Index | Thread | Search

From:
Klemens Nanni <kn@openbsd.org>
Subject:
Re: minidlna: add pledge and unveil
To:
Stuart Henderson <stu@spacehopper.org>, ports <ports@openbsd.org>
Date:
Thu, 1 May 2025 23:41:13 +0000

Download raw body.

Thread 
26.04.2025 14:29, Klemens Nanni пишет:
> 26.04.2025 12:40, Stuart Henderson пишет:
>> argh, not github patches as distfiles again... can you just use your fork directly for the source distribution instead?
> Sure!

Any testers?


First I removed the gross system(3) call to rm(1) -rf with unsanitised input,
then I added safety belts, now it is working great for me without fallout.

The two patches are on https://github.com/klemensn/minidlna for convenience.
When time allows, I want to push some more fixes there.

FreeBSD's port already fetches from the maintainer's fork (see SITES comment),
so that's what I did as well rather than upstream on Sourceforge, which seems
rather inactive.

Feedback? OK?

Index: Makefile
===================================================================
RCS file: /cvs/ports/multimedia/minidlna/Makefile,v
diff -u -p -r1.44 Makefile
--- Makefile	14 Apr 2025 20:09:48 -0000	1.44
+++ Makefile	26 Apr 2025 11:26:09 -0000
@@ -1,7 +1,12 @@
 COMMENT=		lightweight DLNA/UPnP-AV media server (aka ReadyMedia)
 
+# two patches on top of latest upstreamr release:
+# 'Rewrite dangerous system(3) "rm -rf ..." in standard library code'
+# 'OpenBSD: use pledge(2) and unveil(2)'
+COMMIT=			edebefe5725138402e43412c7bb10c3eb54a1b25
+DIST_TUPLE=		github	klemensn	minidlna ${COMMIT}	.
 DISTNAME=		minidlna-1.3.3
-REVISION=		0
+REVISION=		1
 
 CATEGORIES=		multimedia
 
@@ -10,6 +15,7 @@ HOMEPAGE=		https://sourceforge.net/proje
 # GPLv2 only
 PERMIT_PACKAGE=	Yes
 
+# uses pledge() and unveil()
 WANTLIB += FLAC avcodec avformat avutil c exif iconv id3tag intl jpeg
 WANTLIB += ogg pthread sqlite3 vorbis z
 
@@ -25,7 +31,9 @@ LIB_DEPENDS=		audio/flac \
 			graphics/jpeg \
 			graphics/libexif
 
-CONFIGURE_STYLE=	gnu
+CONFIGURE_STYLE=	autoconf
+AUTOCONF_VERSION=	2.71
+AUTOMAKE_VERSION=	1.16
 
 CONFIGURE_ENV=		CPPFLAGS="-I${LOCALBASE}/include" \
 			LDFLAGS="-L${LOCALBASE}/lib -L${X11BASE}/lib"
Index: distinfo
===================================================================
RCS file: /cvs/ports/multimedia/minidlna/distinfo,v
diff -u -p -r1.14 distinfo
--- distinfo	3 Sep 2023 09:33:29 -0000	1.14
+++ distinfo	26 Apr 2025 11:22:36 -0000
@@ -1,2 +1,4 @@
+SHA256 (klemensn-minidlna-edebefe5725138402e43412c7bb10c3eb54a1b25.tar.gz) = PcP1AiaLyr2EFJsv3p4jWUaOR8YjXL/LD6wOOLDCBQg=
 SHA256 (minidlna-1.3.3.tar.gz) = OQJsbUoTm5GAGS0cNyJaozdv308adNfeu9u2k9mWr6Q=
+SIZE (klemensn-minidlna-edebefe5725138402e43412c7bb10c3eb54a1b25.tar.gz) = 300731
 SIZE (minidlna-1.3.3.tar.gz) = 824527