Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-cmarkgfm for openSUSE:Factory
checked in at 2022-08-04 13:23:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-cmarkgfm (Old)
and /work/SRC/openSUSE:Factory/.python-cmarkgfm.new.1521 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-cmarkgfm"
Thu Aug 4 13:23:07 2022 rev:4 rq:989564 version:0.8.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-cmarkgfm/python-cmarkgfm.changes
2022-02-09 20:38:29.434274149 +0100
+++
/work/SRC/openSUSE:Factory/.python-cmarkgfm.new.1521/python-cmarkgfm.changes
2022-08-04 13:23:16.064465343 +0200
@@ -1,0 +2,7 @@
+Fri Jul 15 10:48:35 UTC 2022 - Jacob Michalskie <hel@lcp.world>
+
+- Update to 2022.3.4:
+ - Updated cmark to 0.29.0.gfm.3
+ - Switched to calendar versioning
+
+-------------------------------------------------------------------
Old:
----
cmarkgfm-0.7.0.tar.gz
New:
----
cmarkgfm-0.8.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-cmarkgfm.spec ++++++
--- /var/tmp/diff_new_pack.ApyEww/_old 2022-08-04 13:23:16.516466625 +0200
+++ /var/tmp/diff_new_pack.ApyEww/_new 2022-08-04 13:23:16.520466637 +0200
@@ -18,7 +18,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-cmarkgfm
-Version: 0.7.0
+Version: 0.8.0
Release: 0
Summary: Minimal bindings to GitHub's fork of cmark
License: MIT
@@ -41,7 +41,8 @@
Minimal bindings to GitHub's fork of cmark
%prep
-%setup -q -n cmarkgfm-%{version}
+%autosetup -p1 -n cmarkgfm-%{version}
+
chmod a-x LICENSE.txt README.rst
%build
++++++ cmarkgfm-0.7.0.tar.gz -> cmarkgfm-0.8.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cmarkgfm-0.7.0/PKG-INFO new/cmarkgfm-0.8.0/PKG-INFO
--- old/cmarkgfm-0.7.0/PKG-INFO 2021-12-14 04:22:59.903733700 +0100
+++ new/cmarkgfm-0.8.0/PKG-INFO 2022-03-05 04:45:00.547795300 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: cmarkgfm
-Version: 0.7.0
+Version: 0.8.0
Summary: Minimal bindings to GitHub's fork of cmark
Home-page: https://github.com/theacodes/cmarkgfm
Author: The Python Packaging Authority
@@ -10,7 +10,7 @@
Project-URL: Funding, https://donate.pypi.org
Project-URL: Source, https://github.com/theacodes/cmarkgfm
Platform: UNKNOWN
-Classifier: Development Status :: 3 - Alpha
+Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: Topic :: Software Development :: Build Tools
Classifier: License :: OSI Approved :: MIT License
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cmarkgfm-0.7.0/generated/unix/cmark-gfm_version.h
new/cmarkgfm-0.8.0/generated/unix/cmark-gfm_version.h
--- old/cmarkgfm-0.7.0/generated/unix/cmark-gfm_version.h 2021-12-14
03:22:41.000000000 +0100
+++ new/cmarkgfm-0.8.0/generated/unix/cmark-gfm_version.h 2022-03-05
03:36:19.000000000 +0100
@@ -1,7 +1,7 @@
#ifndef CMARK_GFM_VERSION_H
#define CMARK_GFM_VERSION_H
-#define CMARK_GFM_VERSION ((0 << 24) | (29 << 16) | (0 << 8) | 2)
-#define CMARK_GFM_VERSION_STRING "0.29.0.gfm.2"
+#define CMARK_GFM_VERSION ((0 << 24) | (29 << 16) | (0 << 8) | 3)
+#define CMARK_GFM_VERSION_STRING "0.29.0.gfm.3"
#endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cmarkgfm-0.7.0/setup.py new/cmarkgfm-0.8.0/setup.py
--- old/cmarkgfm-0.7.0/setup.py 2021-12-14 03:22:41.000000000 +0100
+++ new/cmarkgfm-0.8.0/setup.py 2022-03-05 03:36:19.000000000 +0100
@@ -25,7 +25,7 @@
setup(
name='cmarkgfm',
- version='0.7.0',
+ version='0.8.0',
description="Minimal bindings to GitHub's fork of cmark",
long_description=long_description,
long_description_content_type="text/x-rst",
@@ -33,7 +33,7 @@
author='The Python Packaging Authority',
author_email='me@thea.codes, pypa-...@googlegroups.com',
classifiers=[
- 'Development Status :: 3 - Alpha',
+ 'Development Status :: 5 - Production/Stable',
'Intended Audience :: Developers',
'Topic :: Software Development :: Build Tools',
