ubsan fix for bundled boost (#988)

* bundle mdds * bundle boost * ofz#2894 fix int overflow in boost
2017-11-16 16:07:02 +01:00 · 2017-11-16 16:07:02 +01:00 · 4039e9864b
parent 5cd4d6189d
commit 4039e9864b
3 changed files with 50 additions and 1 deletions
--- a/projects/dlplibs/Dockerfile
+++ b/projects/dlplibs/Dockerfile
@ -21,12 +21,14 @@ RUN sed -i -e '/^#\s*deb-src.*\smain\s\+restricted/s/^#//' /etc/apt/sources.list
 # install build requirements
 RUN apt-get update && \
    apt-get install -y wget xz-utils autoconf automake libtool pkg-config \
-        gperf libboost-dev libglm-dev libmdds-dev patch
+        gperf libglm-dev patch
 ADD https://dev-www.libreoffice.org/src/lcms2-2.8.tar.gz \
    https://dev-www.libreoffice.org/src/zlib-1.2.11.tar.xz \
    https://dev-www.libreoffice.org/src/libpng-1.6.34.tar.xz \
    https://dev-www.libreoffice.org/src/libxml2-2.9.7.tar.gz \
    https://dev-www.libreoffice.org/src/icu4c-60_1-src.tgz \
+    https://dev-www.libreoffice.org/src/mdds-1.3.1.tar.bz2 \
+    https://dev-www.libreoffice.org/src/boost_1_65_1.tar.bz2 \
    $SRC/
 # download fuzzing corpora
 ADD https://dev-www.libreoffice.org/corpus/olefuzzer_seed_corpus.zip \
--- a/projects/dlplibs/build.sh
+++ b/projects/dlplibs/build.sh
@ -61,6 +61,19 @@ export ICU_CFLAGS="-I$(pwd) -I$(pwd)/i18n -I$(pwd)/common"
 export ICU_LIBS="-L$(pwd)/lib -licui18n -licuuc -licudata"
 popd

+tar -xjf $SRC/boost_1_65_1.tar.bz2
+pushd boost_1_65_1
+patch -p2 < $SRC/ofz2894.patch
+export CPPFLAGS="-I$(pwd)"
+popd
+
+tar -xjf $SRC/mdds-1.3.1.tar.bz2
+pushd mdds-1.3.1
+./configure
+export MDDS_CFLAGS="-I$(pwd)/include"
+export MDDS_LIBS=' '
+popd
+
 pushd librevenge
 ./autogen.sh
 ./configure --without-docs --disable-werror --disable-shared --enable-static --disable-tests --enable-fuzzers
--- a/projects/dlplibs/ofz2894.patch
+++ b/projects/dlplibs/ofz2894.patch
@ -0,0 +1,34 @@
+From 3d8a80c4f3470fea0169f6774320e61619bac52b Mon Sep 17 00:00:00 2001
+From: David Tardon <dtardon@redhat.com>
+Date: Mon, 2 Oct 2017 16:22:36 +0200
+Subject: [PATCH] ofz#2894 avoid signed integer overflow
+
+/usr/include/boost/spirit/home/qi/numeric/detail/real_impl.hpp:86:48: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself
+---
+ include/boost/spirit/home/qi/numeric/detail/real_impl.hpp | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/include/boost/spirit/home/qi/numeric/detail/real_impl.hpp b/include/boost/spirit/home/qi/numeric/detail/real_impl.hpp
+index 9aa5bb8bb..3e7ab18a9 100644
+--- a/include/boost/spirit/home/qi/numeric/detail/real_impl.hpp
+++ b/include/boost/spirit/home/qi/numeric/detail/real_impl.hpp
+@@ -81,12 +81,13 @@ namespace boost { namespace spirit { namespace traits
+                 detail::compensate_roundoff(n, acc_n);
+                 n /= pow10<T>(-min_exp);
+ 
+-                // return false if (-exp + min_exp) exceeds the -min_exp
+                // return false if exp still exceeds the min_exp
+                 // do this check only for primitive types!
+-                if (is_floating_point<T>() && (-exp + min_exp) > -min_exp)
+                exp += -min_exp;
+                if (is_floating_point<T>() && exp < min_exp)
+                     return false;
+ 
+-                n /= pow10<T>(-exp + min_exp);
+                n /= pow10<T>(-exp);
+             }
+             else
+             {
+-- 
+2.14.1
+