Added patch to fix insecure tempfile handling (see bug #235804). Removed ebuilds for vulnerable versions.

(Portage version: 2.2_rc9/cvs/Linux 2.6.26-SENTINEL-2 i686)
author: Markus Dittrich <markusle@gentoo.org> 2008-09-23 01:32:55 +0000
committer: Markus Dittrich <markusle@gentoo.org> 2008-09-23 01:32:55 +0000
commit: 923bd1cae50c316ddbd8eac792c52847746ba80d (patch)
tree: 14826ed9e360f8800d24d8d91077e14e2e0ff182 /sci-biology
parent: amd64 stable (bug 328272) (diff)
download: gentoo-2-923bd1cae50c316ddbd8eac792c52847746ba80d.tar.gz
gentoo-2-923bd1cae50c316ddbd8eac792c52847746ba80d.tar.bz2
gentoo-2-923bd1cae50c316ddbd8eac792c52847746ba80d.zip
4 files changed, 211 insertions, 36 deletions
diff --git a/sci-biology/mafft/ChangeLog b/sci-biology/mafft/ChangeLog
index 9685d6731076..5d3e5a9d044f 100644
--- a/sci-biology/mafft/ChangeLog
+++ b/sci-biology/mafft/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for sci-biology/mafft
-# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/ChangeLog,v 1.3 2007/10/10 10:23:40 markusle Exp $
+# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/ChangeLog,v 1.4 2008/09/23 01:32:55 markusle Exp $
+
+*mafft-6.240-r1 (23 Sep 2008)
+
+  23 Sep 2008; Markus Dittrich <markusle@gentoo.org>
+  +files/mafft-6.240-mktemp.patch, -mafft-5.861-r1.ebuild,
+  -mafft-6.240.ebuild, +mafft-6.240-r1.ebuild:
+  Added patch to fix insecure tempfile handling (see bug #235804). 
+  Removed ebuilds for vulnerable versions.
 
   08 Oct 2007; Markus Dittrich <markusle@gentoo.org> mafft-5.861-r1.ebuild, +mafft-6.240.ebuild:
   Fixed wrongs SRC_URI and HOMEPAGE (see bug #195080). Also bumped
diff --git a/sci-biology/mafft/files/mafft-6.240-mktemp.patch b/sci-biology/mafft/files/mafft-6.240-mktemp.patch
new file mode 100644
index 000000000000..1b96c8f47204
--- /dev/null
+++ b/sci-biology/mafft/files/mafft-6.240-mktemp.patch
@@ -0,0 +1,191 @@
+diff -Naur mafft-6.240/src/mafft-homologs.tmpl mafft-6.240.new/src/mafft-homologs.tmpl
+--- mafft-6.240/src/mafft-homologs.tmpl	2006-10-01 20:31:38.000000000 -0400
++++ mafft-6.240.new/src/mafft-homologs.tmpl	2008-09-05 17:14:17.000000000 -0400
+@@ -31,11 +31,22 @@
+ #   -w        entire sequences are subjected to BLAST search 
+ #             (default: well-aligned region only)
+ 
+-
+ require 'getopts'
++require 'tempfile'
++
++# create temporary files
++temp_vf = Tempfile.new("_vf").path
++temp_if = Tempfile.new("_if").path
++temp_pf = Tempfile.new("_pf").path
++temp_af = Tempfile.new("_af").path
++temp_qf = Tempfile.new("_qf").path
++temp_bf = Tempfile.new("_bf").path
++temp_rid = Tempfile.new("_rid").path
++temp_res = Tempfile.new("_res").path
+ 
+-system( mafftpath + " --help > /tmp/_vf#{$$} 2>&1" )
+-pfp = File.open( "/tmp/_vf#{$$}", 'r' )
++
++system( mafftpath + " --help > #{temp_vf} 2>&1" )
++pfp = File.open( "#{temp_vf}", 'r' )
+ while pfp.gets
+ 	break if $_ =~ /MAFFT v/
+ end
+@@ -114,35 +125,38 @@
+ 	mafftopt += " " + $OPT_o + " "
+ end
+ 
+-system "cat " + ARGV.to_s + " > /tmp/_if#{$$}"
++system "cat " + ARGV.to_s + " > #{temp_if}"
+ ar = mafftopt.split(" ")
+ nar = ar.length
+ for i in 0..(nar-1)
+ 	if ar[i] == "--seed" then
+-		system "cat #{ar[i+1]} >> /tmp/_if#{$$}"
++		system "cat #{ar[i+1]} >> #{temp_if}"
+ 	end
+ end
+ 
+ nseq = 0
+-ifp = File.open( "/tmp/_if#{$$}", 'r' )
++ifp = File.open( "#{temp_if}", 'r' )
+ 	while ifp.gets
+ 		nseq += 1 if $_ =~ /^>/
+ 	end
+ ifp.close
+ 
+-STDERR.puts "Performing preliminary alignment .. "
+-if nseq == 1 then
+-	system( "cp /tmp/_if#{$$}"  + " /tmp/_pf#{$$}" )
++if nseq >= 100 then
++	STDERR.puts "The number of input sequences must be <100."
