From: "Ludovic Courtès" <ludo@gnu.org>
To: Rostislav Svoboda <rostislav.svoboda@gmail.com>
Cc: 68333@debbugs.gnu.org
Subject: bug#68333: Time bomb in icedtea/openjdk
Date: Wed, 10 Jan 2024 15:35:00 +0100 [thread overview]
Message-ID: <87ply9tfxn.fsf@gnu.org> (raw)
In-Reply-To: <CAEtmmezE1j+uMKvMJ5M1i3uJX5oqEHBedn-xqEfNBTk51dvFWg@mail.gmail.com> (Rostislav Svoboda's message of "Tue, 9 Jan 2024 22:00:49 +0100")
[-- Attachment #1: Type: text/plain, Size: 1360 bytes --]
Hi,
Rostislav Svoboda <rostislav.svoboda@gmail.com> skribis:
> From 1e86e32825a5025b4ef439e7f678143416f622b5 Mon Sep 17 00:00:00 2001
> Message-ID: <1e86e32825a5025b4ef439e7f678143416f622b5.1704815654.git.Rostislav.Svoboda@gmail.com>
> From: Rostislav Svoboda <Rostislav.Svoboda@gmail.com>
> Date: Tue, 9 Jan 2024 14:08:02 +0100
> Subject: [PATCH] gnu: Fix time bomb preventing build of icedtea.
>
> Fixes <https://issues.guix.gnu.org/68333>.
>
> Fixes time bomb preventing build of icedtea by patching the java source code
> so that the java-RuntimeException is not thrown when 'more than 10 years ago'
> condition is true.
>
> * gnu/packages/java.scm (icedtea): Patch java source code so that the
> offending line is commented out.
>
> Change-Id: I4861ee2ffc5aaffb6a9244110d222ae64bfbdf94
Thanks for the quick investigation and patch! I just realized that this
affects current ‘master’ so we’d rather fix it soon.
What do you think of the attached patch? The difference is that it
patches code at its root (in the actual source tarball rather than after
it’s been copied), it does so for IcedTea 7 and 8, and there are patch
files that are slightly clearer than a substitution pattern.
It’s still building on my machine but if it works for everyone, I’d like
to push as soon as I got it built.
Ludo’.
[-- Attachment #2: the patch --]
[-- Type: text/x-patch, Size: 6935 bytes --]
From 92561a776ad88eb73034948beedbe9e6be4077b4 Mon Sep 17 00:00:00 2001
Message-ID: <92561a776ad88eb73034948beedbe9e6be4077b4.1704897216.git.ludo@gnu.org>
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Wed, 10 Jan 2024 15:27:47 +0100
Subject: [PATCH] =?UTF-8?q?gnu:=20icedtea:=20Fix=20time=20bomb=20in=20?=
=?UTF-8?q?=E2=80=98GenerateCurrencyData.java=E2=80=99.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes <https://issues.guix.gnu.org/68333>.
* gnu/packages/java.scm (icedtea-7)[drop]: Add optional ‘patches’
parameter and honor it.
[native-inputs]: Add patch for “jdk-drop”.
(icedtea-8): Likewise.
* gnu/packages/patches/jdk-currency-time-bomb.patch,
gnu/packages/patches/jdk-currency-time-bomb2.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
Change-Id: I3b4cf562ce4bedb87ce0e7c289e431fbb0dbb6f8
---
gnu/local.mk | 2 ++
gnu/packages/java.scm | 16 ++++++++++------
.../patches/jdk-currency-time-bomb.patch | 13 +++++++++++++
.../patches/jdk-currency-time-bomb2.patch | 13 +++++++++++++
4 files changed, 38 insertions(+), 6 deletions(-)
create mode 100644 gnu/packages/patches/jdk-currency-time-bomb.patch
create mode 100644 gnu/packages/patches/jdk-currency-time-bomb2.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index 16a34065c6..22970932e9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1478,6 +1478,8 @@ dist_patch_DATA = \
%D%/packages/patches/java-xerces-build_dont_unzip.patch \
%D%/packages/patches/java-xerces-xjavac_taskdef.patch \
%D%/packages/patches/jbr-17-xcursor-no-dynamic.patch \
+ %D%/packages/patches/jdk-currency-time-bomb.patch \
+ %D%/packages/patches/jdk-currency-time-bomb2.patch \
%D%/packages/patches/jfsutils-add-sysmacros.patch \
%D%/packages/patches/jfsutils-gcc-compat.patch \
%D%/packages/patches/jfsutils-include-systypes.patch \
diff --git a/gnu/packages/java.scm b/gnu/packages/java.scm
index e2c2a041a9..ded73bc461 100644
--- a/gnu/packages/java.scm
+++ b/gnu/packages/java.scm
@@ -100,13 +100,14 @@ (define-module (gnu packages java)
(define-public icedtea-7
(let* ((version "2.6.13")
- (drop (lambda (name hash)
+ (drop (lambda* (name hash #:optional (patches '()))
(origin
(method url-fetch)
(uri (string-append
"http://icedtea.classpath.org/download/drops"
"/icedtea7/" version "/" name ".tar.bz2"))
