Commit Graph

60 Commits

Author SHA1 Message Date
Fabrice Fontaine
edcf8b6d5f package/cjson: bump to version 1.7.15
Fixes:
- Fix potential core dumped for strrchr
- Fix null pointer crash in cJSON_CreateXxArray
- Fix several null pointer problems on allocation failure
- Fix a possible dereference of null pointer

https://github.com/DaveGamble/cJSON/releases/tag/v1.7.15

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2021-08-26 22:53:21 +02:00
Peter Seiderer
8b16476e80 package/cjson: bump version to 1.7.14
Changelog ([1]):

  1.7.14 (Sep 3, 2020)
  Fixes:
    optimize the way to find tail node, see #503
    Fix WError error on macosx because NAN is a float. Thanks @sappo, see #484
    Fix some bugs in detach and replace. Thanks @miaoerduo, see #456

[1] https://github.com/DaveGamble/cJSON/blob/master/CHANGELOG.md

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-03-14 11:59:09 +01:00
Yann E. MORIN
b9db38d370 package: drop _CPE_ID_VALID, use _CPE_ID_VENDOR
FOO_CPE_ID_VALID really ought to be an internal implementaion detail.
Packages that really want to trigger their CPE defintitions really
should set one of the actual variables to a meaningful value.

There are two CPE-related variables that we could chose to set to
replace FOO_CPE_ID_VALID: FOO_CPE_ID_VENDOR and FOO_CPE_ID_PRODUCT.
Between those two, _VENDOR more often diverges from the default than
_PRODUCT does, so that's what we use.

    ---8<------8<------8<------8<------8<---
    #!/bin/bash
    # Replace FOO_CPE_ID_VALID = YES with FOO_CPE_ID_VENDOR = foo_project
    for i in $(git grep -l -E '[^)]_CPE_ID_VALID = YES' package support); do
        pkg="$(basename "${i%/*}")"
        sed -r -i -e "s/_CPE_ID_VALID = YES/_CPE_ID_VENDOR = ${pkg}_project/" "${i}"
    done
    ---8<------8<------8<------8<------8<---

Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: update cpe-test comment to reflect pkg3 change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-06 17:18:07 +01:00
Heiko Thiery
7edfc478ea package/cjson: set CJSON_CPE_ID_VALID
cpe:2.3🅰️cjson_project:cjson is a valid CPE identifier for this
package:

https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cjson

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-01-21 22:01:56 +01:00
Fabrice Fontaine
d7ce1d034d package/cjson: bump to version 1.7.13
Update indentation of hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-04-02 21:45:16 +02:00
Victor Huesca
69808c7536 package: remove 'v' prefix from github-fetched packages
On Github, a large number of projects name their tag vXYZ (i.e v3.0,
v0.1, etc.). In some packages we do:

 <pkg>_VERSION = v0.3
 <pkg>_SITE = $(call github foo,bar,$(<pkg>_VERSION))

And in some other packages we do:

 <pkg>_VERSION = 0.3
 <pkg>_SITE = $(call github foo,bar,v$(<pkg>_VERSION))

I.e in one case we consider the version to be v0.3, in the other case
we consider 0.3 to be the version.

The problem with v0.3 is that when used in conjunction with
release-monitoring.org, it doesn't work very well, because
release-monitoring.org has the concept of "version prefix" and using
that they drop the "v" prefix for the version.

Therefore, a number of packages in Buildroot have a version that
doesn't match with release-monitoring.org because Buildroot has 'v0.3'
and release-monitoring.org has '0.3'.

Since really the version number of 0.3, is makes sense to update our
packages to drop this 'v'.

This commit only addresses the (common) case of github packages where
the prefix is simply 'v'. Other cases will be handled by separate
commits. Also, there are a few cases that couldn't be handled
mechanically that aren't covered by this commit.

Signed-off-by: Victor Huesca <victor.huesca@bootlin.com>
[Arnout: don't change flatbuffers, json-for-modern-cpp, libpagekite,
 python-scapy3k, softether]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2019-06-19 22:27:55 +02:00
Fabrice Fontaine
2ee83e0b1a package/cjson: security bump to version 1.7.12
Fix infinite loop in cJSON_Minify (potential Denial of Service), see
https://github.com/DaveGamble/cJSON/issues/354

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-05-18 18:24:17 +02:00
Fabrice Fontaine
a45a3997d8 package/cjson: security bump to version 1.7.11
Fix a bug where cJSON_Minify could overflow it's buffer, both reading
and writing: https://github.com/DaveGamble/cJSON/issues/338.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-04-15 21:40:14 +02:00
Fabrice Fontaine
397bb048d5 package/cjson: bump to version 1.7.10
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2019-01-13 14:15:21 +01:00
Fabrice Fontaine
2c57dc0469 cjson: bump to version 1.7.7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-05-25 16:22:11 +02:00
Fabrice Fontaine
eed67b2c6b cjson: bump to version 1.7.6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-04-15 20:36:51 +02:00
Fabrice Fontaine
8625eca940 cjson: bump to version 1.7.5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-29 16:05:54 +02:00
Fabrice Fontaine
b405d31b48 cjson: bump to version 1.7.4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-03-05 21:13:34 +01:00
Fabrice Fontaine
1063e9ef80 cjson: bump to version 1.7.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-02-14 21:43:16 +01:00
Fabrice Fontaine
73569ed6f8 cjson: bump to version 1.7.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-02-08 23:07:02 +01:00
Fabrice Fontaine
bdfb180d58 cjson: bump to version 1.7.1
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-01-12 19:54:31 +01:00
Matt Weber
b6314a1811 cjson: update LICENSE hash for 1.7.0
No change to the contents but indentation.

