From 6b4384db96263e73c89fc31c02fffa90edca03d6 Mon Sep 17 00:00:00 2001 From: Jim Garlick Date: Wed, 1 Jan 2025 10:34:19 -0800 Subject: [PATCH 1/2] build: add make deb target for debian package Problem: the lack of packaging makes testing the installed diod messy on the test system. Add a 'make deb' target to build snapshot packages in debbuild, borrowing heavily from Mark Grondona's work in flux-framework. --- Makefile.am | 4 ++++ debian/README.Debian | 0 debian/README.source | 0 debian/compat | 1 + debian/control | 17 +++++++++++++++ debian/copyright | 27 ++++++++++++++++++++++++ debian/diod-docs.docs | 1 + debian/rules | 28 +++++++++++++++++++++++++ debian/source/format | 1 + scripts/debbuild.sh | 41 +++++++++++++++++++++++++++++++++++++ scripts/install-deps-deb.sh | 15 ++++++++++++++ 11 files changed, 135 insertions(+) create mode 100644 debian/README.Debian create mode 100644 debian/README.source create mode 100644 debian/compat create mode 100644 debian/control create mode 100644 debian/copyright create mode 100644 debian/diod-docs.docs create mode 100755 debian/rules create mode 100644 debian/source/format create mode 100755 scripts/debbuild.sh create mode 100755 scripts/install-deps-deb.sh diff --git a/Makefile.am b/Makefile.am index 01c938b7..36412dfd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -8,3 +8,7 @@ if ENABLE_TESTS endif EXTRA_DIST = diod.spec + +export DEB_BUILD_OPTIONS ?= nocheck terse +deb: debian scripts/debbuild.sh + +@$(top_srcdir)/scripts/debbuild.sh $(abs_top_srcdir) diff --git a/debian/README.Debian b/debian/README.Debian new file mode 100644 index 00000000..e69de29b diff --git a/debian/README.source b/debian/README.source new file mode 100644 index 00000000..e69de29b diff --git a/debian/compat b/debian/compat new file mode 100644 index 00000000..f599e28b --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +10 diff --git a/debian/control b/debian/control new file mode 100644 index 00000000..297fce29 --- /dev/null +++ b/debian/control @@ -0,0 +1,17 @@ +Source: diod +Section: devel +Priority: optional +Maintainer: Jim Garlick +Standards-Version: 4.1.2 +Build-Depends: + debhelper (>= 10), + libncurses-dev, + libpopt-dev, + lua5.1, + liblua5.1-dev + +Homepage: https://github.com/chaos/diod +Package: diod +Architecture: any +Depends: ${shlibs:Depends}, ${misc:Depends} +Description: 9P server diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 00000000..a497fb41 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,27 @@ +Files: * +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Upstream-Name: diod +Source: + +Files: * +Copyright: 2010 Lawrence Livermore National Security, LLC +License: GPL-2+ + +Files: debian/* +Copyright: 2024 Jim Garlick +License: GPL-3+ + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + . + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + . + You should have received a copy of the GNU General Public License + along with this program. If not, see + . + On Debian systems, the complete text of the GNU General + Public License version 3 can be found in "/usr/share/common-licenses/GPL-3". diff --git a/debian/diod-docs.docs b/debian/diod-docs.docs new file mode 100644 index 00000000..86ca00fc --- /dev/null +++ b/debian/diod-docs.docs @@ -0,0 +1 @@ +README.Debian diff --git a/debian/rules b/debian/rules new file mode 100755 index 00000000..8b2c3dfa --- /dev/null +++ b/debian/rules @@ -0,0 +1,28 @@ +#!