[bug#29158] [PATCH] gnu: ncurses: Update to 6.0-20170930.

[bug#29158] [PATCH] gnu: ncurses: Update to 6.0-20170930.

[Marius Bakke]

* gnu/packages/ncurses.scm (ncurses): Update to 6.0-20170930.
[source](patches): Remove.
[source](uri): Adjust to version suffix.
[arguments]: Add 'apply-rollup-patch' phase.
[native-inputs]: Add a "rollup-patch" origin.
* gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/local.mk                                       |   1 -
 gnu/packages/ncurses.scm                           |  33 +++-
 .../patches/ncurses-CVE-2017-10684-10685.patch     | 200 ---------------------
 3 files changed, 28 insertions(+), 206 deletions(-)
 delete mode 100644 gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 8e562c018..ecd80d198 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -890,7 +890,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/mupdf-CVE-2017-15587.patch		\
   %D%/packages/patches/mupen64plus-ui-console-notice.patch	\
   %D%/packages/patches/mutt-store-references.patch		\
-  %D%/packages/patches/ncurses-CVE-2017-10684-10685.patch	\
   %D%/packages/patches/net-tools-bitrot.patch			\
   %D%/packages/patches/netcdf-date-time.patch			\
   %D%/packages/patches/netcdf-tst_h_par.patch			\
diff --git a/gnu/packages/ncurses.scm b/gnu/packages/ncurses.scm
index 9f5905bc8..5a1486fcc 100644
--- a/gnu/packages/ncurses.scm
+++ b/gnu/packages/ncurses.scm
@@ -38,12 +38,12 @@
 (define-public ncurses
   (package
     (name "ncurses")
-    (version "6.0")
+    (version "6.0-20170930")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://gnu/ncurses/ncurses-"
-                                  version ".tar.gz"))
-              (patches (search-patches "ncurses-CVE-2017-10684-10685.patch"))
+                                  (car (string-split version #\-))
+                                  ".tar.gz"))
               (sha256
                (base32
                 "0q3jck7lna77z5r42f13c4xglc7azd19pxfrjrpgp2yf615w4lgm"))))
@@ -71,6 +71,12 @@
                                    (cons (string-append "--host=" target)
                                          configure-flags)
                                    configure-flags))))))
+           (apply-rollup-patch-phase
+            '(lambda* (#:key inputs #:allow-other-keys)
+               (copy-file (assoc-ref inputs "rollup-patch")
+                          (string-append (getcwd) "/rollup-patch.sh.bz2"))
+               (and (zero? (system* "bzip2" "-d" "rollup-patch.sh.bz2"))
+                    (zero? (system* "sh" "rollup-patch.sh")))))
            (remove-shebang-phase
             '(lambda _
                ;; To avoid retaining a reference to the bootstrap Bash via the
@@ -166,6 +172,8 @@
               ,@(if (target-mingw?) '("--enable-term-driver") '()))))
          #:tests? #f                  ; no "check" target
          #:phases (modify-phases %standard-phases
+                    (add-after 'unpack 'apply-rollup-patch
+                      ,apply-rollup-patch-phase)
                     (replace 'configure ,configure-phase)
                     (add-after 'install 'post-install
                       ,post-install-phase)
@@ -174,8 +182,23 @@
                     (add-after 'unpack 'remove-unneeded-shebang
                       ,remove-shebang-phase)))))
     (self-native-input? #t)           ; for `tic'
-     (native-inputs
-      `(("pkg-config" ,pkg-config)))
+    (native-inputs
+     `(("pkg-config" ,pkg-config)
+
+       ;; Ncurses distributes "stable" patchsets to be applied on top
+       ;; of the release tarball.  These are only available as shell
+       ;; scripts(!) so we decompress and apply them in a phase.
+       ;; See <https://invisible-mirror.net/archives/ncurses/6.0/README>.
