cnid_dbd: Set explicit max length of db_params to prevent buffer overflow #3686
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Checks | |
on: | |
push: | |
branches: | |
- main | |
- branch-* | |
paths-ignore: | |
- "CONTRIBUTORS" | |
- "COPYING" | |
- "COPYRIGHT" | |
- "Dockerfile" | |
- "INSTALL.md" | |
- "NEWS" | |
- "README.md" | |
pull_request: | |
branches: | |
- main | |
- branch-* | |
types: | |
- opened | |
- synchronize | |
- reopened | |
paths-ignore: | |
- "CONTRIBUTORS" | |
- "COPYING" | |
- "COPYRIGHT" | |
- "Dockerfile" | |
- "INSTALL.md" | |
- "NEWS" | |
- "README.md" | |
env: | |
APT_PACKAGES: | | |
bison \ | |
cmark-gfm \ | |
cracklib-runtime \ | |
docbook-xsl \ | |
file \ | |
flex \ | |
libacl1-dev \ | |
libavahi-client-dev \ | |
libcrack2-dev \ | |
libcups2-dev \ | |
libdb-dev \ | |
libdbus-1-dev \ | |
libevent-dev \ | |
libgcrypt-dev \ | |
libglib2.0-dev \ | |
libkrb5-dev \ | |
libldap2-dev \ | |
libmariadb-dev \ | |
libpam0g-dev \ | |
libtalloc-dev \ | |
libtirpc-dev \ | |
libtracker-sparql-3.0-dev \ | |
libwolfssl-dev \ | |
libwrap0-dev \ | |
meson \ | |
nettle-dev \ | |
ninja-build \ | |
quota \ | |
systemtap-sdt-dev \ | |
tcpd \ | |
tracker \ | |
tracker-miner-fs \ | |
unicode-data \ | |
xsltproc | |
jobs: | |
build-alpine: | |
name: Alpine Linux | |
runs-on: ubuntu-latest | |
container: | |
image: alpine:latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: | | |
apk add \ | |
acl-dev \ | |
avahi-compat-libdns_sd \ | |
avahi-dev \ | |
bison \ | |
build-base \ | |
cracklib \ | |
cracklib-dev \ | |
cracklib-words \ | |
cups \ | |
cups-dev \ | |
curl \ | |
db-dev \ | |
dbus-dev \ | |
docbook-xsl \ | |
flex \ | |
gcc \ | |
krb5-dev \ | |
libevent-dev \ | |
libgcrypt-dev \ | |
libtirpc-dev \ | |
libtracker \ | |
libxslt \ | |
linux-pam-dev \ | |
mariadb-dev \ | |
meson \ | |
nettle-dev \ | |
ninja \ | |
openldap-dev \ | |
openrc \ | |
perl \ | |
pkgconfig \ | |
rpcsvc-proto-dev \ | |
talloc-dev \ | |
tracker \ | |
tracker-dev \ | |
tracker-miners \ | |
unicode-character-database | |
- name: Configure | |
run: | | |
meson setup build \ | |
-Dwith-appletalk=true \ | |
-Dwith-tests=true | |
- name: Build | |
run: meson compile -C build | |
- name: Run tests | |
run: cd build && meson test | |
- name: Install | |
run: meson install -C build | |
- name: Start netatalk | |
run: | | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
- name: Uninstall | |
run: ninja -C build uninstall | |
build-archlinux: | |
name: Arch Linux | |
runs-on: ubuntu-latest | |
container: | |
image: archlinux:latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: | | |
pacman -Sy --noconfirm \ | |
avahi \ | |
cmark-gfm \ | |
cracklib \ | |
cups \ | |
db \ | |
docbook-xsl \ | |
gcc \ | |
libxslt \ | |
mariadb-clients \ | |
meson \ | |
nettle \ | |
ninja \ | |
perl \ | |
pkgconfig \ | |
rpcsvc-proto \ | |
unicode-character-database | |
- name: Configure | |
run: | | |
meson setup build \ | |
-Dwith-afpstats=false \ | |
-Dwith-appletalk=true \ | |
-Dwith-docbook-path=/usr/share/xml/docbook/xsl-stylesheets-1.79.2 \ | |
-Dwith-init-hooks=false \ | |
-Dwith-tests=true | |
- name: Build | |
run: meson compile -C build | |
- name: Run tests | |
run: cd build && meson test | |
- name: Install | |
run: meson install -C build | |
- name: Start netatalk | |
run: | | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
- name: Uninstall | |
run: ninja -C build uninstall | |
build-debian: | |
name: Debian Linux | |
runs-on: ubuntu-latest | |
container: | |
image: debian:latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: | | |
apt-get update | |
apt-get install --assume-yes --no-install-recommends ${{ env.APT_PACKAGES }} | |
- name: Configure | |
run: | | |
meson setup build \ | |
-Dwith-appletalk=true \ | |
-Dwith-init-hooks=false \ | |
-Dwith-init-style=debian-sysv,systemd \ | |
-Dwith-pkgconfdir-path=/etc/netatalk \ | |
-Dwith-tests=true | |
- name: Build | |
run: meson compile -C build | |
- name: Run tests | |
run: cd build && meson test | |
- name: Install | |
run: meson install -C build | |
- name: Start netatalk | |
run: | | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
- name: Uninstall | |
run: ninja -C build uninstall | |
build-fedora: | |
name: Fedora Linux | |
runs-on: ubuntu-latest | |
container: | |
image: fedora:latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: | | |
dnf --setopt=install_weak_deps=False --assumeyes install \ | |
avahi-devel \ | |
bison \ | |
chkconfig \ | |
cracklib-devel \ | |
cups-devel \ | |
dbus-devel \ | |
docbook-style-xsl \ | |
flex \ | |
glib2-devel \ | |
krb5-devel \ | |
libacl-devel \ | |
libdb-devel \ | |
libgcrypt-devel \ | |
libtalloc-devel \ | |
libxslt \ | |
mariadb-connector-c-devel \ | |
meson \ | |
nettle-devel \ | |
ninja-build \ | |
openldap-devel \ | |
openssl-devel \ | |
pam-devel \ | |
perl \ | |
perl-Net-DBus \ | |
quota-devel \ | |
systemd \ | |
systemtap-sdt-devel \ | |
tracker \ | |
tracker-devel \ | |
unicode-ucd | |
- name: Configure | |
run: | | |
meson setup build \ | |
-Dwith-appletalk=true \ | |
-Dwith-init-hooks=false \ | |
-Dwith-tests=true | |
- name: Build | |
run: meson compile -C build | |
- name: Run tests | |
run: cd build && meson test | |
- name: Install | |
run: sudo meson install -C build | |
- name: Start netatalk | |
run: | | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
- name: Uninstall | |
run: sudo ninja -C build uninstall | |
build-opensuse: | |
name: openSUSE Linux | |
runs-on: ubuntu-latest | |
container: | |
image: opensuse/tumbleweed:latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: | | |
zypper in -y \ | |
bison \ | |
cracklib-devel \ | |
dbus-1-devel \ | |
docbook-xsl-stylesheets \ | |
file \ | |
flex \ | |
gawk \ | |
gcc \ | |
libacl-devel \ | |
libavahi-devel \ | |
libdb-4_8-devel \ | |
libevent-devel \ | |
libgcrypt-devel \ | |
libmariadb-devel \ | |
libnettle-devel \ | |
libtalloc-devel \ | |
libtdb-devel \ | |
libtracker-sparql-3_0-0 \ | |
libxslt-tools \ | |
meson \ | |
ninja \ | |
openldap2-devel \ | |
pam-devel \ | |
perl \ | |
pkg-config \ | |
systemd \ | |
systemtap-sdt-devel \ | |
tcpd-devel \ | |
tracker \ | |
unicode-ucd | |
- name: Configure | |
run: | | |
meson setup build \ | |
-Dwith-appletalk=true \ | |
-Dwith-docbook-path=/usr/share/xml/docbook/stylesheet/nwalsh/1.79.2 \ | |
-Dwith-init-hooks=false \ | |
-Dwith-tests=true | |
- name: Build | |
run: meson compile -C build | |
- name: Run tests | |
run: cd build && meson test | |
- name: Install | |
run: meson install -C build | |
- name: Start netatalk | |
run: | | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
- name: Uninstall | |
run: ninja -C build uninstall | |
build-ubuntu: | |
name: Ubuntu Linux | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install --assume-yes --no-install-recommends ${{ env.APT_PACKAGES }} | |
- name: Configure | |
run: | | |
meson setup build \ | |
-Dwith-appletalk=true \ | |
-Dwith-init-hooks=false \ | |
-Dwith-manual-l10n=ja \ | |
-Dwith-tests=true | |
- name: Build | |
run: meson compile -C build | |
- name: Run distribution tests | |
run: cd build && meson dist | |
- name: Install | |
run: sudo meson install -C build | |
- name: Start netatalk | |
run: | | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
sudo systemctl start netatalk | |
sleep 1 | |
asip-status localhost | |
- name: Stop netatalk | |
run: sudo systemctl stop netatalk | |
- name: Uninstall | |
run: sudo ninja -C build uninstall | |
build-macos: | |
name: macOS | |
runs-on: macos-latest | |
env: | |
HOMEBREW_NO_INSTALL_CLEANUP: 1 | |
HOMEBREW_NO_AUTO_UPDATE: 1 | |
HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: | | |
brew install berkeley-db cmark-gfm docbook-xsl libxslt meson mysql talloc wolfssl | |