- (sha256 (base32 hash))))))
+ (sha256 (base32 hash))
+ (patches patches)))))
(package
(name "icedtea")
(version version)
@@ -614,7 +615,8 @@ (define-public icedtea-7
"110j7jlz47x2gg6f7653x12mssan5kvj9l9h1m1c8c92drfxbqyk"))
("jdk-drop"
,(drop "jdk"
- "0d1mca38ksxvdskp9im3pp7fdijhj1n3lwq9w13r9s4v3qyskgdd"))
+ "0d1mca38ksxvdskp9im3pp7fdijhj1n3lwq9w13r9s4v3qyskgdd"
+ (search-patches "jdk-currency-time-bomb.patch")))
("langtools-drop"
,(drop "langtools"
"0nq5236fzxn3p6x8cgncl56mzcmsj07q9gymysnws4c8byc6n0qj"))
@@ -687,13 +689,14 @@ (define-public icedtea-7
(define-public icedtea-8
(let* ((version "3.19.0")
- (drop (lambda (name hash)
+ (drop (lambda* (name hash #:optional (patches '()))
(origin
(method url-fetch)
(uri (string-append
"http://icedtea.classpath.org/download/drops"
"/icedtea8/" version "/" name ".tar.xz"))
- (sha256 (base32 hash))))))
+ (sha256 (base32 hash))
+ (patches patches)))))
(package (inherit icedtea-7)
(version "3.19.0")
(source (origin
@@ -839,7 +842,8 @@ (define-public icedtea-8
"1pc0pv4v2mn2mjc0vp19d94v2150xigyhxsmckqasy647zcm6w0r"))
("jdk-drop"
,(drop "jdk"
- "1742lcm55l8zhi522x83v65ccr0rd6511q9rj7crw44x3ymdrhrv"))
+ "1742lcm55l8zhi522x83v65ccr0rd6511q9rj7crw44x3ymdrhrv"
+ (search-patches "jdk-currency-time-bomb2.patch")))
("langtools-drop"
,(drop "langtools"
"08iz7p2xcddlphipf6gahyabr5cawlnydap12p1n4f0md069b50b"))
diff --git a/gnu/packages/patches/jdk-currency-time-bomb.patch b/gnu/packages/patches/jdk-currency-time-bomb.patch
new file mode 100644
index 0000000000..8e6bce6fcd
--- /dev/null
+++ b/gnu/packages/patches/jdk-currency-time-bomb.patch
@@ -0,0 +1,13 @@
+Fix a time bomb present in the jdk "drop" of IcedTea.
+
+--- a/make/tools/src/build/tools/generatecurrencydata/GenerateCurrencyData.java
++++ b/make/tools/src/build/tools/generatecurrencydata/GenerateCurrencyData.java
+@@ -284,7 +284,7 @@ public class GenerateCurrencyData {
+ String timeString = currencyInfo.substring(4, length - 4);
+ long time = format.parse(timeString).getTime();
+ if (Math.abs(time - System.currentTimeMillis()) > ((long) 10) * 365 * 24 * 60 * 60 * 1000) {
+- throw new RuntimeException("time is more than 10 years from present: " + time);
++ System.err.println("note: time is more than 10 years from \"present\": " + time);
+ }
+ specialCaseCutOverTimes[specialCaseCount] = time;
+ specialCaseOldCurrencies[specialCaseCount] = oldCurrency;
diff --git a/gnu/packages/patches/jdk-currency-time-bomb2.patch b/gnu/packages/patches/jdk-currency-time-bomb2.patch
new file mode 100644
index 0000000000..94454626c4
--- /dev/null
+++ b/gnu/packages/patches/jdk-currency-time-bomb2.patch
@@ -0,0 +1,13 @@
+Fix a time bomb present in the jdk "drop" of IcedTea 8.
+
+--- a/make/src/classes/build/tools/generatecurrencydata/GenerateCurrencyData.java
++++ b/make/src/classes/build/tools/generatecurrencydata/GenerateCurrencyData.java
+@@ -284,7 +284,7 @@ public class GenerateCurrencyData {
+ String timeString = currencyInfo.substring(4, length - 4);
+ long time = format.parse(timeString).getTime();
+ if (Math.abs(time - System.currentTimeMillis()) > ((long) 10) * 365 * 24 * 60 * 60 * 1000) {
+- throw new RuntimeException("time is more than 10 years from present: " + time);
++ System.err.println("note: time is more than 10 years from \"present\": " + time);
+ }
+ specialCaseCutOverTimes[specialCaseCount] = time;
+ specialCaseOldCurrencies[specialCaseCount] = oldCurrency;
base-commit: 3eac1c82f7f1547aa6819db867b071a4ee7de8e3
--
2.41.0
next prev parent reply other threads:[~2024-01-10 14:36 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-07 23:02 bug#68333: Time bomb in icedtea/openjdk Julien Lepiller
2024-01-09 9:51 ` Ludovic Courtès
2024-01-09 11:55 ` Rostislav Svoboda
2024-01-09 21:00 ` Rostislav Svoboda
2024-01-10 14:35 ` Ludovic Courtès [this message]
2024-01-10 16:30 ` Ludovic Courtès
2024-01-10 21:00 ` Rostislav Svoboda
2024-01-18 11:10 ` Simon Tournier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ply9tfxn.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=68333@debbugs.gnu.org \
--cc=rostislav.svoboda@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).