Fixes:
http://autobuild.buildroot.net/results/626/626f01bb2e769914d471e70665f7f2909e1f5fe2/

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2018-01-07 23:47:45 +01:00
Fabrice Fontaine
579b87423f cjson: bump to version 1.7.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2018-01-07 15:05:07 +01:00
Thomas Petazzoni
287775d241 cjson: add comment explaining how BUILD_SHARED_AND_STATIC_LIBS works
This was missing in commit aca8412ce2
("cjson: build shared and static library").

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2018-01-03 22:31:30 +01:00
Fabrice Fontaine
aca8412ce2 cjson: build shared and static library
cjson 1.6.0 added the BUILD_SHARED_AND_STATIC_LIBS option which is OFF
by default so set it depending on BR2_SHARED_STATIC_LIBS value.

If BUILD_SHARED_AND_STATIC_LIBS is set to OFF, cjson uses the standard
BUILD_SHARED_LIBS option which is passed by the cmake-package
infrastructure.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2018-01-03 22:08:30 +01:00
Fabrice Fontaine
8e5aefed8b cjson: add hash for license file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-12-03 00:00:55 +01:00
Fabrice Fontaine
6c306f675f cjson: bump to version 1.6.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-10-31 20:09:53 +01:00
Fabrice Fontaine
d60315ef39 cjson: bump to version 1.5.6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-06 23:21:19 +02:00
Fabrice Fontaine
37ce45f1cc cjson: bump to version 1.5.5
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-06-17 15:38:25 +02:00
Bernd Kuhls
c5e7405009 package/cjson: bump version to v1.5.3
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-05-24 16:01:56 +02:00
Adam Duskett
ee71aa2375 package/c*/Config.in: fix help text wrapping
The check-package script when ran gives warnings on text wrapping
on all of these Config files.  This patch cleans up all warnings
related to the text wrapping for the Config files starting with
the letter c in the package directory.

The appropriate indentation is: <tab><2 spaces><62 chars>
See http://nightly.buildroot.org/#writing-rules-config-in for more
information.

Signed-off-by: Adam Duskett <aduskett@codeblue.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-05-11 23:28:01 +02:00
Vicente Olivert Riera
6a72aea616 cjson: bump version to v1.5.2
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-05-10 23:44:31 +02:00
Vicente Olivert Riera
148b1c4cee cjson: bump version to 1.5.1
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-05-08 21:00:02 +02:00
Vicente Olivert Riera
da0cc47c6f cjson: bump version to v1.4.7
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-20 23:12:56 +02:00
Vicente Olivert Riera
5380e6996f cjson: bump version to v1.4.6
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-12 23:00:12 +02:00
Vicente Olivert Riera
1e5085f9ba cjson: bump version to v1.4.5
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-29 21:51:25 +02:00
Fabrice Fontaine
a655a74d1a cjson: bump to version 1.4.4
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-25 14:37:09 +01:00
Fabrice Fontaine
a521a33799 cjson: bump to version 1.4.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-20 21:56:29 +01:00
Fabrice Fontaine
d8972e4fe7 cjson: bump to version 1.4.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-03-17 22:36:40 +01:00
Fabrice Fontaine
81f55e4309 cjson: bump to version 1.4.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-06 21:22:35 +01:00
Fabrice Fontaine
27f17ace1b cjson: bump to version 1.3.2
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-01 21:50:06 +01:00
Fabrice Fontaine
e01248c4cf cjson: fix build for toolchains without ssp
Set ENABLE_CUSTOM_COMPILER_FLAGS to OFF to disable custom flags, in
particular -fstack-protector-strong which depends on
BR2_TOOLCHAIN_HAS_SSP

Fixes:

  http://autobuild.buildroot.net/results/cfcf3bc8066159dfddd1786954d78e8527858f2f/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-03-01 21:48:41 +01:00
Fabrice Fontaine
d0cb7dfc6f cjson: do not build tests
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-19 23:01:24 +01:00
Fabrice Fontaine
5e5219b84d cjson: bump to version 1.3.0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-19 23:01:20 +01:00
Vicente Olivert Riera
130b9dcea1 cjson: security bump to version v1.2.1
Fixes a potential NULL pointer dereference in
cJSONUtils_InplaceDecodePointerString():

https://github.com/DaveGamble/cJSON/issues/96

[Peter: extend commit message, mention (potential) security impact]
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-01-31 23:48:32 +01:00
Vicente Olivert Riera
8cd0f493d6 cjson: bump version to v1.2.0
Also remove the patch since it's already contained in this release.

