From 1f26a782599aa9a9cb52ab1e72c1171024e44279 Mon Sep 17 00:00:00 2001
From: Adolf Belka <adolf.belka@ipfire.org>
Date: Sat, 29 Jul 2023 18:16:17 +0200
Subject: [PATCH] mpfr: Update to version 4.2.0p12

- Update from version 4.2.0p9 to 4.2.0p12
- Update of rootfile not required
- Changelog - additional patches from 10 to 12 over previous update
    10 - GCC 12 emits a spurious "may be used uninitialized" warning on tests/tfpif.c
         with -O1, and GCC 13 has the same issue also with -O2 (GCC bug 106155). This can
         make some test scripts fail for the developers. The gcc-pr106155-workaround
         patch provides a workaround for this bug in GCC.
         Corresponding changeset in the 4.2 branch: c0031f1af.
    11 - The mpfr_inp_str function does not handle the '\0' character correctly when it
         is not a whitespace character (which is almost always the case in practice, or
         really always the case). For instance, if the word is the sequence
         { '1', '\0', '2' }, the string "1" is passed to mpfr_set_str because '\0' is
         regarded as a terminating null character, and one gets a valid number (1) while
         '\0' in a word is necessarily invalid. This is fixed by the inp_str-nullchar
         patch. The testcase in the repository cannot be provided in the patch because of
         the null character in one of the files.
         Corresponding changeset in the 4.2 branch: 6a68387b2.
    12 - When '\0' is a whitespace character, i.e. when isspace(0) is true in the current
         locale (as allowed by ISO C for non-"C" locales), the mpfr_strtofr function
         regards a '\0' in the leading whitespace sequence as a whitespace. This is
         incorrect, since from the definition of a string, the first '\0' is the
         terminating null character (before the notion of whitespace is involved). In
         such locales, this is a vulnerability, because characters after the terminating
         null character are read to determine the result; however, such locales are rare
         or nonexistent (Mutt's lib.h suggests that some systems have such locales, but
         this was in 1998). This is fixed by the strtofr-nullchar patch.
         Corresponding changeset in the 4.2 branch: 964fbaa31.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 lfs/mpfr                                      |   2 +-
 ...fr-4.2.0-cumulative-patches-1-to-12.patch} | 148 ++++++++++++++++++
 2 files changed, 149 insertions(+), 1 deletion(-)
 rename src/patches/{mpfr-4.2.0-cumulative-patches-1-to-9.patch => mpfr-4.2.0-cumulative-patches-1-to-12.patch} (92%)

diff --git a/lfs/mpfr b/lfs/mpfr
index e2a1062c1b..3536690b41 100644
--- a/lfs/mpfr
+++ b/lfs/mpfr
@@ -70,7 +70,7 @@ $(subst %,%_BLAKE2,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar axf $(DIR_DL)/$(DL_FILE)
-	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/mpfr-4.2.0-cumulative-patches-1-to-9.patch
+	cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/mpfr-4.2.0-cumulative-patches-1-to-12.patch
 	cd $(DIR_APP) && $(CONFIGURE_ARGS) ./configure \
 					--prefix=/usr \
 					--enable-thread-safe
diff --git a/src/patches/mpfr-4.2.0-cumulative-patches-1-to-9.patch b/src/patches/mpfr-4.2.0-cumulative-patches-1-to-12.patch
