dev-libs/protobuf-c: backport memory corruption fix

Note that this *doesn't* fix bug #946366, I just initially thought it did,
so I mentioned it there.

Bug: https://bugs.gentoo.org/946366
Signed-off-by: Sam James <sam@gentoo.org>

2 files changed, 110 insertions, 0 deletions

diff --git a/dev-libs/protobuf-c/files/protobuf-c-1.5.0-free-corruption.patch b/dev-libs/protobuf-c/files/protobuf-c-1.5.0-free-corruption.patch
new file mode 100644
index 000000000000..c6795231bbfc
--- /dev/null
+++ b/dev-libs/protobuf-c/files/protobuf-c-1.5.0-free-corruption.patch
@@ -0,0 +1,44 @@
+https://github.com/protobuf-c/protobuf-c/issues/690
+https://github.com/protobuf-c/protobuf-c/pull/703
+
+From 55c8b0dc688b070f4fa860d055a6365c0ae11bb3 Mon Sep 17 00:00:00 2001
+From: Stephan Mueller <smueller@chronox.de>
+Date: Sun, 21 Jan 2024 11:04:34 +0100
+Subject: [PATCH] Fix memory corruption by initlizalizing pointer
+
+A memory corruption in protobuf_c_message_free_unpacked happens at the
+following line:
+
+        if (message->unknown_fields != NULL)
+                do_free(allocator, message->unknown_fields);
+
+The do_free will free ->unknown_fields. This is may be wrong, because
+protobuf_c_message_unpack uses malloc as the default allocator, allocates
+rv with malloc. At the end, however, ->unknown_fields is only initialized
+if there are some. That means if there are no such fields ->unknown_fields
+is an uninitialized pointer.
+
+The patch initializes the pointer to NULL to ensure the check before free
+is performed on initialized memory in case there is no unknown_field.
+
+This fixes https://github.com/protobuf-c/protobuf-c/issues/690
+
+Signed-off-by: Stephan Mueller <smueller@chronox.de>
+---
+ protobuf-c/protobuf-c.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/protobuf-c/protobuf-c.c b/protobuf-c/protobuf-c.c
+index 776ee4fb..0c18f89b 100644
+--- a/protobuf-c/protobuf-c.c
++++ b/protobuf-c/protobuf-c.c
+@@ -3278,6 +3278,8 @@ protobuf_c_message_unpack(const ProtobufCMessageDescriptor *desc,
+ 					      n_unknown * sizeof(ProtobufCMessageUnknownField));
+ 		if (rv->unknown_fields == NULL)
+ 			goto error_cleanup;
++	} else {
++		rv->unknown_fields = NULL;
+ 	}
+ 
+ 	/* do real parsing */
+
diff --git a/dev-libs/protobuf-c/protobuf-c-1.5.0-r4.ebuild b/dev-libs/protobuf-c/protobuf-c-1.5.0-r4.ebuild
new file mode 100644
index 000000000000..d2ebd1a4e5f0
--- /dev/null
+++ b/dev-libs/protobuf-c/protobuf-c-1.5.0-r4.ebuild
@@ -0,0 +1,66 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# Check 'next' branch for backports.
+
+inherit autotools flag-o-matic multilib-minimal
+
+MY_PV="${PV/_/-}"
+MY_P="${PN}-${MY_PV}"
+
+DESCRIPTION="Protocol Buffers implementation in C"
+HOMEPAGE="https://github.com/protobuf-c/protobuf-c"
+SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${MY_PV}/${MY_P}.tar.gz"
+S="${WORKDIR}/${MY_P}"
+
+LICENSE="BSD-2"
+# Subslot == SONAME version
+SLOT="0/1.0.0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~loong ~mips ~ppc64 ~riscv ~sparc ~x86"
+IUSE="static-libs"
+
+BDEPEND="
+	>=dev-libs/protobuf-3:0
+	virtual/pkgconfig
+"
+DEPEND="
+	>=dev-libs/protobuf-3:0=[${MULTILIB_USEDEP}]"
+# NOTE
+# protobuf links to abseil-cpp libraries via it's .pc files.
+# To cause rebuild when the abseil-cpp version changes we add it to RDEPEND only.
+RDEPEND="${DEPEND}
+	dev-cpp/abseil-cpp:=[${MULTILIB_USEDEP}]
+"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-1.5.0-Clean-CMake.patch"
+	"${FILESDIR}/${P}-free-corruption.patch"
+)
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	# Workaround for bug #946366
+	append-flags $(test-flags-CC -fzero-init-padding-bits=unions)
+
+	multilib-minimal_src_configure
+}
+
+multilib_src_configure() {
+	local myeconfargs=(
+		$(use_enable static-libs static)
+		--enable-year2038
+	)
+
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+}
+
+multilib_src_install_all() {
+	find "${ED}" -name '*.la' -type f -delete || die
+	einstalldocs
+}