[Buildroot] [PATCH 1/2] package/mcrypt: drop package

Fabrice Fontaine fontaine.fabrice at gmail.com
Thu Aug 5 17:42:51 UTC 2021


Drop mcrypt which is not maintained anymore (no release since 2008).

Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
---
 Config.in.legacy                        |  7 ++
 package/Config.in                       |  1 -
 package/mcrypt/0001-CVE-2012-4409.patch | 25 -------
 package/mcrypt/0002-CVE-2012-4426.patch | 35 ---------
 package/mcrypt/0003-CVE-2012-4527.patch | 99 -------------------------
 package/mcrypt/0004-no-rpath.patch      | 17 -----
 package/mcrypt/Config.in                | 12 ---
 package/mcrypt/mcrypt.hash              |  3 -
 package/mcrypt/mcrypt.mk                | 24 ------
 9 files changed, 7 insertions(+), 216 deletions(-)
 delete mode 100644 package/mcrypt/0001-CVE-2012-4409.patch
 delete mode 100644 package/mcrypt/0002-CVE-2012-4426.patch
 delete mode 100644 package/mcrypt/0003-CVE-2012-4527.patch
 delete mode 100644 package/mcrypt/0004-no-rpath.patch
 delete mode 100644 package/mcrypt/Config.in
 delete mode 100644 package/mcrypt/mcrypt.hash
 delete mode 100644 package/mcrypt/mcrypt.mk

diff --git a/Config.in.legacy b/Config.in.legacy
index 54476acf9a..1d34f81815 100644
--- a/Config.in.legacy
+++ b/Config.in.legacy
@@ -146,6 +146,13 @@ endif
 
 comment "Legacy options removed in 2021.08"
 
