git: ce1617ba393a - main - net-p2p/clboss: upgrade from 0.13.1 to 0.13.2

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Vasil Dimov <vd_at_FreeBSD.org>
Date: Fri, 02 Aug 2024 07:12:08 UTC
The branch main has been updated by vd:

URL: https://cgit.FreeBSD.org/ports/commit/?id=ce1617ba393abf4a08dcf445f1c4ac5888a64279

commit ce1617ba393abf4a08dcf445f1c4ac5888a64279
Author:     Vasil Dimov <vd@FreeBSD.org>
AuthorDate: 2024-08-02 07:10:41 +0000
Commit:     Vasil Dimov <vd@FreeBSD.org>
CommitDate: 2024-08-02 07:11:39 +0000

    net-p2p/clboss: upgrade from 0.13.1 to 0.13.2
---
 net-p2p/clboss/Makefile                 |  9 ++---
 net-p2p/clboss/distinfo                 |  6 +--
 net-p2p/clboss/files/patch-624fc32.diff | 67 +++++++++++++++++++++++++++++++++
 3 files changed, 74 insertions(+), 8 deletions(-)

diff --git a/net-p2p/clboss/Makefile b/net-p2p/clboss/Makefile
index fbf8b77c5b89..2809c459554b 100644
--- a/net-p2p/clboss/Makefile
+++ b/net-p2p/clboss/Makefile
@@ -1,18 +1,17 @@
 PORTNAME=	clboss
 DISTVERSIONPREFIX=	v
 # To build from an arbitrary git commit comment DISTVERSION
-DISTVERSION=	0.13.1
+DISTVERSION=	0.13.2
 # and uncomment the following two lines (use for example -gf8d8348c where f8d8348c is a commit hash)
 #DISTVERSION=	0
 #DISTVERSIONSUFFIX=	-g0673c50e7
+CATEGORIES=	net-p2p finance
 .if defined(DISTVERSIONSUFFIX)
 PKGNAMESUFFIX=	-devel
 .endif
-PORTREVISION=	1
-CATEGORIES=	net-p2p finance
 
 MAINTAINER=	vd@FreeBSD.org
-COMMENT=	The Core Lightning Node Manager
+COMMENT=	Core Lightning Node Manager
 WWW=		https://github.com/ZmnSCPxj/clboss
 
 LICENSE=	MIT
@@ -29,7 +28,7 @@ USES=		autoreconf \
 		pkgconfig \
 		sqlite:3
 
-CXXFLAGS=	-Wno-deprecated-declarations
+CXXFLAGS+=	-Wno-deprecated-declarations
 
 GNU_CONFIGURE=	yes
 
diff --git a/net-p2p/clboss/distinfo b/net-p2p/clboss/distinfo
index e7449830c612..6b151863ddd2 100644
--- a/net-p2p/clboss/distinfo
+++ b/net-p2p/clboss/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1715154453
-SHA256 (ZmnSCPxj-clboss-v0.13.1_GH0.tar.gz) = 963ea89826b0ccc0bf754f2391b9e7742f01af54821bcfd7bbf651508d0f238f
-SIZE (ZmnSCPxj-clboss-v0.13.1_GH0.tar.gz) = 2947982
+TIMESTAMP = 1722513369
+SHA256 (ZmnSCPxj-clboss-v0.13.2_GH0.tar.gz) = 4ed5c894fa00668cc33f2b3cc8bb2a682560e35fd58b2fe5619e8306afb22dfa
+SIZE (ZmnSCPxj-clboss-v0.13.2_GH0.tar.gz) = 2947409
diff --git a/net-p2p/clboss/files/patch-624fc32.diff b/net-p2p/clboss/files/patch-624fc32.diff
new file mode 100644
index 000000000000..8996396698e6
--- /dev/null
+++ b/net-p2p/clboss/files/patch-624fc32.diff
@@ -0,0 +1,67 @@
+commit 624fc32db7733b47c8f9fbf5cbab3a40155032b2 (origin/master, origin/HEAD)
+Parent: 44476241d101337d89bd9b7c88ec1280039d5167
+Author:     Vasil Dimov <vd@FreeBSD.org>
+AuthorDate: Wed Jun 26 09:46:55 2024 +0200
+Commit:     Ken Sedgwick <ken@bonsai.com>
+CommitDate: Wed Jul 24 11:32:53 2024 -0700
+
+    Avoid vector out of bounds access in ParserExposedBuffer.cpp
+    
+    Accessing elements past the size of a `std::vector` is undefined
+    behavior [1] and is actually checked in recent versions of LLVM
+    libcxx, which is used in FreeBSD [2].
+    
+    [1] https://en.cppreference.com/w/cpp/container/vector/operator_at:
+    > Accessing a nonexistent element through this operator is undefined
+    > behavior.
+    
+    [2] https://cgit.freebsd.org/src/tree/contrib/llvm-project/libcxx/include/vector?h=2472e352d80fcf6440fd42fbb16960cc49d05b03#n1393
+
+diff --git a/Jsmn/ParserExposedBuffer.cpp b/Jsmn/ParserExposedBuffer.cpp
+index 2e42fd6..e6099da 100644
+--- Jsmn/ParserExposedBuffer.cpp
++++ Jsmn/ParserExposedBuffer.cpp
+@@ -102,21 +102,24 @@ private:
+ 			if (datum_ender.feed(buffer[end_idx++]))
+ 				break;
+ 			if (end_idx == load_idx)
+ 				return nullptr;
+ 		}
+ 		for (;;) {
++			if (start_idx == end_idx) {
++				return nullptr;
++			}
+ 			auto res = jsmn_parse( &base
+ 					     , &buffer[start_idx], end_idx - start_idx
+ 					     , &toks[0], toks.size()
+ 					     );
+ 			if (res > 0) {
+ 				assert(base.pos + start_idx <= end_idx);
+ 				auto pr = Detail::ParseResult();
+-				auto text = std::string( &buffer[start_idx]
+-						       , &buffer[start_idx + base.pos]
++				auto text = std::string( buffer.begin() + start_idx
++						       , buffer.begin() + start_idx + base.pos
+ 						       );
+ 				pr.orig_string = std::move(text);
+ 				pr.tokens.resize(res);
+ 				for (auto i = 0; i < res; ++i)
+ 					pr.tokens[i] = token_convert(toks[i]);
+ 
+@@ -162,14 +165,14 @@ private:
+ 	 * In that case, retain our start_idx instead of
+ 	 * moving the data.
+ 	 */
+ 	void move_loaded() {
+ 		if ((load_idx - start_idx) > start_idx)
+ 			return;
+-		std::copy( &buffer[start_idx], &buffer[load_idx]
+-			 , &buffer[0]
++		std::copy( buffer.begin() + start_idx, buffer.begin() + load_idx
++			 , buffer.begin()
+ 			 );
+ 		load_idx -= start_idx;
+ 		end_idx -= start_idx;
+ 		start_idx = 0;
+ 	}
+ public: