diff --git a/.gitignore b/.gitignore index 331f8e0..44110b9 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,3 @@ /ckb-next-0.4.3.tar.gz /ckb-next-0.4.4.tar.gz /ckb-next-0.5.0.tar.gz -/ckb-next-0.6.0.tar.gz -/ckb-next-0.6.1.tar.gz -/ckb-next-0.6.2.tar.gz diff --git a/0000-fix-buffer-overflow-abort-on-launch.patch b/0000-fix-buffer-overflow-abort-on-launch.patch new file mode 100644 index 0000000..0808ce5 --- /dev/null +++ b/0000-fix-buffer-overflow-abort-on-launch.patch @@ -0,0 +1,28 @@ +From c29a9f5e314ddb987b75cb05793ae1bf2bb9ae0c Mon Sep 17 00:00:00 2001 +From: Tasos Sahanidis +Date: Sat, 18 Mar 2023 16:13:51 +0200 +Subject: [PATCH] Fix buffer overflow detected with _FORTIFY_SOURCE + +Technically there's no buffer overflow taking place, but the size +argument passed to snprintf was incorrect. + +Closes #940 +--- + src/daemon/device_bragi.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/daemon/device_bragi.c b/src/daemon/device_bragi.c +index e0690d32..8de99570 100644 +--- a/src/daemon/device_bragi.c ++++ b/src/daemon/device_bragi.c +@@ -178,8 +178,8 @@ static int start_bragi_common(usbdevice* kb){ + } + + char str[PAIR_ID_SIZE*3+1] = {0}; +- for(uint32_t i = 0; i < PAIR_ID_SIZE; i++) +- snprintf(str + i * 3, sizeof(str), "%02hhx ", kb->wl_pairing_id[i]); ++ for(int i = 0; i < PAIR_ID_SIZE; i++) ++ snprintf(str + i * 3, sizeof(str) - i * 3, "%02hhx ", kb->wl_pairing_id[i]); + + ckb_info("ckb%d: Pairing id: %s", INDEX_OF(kb, keyboard), str); + diff --git a/0001-unbundle-kissfft.patch b/0001-unbundle-kissfft.patch index 9026743..436ed6b 100644 --- a/0001-unbundle-kissfft.patch +++ b/0001-unbundle-kissfft.patch @@ -1,12 +1,15 @@ -diff -r -U4 ckb-next-0.6.0--orig/src/animations/mviz/CMakeLists.txt ckb-next-0.6.0--patched/src/animations/mviz/CMakeLists.txt ---- ckb-next-0.6.0--orig/src/animations/mviz/CMakeLists.txt 2023-06-22 23:07:29.000000000 +0200 -+++ ckb-next-0.6.0--patched/src/animations/mviz/CMakeLists.txt 2024-01-23 13:15:01.273772139 +0100 -@@ -65,14 +65,16 @@ +diff -r -U4 ckb-next-0.5.0--orig/src/animations/mviz/CMakeLists.txt ckb-next-0.5.0--patched/src/animations/mviz/CMakeLists.txt +--- ckb-next-0.5.0--orig/src/animations/mviz/CMakeLists.txt 2022-05-27 12:30:46.000000000 +0200 ++++ ckb-next-0.5.0--patched/src/animations/mviz/CMakeLists.txt 2023-05-02 13:32:28.810939157 +0200 +@@ -65,14 +65,18 @@ - set(AUDIO_LIBRARIES "${PULSEAUDIO_LIBRARIES}") + set(AUDIO_LIBRARIES "${PULSEAUDIOSIMPLE_LIBRARIES}") endif () -+find_package(kissfft REQUIRED) ++add_library(kissfft STATIC IMPORTED) ++set_target_properties(kissfft PROPERTIES IMPORTED_LOCATION "${LIB_INSTALL_DIR}/libkiss_fft_float.a") ++add_library(kissfftr STATIC IMPORTED) ++set_target_properties(kissfftr PROPERTIES IMPORTED_LOCATION "${LIB_INSTALL_DIR}/libkiss_fftr_float.a") + if (MACOS) target_link_libraries( @@ -14,26 +17,26 @@ diff -r -U4 ckb-next-0.6.0--orig/src/animations/mviz/CMakeLists.txt ckb-next-0.6 PRIVATE m - KissFFT::KissFFT -+ kissfft::kissfft-float ${CMAKE_PROJECT_NAME}::Animation ${CORESERVICES_LIBRARY} ${COREFOUNDATION_LIBRARY} ${AUDIOUNIT_LIBRARY} -@@ -83,9 +85,9 @@ +@@ -83,9 +87,10 @@ target_link_libraries( mviz PRIVATE m - KissFFT::KissFFT -+ kissfft::kissfft-float ++ kissfft ++ kissfftr ${CMAKE_PROJECT_NAME}::Animation "${AUDIO_LIBRARIES}") else() message(WARNING "PortAudio link library has not been specified for this OS.") -diff -r -U4 ckb-next-0.6.0--orig/src/libs/CMakeLists.txt ckb-next-0.6.0--patched/src/libs/CMakeLists.txt ---- ckb-next-0.6.0--orig/src/libs/CMakeLists.txt 2023-06-22 23:07:29.000000000 +0200 -+++ ckb-next-0.6.0--patched/src/libs/CMakeLists.txt 2023-06-25 22:59:56.191319405 +0200 -@@ -24,10 +24,6 @@ +diff -r -U4 ckb-next-0.5.0--orig/src/libs/CMakeLists.txt ckb-next-0.5.0--patched/src/libs/CMakeLists.txt +--- ckb-next-0.5.0--orig/src/libs/CMakeLists.txt 2022-05-27 12:30:46.000000000 +0200 ++++ ckb-next-0.5.0--patched/src/libs/CMakeLists.txt 2023-05-02 13:02:24.305285201 +0200 +@@ -24,12 +24,8 @@ # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # POSSIBILITY OF SUCH DAMAGE. @@ -42,5 +45,7 @@ diff -r -U4 ckb-next-0.6.0--orig/src/libs/CMakeLists.txt ckb-next-0.6.0--patched - add_subdirectory(kissfft) -endif () - - # ckb-next libraries - add_subdirectory(ckb-next) + if (WITH_GUI) + find_package(QuaZip) + if(NOT QuaZip_FOUND) + set(WITH_SHIPPED_QUAZIP ON) diff --git a/ckb-next.spec b/ckb-next.spec index aa18c5d..bce4df7 100644 --- a/ckb-next.spec +++ b/ckb-next.spec @@ -1,9 +1,14 @@ Name: ckb-next -Version: 0.6.2 -Release: 3%{?dist} +Version: 0.5.0 +Release: 2%{?dist} Summary: Unofficial driver for Corsair RGB keyboards -License: GPL-2.0-only +# ckb-next is GPLv2. +# +# The kissfft library (src/libs/kissfft) is BSD. +# This library is un-bundled by Patch1, but since it's statically linked, +# its license is still included here. +License: GPLv2 and BSD URL: https://github.com/ckb-next/ckb-next Source0: %{URL}/archive/v%{version}/%{name}-%{version}.tar.gz @@ -13,6 +18,14 @@ Source1: ckb-next.appdata.xml Source2: ckb-next.1 Source3: 99-ckb-next.preset +# Fix the program aborting at launch because of a detected buffer overflow. +# Backport of upstream commit: +# https://github.com/ckb-next/ckb-next/commit/c29a9f5e314ddb987b75cb05793ae1bf2bb9ae0c +# See bug reports at: +# - https://bugzilla.redhat.com/show_bug.cgi?id=2192159 +# - https://github.com/ckb-next/ckb-next/issues/940 +Patch0: 0000-fix-buffer-overflow-abort-on-launch.patch + # CMakeLists need to be adjusted to compile properly with un-bundled kissfft Patch1: 0001-unbundle-kissfft.patch @@ -21,24 +34,26 @@ BuildRequires: desktop-file-utils BuildRequires: gcc-c++ BuildRequires: make BuildRequires: libappstream-glib +BuildRequires: qt5-linguist -BuildRequires: cmake(kissfft) -BuildRequires: cmake(Qt6) -BuildRequires: cmake(Qt6LinguistTools) -BuildRequires: cmake(QuaZip-Qt6) -BuildRequires: cmake(zlib) - +BuildRequires: dbusmenu-qt5-devel +BuildRequires: kiss-fft-devel BuildRequires: libappindicator-devel BuildRequires: libgudev-devel BuildRequires: libxcb-devel BuildRequires: pulseaudio-libs-devel +BuildRequires: qt5-qtbase-devel >= 5.2.0 +BuildRequires: qt5-qtx11extras-devel +BuildRequires: quazip-qt5-devel >= 0.7.3 BuildRequires: xcb-util-devel BuildRequires: xcb-util-wm-devel +BuildRequires: zlib-devel BuildRequires: systemd-devel %{?systemd_requires} -Requires: qt6-qtbase +Requires: qt5-qtbase >= 5.2.0 +Requires: qt5ct # ckb-next, as the name suggests, is a re-activation and continuation of "ckb". # The last released version of the original "ckb" was 0.2.7. @@ -57,6 +72,7 @@ supports