'License :: OSI Approved :: MIT License',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cmarkgfm-0.7.0/src/cmarkgfm.egg-info/PKG-INFO
new/cmarkgfm-0.8.0/src/cmarkgfm.egg-info/PKG-INFO
--- old/cmarkgfm-0.7.0/src/cmarkgfm.egg-info/PKG-INFO 2021-12-14
04:22:59.000000000 +0100
+++ new/cmarkgfm-0.8.0/src/cmarkgfm.egg-info/PKG-INFO 2022-03-05
04:45:00.000000000 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 2.1
Name: cmarkgfm
-Version: 0.7.0
+Version: 0.8.0
Summary: Minimal bindings to GitHub's fork of cmark
Home-page: https://github.com/theacodes/cmarkgfm
Author: The Python Packaging Authority
@@ -10,7 +10,7 @@
Project-URL: Funding, https://donate.pypi.org
Project-URL: Source, https://github.com/theacodes/cmarkgfm
Platform: UNKNOWN
-Classifier: Development Status :: 3 - Alpha
+Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
Classifier: Topic :: Software Development :: Build Tools
Classifier: License :: OSI Approved :: MIT License
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cmarkgfm-0.7.0/third_party/cmark/extensions/table.c
new/cmarkgfm-0.8.0/third_party/cmark/extensions/table.c
--- old/cmarkgfm-0.7.0/third_party/cmark/extensions/table.c 2021-12-14
03:22:43.000000000 +0100
+++ new/cmarkgfm-0.8.0/third_party/cmark/extensions/table.c 2022-03-05
03:36:20.000000000 +0100
@@ -129,6 +129,7 @@
bufsize_t cell_matched = 1, pipe_matched = 1, offset;
int expect_more_cells = 1;
int row_end_offset = 0;
+ int int_overflow_abort = 0;
row = (table_row *)parser->mem->calloc(1, sizeof(table_row));
row->n_columns = 0;
@@ -161,6 +162,12 @@
++cell->internal_offset;
}
+ // make sure we never wrap row->n_columns
+ // offset will != len and our exit will clean up as intended
+ if (row->n_columns == UINT16_MAX) {
+ int_overflow_abort = 1;
+ break;
+ }
row->n_columns += 1;
row->cells = cmark_llist_append(parser->mem, row->cells, cell);
}
@@ -194,7 +201,7 @@
}
}
- if (offset != len || row->n_columns == 0) {
+ if (offset != len || row->n_columns == 0 || int_overflow_abort) {
free_table_row(parser->mem, row);
row = NULL;
}
@@ -241,6 +248,11 @@
marker_row = row_from_string(self, parser,
input + cmark_parser_get_first_nonspace(parser),
len - cmark_parser_get_first_nonspace(parser));
+ // assert may be optimized out, don't rely on it for security boundaries
+ if (!marker_row) {
+ return parent_container;
+ }
+
assert(marker_row);
cmark_arena_push();
@@ -264,6 +276,12 @@
len - cmark_parser_get_first_nonspace(parser));
header_row = row_from_string(self, parser, (unsigned char *)parent_string,
(int)strlen(parent_string));
+ // row_from_string can return NULL, add additional check to ensure
n_columns match
+ if (!marker_row || !header_row || header_row->n_columns !=
marker_row->n_columns) {
+ free_table_row(parser->mem, marker_row);
+ free_table_row(parser->mem, header_row);
+ return parent_container;
+ }
}
if (!cmark_node_set_type(parent_container, CMARK_NODE_TABLE)) {
@@ -281,8 +299,10 @@
parent_container->as.opaque = parser->mem->calloc(1, sizeof(node_table));
set_n_table_columns(parent_container, header_row->n_columns);
+ // allocate alignments based on marker_row->n_columns
+ // since we populate the alignments array based on marker_row->cells
uint8_t *alignments =
- (uint8_t *)parser->mem->calloc(header_row->n_columns, sizeof(uint8_t));
+ (uint8_t *)parser->mem->calloc(marker_row->n_columns, sizeof(uint8_t));
cmark_llist *it = marker_row->cells;
for (i = 0; it; it = it->next, ++i) {
node_cell *node = (node_cell *)it->data;
@@ -351,6 +371,12 @@
row = row_from_string(self, parser, input +
cmark_parser_get_first_nonspace(parser),
len - cmark_parser_get_first_nonspace(parser));
+ if (!row) {
+ // clean up the dangling node
+ cmark_node_free(table_row_block);
+ return NULL;
+ }
+
{
cmark_llist *tmp;
int i, table_columns = get_n_table_columns(parent_container);