++	exit
++elsif nseq == 1 then
++	system( "cp #{temp_if}"  + " #{temp_pf}" )
+ else
++	STDERR.puts "Performing preliminary alignment .. "
+ 	if entiresearch == 1 then
+-#		system( mafftpath + " --maxiterate 1000 --localpair /tmp/_if#{$$} > /tmp/_pf#{$$}" )
+-		system( mafftpath + " --maxiterate 0 --retree 2 /tmp/_if#{$$} > /tmp/_pf#{$$}" )
++#		system( mafftpath + " --maxiterate 1000 --localpair #{temp_if} > #{temp_pf}" )
++		system( mafftpath + " --maxiterate 0 --retree 2 #{temp_if} > #{temp_pf}" )
+ 	else
+-		system( mafftpath + " --maxiterate 1000 --localpair --core --coreext --corethr #{corethr.to_s} --corewin #{corewin.to_s} /tmp/_if#{$$} > /tmp/_pf#{$$}" )
++		system( mafftpath + " --maxiterate 1000 --localpair --core --coreext --corethr #{corethr.to_s} --corewin #{corewin.to_s} #{temp_if} > #{temp_pf}" )
+ 	end
+ end
+ 
+-pfp = File.open( "/tmp/_pf#{$$}", 'r' )
++pfp = File.open( "#{temp_pf}", 'r' )
+ inname = []
+ inseq = []
+ slen = []
+@@ -155,7 +169,7 @@
+ end
+ pfp.close
+ 
+-pfp = File.open( "/tmp/_if#{$$}", 'r' )
++pfp = File.open( "#{temp_if}", 'r' )
+ orname = []
+ orseq = []
+ nin = 0
+@@ -188,7 +202,7 @@
+ #p act
+ 
+ 
+-afp = File.open( "/tmp/_af#{$$}", 'w' )
++afp = File.open( "#{temp_af}", 'w' )
+ 
+ STDERR.puts "Searching .. \n"
+ ids = []
+@@ -209,10 +223,10 @@
+ 	end
+ 
+ 	if local == 0 then
+-		command = "lynx -source 'http://www.ncbi.nlm.nih.gov/blast/Blast.cgi?QUERY=" + inseq[i] + "&DATABASE=swissprot&HITLIST_SIZE=" + nadd.to_s + "&FILTER=L&EXPECT='" + eval.to_s + "'&FORMAT_TYPE=TEXT&PROGRAM=blastp&SERVICE=plain&NCBI_GI=on&PAGE=Proteins&CMD=Put' > /tmp/_rid#{$$}"
++		command = "lynx -source 'http://www.ncbi.nlm.nih.gov/blast/Blast.cgi?QUERY=" + inseq[i] + "&DATABASE=swissprot&HITLIST_SIZE=" + nadd.to_s + "&FILTER=L&EXPECT='" + eval.to_s + "'&FORMAT_TYPE=TEXT&PROGRAM=blastp&SERVICE=plain&NCBI_GI=on&PAGE=Proteins&CMD=Put' > #{temp_rid}"
+ 		system command
+ 	
+-		ridp = File.open( "/tmp/_rid#{$$}", 'r' )
++		ridp = File.open( "#{temp_rid}", 'r' )
+ 		while ridp.gets
+ 			break if $_ =~ / RID = (.*)/
+ 		end
+@@ -224,9 +238,9 @@
+ 		while 1 
+ 			STDERR.printf "."
