January 26, 2021 3:44 PM, "Hiltjo Posthuma" <hil...@codemadness.org> wrote:
> On Sat, Jan 16, 2021 at 04:29:27PM +0100, Hiltjo Posthuma wrote:
>
>> On Mon, Jan 11, 2021 at 07:50:55PM +0100, Hiltjo Posthuma wrote:
>> Hi,
>>
>> The below patch pledges the iconv binary in the libiconv package. The tool is
>> useful for converting text-encoding of text data to UTF-8 for example.
>>
>> It now uses pledge("stdio", NULL) if only using stdin/stdout. It uses
>> pledge("stdio rpath", NULL) when specifying files.
>>
>> I've tested many command-line option combinations and haven't found missing
>> promises which cause an abort().
>>
>> Patch:
>>
>> From f3b6b4de0a010bd7e9725eeaceddb33a61953a72 Mon Sep 17 00:00:00 2001
>> From: Hiltjo Posthuma <hil...@codemadness.org>
>> Date: Mon, 11 Jan 2021 19:39:31 +0100
>> Subject: [PATCH] libiconv: pledge iconv(1) binary
>>
>> ---
>> converters/libiconv/Makefile | 3 ++-
>> converters/libiconv/patches/patch-src_iconv_c | 22 +++++++++++++++++++
>> 2 files changed, 24 insertions(+), 1 deletion(-)
>> create mode 100644 converters/libiconv/patches/patch-src_iconv_c
>>
>> diff --git a/converters/libiconv/Makefile b/converters/libiconv/Makefile
>> index 2ab58ea4519..5c8043270de 100644
>> --- a/converters/libiconv/Makefile
>> +++ b/converters/libiconv/Makefile
>> @@ -5,7 +5,7 @@ COMMENT= character set conversion library
>> DISTNAME= libiconv-1.16
>> CATEGORIES= converters devel
>> MASTER_SITES= ${MASTER_SITE_GNU:=libiconv/}
>> -REVISION= 0
>> +REVISION= 1
>>
>> SHARED_LIBS= charset 1.1 \
>> iconv 7.0
>> @@ -17,6 +17,7 @@ MAINTAINER= Brad Smith <b...@comstyle.com>
>> # LGPLv2 and GPLv3
>> PERMIT_PACKAGE= Yes
>>
>> +# uses pledge()
>> WANTLIB= c
>>
>> SEPARATE_BUILD= Yes
>> diff --git a/converters/libiconv/patches/patch-src_iconv_c
>> b/converters/libiconv/patches/patch-src_iconv_c
>> new file mode 100644
>> index 00000000000..2f3eaac346d
>> --- /dev/null
>> +++ b/converters/libiconv/patches/patch-src_iconv_c
>> @@ -0,0 +1,22 @@
>> +--- src/iconv.c.orig Mon Jan 11 19:28:35 2021
>> ++++ src/iconv.c Mon Jan 11 19:31:36 2021
>> +@@ -19,6 +19,9 @@
>> + # define ICONV_CONST
>> + #endif
>> +
>> ++#include <err.h>
>> ++#include <unistd.h>
>> ++
>> + #include <limits.h>
>> + #include <stddef.h>
>> + #include <stdio.h>
>> +@@ -846,6 +849,9 @@
>> + struct iconv_hooks hooks;
>> + int i;
>> + int status;
>> ++
>> ++ if (pledge(i == argc ? "stdio" : "stdio rpath", NULL) == -1)
Wouldn't you use i uninitialised here?
>> ++ err(1, "pledge");
>> +
>> + set_program_name (argv[0]);
>> + #if HAVE_SETLOCALE
>> --
>> 2.30.0
>>
>> Any thoughts/OKs for the above patch?
>>
>> I use it to convert the text-encoding of some RSS/Atom feeds which are
>> non-UTF-8 to UTF-8.
>>
>> With this patch it completes pledge(2)'ing my entire software bundle to
>> handle
>> RSS/Atom feeds.
>>
>> In a nutshell: ftp someurl | iconv -f encoding -t utf-8 | myprogram
>
> Bump, any OKs or comments?
>
> --
> Kind regards,
> Hiltjo