+       ("rollup-patch"
+        ,(origin
+           (method url-fetch)
+           (uri (string-append
+                 "https://invisible-mirror.net/archives/ncurses/"
+                 (car (string-split version #\-))
+                 "/ncurses-" version "-patch.sh.bz2"))
+           (sha256
+            (base32
+             "08a1pp8wnj1fwpa1pz3fgrmd6xwp21idniswqz8lx3w3z2nb4ydi"))))))
     (native-search-paths
      (list (search-path-specification
             (variable "TERMINFO_DIRS")
diff --git a/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch b/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch
deleted file mode 100644
index 1f1b26801..000000000
--- a/gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch
+++ /dev/null
@@ -1,200 +0,0 @@
-Fix CVE-2017-10684 and CVE-2017-10685:
-
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10684
-http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10685
-
-Bug reports included proof of concept reproducer inputs:
-
-https://bugzilla.redhat.com/show_bug.cgi?id=1464684
-https://bugzilla.redhat.com/show_bug.cgi?id=1464685
-https://bugzilla.redhat.com/show_bug.cgi?id=1464686
-https://bugzilla.redhat.com/show_bug.cgi?id=1464687
-https://bugzilla.redhat.com/show_bug.cgi?id=1464688
-https://bugzilla.redhat.com/show_bug.cgi?id=1464691
-https://bugzilla.redhat.com/show_bug.cgi?id=1464692
-
-Patches copied from ncurses patch release 20170701:
-
-ftp://invisible-island.net/ncurses/6.0/ncurses-6.0-20170701.patch.gz
-
-Excerpt from patch release announcement:
-
- + add/improve checks in tic's parser to address invalid input
-   (Redhat #1464684, #1464685, #1464686, #1464691).
-   + alloc_entry.c, add a check for a null-pointer.
-   + parse_entry.c, add several checks for valid pointers as well as
-     one check to ensure that a single character on a line is not
-     treated as the 2-character termcap short-name.
- + the fixes for Redhat #1464685 obscured a problem subsequently
-   reported in Redhat #1464687; the given test-case was no longer
-   reproducible.  Testing without the fixes for the earlier reports
-   showed a problem with buffer overflow in dump_entry.c, which is
-   addressed by reducing the use of a fixed-size buffer.
-
-https://lists.gnu.org/archive/html/bug-ncurses/2017-07/msg00001.html
-
---- ncurses-6.0-20170624+/ncurses/tinfo/alloc_entry.c	2017-04-09 23:33:51.000000000 +0000
-+++ ncurses-6.0-20170701/ncurses/tinfo/alloc_entry.c	2017-06-27 23:48:55.000000000 +0000
-@@ -96,7 +96,11 @@
- {
-     char *result = 0;
-     size_t old_next_free = next_free;
--    size_t len = strlen(string) + 1;
-+    size_t len;
-+
-+    if (string == 0)
-+	return _nc_save_str("");
-+    len = strlen(string) + 1;
- 
-     if (len == 1 && next_free != 0) {
- 	/*
---- ncurses-6.0-20170624+/ncurses/tinfo/parse_entry.c	2017-06-24 22:59:46.000000000 +0000
-+++ ncurses-6.0-20170701/ncurses/tinfo/parse_entry.c	2017-06-28 00:53:12.000000000 +0000
-@@ -236,13 +236,14 @@
-      * implemented it.  Note that the resulting terminal type was never the
-      * 2-character name, but was instead the first alias after that.
-      */
-+#define ok_TC2(s) (isgraph(UChar(s)) && (s) != '|')
-     ptr = _nc_curr_token.tk_name;
-     if (_nc_syntax == SYN_TERMCAP
- #if NCURSES_XNAMES
- 	&& !_nc_user_definable
- #endif
- 	) {
--	if (ptr[2] == '|') {
-+	if (ok_TC2(ptr[0]) && ok_TC2(ptr[1]) && (ptr[2] == '|')) {
- 	    ptr += 3;
- 	    _nc_curr_token.tk_name[2] = '\0';
- 	}
-@@ -284,9 +285,11 @@
- 	if (is_use || is_tc) {
- 	    entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring);
- 	    entryp->uses[entryp->nuses].line = _nc_curr_line;
--	    entryp->nuses++;
--	    if (entryp->nuses > 1 && is_tc) {
--		BAD_TC_USAGE
-+	    if (VALID_STRING(entryp->uses[entryp->nuses].name)) {
-+		entryp->nuses++;
-+		if (entryp->nuses > 1 && is_tc) {
-+		    BAD_TC_USAGE
-+		}
- 	    }
- 	} else {
- 	    /* normal token lookup */
-@@ -588,7 +591,7 @@
- static void
- append_acs(string_desc * dst, int code, char *src)
- {
--    if (src != 0 && strlen(src) == 1) {
-+    if (VALID_STRING(src) && strlen(src) == 1) {
- 	append_acs0(dst, code, *src);
-     }
- }
-@@ -849,15 +852,14 @@
- 	    }
- 
- 	    if (tp->Strings[to_ptr->nte_index]) {
-+		const char *s = tp->Strings[from_ptr->nte_index];
-+		const char *t = tp->Strings[to_ptr->nte_index];
- 		/* There's no point in warning about it if it's the same
- 		 * string; that's just an inefficiency.
- 		 */
--		if (strcmp(
--			      tp->Strings[from_ptr->nte_index],
--			      tp->Strings[to_ptr->nte_index]) != 0)
-+		if (VALID_STRING(s) && VALID_STRING(t) && strcmp(s, t) != 0)
- 		    _nc_warning("%s (%s) already has an explicit value %s, ignoring ko",
--				ap->to, ap->from,
--				_nc_visbuf(tp->Strings[to_ptr->nte_index]));
-+				ap->to, ap->from, t);
- 		continue;
- 	    }
- 
---- ncurses-6.0-20170624+/progs/dump_entry.c	2017-06-23 22:47:43.000000000 +0000
-+++ ncurses-6.0-20170701/progs/dump_entry.c	2017-07-01 11:27:29.000000000 +0000
-@@ -841,9 +841,10 @@
-     PredIdx num_strings = 0;
-     bool outcount = 0;
- 
--#define WRAP_CONCAT	\
--	wrap_concat(buffer); \
--	outcount = TRUE
-+#define WRAP_CONCAT1(s)		wrap_concat(s); outcount = TRUE
-+#define WRAP_CONCAT2(a,b)	wrap_concat(a); WRAP_CONCAT1(b)
-+#define WRAP_CONCAT3(a,b,c)	wrap_concat(a); WRAP_CONCAT2(b,c)
-+#define WRAP_CONCAT		WRAP_CONCAT1(buffer)
- 
-     len = 12;			/* terminfo file-header */
- 
-@@ -1007,9 +1008,9 @@
- 		    set_attributes = save_sgr;
- 
- 		    trimmed_sgr0 = _nc_trim_sgr0(tterm);
--		    if (strcmp(capability, trimmed_sgr0))
-+		    if (strcmp(capability, trimmed_sgr0)) {
- 			capability = trimmed_sgr0;
--		    else {
-+		    } else {
- 			if (trimmed_sgr0 != exit_attribute_mode)
- 			    free(trimmed_sgr0);
- 		    }
-@@ -1046,13 +1047,21 @@
- 			_nc_SPRINTF(buffer, _nc_SLIMIT(sizeof(buffer))
- 				    "%s=!!! %s WILL NOT CONVERT !!!",
- 				    name, srccap);
-+			WRAP_CONCAT;
- 		    } else if (suppress_untranslatable) {
- 			continue;
- 		    } else {
- 			char *s = srccap, *d = buffer;
--			_nc_SPRINTF(d, _nc_SLIMIT(sizeof(buffer)) "..%s=", name);
--			d += strlen(d);
-+			WRAP_CONCAT3("..", name, "=");
- 			while ((*d = *s++) != 0) {
-+			    if ((d - buffer - 1) >= (int) sizeof(buffer)) {
-+				fprintf(stderr,
-+					"%s: value for %s is too long\n",
-+					_nc_progname,
-+					name);
-+				*d = '\0';
-+				break;
-+			    }
- 			    if (*d == ':') {
- 				*d++ = '\\';
- 				*d = ':';
-@@ -1061,13 +1070,12 @@
- 			    }
- 			    d++;
- 			}
-+			WRAP_CONCAT;
- 		    }
- 		} else {
--		    _nc_SPRINTF(buffer, _nc_SLIMIT(sizeof(buffer))
--				"%s=%s", name, cv);
-+		    WRAP_CONCAT3(name, "=", cv);
- 		}
- 		len += (int) strlen(capability) + 1;
--		WRAP_CONCAT;
- 	    } else {
- 		char *src = _nc_tic_expand(capability,
- 					   outform == F_TERMINFO, numbers);
-@@ -1083,8 +1091,7 @@
- 		    strcpy_DYN(&tmpbuf, src);
- 		}
- 		len += (int) strlen(capability) + 1;
--		wrap_concat(tmpbuf.text);
--		outcount = TRUE;
-+		WRAP_CONCAT1(tmpbuf.text);
- 	    }
- 	}
- 	/* e.g., trimmed_sgr0 */
-@@ -1526,7 +1533,8 @@
- 		}
- 		if (len > critlen) {
- 		    (void) fprintf(stderr,
--				   "warning: %s entry is %d bytes long\n",
-+				   "%s: %s entry is %d bytes long\n",
-+				   _nc_progname,
- 				   _nc_first_name(tterm->term_names),
- 				   len);
- 		    SHOW_WHY("# WARNING: this entry, %d bytes long, may core-dump %s libraries!\n",
-- 
2.15.0