+ 			sleep 10
+-			command = "lynx -source 'http://www.ncbi.nlm.nih.gov/blast/Blast.cgi?RID=" + rid + "&DESCRIPTIONS=500&ALIGNMENTS=" + nadd.to_s + "&ALIGNMENT_TYPE=Pairwise&OVERVIEW=no&CMD=Get&FORMAT_TYPE=XML' > /tmp/_res#{$$}"
++			command = "lynx -source 'http://www.ncbi.nlm.nih.gov/blast/Blast.cgi?RID=" + rid + "&DESCRIPTIONS=500&ALIGNMENTS=" + nadd.to_s + "&ALIGNMENT_TYPE=Pairwise&OVERVIEW=no&CMD=Get&FORMAT_TYPE=XML' > #{temp_res}"
+ 			system command
+-			resp = File.open( "/tmp/_res#{$$}", 'r' )
++			resp = File.open( "#{temp_res}", 'r' )
+ #			resp.gets
+ #			if $_ =~ /WAITING/ then
+ #				resp.close
+@@ -247,17 +261,17 @@
+ 	else
+ #		puts "Not supported"
+ #		exit
+-		qfp = File.open( "/tmp/_q#{$$}", 'w' )
++		qfp = File.open( "#{temp_qf}", 'w' )
+ 			qfp.puts "> "
+ 			qfp.puts inseq[i]
+ 		qfp.close
+-		command = blastpath + "  -p blastp  -e #{eval} -b 1000 -m 7 -i /tmp/_q#{$$} -d #{localdb} > /tmp/_res#{$$}"
++		command = blastpath + "  -p blastp  -e #{eval} -b 1000 -m 7 -i #{temp_qf} -d #{localdb} > #{temp_res}"
+ 		system command
+-		resp = File.open( "/tmp/_res#{$$}", 'r' )
++		resp = File.open( "#{temp_res}", 'r' )
+ 	end
+ 	STDERR.puts " Done.\n\n"
+ 
+-	resp = File.open( "/tmp/_res#{$$}", 'r' )
++	resp = File.open( "#{temp_res}", 'r' )
+ 	while 1
+ 		while resp.gets
+ 			break if $_ =~ /<Hit_id>(.*)<\/Hit_id>/ || $_ =~ /(<Iteration_stat>)/
+@@ -310,17 +324,15 @@
+ afp.close
+ 
+ STDERR.puts "Performing alignment .. "
+-system( mafftpath + mafftopt + " /tmp/_af#{$$} > /tmp/_bf#{$$}" )
++system( mafftpath + mafftopt + " #{temp_af} > #{temp_bf}" )
+ STDERR.puts "done."
+ 
+-bfp = File.open( "/tmp/_bf#{$$}", 'r' )
++bfp = File.open( "#{temp_bf}", 'r' )
+ outseq = []
+ outnam = []
+ readfasta( bfp, outnam, outseq )
+ bfp.close
+ 
+-
+-
+ outseq2 = []
+ outnam2 = []
+ 
+@@ -356,5 +368,3 @@
+ 	puts ">" + outnam2[i]
+ 	puts outseq2[i].gsub( /.{1,60}/, "\\0\n" )
+ end
+-
+-system( "rm -rf /tmp/_if#{$$} /tmp/_vf#{$$} /tmp/_af#{$$} /tmp/_bf#{$$} /tmp/_pf#{$$} /tmp/_q#{$$} /tmp/_res#{$$} /tmp/_rid#{$$}" )
+diff -Naur mafft-6.240/src/mafft.tmpl mafft-6.240.new/src/mafft.tmpl
+--- mafft-6.240/src/mafft.tmpl	2007-04-03 19:16:51.000000000 -0400
++++ mafft-6.240.new/src/mafft.tmpl	2008-09-05 17:18:04.000000000 -0400
+@@ -240,11 +240,14 @@
+ 		shift   
+ 	done;
+ 
+-#	TMPFILE=/tmp/`basename $0`.`whoami`.$$.`date +%y%m%d%H%M%S`
+-	TMPFILE=/tmp/$progname.$$
++        # create temporary directory; terminate script in case of failure
++	if ! TMPFILE=`mktemp -dt $progname.XXXXXXXXXX`; then
++          echo "Failed to create temporary directory"
++          exit 1
++        fi
