On Mon, 28 Apr 2025 20:08:05 +0200, Theo Buehler <t...@theobuehler.org> wrote: > > On Mon, Apr 28, 2025 at 01:14:03PM +0200, Kirill A. Korinsky wrote: > > ports@, > > > > here a minor update for archivers/bzip3 to 1.5.2 > > > > Changes: > > > > v1.1.2: > > * fix memory UB in libsais > > * restructure src/cm.c > > * block size check in src/libbz3.c > > * fix shift UB in lzp > > * -h/-v CLI switches > > * change maximum block size to ~512M > > > > tested on -current/amd64, works. > > > > Also, /usr/src/lib/check_sym doesn't pick any changes in libraries, and > > sources had only one internally used .h file to be chnaged in this release: > > https://github.com/kspalaiologos/bzip3/compare/1.5.1...1.5.2#diff-b6f1ba1afa0ca630e1b50a4d39ede5448cf73f6cab20da49aa9a7447c7efe4e4 > > > > All of this leads to a conclusion that no need to increase SHARED_LIBS. > > Since it's not a public header, the changes in there don't matter > ABI-wise. But do you really want to commit a piece of software that > does this? > > *strp = (char *) malloc(len + 1); > - if (!*strp) return -1; > + if (!*strp) { > + memcpy(*strp, yarg_oom, sizeof(yarg_oom)); >
I had missed it. Well... I think it is a wise idea to skip this update and ask upstream. But I'm surprised to say the least. -- wbr, Kirill