/usr/bin/make -f +# See debhelper(7) (uncomment to enable) +# output every command that modifies files on the build system. +#export DH_VERBOSE = 1 + +# see FEATURE AREAS in dpkg-buildflags(1) +#export DEB_BUILD_MAINT_OPTIONS = hardening=+all + +# see ENVIRONMENT in dpkg-buildflags(1) +# package maintainers to append CFLAGS +#export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic +# package maintainers to append LDFLAGS +#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed + +%: + dh $@ + +override_dh_auto_configure: + dh_auto_configure -- --with-systemdsystemunitdir=/lib/systemd/system + +override_dh_autoreconf: + @echo not running autogen.sh on dist product + +override_dh_auto_install: + dh_auto_install + mkdir -p debian/diod/sbin + ln -s /usr/sbin/diodmount debian/diod/sbin/mount.diod + ln -s diodmount.8.gz debian/diod/usr/share/man/man8/mount.diod.8.gz diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 00000000..163aaf8d --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/scripts/debbuild.sh b/scripts/debbuild.sh new file mode 100755 index 00000000..c1859505 --- /dev/null +++ b/scripts/debbuild.sh @@ -0,0 +1,41 @@ +#!/bin/sh +PACKAGE=diod +USER=$(git config --get user.name) +DEBFULLNAME=$USER +EMAIL=$(git config --get user.email) +DEBEMAIL=$EMAIL + +SRCDIR=${1:-$(pwd)} + +die() { echo "debbuild: $@" >&2; exit 1; } +log() { echo "debbuild: $@"; } + +test -z "$USER" && die "User name not set in git-config" +test -z "$EMAIL" && die "User email not set in git-config" + +log "Running make dist" +make dist >/dev/null || exit 1 + +log "Building package from latest dist tarball" +tarball=$(ls -tr *.tar.gz | tail -1) +version=$(echo $tarball | sed "s/${PACKAGE}-\(.*\)\.tar\.gz/\1/") + +rm -rf debbuild +mkdir -p debbuild && cd debbuild + +mv ../$tarball . + +log "Unpacking $tarball" +tar xvfz $tarball >/dev/null + +log "Creating debian directory and files" +cd ${PACKAGE}-${version} +cp -a ${SRCDIR}/debian . || die "failed to copy debian dir" + +export DEBEMAIL DEBFULLNAME +log "Creating debian/changelog" +dch --create --package=$PACKAGE --newversion $version build tree release + +log "Running debian-buildpackage -b" +dpkg-buildpackage -b +log "Check debbuild directory for results" diff --git a/scripts/install-deps-deb.sh b/scripts/install-deps-deb.sh new file mode 100755 index 00000000..990748da --- /dev/null +++ b/scripts/install-deps-deb.sh @@ -0,0 +1,15 @@ +#!/bin/sh + +apt install \ + autoconf \ + automake \ + make \ + pkg-config \ + libc6-dev \ + libpopt-dev \ + libncurses-dev \ + lua5.1 \ + liblua5.1-dev \ + valgrind + +# to build test DEBs you need devscripts and debhelper too From 2265d6b5845508519a63b8ec3d414af6263c3990 Mon Sep 17 00:00:00 2001 From: Jim Garlick Date: Wed, 1 Jan 2025 11:25:16 -0800 Subject: [PATCH 2/2] libnpfs: catch overflow in np_deserialize_p9dirent MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Problem: compilation of diodls.c fails due to a potential string overflow when building a test deb. In function ‘snprintf’, inlined from ‘np_deserialize_p9dirent’ at ../libnpfs/np.c:1712:3, inlined from ‘npc_readdir_r’ at ../libnpclient/readdir.c:115:8, inlined from ‘lsdir’ at diodls.c:240:14: /usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: error: ‘__builtin___snprintf_chk’ specified bound 4097 exceeds destination size 256 [-Werror=stringop-overflow=] 71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, | ^ lto1: all warnings being treated as errors Add an explicit check for the overflow and use memcpy() instead of snprintf("%.*s") here. --- src/libnpfs/np.c | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/src/libnpfs/np.c b/src/libnpfs/np.c index 5ccd0af2..b1bf42d2 100644 --- a/src/libnpfs/np.c +++ b/src/libnpfs/np.c @@ -1704,14 +1704,11 @@ np_deserialize_p9dirent(Npqid *qid, u64 *offset, u8 *type, *type = buf_get_int8(bufp); buf_get_str(bufp, &s9); - if (s9.len > 0) - snprintf (name, namelen, "%.*s", s9.len, s9.str); - else - name[0] = '\0'; - - - if (buf_check_overflow (bufp)) + if (buf_check_overflow (bufp) || s9.len >= namelen) return 0; + memcpy (name, s9.str, s9.len); + name[s9.len] = '\0'; + return bufp->p - bufp->sp; }