Add a patch to fix program aborting at launch

2023-05-02 14:32:30 +02:00
3 changed files with 104 additions and 7 deletions
--- a/0000-fix-buffer-overflow-abort-on-launch.patch
+++ b/0000-fix-buffer-overflow-abort-on-launch.patch
@ -0,0 +1,28 @@
 From c29a9f5e314ddb987b75cb05793ae1bf2bb9ae0c Mon Sep 17 00:00:00 2001
 From: Tasos Sahanidis <tasos@tasossah.com>
 Date: Sat, 18 Mar 2023 16:13:51 +0200
 Subject: [PATCH] Fix buffer overflow detected with _FORTIFY_SOURCE
 Technically there's no buffer overflow taking place, but the size
 argument passed to snprintf was incorrect.
 Closes #940
 ---
 src/daemon/device_bragi.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/src/daemon/device_bragi.c b/src/daemon/device_bragi.c
 index e0690d32..8de99570 100644
 --- a/src/daemon/device_bragi.c
 +++ b/src/daemon/device_bragi.c
@@ -178,8 +178,8 @@ static int start_bragi_common(usbdevice* kb){
     }
     char str[PAIR_ID_SIZE*3+1] = {0};
 -    for(uint32_t i = 0; i < PAIR_ID_SIZE; i++)
 -        snprintf(str + i * 3, sizeof(str), "%02hhx ", kb->wl_pairing_id[i]);
 +    for(int i = 0; i < PAIR_ID_SIZE; i++)
 +        snprintf(str + i * 3, sizeof(str) - i * 3, "%02hhx ", kb->wl_pairing_id[i]);
     ckb_info("ckb%d: Pairing id: %s", INDEX_OF(kb, keyboard), str);
--- a/0001-unbundle-kissfft.patch
+++ b/0001-unbundle-kissfft.patch
@ -0,0 +1,51 @@
 diff -r -U4 ckb-next-0.5.0--orig/src/animations/mviz/CMakeLists.txt ckb-next-0.5.0--patched/src/animations/mviz/CMakeLists.txt
 --- ckb-next-0.5.0--orig/src/animations/mviz/CMakeLists.txt	2022-05-27 12:30:46.000000000 +0200
 +++ ckb-next-0.5.0--patched/src/animations/mviz/CMakeLists.txt	2023-05-02 13:32:28.810939157 +0200
@@ -65,14 +65,18 @@
     set(AUDIO_LIBRARIES "${PULSEAUDIOSIMPLE_LIBRARIES}")
 endif ()
 +add_library(kissfft STATIC IMPORTED)
 +set_target_properties(kissfft PROPERTIES IMPORTED_LOCATION "${LIB_INSTALL_DIR}/libkiss_fft_float.a")
 +add_library(kissfftr STATIC IMPORTED)
 +set_target_properties(kissfftr PROPERTIES IMPORTED_LOCATION "${LIB_INSTALL_DIR}/libkiss_fftr_float.a")
 +
 if (MACOS)
     target_link_libraries(
         mviz
             PRIVATE
               m
 -              KissFFT::KissFFT
               ${CMAKE_PROJECT_NAME}::Animation
               ${CORESERVICES_LIBRARY}
               ${COREFOUNDATION_LIBRARY}
               ${AUDIOUNIT_LIBRARY}
@@ -83,9 +87,10 @@
         target_link_libraries(
         mviz
             PRIVATE
               m
 -              KissFFT::KissFFT
 +              kissfft
 +              kissfftr
               ${CMAKE_PROJECT_NAME}::Animation
               "${AUDIO_LIBRARIES}")
 else()
     message(WARNING "PortAudio link library has not been specified for this OS.")
 diff -r -U4 ckb-next-0.5.0--orig/src/libs/CMakeLists.txt ckb-next-0.5.0--patched/src/libs/CMakeLists.txt
 --- ckb-next-0.5.0--orig/src/libs/CMakeLists.txt	2022-05-27 12:30:46.000000000 +0200
 +++ ckb-next-0.5.0--patched/src/libs/CMakeLists.txt	2023-05-02 13:02:24.305285201 +0200
@@ -24,12 +24,8 @@
 #   CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 #   ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 #   POSSIBILITY OF SUCH DAMAGE.
 -if (WITH_MVIZ) # otherwise doesn't make sense to include
 -    add_subdirectory(kissfft)
 -endif ()
 -
 if (WITH_GUI)
     find_package(QuaZip)
     if(NOT QuaZip_FOUND)
         set(WITH_SHIPPED_QUAZIP ON)
--- a/ckb-next.spec
+++ b/ckb-next.spec
@ -1,10 +1,13 @@
 Name:           ckb-next
 Version:        0.5.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 Summary:        Unofficial driver for Corsair RGB keyboards
-# ckb-next is GPLv2
+# ckb-next is GPLv2.
-# The kissfft library (src/libs/kissfft) is BSD
+#
 # The kissfft library (src/libs/kissfft) is BSD.
 # This library is un-bundled by Patch1, but since it's statically linked,
 # its license is still included here.
 License:        GPLv2 and BSD
 URL:            https://github.com/ckb-next/ckb-next
@ -15,6 +18,17 @@ Source1:        ckb-next.appdata.xml
 Source2:        ckb-next.1
 Source3:        99-ckb-next.preset
 # Fix the program aborting at launch because of a detected buffer overflow.
 # Backport of upstream commit:
 #   https://github.com/ckb-next/ckb-next/commit/c29a9f5e314ddb987b75cb05793ae1bf2bb9ae0c
 # See bug reports at:
 #   - https://bugzilla.redhat.com/show_bug.cgi?id=2192159
 #   - https://github.com/ckb-next/ckb-next/issues/940
 Patch0: 0000-fix-buffer-overflow-abort-on-launch.patch
 # CMakeLists need to be adjusted to compile properly with un-bundled kissfft
 Patch1: 0001-unbundle-kissfft.patch
 BuildRequires:  cmake
 BuildRequires:  desktop-file-utils
 BuildRequires:  gcc-c++
@ -23,6 +37,7 @@ BuildRequires:  libappstream-glib
 BuildRequires:  qt5-linguist
 BuildRequires:  dbusmenu-qt5-devel
 BuildRequires:  kiss-fft-devel
 BuildRequires:  libappindicator-devel
 BuildRequires:  libgudev-devel
 BuildRequires:  libxcb-devel
@ -40,8 +55,6 @@ BuildRequires:  systemd-devel
 Requires:       qt5-qtbase >= 5.2.0
 Requires:       qt5ct
 Provides:       bundled(kissfft)
 # ckb-next, as the name suggests, is a re-activation and continuation of "ckb".
 # The last released version of the original "ckb" was 0.2.7.
 Obsoletes:      ckb < 0.2.8-0
@ -55,9 +68,10 @@ supports much of the same functionality, including full RGB animations.
 %prep
-%setup -q
+%autosetup -p1
-# Remove the bundled quazip library
+# Remove the bundled libraries
 rm -rf src/libs/kissfft
 rm -rf src/libs/quazip
 # Fedora uses /usr/libexec for daemons
@ -135,6 +149,10 @@ udevadm control --reload-rules 2>&1 > /dev/null || :
 %changelog
 * Tue May 02 2023 Artur Frenszek-Iwicki <fedora@svgames.pl> - 0.5.0-2
 - Add a patch to fix program aborting on launch
 - Un-bundle kissfft
 * Fri May 27 2022 Artur Frenszek-Iwicki <fedora@svgames.pl> - 0.5.0-1
 - Update to v0.5.0
 - Remove the Qt QPA fix from desktop file