++
+ 	umask 077
+-	mkdir  $TMPFILE  || er=1
+-	trap "rm -r $TMPFILE " 0
++	trap "rm -rf $TMPFILE " 0
+ 	if [ $# -eq 1 ]; then
+ 		if [ -r "$1" -o "$1" = - ]; then
+ 			cat "$1" | tr "\r" "\n" > $TMPFILE/infile 
diff --git a/sci-biology/mafft/mafft-5.861-r1.ebuild b/sci-biology/mafft/mafft-5.861-r1.ebuild
deleted file mode 100644
index fdf6396c96cb..000000000000
--- a/sci-biology/mafft/mafft-5.861-r1.ebuild
+++ /dev/null
@@ -1,31 +0,0 @@
-# Copyright 1999-2007 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/mafft-5.861-r1.ebuild,v 1.2 2007/10/10 10:23:40 markusle Exp $
-
-inherit toolchain-funcs multilib
-
-DESCRIPTION="Multiple sequence alignments using a variety of algorithms"
-HOMEPAGE="http://align.bmr.kyushu-u.ac.jp/mafft/software/"
-SRC_URI="http://align.bmr.kyushu-u.ac.jp/mafft/software/${P}-src.tgz"
-LICENSE="free-noncomm"
-SLOT="0"
-KEYWORDS="~x86"
-IUSE=""
-RDEPEND=""
-DEPEND="${RDEPEND}"
-
-src_compile() {
-	cd src
-	emake \
-		PREFIX="/usr/$(get_libdir)/${PN}" \
-		CC="$(tc-getCC)" \
-		CFLAG="${CFLAGS}" \
-		|| die "make failed"
-}
-
-src_install() {
-	pushd src
-	emake PREFIX="${D}usr/$(get_libdir)/${PN}" install || die "install failed"
-	popd
-	dodoc readme
-}
diff --git a/sci-biology/mafft/mafft-6.240.ebuild b/sci-biology/mafft/mafft-6.240-r1.ebuild
index ed0f76d02d47..84c9ce1cb3ac 100644
--- a/sci-biology/mafft/mafft-6.240.ebuild
+++ b/sci-biology/mafft/mafft-6.240-r1.ebuild
@@ -1,8 +1,8 @@
-# Copyright 1999-2007 Gentoo Foundation
+# Copyright 1999-2008 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/mafft-6.240.ebuild,v 1.1 2007/10/10 10:23:40 markusle Exp $
+# $Header: /var/cvsroot/gentoo-x86/sci-biology/mafft/mafft-6.240-r1.ebuild,v 1.1 2008/09/23 01:32:55 markusle Exp $
 
-inherit toolchain-funcs multilib
+inherit toolchain-funcs multilib eutils
 
 DESCRIPTION="Multiple sequence alignments using a variety of algorithms"
 HOMEPAGE="http://align.bmr.kyushu-u.ac.jp/mafft/software/"
@@ -14,6 +14,13 @@ IUSE=""
 RDEPEND=""
 DEPEND="${RDEPEND}"
 
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+	epatch "${FILESDIR}"/${P}-mktemp.patch
+}
+
 src_compile() {
 	cd src
 	emake \
author	Markus Dittrich <markusle@gentoo.org>	2008-09-23 01:32:55 +0000
committer	Markus Dittrich <markusle@gentoo.org>	2008-09-23 01:32:55 +0000
commit	923bd1cae50c316ddbd8eac792c52847746ba80d (patch)
tree	14826ed9e360f8800d24d8d91077e14e2e0ff182 /sci-biology
parent	amd64 stable (bug 328272) (diff)
download	gentoo-2-923bd1cae50c316ddbd8eac792c52847746ba80d.tar.gz gentoo-2-923bd1cae50c316ddbd8eac792c52847746ba80d.tar.bz2 gentoo-2-923bd1cae50c316ddbd8eac792c52847746ba80d.zip