wget https://www.unicode.org/Public/UNIDATA/UnicodeData.txt | |
- name: Configure | |
run: | | |
meson setup build \ | |
-Dwith-appletalk=true \ | |
-Dwith-tests=true | |
- name: Build | |
run: meson compile -C build | |
- name: Run tests | |
run: cd build && meson test | |
- name: Install | |
run: sudo meson install -C build | |
- name: Start netatalk | |
run: | | |
/opt/homebrew/sbin/netatalk -V | |
/opt/homebrew/sbin/afpd -V | |
sudo netatalkd start | |
sleep 1 | |
asip-status localhost | |
- name: Stop netatalk | |
run: sudo netatalkd stop | |
- name: Uninstall | |
run: sudo ninja -C build uninstall | |
build-dflybsd: | |
name: DragonflyBSD | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Build on VM | |
uses: vmactions/[email protected] | |
with: | |
copyback: false | |
usesh: true | |
prepare: | | |
pkg install -y \ | |
avahi \ | |
bison \ | |
db5 \ | |
docbook-xsl \ | |
krb5-devel \ | |
libevent \ | |
libgcrypt \ | |
libxslt \ | |
meson \ | |
mysql80-client \ | |
nettle \ | |
openldap26-client \ | |
perl5 \ | |
pkgconf \ | |
py39-gdbm \ | |
py39-sqlite3 \ | |
py39-tkinter \ | |
talloc \ | |
tracker3 \ | |
wget \ | |
wolfssl | |
run: | | |
set -e | |
wget https://www.unicode.org/Public/UNIDATA/UnicodeData.txt | |
meson setup build \ | |
-Dwith-appletalk=true | |
meson compile -C build | |
meson install -C build | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
ninja -C build uninstall | |
build-freebsd: | |
name: FreeBSD | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Build on VM | |
uses: vmactions/[email protected] | |
with: | |
copyback: false | |
prepare: | | |
pkg install -y \ | |
avahi \ | |
bison \ | |
db5 \ | |
docbook-xsl \ | |
flex \ | |
libevent \ | |
libgcrypt \ | |
libxslt \ | |
meson \ | |
mysql84-client \ | |
nettle \ | |
openldap26-client-2.6.8 \ | |
p5-Net-DBus \ | |
perl5 \ | |
pkgconf \ | |
talloc \ | |
tracker3 \ | |
wget \ | |
wolfssl | |
run: | | |
set -e | |
wget https://www.unicode.org/Public/UNIDATA/UnicodeData.txt | |
meson setup build \ | |
-Dpkg_config_path=/usr/local/libdata/pkgconfig \ | |
-Dwith-appletalk=true | |
meson compile -C build | |
meson install -C build | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
/usr/local/etc/rc.d/netatalk start | |
sleep 1 | |
/usr/local/bin/asip-status localhost | |
/usr/local/etc/rc.d/netatalk stop | |
/usr/local/etc/rc.d/netatalk disable | |
ninja -C build uninstall | |
build-netbsd: | |
name: NetBSD | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Build on VM | |
uses: vmactions/[email protected] | |
with: | |
release: "9.4" | |
copyback: false | |
prepare: | | |
pkg_add \ | |
avahi \ | |
bison \ | |
db5 \ | |
docbook-xsl \ | |
flex \ | |
gcc13 \ | |
gnome-tracker \ | |
libcups \ | |
libevent \ | |
libgcrypt \ | |
libxslt \ | |
meson \ | |
mysql-client \ | |
nettle \ | |
p5-Net-DBus \ | |
perl \ | |
pkg-config \ | |
talloc \ | |
tex-unicode-data | |
run: | | |
set -e | |
meson setup build \ | |
-Dpkg_config_path=/usr/pkg/lib/pkgconfig \ | |
-Dwith-appletalk=true \ | |
-Dwith-dtrace=false \ | |
-Dwith-tests=true | |
meson compile -C build | |
cd build && meson test | |
cd .. | |
meson install -C build | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
service netatalk onestart | |
sleep 1 | |
asip-status localhost | |
service netatalk onestop | |
ninja -C build uninstall | |
build-openbsd: | |
name: OpenBSD | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Build on VM | |
uses: vmactions/[email protected] | |
with: | |
copyback: false | |
prepare: | | |
pkg_add -I \ | |
avahi \ | |
bison \ | |
db-4.6.21p7v0 \ | |
dbus \ | |
docbook-xsl \ | |
gcc-11.2.0p11 \ | |
libevent \ | |
libgcrypt \ | |
libnettle \ | |
libtalloc \ | |
libxslt \ | |
mariadb-client \ | |
meson \ | |
openldap-client-2.6.7v0 \ | |
openpam \ | |
p5-Net-DBus \ | |
pkgconf \ | |
tracker3 \ | |
wget | |
run: | | |
set -e | |
wget https://www.unicode.org/Public/UNIDATA/UnicodeData.txt | |
meson setup build \ | |
-Dpkg_config_path=/usr/local/lib/pkgconfig \ | |
-Dwith-appletalk=true | |
meson compile -C build | |
meson install -C build | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
rcctl -d start netatalk | |
sleep 1 | |
asip-status localhost | |
rcctl -d stop netatalk | |
rcctl -d disable netatalk | |
ninja -C build uninstall | |
build-omnios: | |
name: OmniOS | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Build on VM | |
uses: vmactions/[email protected] | |
with: | |
copyback: false | |
prepare: | | |
pkg install \ | |
build-essential \ | |
pkg-config | |
curl -O https://pkgsrc.smartos.org/packages/SmartOS/bootstrap/bootstrap-trunk-x86_64-20240116.tar.gz | |
tar -zxpf bootstrap-trunk-x86_64-20240116.tar.gz -C / | |
export PATH=/opt/local/sbin:/opt/local/bin:/usr/gnu/bin:/usr/bin:/usr/sbin:/sbin:$PATH | |
pkgin -y install \ | |
avahi \ | |
docbook-xsl \ | |
gnome-tracker \ | |
libevent \ | |
libgcrypt \ | |
libxslt \ | |
meson \ | |
mysql-client \ | |
nettle \ | |
talloc | |
run: | | |
set -e | |
export PATH=/opt/local/sbin:/opt/local/bin:/usr/gnu/bin:/usr/bin:/usr/sbin:/sbin:$PATH | |
wget https://www.unicode.org/Public/UNIDATA/UnicodeData.txt | |
meson setup build \ | |
-Dpkg_config_path=/opt/local/lib/pkgconfig \ | |
-Dwith-appletalk=true \ | |
-Dwith-ldap-path=/opt/local | |
meson compile -C build | |
meson install -C build | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
sleep 1 | |
svcadm enable svc:/network/netatalk:default | |
sleep 1 | |
/usr/local/bin/asip-status localhost | |
svcadm disable svc:/network/netatalk:default | |
ninja -C build uninstall | |
build-solaris: | |
name: Solaris | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Build on VM | |
uses: vmactions/[email protected] | |
with: | |
copyback: false | |
prepare: | | |
pkg install \ | |
bison \ | |
flex \ | |
gcc \ | |
libevent \ | |
libgcrypt \ | |
nettle \ | |
ninja \ | |
pkg-config \ | |
python/pip \ | |
wget | |
pip install meson | |
run: | | |
set -e | |
wget https://www.unicode.org/Public/UNIDATA/UnicodeData.txt | |
meson setup build \ | |
-Dpkg_config_path=/usr/lib/amd64/pkgconfig \ | |
-Dwith-afpstats=false \ | |
-Dwith-appletalk=true \ | |
-Dwith-docbook-path=/usr/share/sgml/docbook/xsl-stylesheets \ | |
-Dwith-tests=true | |
meson compile -C build | |
cd build && meson test | |
cd .. | |
meson install -C build | |
/usr/local/sbin/netatalk -V | |
/usr/local/sbin/afpd -V | |
sleep 1 | |
svcadm enable svc:/network/netatalk:default | |
sleep 1 | |
/usr/local/bin/asip-status localhost | |
svcadm disable svc:/network/netatalk:default | |
ninja -C build uninstall | |
static_analysis: | |
name: Static Analysis | |
runs-on: ubuntu-latest | |
env: | |
# Directory where build-wrapper output will be placed | |
BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory | |
if: ${{ !github.event.pull_request.head.repo.fork }} # Run only if not originating from a fork | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
# Check out commit history for all branches and tags, for a better relevancy of analysis | |
fetch-depth: 0 | |
- name: Install dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install --assume-yes --no-install-recommends ${{ env.APT_PACKAGES }} | |
- name: Install sonar-scanner and build-wrapper | |
uses: SonarSource/sonarcloud-github-c-cpp@v3 | |
- name: Run build-wrapper | |
run: | | |
mkdir -p ${{ env.BUILD_WRAPPER_OUT_DIR }} | |
meson setup build \ | |
-Dwith-appletalk=true \ | |
-Dwith-init-style=none \ | |
-Dwith-tests=true | |
build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} meson compile -C build | |
- name: Run sonar-scanner | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
run: | | |
sonar-scanner --define sonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json" |