version 3.
+  */
+- 
+
+ #ifndef _CVETYPES
+ #define _CVETYPES
+ 
+@@ -23,7 +22,7 @@
+ #define LARGEFIELDSIZE 512
+ #define FILENAMESIZE 256
+ #define BUFFERSIZE 256
+-#define CVELINESIZE 24 
+#define CVELINESIZE 24
+ #define CPELINESIZE (7 + FIELDSIZE*11 + 5)
+ #define VERSIONLINESIZE (FILENAMESIZE*2 + 5 + CPELINESIZE)
+ // Normally, around 1800 ought to be enough (largest SELECT statement with assumption of largest values)
+diff --git a/src/output/stringscmd.h b/src/output/stringscmd.h
+index f8cba2d..6f70208 100644
+--- a/src/output/stringscmd.h
+++ b/src/output/stringscmd.h
+@@ -1,7 +1,6 @@
+ #include <regex.h>
+ #include <stdio.h>
+ #include <string.h>
+-#include <bsd/string.h>
+ #include "../cvecheck_common.h"
+ #include "../swstring.h"
+ 
+@@ -11,4 +10,4 @@
+  */
+ 
+ // strings_extract_version - Method for extracting the version from the file using the strings command
+-int strings_extract_version(struct workstate * ws, regex_t * preg, regmatch_t * pmatch, struct cpe_data * cpe); 
+int strings_extract_version(struct workstate * ws, regex_t * preg, regmatch_t * pmatch, struct cpe_data * cpe);