+config BR2_PACKAGE_MCRYPT
+	bool "mcrypt package was removed"
+	select BR2_LEGACY
+	help
+	  This package has been removed as it is not maintained anymore
+	  (no release since 2008).
+
 config BR2_PACKAGE_PHP_EXT_MCRYPT
 	bool "PHP mcrypt extension removed"
 	select BR2_LEGACY
diff --git a/package/Config.in b/package/Config.in
index 436bf2f56a..ab0f74b0e3 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2066,7 +2066,6 @@ menu "Miscellaneous"
 	source "package/gsettings-desktop-schemas/Config.in"
 	source "package/haveged/Config.in"
 	source "package/linux-syscall-support/Config.in"
-	source "package/mcrypt/Config.in"
 	source "package/mobile-broadband-provider-info/Config.in"
 	source "package/netdata/Config.in"
 	source "package/proj/Config.in"
diff --git a/package/mcrypt/0001-CVE-2012-4409.patch b/package/mcrypt/0001-CVE-2012-4409.patch
deleted file mode 100644
index 97c658bb2d..0000000000
--- a/package/mcrypt/0001-CVE-2012-4409.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 3efb40e17ce4f76717ae17a1ce1e1f747ddf59fd Mon Sep 17 00:00:00 2001
-From: Alon Bar-Lev <alon.barlev at gmail.com>
-Date: Sat, 22 Dec 2012 22:37:06 +0200
-Subject: [PATCH] cleanup: buffer overflow
-
----
- src/extra.c |    2 ++
- 1 files changed, 2 insertions(+), 0 deletions(-)
-
-diff --git a/src/extra.c b/src/extra.c
-index 3082f82..c7a1ac0 100644
---- a/src/extra.c
-+++ b/src/extra.c
-@@ -241,6 +241,8 @@ int check_file_head(FILE * fstream, char *algorithm, char *mode,
- 		if (m_getbit(6, flags) == 1) { /* if the salt bit is set */
- 			if (m_getbit(0, sflag) != 0) { /* if the first bit is set */
- 				*salt_size = m_setbit(0, sflag, 0);
-+				if (*salt_size > sizeof(tmp_buf))
-+					err_quit(_("Salt is too long\n"));
- 				if (*salt_size > 0) {
- 					fread(tmp_buf, 1, *salt_size,
- 					      fstream);
--- 
-1.7.8.6
-
diff --git a/package/mcrypt/0002-CVE-2012-4426.patch b/package/mcrypt/0002-CVE-2012-4426.patch
deleted file mode 100644
index 708d4a579e..0000000000
--- a/package/mcrypt/0002-CVE-2012-4426.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-Patch taken from gentoo.
-
-Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
-
---- a/src/errors.c
-+++ b/src/errors.c
-@@ -25,24 +25,24 @@
- 
- void err_quit(char *errmsg)
- {
--	fprintf(stderr, errmsg);
-+	fprintf(stderr, "%s", errmsg);
- 	exit(-1);
- }
- 
- void err_warn(char *errmsg)
- {
- 	if (quiet <= 1)
--		fprintf(stderr, errmsg);
-+		fprintf(stderr, "%s", errmsg);
- }
- 
- void err_info(char *errmsg)
- {
- 	if (quiet == 0)
--		fprintf(stderr, errmsg);
-+		fprintf(stderr, "%s", errmsg);
- }
- 
- void err_crit(char *errmsg)
- {
- 	if (quiet <= 2)
--		fprintf(stderr, errmsg);
-+		fprintf(stderr, "%s", errmsg);
- }
diff --git a/package/mcrypt/0003-CVE-2012-4527.patch b/package/mcrypt/0003-CVE-2012-4527.patch
deleted file mode 100644
index a8cf6f449a..0000000000
--- a/package/mcrypt/0003-CVE-2012-4527.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-Fix for CVE-2012-4527.
-Authored by Attila Bogar and Jean-Michel Vourgère <jmv_deb at nirgal.com>
-
-Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
-
-diff -Nura mcrypt-2.6.8.orig/src/mcrypt.c mcrypt-2.6.8/src/mcrypt.c
---- mcrypt-2.6.8.orig/src/mcrypt.c	2013-01-14 19:15:49.465925072 -0300
-+++ mcrypt-2.6.8/src/mcrypt.c	2013-01-14 19:28:13.711478000 -0300
-@@ -44,7 +44,9 @@
- static char rcsid[] =
-     "$Id: mcrypt.c,v 1.2 2007/11/07 17:10:21 nmav Exp $";
- 
--char tmperr[128];
-+/* Temporary error message can contain one file name and 1k of text */
-+#define ERRWIDTH ((PATH_MAX)+1024)
-+char tmperr[ERRWIDTH];
- unsigned int stream_flag = FALSE;
- char *keymode = NULL;
- char *mode = NULL;
-@@ -482,7 +484,7 @@
- #ifdef HAVE_STAT
-       if (stream_flag == FALSE) {
- 	 if (is_normal_file(file[i]) == FALSE) {
--	    sprintf(tmperr,
-+	    snprintf(tmperr, ERRWIDTH,
- 		    _
- 		    ("%s: %s is not a regular file. Skipping...\n"),
- 		    program_name, file[i]);
-@@ -501,7 +503,7 @@
- 	    dinfile = file[i];
- 	 if ((isatty(fileno((FILE *) (stdin))) == 1)
- 	     && (stream_flag == TRUE) && (force == 0)) {	/* not a tty */
--	    sprintf(tmperr,
-+	    snprintf(tmperr, ERRWIDTH,
- 		    _
- 		    ("%s: Encrypted data will not be read from a terminal.\n"),
- 		    program_name);
-@@ -520,7 +522,7 @@
- 	    einfile = file[i];
- 	 if ((isatty(fileno((FILE *) (stdout))) == 1)
- 	     && (stream_flag == TRUE) && (force == 0)) {	/* not a tty */
--	    sprintf(tmperr,
-+	    snprintf(tmperr, ERRWIDTH,
- 		    _
- 		    ("%s: Encrypted data will not be written to a terminal.\n"),
- 		    program_name);
-@@ -544,7 +546,7 @@
- 	    strcpy(outfile, einfile);
- 	    /* if file has already the .nc ignore it */
- 	    if (strstr(outfile, ".nc") != NULL) {
--	       sprintf(tmperr,
-+	       snprintf(tmperr, ERRWIDTH,
- 		       _
- 		       ("%s: file %s has the .nc suffix... skipping...\n"),
- 		       program_name, outfile);
-@@ -590,10 +592,10 @@
- 
- 	 if (x == 0) {
- 	    if (stream_flag == FALSE) {
--	       sprintf(tmperr, _("File %s was decrypted.\n"), dinfile);
-+	       snprintf(tmperr, ERRWIDTH, _("File %s was decrypted.\n"), dinfile);
- 	       err_warn(tmperr);
- 	    } else {
--	       sprintf(tmperr, _("Stdin was decrypted.\n"));
-+	       snprintf(tmperr, ERRWIDTH, _("Stdin was decrypted.\n"));
- 	       err_warn(tmperr);
- 	    }
- #ifdef HAVE_STAT
-@@ -610,7 +612,7 @@
- 
- 	 } else {
- 	    if (stream_flag == FALSE) {
--	       sprintf(tmperr,
-+	       snprintf(tmperr, ERRWIDTH,
- 		       _
- 		       ("File %s was NOT decrypted successfully.\n"),
- 		       dinfile);
-@@ -636,10 +638,10 @@
- 
- 	 if (x == 0) {
- 	    if (stream_flag == FALSE) {
--	       sprintf(tmperr, _("File %s was encrypted.\n"), einfile);
-+	       snprintf(tmperr, ERRWIDTH, _("File %s was encrypted.\n"), einfile);
- 	       err_warn(tmperr);
- 	    } else {
--	       sprintf(tmperr, _("Stdin was encrypted.\n"));
-+	       snprintf(tmperr, ERRWIDTH, _("Stdin was encrypted.\n"));
- 	       err_warn(tmperr);
- 	    }
- #ifdef HAVE_STAT
-@@ -655,7 +657,7 @@
- 
- 	 } else {
- 	    if (stream_flag == FALSE) {
--	       sprintf(tmperr,
-+	       snprintf(tmperr, ERRWIDTH,
- 		       _
- 		       ("File %s was NOT encrypted successfully.\n"),
- 		       einfile);
diff --git a/package/mcrypt/0004-no-rpath.patch b/package/mcrypt/0004-no-rpath.patch
deleted file mode 100644
index a0813bcf00..0000000000
--- a/package/mcrypt/0004-no-rpath.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Patch out rpath hardcoding since it completely ignores --disable-rpath
-and other configure ways.
-
-Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
-
-diff -Nura mcrypt-2.6.8.orig/config.rpath mcrypt-2.6.8/config.rpath
---- mcrypt-2.6.8.orig/config.rpath	2013-01-07 13:05:22.626883480 -0300
-+++ mcrypt-2.6.8/config.rpath	2013-01-07 13:12:47.196090608 -0300
-@@ -153,7 +153,7 @@
-   # here allows them to be overridden if necessary.
-   # Unlike libtool, we use -rpath here, not --rpath, since the documented
-   # option of GNU ld is called -rpath, not --rpath.
--  hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
-+  hardcode_libdir_flag_spec=
-   case "$host_os" in
-     aix3* | aix4* | aix5*)
-       # On AIX/PPC, the GNU linker is very broken
diff --git a/package/mcrypt/Config.in b/package/mcrypt/Config.in
deleted file mode 100644
index e3b9541f04..0000000000
--- a/package/mcrypt/Config.in
+++ /dev/null
@@ -1,12 +0,0 @@
-config BR2_PACKAGE_MCRYPT
-	bool "mcrypt"
-	depends on BR2_USE_MMU # fork()
-	select BR2_PACKAGE_LIBMCRYPT
-	select BR2_PACKAGE_LIBMHASH
-	help
-	  MCrypt is a replacement for the old crypt() package and
-	  crypt(1) command, with extensions.
-	  It allows developers to use a wide range of encryption
-	  functions, without making drastic changes to their code.
-
-	  http://mcrypt.sourceforge.net/
diff --git a/package/mcrypt/mcrypt.hash b/package/mcrypt/mcrypt.hash
deleted file mode 100644
index c6c8871f4f..0000000000
--- a/package/mcrypt/mcrypt.hash
+++ /dev/null
@@ -1,3 +0,0 @@
-# Locally computed:
-sha256  5145aa844e54cca89ddab6fb7dd9e5952811d8d787c4f4bf27eb261e6c182098  mcrypt-2.6.8.tar.gz
-sha256  8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903  COPYING
diff --git a/package/mcrypt/mcrypt.mk b/package/mcrypt/mcrypt.mk
deleted file mode 100644
index a04b973750..0000000000
--- a/package/mcrypt/mcrypt.mk
+++ /dev/null
@@ -1,24 +0,0 @@
-################################################################################
-#
-# mcrypt
-#
-################################################################################
-
-MCRYPT_VERSION = 2.6.8
-MCRYPT_SITE = http://downloads.sourceforge.net/project/mcrypt/MCrypt/$(MCRYPT_VERSION)
-MCRYPT_DEPENDENCIES = libmcrypt libmhash \
-	$(if $(BR2_PACKAGE_ZLIB),zlib) \
-	$(if $(BR2_PACKAGE_LIBICONV),libiconv) \
-	$(TARGET_NLS_DEPENDENCIES)
-MCRYPT_CONF_OPTS = --with-libmcrypt-prefix=$(STAGING_DIR)/usr
-MCRYPT_LICENSE = GPL-3.0
-MCRYPT_LICENSE_FILES = COPYING
-
-# 0001-CVE-2012-4409.patch
-MCRYPT_IGNORE_CVES += CVE-2012-4409
-# 0002-CVE-2012-4426.patch
-MCRYPT_IGNORE_CVES += CVE-2012-4426
-# 0003-CVE-2012-4527.patch
-MCRYPT_IGNORE_CVES += CVE-2012-4527
-
-$(eval $(autotools-package))
-- 
2.30.2



More information about the buildroot mailing list