[sci-visualization/spyview] Fix buffer overflow that the FORTIFY warning found

(Portage version: 2.1.9.46/git/Linux x86_64, signed Manifest commit with key B6C5F7DE)

4 files changed, 107 insertions, 14 deletions

diff --git a/sci-visualization/spyview/ChangeLog b/sci-visualization/spyview/ChangeLog
index fbe0870..265355c 100644
--- a/sci-visualization/spyview/ChangeLog
+++ b/sci-visualization/spyview/ChangeLog
@@ -2,6 +2,12 @@
 # Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
 # $Header: $
 
+*spyview-20110329-r1 (24 Apr 2011)
+
+  24 Apr 2011; Andreas K. Huettel <dilfridge@gentoo.org>
+  +spyview-20110329-r1.ebuild, +files/spyview-20110329-xsection_fn.patch:
+  Fix buffer overflow that the FORTIFY warning found
+
 *spyview-20110329 (29 Mar 2011)
 
   29 Mar 2011; Andreas K. Huettel <dilfridge@gentoo.org>
diff --git a/sci-visualization/spyview/Manifest b/sci-visualization/spyview/Manifest
index 594b4d0..b0da031 100644
--- a/sci-visualization/spyview/Manifest
+++ b/sci-visualization/spyview/Manifest
@@ -1,28 +1,30 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA512
 
+AUX spyview-20110329-xsection_fn.patch 1339 RMD160 c10198df42cedd55c850d18501d77afc10330995 SHA1 1c3a3f20d121e4cea77511a1ad773392b25f66ca SHA256 dbd3acd54747cc62a7a7656a678e1cf32957f2063b06447c75230586b5997aa3
 DIST spyview-20100329.tar.gz 3496897 RMD160 547af6f7965d4664347ccbc865ca81e6a89cd525 SHA1 f8ec74c82b046f57304d29bc814905ba11238723 SHA256 168073cc80f47960f4b6bf593fa8ba26fb16c869913bc04395120255e7dddc24
 DIST spyview-20100810.tar.gz 3651109 RMD160 78c95ceb958d99d836dd563724f7978331d0b9a8 SHA1 09f57dbc8308b577e5bd7616462d4ce5a406fe7e SHA256 eafafb948d465bc11aede0fb4b5f8e6a9f8bb63ba514a677b31608b4ff8cda29
 DIST spyview-20110329.tar.gz 1900039 RMD160 1cf8ad167bcce0335001dd78d6431cb1aab74f43 SHA1 436f0452e47bf7efdaad61ee930ca857b6ebd457 SHA256 f425543882f4db19cc017f7f9a4442b9f2277a706ced3d4865b73d8661393c86
 EBUILD spyview-20100329-r1.ebuild 1109 RMD160 92602e4acb446671aebeff3bf8b531048a477639 SHA1 4d75fbf3522ca136ce686cd8a53bbdd9580a2f5a SHA256 252a720ac19daaccf916b313d129d9074ddf1c36ba6c0a8bca09c762c5f20d3b
 EBUILD spyview-20100810.ebuild 1106 RMD160 358c28298b5539cfff507f3da925646cc6a21b1f SHA1 57a16d2be11f87f3470f3dda924bcdc8bc7fbae4 SHA256 0af7d9b0827c01411d1c15faf56bbe411b9d617a173313f185b7d021c2b962f6
+EBUILD spyview-20110329-r1.ebuild 1177 RMD160 4c9fbd7edc8778208f296d9071e2d24f92c75168 SHA1 83dd9071f06c45e5f25bdc75de97589abc0bc87d SHA256 f2e5cd76ff6cb8279e222cffebe40547a2cb59052a890b4674e2d32b3b5e22f7
 EBUILD spyview-20110329.ebuild 1108 RMD160 ca110fd07cbafa0ed5fee09b682088deb307f6b0 SHA1 ea0c1cd1e92b3e925d8783bfbe6033d6946bae6f SHA256 2930cd5e715d34a264a385ff560c54c959ff3ae3443ccb2f49fbeb5e97739ffb
-MISC ChangeLog 692 RMD160 3405accc57e59d7e78ef3fe52e4f758a6f32c96c SHA1 596cbd418b22a28cc4a73873319743b8ea6af0e4 SHA256 85fc582770dbbeb1f673913a8ce7aee809ed34ab879226bd3265433a288a42ed
+MISC ChangeLog 913 RMD160 66a3fd50c9b64a71a0b463e242af909338145e87 SHA1 42ec90f59ad7fb1470c95da03cebfc32b44c3cdf SHA256 010cfaf06cdf6b90f57cbb569f410a2824cfee20676f24c14f6926696be9c295
 MISC metadata.xml 303 RMD160 50f0ff629a275f85dde3059e0cbc957cf8b6780c SHA1 3b5805bf0c6254f4c6ac7103a811d3fc6e05a60b SHA256 c55abad1ec0f88420e5714fe566059838cdb93e760106e15e3bfdaf4a1cd90a9
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.17 (GNU/Linux)
 