bug#29158: [PATCH] gnu: ncurses: Update to 6.0-20170930.

[Marius Bakke]

[-- Attachment #1: Type: text/plain, Size: 639 bytes --]

Marius Bakke <mbakke@fastmail.com> writes:

> * gnu/packages/ncurses.scm (ncurses): Update to 6.0-20170930.
> [source](patches): Remove.
> [source](uri): Adjust to version suffix.
> [arguments]: Add 'apply-rollup-patch' phase.
> [native-inputs]: Add a "rollup-patch" origin.
> * gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch: Delete file.
> * gnu/local.mk (dist_patch_DATA): Remove it.

Since there were no comments in two weeks, I have 'staged' this in my
local queue for core-updates and will push later today/tomorrow.

Ludo: Is the kernel on Hydra upgraded now?  Let's start a new 'core'
evaluation once this patch makes it.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 483 bytes --]

[bug#29158] [PATCH] gnu: ncurses: Update to 6.0-20170930.

[Ludovic Courtès]

Hello Marius!

Marius Bakke <mbakke@fastmail.com> skribis:

> Marius Bakke <mbakke@fastmail.com> writes:
>
>> * gnu/packages/ncurses.scm (ncurses): Update to 6.0-20170930.
>> [source](patches): Remove.
>> [source](uri): Adjust to version suffix.
>> [arguments]: Add 'apply-rollup-patch' phase.
>> [native-inputs]: Add a "rollup-patch" origin.
>> * gnu/packages/patches/ncurses-CVE-2017-10684-10685.patch: Delete file.
>> * gnu/local.mk (dist_patch_DATA): Remove it.
>
> Since there were no comments in two weeks, I have 'staged' this in my
> local queue for core-updates and will push later today/tomorrow.

Sounds reasonable.

> Ludo: Is the kernel on Hydra upgraded now?  Let's start a new 'core'
> evaluation once this patch makes it.

Yes, the kernel is upgraded.  These “core” evaluations are relatively
cheap, so you can start new ones maybe not too often, but without fear
(I just did.)

Thanks,
Ludo’.