6 files changed, 261 insertions, 0 deletions
diff --git a/source/l/glib2/doinst.sh b/source/l/glib2/doinst.sh
new file mode 100644
index 00000000..60a19898
--- /dev/null
+++ b/source/l/glib2/doinst.sh
@@ -0,0 +1,27 @@
+# Handle the incoming configuration files:
+config() {
+  for infile in $1; do
+    NEW="$infile"
+    OLD="`dirname $NEW`/`basename $NEW .new`"
+    # If there's no config file by that name, mv it over:
+    if [ ! -r $OLD ]; then
+      mv $NEW $OLD
+    elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then
+      # toss the redundant copy
+      rm $NEW
+    fi
+    # Otherwise, we leave the .new copy for the admin to consider...
+  done
+}
+
+# Prepare the new configuration files
+for file in etc/profile.d/libglib2.csh.new etc/profile.d/libglib2.sh.new ; do
+  if test -e $(dirname $file)/$(basename $file .new) ; then
+    if [ ! -x $(dirname $file)/$(basename $file .new) ]; then
+      chmod 644 $file
+     else
+      chmod 755 $file
+    fi
+  fi
+  config $file
+done
diff --git a/source/l/glib2/glib-CVE-2008-4316.diff b/source/l/glib2/glib-CVE-2008-4316.diff
new file mode 100644
index 00000000..5d9bddee
--- /dev/null
+++ b/source/l/glib2/glib-CVE-2008-4316.diff
@@ -0,0 +1,62 @@
+--- trunk/glib/gbase64.c	2009/02/23 04:30:06	7897
++++ trunk/glib/gbase64.c	2009/03/12 13:30:55	7973
+@@ -54,8 +54,9 @@
+  *
+  * The output buffer must be large enough to fit all the data that will
+  * be written to it. Due to the way base64 encodes you will need
+- * at least: @len * 4 / 3 + 6 bytes. If you enable line-breaking you will
+- * need at least: @len * 4 / 3 + @len * 4 / (3 * 72) + 7 bytes.
++ * at least: (@len / 3 + 1) * 4 + 4 bytes (+ 4 may be needed in case of
++ * non-zero state). If you enable line-breaking you will need at least:
++ * ((@len / 3 + 1) * 4 + 4) / 72 + 1 bytes of extra space.
+  *
+  * @break_lines is typically used when putting base64-encoded data in emails.
+  * It breaks the lines at 72 columns instead of putting all of the text on 
+@@ -233,8 +234,14 @@
+   g_return_val_if_fail (data != NULL, NULL);
+   g_return_val_if_fail (len > 0, NULL);
+ 
+-  /* We can use a smaller limit here, since we know the saved state is 0 */
+-  out = g_malloc (len * 4 / 3 + 4);
++  /* We can use a smaller limit here, since we know the saved state is 0,
++     +1 is needed for trailing \0, also check for unlikely integer overflow */
++  if (len >= ((G_MAXSIZE - 1) / 4 - 1) * 3)
++    g_error("%s: input too large for Base64 encoding (%"G_GSIZE_FORMAT" chars)",
++        G_STRLOC, len);
++
++  out = g_malloc ((len / 3 + 1) * 4 + 1);
++
+   outlen = g_base64_encode_step (data, len, FALSE, out, &state, &save);
+   outlen += g_base64_encode_close (FALSE, out + outlen, &state, &save);
+   out[outlen] = '\0';
+@@ -275,7 +282,8 @@
+  *
+  * The output buffer must be large enough to fit all the data that will
+  * be written to it. Since base64 encodes 3 bytes in 4 chars you need
+- * at least: @len * 3 / 4 bytes.
++ * at least: (@len / 4) * 3 + 3 bytes (+ 3 may be needed in case of non-zero
++ * state).
+  * 
+  * Return value: The number of bytes of output that was written
+  *
+@@ -358,7 +366,8 @@
+ 		 gsize       *out_len)
+ {
+   guchar *ret;
+-  gint input_length, state = 0;
++  gsize input_length;
++  gint state = 0;
+   guint save = 0;
+   
+   g_return_val_if_fail (text != NULL, NULL);
+@@ -368,7 +377,9 @@
+ 
+   g_return_val_if_fail (input_length > 1, NULL);
+ 
+-  ret = g_malloc0 (input_length * 3 / 4);
++  /* We can use a smaller limit here, since we know the saved state is 0,
++     +1 used to avoid calling g_malloc0(0), and hence retruning NULL */
++  ret = g_malloc0 ((input_length / 4) * 3 + 1);
+   
+   *out_len = g_base64_decode_step (text, input_length, ret, &state, &save);
+   
diff --git a/source/l/glib2/glib2.SlackBuild b/source/l/glib2/glib2.SlackBuild
new file mode 100755
index 00000000..23211af8
--- /dev/null
+++ b/source/l/glib2/glib2.SlackBuild
@@ -0,0 +1,100 @@
+#!/bin/sh
+
+# Copyright 2008, 2009  Patrick J. Volkerding, Sebeka, MN, USA
+# All rights reserved.
