From: Stuart Henderson Subject: Re: minidlna: add pledge and unveil To: Klemens Nanni , ports Date: Sat, 26 Apr 2025 10:40:36 +0100 argh, not github patches as distfiles again... can you just use your fork directly for the source distribution instead? -- Sent from a phone, apologies for poor formatting. On 25 April 2025 23:12:33 Klemens Nanni wrote: > First I removed the gross system(3) call to rm(1) -rf with unsanitised input, > then I added safety belts, now it is working great for me without fallout. > > The two patches are on https://github.com/klemensn/minidlna for convenience. > When time allows, I want to push some more fixes there. > > FreeBSD's port already fetches from the maintainer's fork (see SITES comment), > so that's what I did as well rather than upstream on Sourceforge, which seems > rather inactive. > > Tests? Feedback? OK? > > Index: Makefile > =================================================================== > RCS file: /cvs/ports/multimedia/minidlna/Makefile,v > diff -u -p -r1.44 Makefile > --- Makefile 14 Apr 2025 20:09:48 -0000 1.44 > +++ Makefile 25 Apr 2025 22:03:14 -0000 > @@ -1,7 +1,7 @@ > COMMENT= lightweight DLNA/UPnP-AV media server (aka ReadyMedia) > > DISTNAME= minidlna-1.3.3 > -REVISION= 0 > +REVISION= 1 > > CATEGORIES= multimedia > > @@ -10,12 +10,21 @@ HOMEPAGE= https://sourceforge.net/proje > # GPLv2 only > PERMIT_PACKAGE= Yes > > +# uses pledge() and unveil() > WANTLIB += FLAC avcodec avformat avutil c exif iconv id3tag intl jpeg > WANTLIB += ogg pthread sqlite3 vorbis z > > # sometimes https://github.com/glebius/minidlna has useful things > SITES= ${SITE_SOURCEFORGE:=minidlna/} > > +# kn@ patches considered ready for upstream > +SITES.fix= https://github.com/klemensn/minidlna/commit/ > +# 'Rewrite dangerous system(3) "rm -rf ..." in standard library code' > +PATCHFILES.fix= 9365218e5e0c7bff013be9c298f99297d1386ca0.patch > +# 'OpenBSD: use pledge(2) and unveil(2)' > +PATCHFILES.fix+= edebefe5725138402e43412c7bb10c3eb54a1b25.patch > +PATCH_DIST_STRIP= -p1 > + > BUILD_DEPENDS= devel/gettext,-tools > > LIB_DEPENDS= audio/flac \ > Index: distinfo > =================================================================== > RCS file: /cvs/ports/multimedia/minidlna/distinfo,v > diff -u -p -r1.14 distinfo > --- distinfo 3 Sep 2023 09:33:29 -0000 1.14 > +++ distinfo 25 Apr 2025 22:03:17 -0000 > @@ -1,2 +1,6 @@ > +SHA256 (9365218e5e0c7bff013be9c298f99297d1386ca0.patch) = > hKsaIS9pk3QJ6kYMdjf9qoH138pn1cw4Ot11Q1bb1BI= > +SHA256 (edebefe5725138402e43412c7bb10c3eb54a1b25.patch) = > Pvkj6elEqLa3ZDod+zEzetD4obT8dqPzrrgzDF6OWco= > SHA256 (minidlna-1.3.3.tar.gz) = OQJsbUoTm5GAGS0cNyJaozdv308adNfeu9u2k9mWr6Q= > +SIZE (9365218e5e0c7bff013be9c298f99297d1386ca0.patch) = 3380 > +SIZE (edebefe5725138402e43412c7bb10c3eb54a1b25.patch) = 1657 > SIZE (minidlna-1.3.3.tar.gz) = 824527 > Index: patches/patch-minidlna_c > =================================================================== > RCS file: /cvs/ports/multimedia/minidlna/patches/patch-minidlna_c,v > diff -u -p -r1.14 patch-minidlna_c > --- patches/patch-minidlna_c 3 Mar 2023 07:54:45 -0000 1.14 > +++ patches/patch-minidlna_c 20 Apr 2025 14:50:29 -0000 > @@ -4,7 +4,7 @@ https://sourceforge.net/p/minidlna/bugs/ > Index: minidlna.c > --- minidlna.c.orig > +++ minidlna.c > -@@ -1150,7 +1150,7 @@ main(int argc, char **argv) > +@@ -1231,7 +1231,7 @@ main(int argc, char **argv) > lastdbtime = _get_dbtime(); > > #ifdef HAVE_WATCH