similarity index 92%
rename from src/patches/mpfr-4.2.0-cumulative-patches-1-to-9.patch
rename to src/patches/mpfr-4.2.0-cumulative-patches-1-to-12.patch
index 07fcf2592c..75304956be 100644
--- a/src/patches/mpfr-4.2.0-cumulative-patches-1-to-9.patch
+++ b/src/patches/mpfr-4.2.0-cumulative-patches-1-to-12.patch
@@ -2044,3 +2044,151 @@ diff -Naurd mpfr-4.2.0-a/tests/tsprintf.c mpfr-4.2.0-b/tests/tsprintf.c
    test_locale ();
  
    if (getenv ("MPFR_CHECK_LIBC_PRINTF"))
+diff -Naurd mpfr-4.2.0-a/PATCHES mpfr-4.2.0-b/PATCHES
+--- mpfr-4.2.0-a/PATCHES	2023-07-17 13:54:11.126789510 +0000
++++ mpfr-4.2.0-b/PATCHES	2023-07-17 13:54:11.170788387 +0000
+@@ -0,0 +1 @@
++gcc-pr106155-workaround
+diff -Naurd mpfr-4.2.0-a/VERSION mpfr-4.2.0-b/VERSION
+--- mpfr-4.2.0-a/VERSION	2023-05-17 17:19:35.596201603 +0000
++++ mpfr-4.2.0-b/VERSION	2023-07-17 13:54:11.170788387 +0000
+@@ -1 +1 @@
+-4.2.0-p9
++4.2.0-p10
+diff -Naurd mpfr-4.2.0-a/src/mpfr.h mpfr-4.2.0-b/src/mpfr.h
+--- mpfr-4.2.0-a/src/mpfr.h	2023-05-17 17:19:35.592201606 +0000
++++ mpfr-4.2.0-b/src/mpfr.h	2023-07-17 13:54:11.170788387 +0000
+@@ -27,7 +27,7 @@
+ #define MPFR_VERSION_MAJOR 4
+ #define MPFR_VERSION_MINOR 2
+ #define MPFR_VERSION_PATCHLEVEL 0
+-#define MPFR_VERSION_STRING "4.2.0-p9"
++#define MPFR_VERSION_STRING "4.2.0-p10"
+ 
+ /* User macros:
+    MPFR_USE_FILE:        Define it to make MPFR define functions dealing
+diff -Naurd mpfr-4.2.0-a/src/version.c mpfr-4.2.0-b/src/version.c
+--- mpfr-4.2.0-a/src/version.c	2023-05-17 17:19:35.592201606 +0000
++++ mpfr-4.2.0-b/src/version.c	2023-07-17 13:54:11.170788387 +0000
+@@ -25,5 +25,5 @@
+ const char *
+ mpfr_get_version (void)
+ {
+-  return "4.2.0-p9";
++  return "4.2.0-p10";
+ }
+diff -Naurd mpfr-4.2.0-a/tests/tfpif.c mpfr-4.2.0-b/tests/tfpif.c
+--- mpfr-4.2.0-a/tests/tfpif.c	2023-01-05 17:09:48.000000000 +0000
++++ mpfr-4.2.0-b/tests/tfpif.c	2023-07-17 13:54:11.162788591 +0000
+@@ -277,7 +277,10 @@
+ 
+   for (i = 0; i < BAD; i++)
+     {
+-      mpfr_exp_t emax;
++      mpfr_exp_t INITIALIZED(emax);
++      /* The INITIALIZED() is a workaround for GCC bug 106155:
++         https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106155 */
++
+       /* For i == 6, mpfr_prec_t needs at least a 65-bit precision
+          (64 value bits + 1 sign bit) to avoid a failure. */
+       if (i == 6 && MPFR_PREC_BITS > 64)
+diff -Naurd mpfr-4.2.0-a/PATCHES mpfr-4.2.0-b/PATCHES
+--- mpfr-4.2.0-a/PATCHES	2023-07-17 13:56:17.375566485 +0000
++++ mpfr-4.2.0-b/PATCHES	2023-07-17 13:56:17.415565464 +0000
+@@ -0,0 +1 @@
++inp_str-nullchar
+diff -Naurd mpfr-4.2.0-a/VERSION mpfr-4.2.0-b/VERSION
+--- mpfr-4.2.0-a/VERSION	2023-07-17 13:54:11.170788387 +0000
++++ mpfr-4.2.0-b/VERSION	2023-07-17 13:56:17.415565464 +0000
+@@ -1 +1 @@
+-4.2.0-p10
++4.2.0-p11
+diff -Naurd mpfr-4.2.0-a/src/inp_str.c mpfr-4.2.0-b/src/inp_str.c
+--- mpfr-4.2.0-a/src/inp_str.c	2023-01-05 17:09:48.000000000 +0000
++++ mpfr-4.2.0-b/src/inp_str.c	2023-07-17 13:56:17.407565669 +0000
+@@ -69,6 +69,15 @@
+       if (c == EOF || isspace (c))
+         break;
+       str[str_size++] = (unsigned char) c;
++      /* If c is '\0' (while not being a whitespace character), the word will