-iQIcBAEBCgAGBQJNkmOKAAoJENwGBM22xffeQjwP/ieCffXOaC0WHBGcZdNspcN7
-qaJWqnQ8ebJUKyvtg5iigU7xiTjc7+foZdenGYuQgcB3iL6bVB35NfI+MMkxcgEY
-y2dFVOGFWBlrLu4lv20Jf0jStlcfR316+D5EREgXThRDW7hJDusj98KKqpqi55nU
-rcSK3e4jOGFqGQAnWFIFRFB0rKAepaHNzIYGYDTooxSuYM9y6sXYWBQ80gahK/b/
-pmLIAD0zW0QSNOp2OzdPNlW3ezBRXsW2xcl7JKrcogSnHAC+vlrLt4LtxmDSULXG
-4xz5jqCOiDor6hsFTCh0b7ICVcgHjd1zPrCniTNiwsgIbg149E+eGS6pzU7sfuRI
-oFjCfvoNkbdLljGBCOGgv31y78kaSvtHXPvoKkM/nxl14p3+dCWIkjNS8Rm/08WJ
-5OKfDgQN2nGbIh4vO8OIcZisoR9jZTnau0z+urDNEi18kXQxMbulG7PH6gl8I9Ds
-WczlYObxsTtMlRHsMl+Z81o9GCgTGqaBrXZhmkNsQ/JF24lPFZHqbiswc8x/9aN6
-yHH7G2sIUN3fEh9rI6bDTYTV/kg7cCooqNzOj3WkaaqsASAHTx7q5+tQNDElrXK0
-buM/eOukICToES/0I9nriDXYNDzWyLnNs3LCi3Q7NtH/0QxzxwU04jtvDO14PAON
-L5uIwb7j2r5eiwmBWi16
-=PFbt
+iQIcBAEBCgAGBQJNtJrsAAoJENwGBM22xffePE0P/0tmkxHWBQwk0v9UlR2dWCZn
+WwYoOWbPsY6Nav+8cFsML58KTob1M2OdWcAM+SeCMBdfUFY8G6iYTKo3I0Igx12j
+NRGC9IkXUbby+cottawxIsroUXsTBL8mjOtsz4JGXTmoptwRUBxJs+a9F52BbKUu
+tb/kb+vAJSUlFX718us2WEj6J1bzB3M2yvV0/W7WbeHj9CoiBcH+0hbDKW/qz5Gn
+AgKToRcs4y5gtvPJow6AYODT2pTBD1aYymP2+Wvu/Sek3/XEXdziAMq4tVzhqF68
+yNNOgn2xddC8ScgnK1xh8ksh3rHy/65zjc/AId+EmeIaFyVtoGy7HdWTdJoEpXax
+Q/w630KvRYRNJ/1+SWwsCXEfK4SyqfqmCD4wOOtXWjwX/2F3XW/UbGaLAbUPx7Pc
+SIr1WJr/cweYRVZ5Lztk9DXv77tPlgboz4xgGtXwES6NhZl3uW0c5Y0wcAiQ9mgc
+MdYuKGEtlxS070yyZLWh6iJnInh59mw4twMdfKs4eCzxYFx9hxYVISGQKrWCXD9k
+vbBRkhOnCcMkZ/NtO8vcEbYYQ89Cg95b3eH4WMSd4957vw1ESYlbTZdJzhz0qnJB
+juiwonO7K+xCE2aL0TPtHvb5ADvzAgJU+RfW+7YqAjALQYo4yqDCA4cc3TIi7Q1m
+LQfNXJDSEUw9mOOPDVsm
+=s49B
 -----END PGP SIGNATURE-----
diff --git a/sci-visualization/spyview/files/spyview-20110329-xsection_fn.patch b/sci-visualization/spyview/files/spyview-20110329-xsection_fn.patch
new file mode 100644
index 0000000..47fe50c
--- /dev/null
+++ b/sci-visualization/spyview/files/spyview-20110329-xsection_fn.patch
@@ -0,0 +1,38 @@
+diff -ruN spyview-2011-03-29-10_59.orig/spyview/ImageWindow.C spyview-2011-03-29-10_59/spyview/ImageWindow.C
+--- spyview-2011-03-29-10_59.orig/spyview/ImageWindow.C	2010-08-10 22:12:05.000000000 +0200
++++ spyview-2011-03-29-10_59/spyview/ImageWindow.C	2011-04-24 23:43:55.000000000 +0200
+@@ -2034,25 +2034,25 @@
+ void ImageWindow::exportLinecut()
+ {
+   // Ok, this is a real hack, but it's easy...
+-  char tmp[1024];
+-  char label[1024];
+-  char fn[1024];