much of the same functionality, including full RGB animations. # Remove the bundled libraries rm -rf src/libs/kissfft +rm -rf src/libs/quazip # Fedora uses /usr/libexec for daemons sed -e '/^ExecStart/cExecStart=%{_libexecdir}/ckb-next-daemon' -i linux/systemd/ckb-next-daemon.service.in @@ -66,8 +82,6 @@ sed -e 's|"/lib/udev/rules.d"|"%{_udevrulesdir}"|g' -i CMakeLists.txt %build -# TODO: Please submit an issue to upstream (rhbz#2380492) -export CMAKE_POLICY_VERSION_MINIMUM=3.5 %cmake \ -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_INSTALL_PREFIX=%{_prefix} \ @@ -76,7 +90,7 @@ export CMAKE_POLICY_VERSION_MINIMUM=3.5 -DFORCE_INIT_SYSTEM=systemd \ -DSAFE_INSTALL=OFF \ -DSAFE_UNINSTALL=OFF \ - -DPREFER_QT6=ON \ + -DWITH_SHIPPED_QUAZIP=OFF \ %cmake_build @@ -121,7 +135,6 @@ udevadm control --reload-rules 2>&1 > /dev/null || : %{_bindir}/ckb-next %{_bindir}/ckb-next-dev-detect %{_libexecdir}/ckb-next-daemon -%{_libexecdir}/ckb-next-sinfo %{_libexecdir}/ckb-next-animations/ %{_libdir}/cmake/ckb-next/ %{_datadir}/applications/ckb-next.desktop @@ -136,55 +149,9 @@ udevadm control --reload-rules 2>&1 > /dev/null || : %changelog -* Mon Nov 10 2025 Cristian Le - 0.6.2-3 -- Allow to build with CMake 4.0 (rhbz#2380492) - -* Wed Jul 23 2025 Fedora Release Engineering - 0.6.2-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild - -* Mon Mar 17 2025 Artur Frenszek-Iwicki - 0.6.2-1 -- Update to v0.6.2 - -* Sun Mar 09 2025 Artur Frenszek-Iwicki - 0.6.1-1 -- Update to v0.6.1 -- Switch to Qt6 - -* Thu Jan 16 2025 Fedora Release Engineering - 0.6.0-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild - -* Wed Jul 17 2024 Fedora Release Engineering - 0.6.0-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild - -* Tue Jan 23 2024 Artur Frenszek-Iwicki - 0.6.0-5 -- Fix FTBFS -- Replace kissfft static linking with dynamic linking - -* Tue Jan 23 2024 Fedora Release Engineering - 0.6.0-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Fri Jan 19 2024 Fedora Release Engineering - 0.6.0-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Wed Jul 19 2023 Fedora Release Engineering - 0.6.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Sun Jun 25 2023 Artur Frenszek-Iwicki - 0.6.0-1 -- Update to v0.6.0 -- Drop Patch0 (buffer overflow fix - backported from this release) - -* Fri May 05 2023 Nicolas Chauvet - 0.5.0-5 -- Rebuilt for quazip 1.4 - -* Tue May 02 2023 Artur Frenszek-Iwicki - 0.5.0-4 +* Tue May 02 2023 Artur Frenszek-Iwicki - 0.5.0-2 - Add a patch to fix program aborting on launch - Un-bundle kissfft -- Convert License tag to SPDX - -* Wed Jan 18 2023 Fedora Release Engineering - 0.5.0-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Wed Jul 20 2022 Fedora Release Engineering - 0.5.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Fri May 27 2022 Artur Frenszek-Iwicki - 0.5.0-1 - Update to v0.5.0 diff --git a/sources b/sources index fbcb2dc..1798b34 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (ckb-next-0.6.2.tar.gz) = 21eb6fbb295501e1f30ea34e1361b595161db4c498afcc81efaa6ea7593ef4b04d9fb2966913af526e8151173c47b04b4bf199d7a901dcdc17ed6cd2262c5a20 +SHA512 (ckb-next-0.5.0.tar.gz) = d4e46466df4cdac7f4d4be05072592101780c94af261ec1b0bf6ec8bb1f97f892fb5da17dd91cf5f9b45fe128547cc7393c13e29843d6a7ae0de7a4688a5cdb1