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-01-09 15:08:19 +01:00
Fabrice Fontaine
4f11de1a60 cjson: fix error with sh4a and powerpc
Fixes:
 - http://autobuild.buildroot.net/results/3d899790acdc5c21733ff6f7f5a1b500e862ea0a

Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-15 22:10:30 +01:00
Fabrice Fontaine
190c5117c0 cjson: bump to version 1.1.0
Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-12-10 09:11:02 +01:00
Fabrice Fontaine
c8824a428b cjson: bump to version v1.0.2
This is a major update in cjson:
 - project site moved from sourceforge to github
 - project recommends to use the new cmake buildsystem instead of the
   legacy make
 - BR2_STATIC_LIBS is now OK (README does not mention issue anymore)
 - As include path and library name have changed, tinycbor has to be
   updated
 - As cjson can now be built as a static library, fix a bug in
   json2cbor compilation from tinycbor package

Signed-off-by: Fabrice Fontaine <fabrice.fontaine@orange.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-12-04 15:40:07 +01:00
Thomas Petazzoni
665e13c85e Rename BR2_PREFER_STATIC_LIB to BR2_STATIC_LIBS
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.

As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.

This also helps preparing the addition of other options to select
shared, shared+static or just static.

Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
2014-12-11 22:48:13 +01:00
Thomas De Schampheleire
f268f7131b .mk files: bulk aligment and whitespace cleanup of assignments
The Buildroot coding style defines one space around make assignments and
does not align the assignment symbols.

This patch does a bulk fix of offending packages. The package
infrastructures (or more in general assignments to calculated variable
names, like $(2)_FOO) are not touched.

Alignment of line continuation characters (\) is kept as-is.

The sed command used to do this replacement is:
find * -name "*.mk" | xargs sed -i \
    -e 's#^\([A-Z0-9a-z_]\+\)\s*\([?:+]\?=\)\s*$#\1 \2#'
    -e 's#^\([A-Z0-9a-z_]\+\)\s*\([?:+]\?=\)\s*\([^\\]\+\)$#\1 \2 \3#'
    -e 's#^\([A-Z0-9a-z_]\+\)\s*\([?:+]\?=\)\s*\([^\\ \t]\+\s*\\\)\s*$#\1 \2 \3#'
    -e 's#^\([A-Z0-9a-z_]\+\)\s*\([?:+]\?=\)\(\s*\\\)#\1 \2\3#'

Brief explanation of this command:
    ^\([A-Z0-9a-z_]\+\)     a regular variable at the beginning of the line
    \([?:+]\?=\)            any assignment character =, :=, ?=, +=
    \([^\\]\+\)             any string not containing a line continuation
    \([^\\ \t]\+\s*\\\)     string, optional whitespace, followed by a
                            line continuation character
    \(\s*\\\)               optional whitespace, followed by a line
                            continuation character

Hence, the first subexpression handles empty assignments, the second
handles regular assignments, the third handles regular assignments with
line continuation, and the fourth empty assignments with line
continuation.

This expression was tested on following test text: (initial tab not
included)

	FOO     = spaces before
	FOO     =   spaces before and after
	FOO	= tab before
	FOO	  = tab and spaces before
	FOO =	tab after
	FOO =	   tab and spaces after
	FOO =   	spaces and tab after
	FOO =    \
	FOO = bar \
	FOO = bar space    \
	FOO   =		   \
	GENIMAGE_DEPENDENCIES   = host-pkgconf libconfuse
	FOO     += spaces before
	FOO     ?=   spaces before and after
	FOO     :=
	FOO     =
	FOO	=
	FOO	  =
	FOO =
	   $(MAKE1) CROSS_COMPILE=$(TARGET_CROSS) -C
	AT91BOOTSTRAP3_DEFCONFIG = \
	AXEL_DISABLE_I18N=--i18n=0

After this bulk change, following manual fixups were done:
- fix line continuation alignment in cegui06 and spice (the sed
  expression leaves the number of whitespace between the value and line
  continuation character intact, but the whitespace before that could have
  changed, causing misalignment.
- qt5base was reverted, as this package uses extensive alignment which
  actually makes the code more readable.

Finally, the end result was manually reviewed.

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Cc: Yann E. Morin <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-07 15:00:28 +02:00
Thomas De Schampheleire
3d86d29bf0 packages: remove package clean commands
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-08 19:42:34 +01:00
Thomas De Schampheleire
eb7bd9ef61 packages: remove uninstall commands
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-06 09:40:40 +01:00
Gustavo Zacarias
339a488082 cjson: link with libm, unavailable for static
Link with libm as stated in the README, fixes:
http://autobuild.buildroot.net/results/57f/57fc124e14263ee2447e20a5b910ed3ae0a5b7db/

Also disable the package for static builds since it doesn't work that
way.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2013-10-30 22:46:18 +01:00
Danomi Manchego
5043efe521 cjson: bump to version 58
Also: update download site, and add new license file.

Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-08-26 00:44:58 +02:00