++  char tmp[256];
++  char label[256];
++  char fn[256];
+ 
+   //sprintf is just so damn more convenient than c++ strings
+   if (line_cut_type == HORZLINE) 
+-    snprintf(label, 1024, "l.%d", line_cut_yp);
++    snprintf(label, 256, "l.%d", line_cut_yp);
+   else if (line_cut_type == VERTLINE) 
+-    snprintf(label, 1024, "c.%d", line_cut_xp);
++    snprintf(label, 256, "c.%d", line_cut_xp);
+   else 
+     sprintf(label, "other");
+-  snprintf(fn, 1024, "%s.%s.linecut.dat", output_basename, label);
++  snprintf(fn, 256, "%s.%s.linecut.dat", output_basename, label);
+ 	
+   info("exporting linecut to file %s\n", fn);
+ 
+-  strncpy(tmp, xsection_fn, 1024);
+-  strncpy(xsection_fn, fn, 1024);
++  strncpy(tmp, xsection_fn, 256);
++  strncpy(xsection_fn, fn, 256);
+   plotLineCut();
+-  strncpy(xsection_fn, tmp, 1024);
++  strncpy(xsection_fn, tmp, 256);
+ }
+ 
+ void ImageWindow::exportGnuplot()
diff --git a/sci-visualization/spyview/spyview-20110329-r1.ebuild b/sci-visualization/spyview/spyview-20110329-r1.ebuild
new file mode 100644
index 0000000..b42a15c
--- /dev/null
+++ b/sci-visualization/spyview/spyview-20110329-r1.ebuild
@@ -0,0 +1,47 @@
+# Copyright 1999-2011 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sci-visualization/spyview/spyview-20100810.ebuild,v 1.5 2011/03/20 19:57:59 jlec Exp $
+
+EAPI=2
+
+inherit base flag-o-matic eutils multilib
+
+DESCRIPTION="Interactive plotting program"
+HOMEPAGE="http://kavli.nano.tudelft.nl/~gsteele/spyview/"
+SRC_URI="http://kavli.nano.tudelft.nl/~gsteele/${PN}/versions/${P}.tar.gz"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE=""
+
+COMMON_DEPEND=">=dev-libs/boost-1.40
+	media-libs/netpbm
+	x11-libs/fltk:1
+	app-text/ghostscript-gpl"
+
+DEPEND="${COMMON_DEPEND}
+	sys-apps/groff"
+
+RDEPEND="${COMMON_DEPEND}
+	sci-visualization/gnuplot"
+
+S=${WORKDIR}/spyview-2011-03-29-10_59
+
+PATCHES=( "${FILESDIR}/${P}-xsection_fn.patch" )
+
+src_prepare() {
+	append-cflags $(fltk-config --cflags)
+	append-cxxflags $(fltk-config --cxxflags) -I/usr/include/netpbm
+
+	# append-ldflags $(fltk-config --ldflags)
+	# this one leads to an insane amount of warnings
+
+	append-ldflags -L$(dirname $(fltk-config --libs))
+
+	base_src_prepare
+}
+
+src_configure() {
+	econf --datadir=/usr/share/spyview --docdir=/usr/share/doc/${PF}
+}