++         not have a valid format. But in the context of a string in memory,
++         '\0' is a terminating null character. So, to avoid ending with a
++         valid string format (like "1" with ignored characters after the
++         terminating null character), we need to make sure that the string
++         does not have a valid format; so let's start it with '*'. Note
++         that we should read the full word, so we cannot break. */
++      if (MPFR_UNLIKELY (c == '\0'))
++        str[0] = '*';
+       if (str_size == (size_t) -1)
+         break;
+       c = getc (stream);
+diff -Naurd mpfr-4.2.0-a/src/mpfr.h mpfr-4.2.0-b/src/mpfr.h
+--- mpfr-4.2.0-a/src/mpfr.h	2023-07-17 13:54:11.170788387 +0000
++++ mpfr-4.2.0-b/src/mpfr.h	2023-07-17 13:56:17.411565566 +0000
+@@ -27,7 +27,7 @@
+ #define MPFR_VERSION_MAJOR 4
+ #define MPFR_VERSION_MINOR 2
+ #define MPFR_VERSION_PATCHLEVEL 0
+-#define MPFR_VERSION_STRING "4.2.0-p10"
++#define MPFR_VERSION_STRING "4.2.0-p11"
+ 
+ /* User macros:
+    MPFR_USE_FILE:        Define it to make MPFR define functions dealing
+diff -Naurd mpfr-4.2.0-a/src/version.c mpfr-4.2.0-b/src/version.c
+--- mpfr-4.2.0-a/src/version.c	2023-07-17 13:54:11.170788387 +0000
++++ mpfr-4.2.0-b/src/version.c	2023-07-17 13:56:17.415565464 +0000
+@@ -25,5 +25,5 @@
+ const char *
+ mpfr_get_version (void)
+ {
+-  return "4.2.0-p10";
++  return "4.2.0-p11";
+ }
+diff -Naurd mpfr-4.2.0-a/PATCHES mpfr-4.2.0-b/PATCHES
+--- mpfr-4.2.0-a/PATCHES	2023-07-17 13:57:28.913739912 +0000
++++ mpfr-4.2.0-b/PATCHES	2023-07-17 13:57:28.961738687 +0000
+@@ -0,0 +1 @@
++strtofr-nullchar
+diff -Naurd mpfr-4.2.0-a/VERSION mpfr-4.2.0-b/VERSION
+--- mpfr-4.2.0-a/VERSION	2023-07-17 13:56:17.415565464 +0000
++++ mpfr-4.2.0-b/VERSION	2023-07-17 13:57:28.961738687 +0000
+@@ -1 +1 @@
+-4.2.0-p11
++4.2.0-p12
+diff -Naurd mpfr-4.2.0-a/src/mpfr.h mpfr-4.2.0-b/src/mpfr.h
+--- mpfr-4.2.0-a/src/mpfr.h	2023-07-17 13:56:17.411565566 +0000
++++ mpfr-4.2.0-b/src/mpfr.h	2023-07-17 13:57:28.957738789 +0000
+@@ -27,7 +27,7 @@
+ #define MPFR_VERSION_MAJOR 4
+ #define MPFR_VERSION_MINOR 2
+ #define MPFR_VERSION_PATCHLEVEL 0
+-#define MPFR_VERSION_STRING "4.2.0-p11"
++#define MPFR_VERSION_STRING "4.2.0-p12"
+ 
+ /* User macros:
+    MPFR_USE_FILE:        Define it to make MPFR define functions dealing
+diff -Naurd mpfr-4.2.0-a/src/strtofr.c mpfr-4.2.0-b/src/strtofr.c
+--- mpfr-4.2.0-a/src/strtofr.c	2023-01-05 17:09:48.000000000 +0000
++++ mpfr-4.2.0-b/src/strtofr.c	2023-07-17 13:57:28.949738993 +0000
+@@ -242,7 +242,10 @@
+   pstr->mantissa = NULL;
+ 
+   /* Optional leading whitespace */
+-  while (isspace((unsigned char) *str)) str++;
++  /* For non-"C" locales, the ISO C standard allows isspace(0) to
++     return true. So we need to stop explicitly on '\0'. */
++  while (*str != '\0' && isspace ((unsigned char) *str))
++    str++;
+ 
+   /* An optional sign `+' or `-' */
+   pstr->negative = (*str == '-');
+diff -Naurd mpfr-4.2.0-a/src/version.c mpfr-4.2.0-b/src/version.c
+--- mpfr-4.2.0-a/src/version.c	2023-07-17 13:56:17.415565464 +0000
++++ mpfr-4.2.0-b/src/version.c	2023-07-17 13:57:28.961738687 +0000
+@@ -25,5 +25,5 @@
+ const char *
+ mpfr_get_version (void)
+ {
+-  return "4.2.0-p11";
++  return "4.2.0-p12";
+ }
-- 
2.39.2