Wed Jan 29 21:54:31 2020 UTC ()

libzip: update to 1.6.0nb1.

Add upstream patch avoiding a double-free in zipcmp.


(wiz)

diff -r1.43 -r1.44 pkgsrc/archivers/libzip/Makefile
diff -r1.32 -r1.33 pkgsrc/archivers/libzip/distinfo
diff -r0 -r1.1 pkgsrc/archivers/libzip/patches/patch-src_zipcmp.c

--- pkgsrc/archivers/libzip/Makefile 2020/01/24 12:09:23 1.43
+++ pkgsrc/archivers/libzip/Makefile 2020/01/29 21:54:31 1.44

 @@ -1,16 +1,17 @@
-# $NetBSD: Makefile,v 1.43 2020/01/24 12:09:23 wiz Exp $
+# $NetBSD: Makefile,v 1.44 2020/01/29 21:54:31 wiz Exp $
 DISTNAME=		libzip-1.6.0
 PKGREVISION=		1
 CATEGORIES=		archivers devel
 MASTER_SITES=		https://libzip.org/download/
 EXTRACT_SUFX=		.tar.xz
 MAINTAINER=		wiz@NetBSD.org
 HOMEPAGE=		https://www.libzip.org/
 COMMENT=		C library to manipulate zip archives
 LICENSE=		modified-bsd
 USE_CMAKE=		yes
 USE_TOOLS+=		perl:build
 TEST_TARGET=		test

--- pkgsrc/archivers/libzip/distinfo 2020/01/24 12:09:23 1.32
+++ pkgsrc/archivers/libzip/distinfo 2020/01/29 21:54:31 1.33

 @@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.32 2020/01/24 12:09:23 wiz Exp $
+$NetBSD: distinfo,v 1.33 2020/01/29 21:54:31 wiz Exp $
 SHA1 (libzip-1.6.0.tar.xz) = 794bb5a5d7656fccd1adaffa19ab1190c8471c1c
 RMD160 (libzip-1.6.0.tar.xz) = 6ca337891a48fc54ff350b4fba2d0a82aa65c5d4
 SHA512 (libzip-1.6.0.tar.xz) = a173bebc0a199d65d9e2d5e5adf65eb10e9d3a1c409006b3f78e3453aa6166d825fea20e818e725f5d3c6b63137023a2cccb7fb2a1da50a88c4f5f057cf879f8
 Size (libzip-1.6.0.tar.xz) = 732812 bytes
 SHA1 (patch-src_zipcmp.c) = 67862d766a88a588f594cd88ffa49ca54e852923

$NetBSD: patch-src_zipcmp.c,v 1.1 2020/01/29 21:54:31 wiz Exp $

Avoid double free.
https://github.com/nih-at/libzip/commit/bd9fb11fa88f6a95b8afbd53796934adf4e6e6bd

--- src/zipcmp.c.orig	2020-01-24 11:03:14.000000000 +0000
+++ src/zipcmp.c
@@ -248,7 +248,6 @@ compare_zip(char *const zn[]) {
 	}
 	for (j = 0; j < a[i].nentry; j++) {
 	    free(a[i].entry[j].name);
-	    free(a[i].entry[j].extra_fields);
 	}
 	free(a[i].entry);
     }