+#
+# Redistribution and use of this script, with or without modification, is
+# permitted provided that the following conditions are met:
+#
+# 1. Redistributions of this script must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+#
+#  THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+#  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+#  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO
+#  EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+#  SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+#  PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+#  OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+#  WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+#  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+#  ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+
+VERSION=${VERSION:-2.18.4}
+ARCH=${ARCH:-x86_64}
+BUILD=${BUILD:-1}
+
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp}
+PKG=$TMP/package-glib2
+rm -rf $PKG
+mkdir -p $TMP $PKG/usr
+
+if [ "$ARCH" = "i486" ]; then
+  SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "s390" ]; then
+  SLKCFLAGS="-O2"
+  LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+  SLKCFLAGS="-O2 -fPIC"
+  LIBDIRSUFFIX="64"
+fi
+
+cd $TMP
+rm -rf glib-$VERSION
+tar xvf $CWD/glib-$VERSION.tar.bz2 || exit 1
+cd glib-$VERSION
+
+zcat $CWD/glib-CVE-2008-4316.diff.gz | patch -p1 --verbose || exit 1
+
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+CFLAGS="$SLKCFLAGS" \
+./configure \
+  --prefix=/usr \
+  --libdir=/usr/lib${LIBDIRSUFFIX} \
+  --sysconfdir=/etc \
+  --mandir=/usr/man \
+  --build=$ARCH-slackware-linux
+
+make $NUMJOBS || make || exit 1
+make install DESTDIR=$PKG
+
+# Install profile scripts:
+mkdir -p $PKG/etc/profile.d/
+cp -a $CWD/libglib2.{csh,sh} $PKG/etc/profile.d/
+chown root:root $PKG/etc/profile.d/*
+chmod 755 $PKG/etc/profile.d/*
+mv $PKG/etc/profile.d/libglib2.csh $PKG/etc/profile.d/libglib2.csh.new
+mv $PKG/etc/profile.d/libglib2.sh $PKG/etc/profile.d/libglib2.sh.new
+
+find $PKG | xargs file | grep -e "executable" -e "shared object" \
+  | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null
+
+( cd $PKG/usr/man
+  find . -type f -exec gzip -9 {} \;
+  for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done
+)
+
+mkdir -p $PKG/usr/doc/glib-$VERSION
+cp -a \
+  AUTHORS COPYING NEWS README \
+  $PKG/usr/doc/glib-$VERSION
+( cd $PKG/usr/doc/glib-$VERSION ; ln -s /usr/share/gtk-doc/html/gobject html )
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh
+
+cd $PKG
+/sbin/makepkg -l y -c n $TMP/glib2-$VERSION-$ARCH-$BUILD.txz
+
diff --git a/source/l/glib2/libglib2.csh b/source/l/glib2/libglib2.csh
new file mode 100644
index 00000000..584f06bf
--- /dev/null
+++ b/source/l/glib2/libglib2.csh
@@ -0,0 +1,27 @@
+#!/bin/csh
+#
+# Description:  This script sets the environment variables G_FILENAME_ENCODING
+# and G_BROKEN_FILENAMES for the glib-2.0 library.
+#
+# G_FILENAME_ENCODING
+#       This environment variable can be set to a comma-separated list of
+#       character set names.  GLib assumes that filenames are encoded in the
+#       first character set from that list rather than in UTF-8.  The special
+#       token "@locale" can be used to specify the character set for the
+#       current locale.
+#
+# G_BROKEN_FILENAMES
+#       If this environment variable is set, GLib assumes that filenames are
+#       in the locale encoding rather than in UTF-8.
+
+# If the LANG you have set contains any form of "UTF", we will guess you are
+# using a UTF-8 locale.  Hopefully we're correct.
+echo $LANG | grep -iq UTF
+if ($status == 0) then
+  export G_FILENAME_ENCODING="@locale"
+endif
+
+# It doesn't hurt to export this since G_FILENAME_ENCODING takes priority
+# over G_BROKEN_FILENAMES:
+setenv G_BROKEN_FILENAMES 1
+
diff --git a/source/l/glib2/libglib2.sh b/source/l/glib2/libglib2.sh
new file mode 100644
index 00000000..9b9fdc69
--- /dev/null
+++ b/source/l/glib2/libglib2.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+# Description:  This script sets the environment variables G_FILENAME_ENCODING
+# and G_BROKEN_FILENAMES for the glib-2.0 library.
+#
+# G_FILENAME_ENCODING
+#       This environment variable can be set to a comma-separated list of
+#       character set names.  GLib assumes that filenames are encoded in the
+#       first character set from that list rather than in UTF-8.  The special
+#       token "@locale" can be used to specify the character set for the
+#       current locale.
+#
+# G_BROKEN_FILENAMES
+#       If this environment variable is set, GLib assumes that filenames are
+#       in the locale encoding rather than in UTF-8.
+
+# If the LANG you have set contains any form of "UTF", we will guess you are
+# using a UTF-8 locale.  Hopefully we're correct.
+if echo $LANG | grep -iq UTF ; then
+  export G_FILENAME_ENCODING="@locale"
+fi
+
+# It doesn't hurt to export this since G_FILENAME_ENCODING takes priority
+# over G_BROKEN_FILENAMES:
+export G_BROKEN_FILENAMES=1
+
diff --git a/source/l/glib2/slack-desc b/source/l/glib2/slack-desc
new file mode 100644
index 00000000..1633f2f7
--- /dev/null
+++ b/source/l/glib2/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description.  Line
+# up the first '|' above the ':' following the base package name, and the '|' on
+# the right side marks the last column you can put a character in.  You must make
+# exactly 11 lines for the formatting to be correct.  It's also customary to
+# leave one space after the ':'.
+
+     |-----handy-ruler------------------------------------------------------|
+glib2: glib2 (library of C routines)
+glib2:
+glib2: GLib is a library which includes support routines for C such as lists,
+glib2: trees, hashes, memory allocation, and many other things.
+glib2:
+glib2:
+glib2:
+glib2:
+glib2:
+glib2:
+glib2: