Arch Linux User Repository

Hi utkarsh,

unfortunately, I cannot reproduce your issue.

Please try building in a clean chroot.

Hi @respiranto,

First of all, thank you for maintaining this package.

Even using 'makepkg -C' gives the following error:

cc1: fatal error: grind-wnlex.c: No such file or directory

Building works here. Please try `makepkg -C' to clean remnants of old builds.

when I update aur/dict-wn 3.1-4 to 3.1-5,console output :

libtool: Version mismatch error. This is libtool 2.4.6, but thelibtool: definition of this LT_INIT comes from libtool 2.4.6.42-b88ce-dirty.

@Stebalien

The Debian "orig" is a mixture of several upstreams (most of which are probably internal to Debian), plus apparently some modification.

The following patches do nevertheless apply:

• 20_doc_man_wninput.patch
• 20_include_wn.h.patch
• 20_src_stubs_c.patch
• 20_src_wnb.patch
• 40_doc_man_fix_names.patch
• 41_doc_man_fix_names.patch
• 50_CVE-2008-2149_buffer_overflows.patch
• 51_overflows_memcpy.patch
• 51_overflows.patch
• 52_wordnet3.0_lib_search_c_memory_patch
• 60_gcc-4.6.patch

I assume the Guix patches are equivalent to:

• 50_CVE-2008-2149_buffer_overflows.patch
• 51_overflows_memcpy.patch
• 51_overflows.patch

I suggest applying further:

• bugs:
  • 52_wordnet3.0_lib_search_c_memory_patch
  • 60_gcc-4.6.patch
    • possibly followed by "sed -Ei 's/\<puts(([^ ,)]*))/fputs(\1, stdout)/' src/wn.c"
• man pages:
  • 20_doc_man_wninput.patch
  • 40_doc_man_fix_names.patch
  • 41_doc_man_fix_names.patch

@respiranto

Thanks for digging into that!

I've applied the patches from Guix. Unfortunately, I couldn't get the Debian ones to apply (not sure what "orig" is supposed to mean, but it definitely doesn't mean "original source" in this case).

Most patches are rather small.

I have read through all but the following (large ones):

• 51_overflows_memcpy
• 52_wordnet3.0_lib_search_c_memory_patch

The others I deem fine.

Possibly relevant patches:

• security:

  • 50_CVE-2008-2149_buffer_overflows.patch
  • 51_overflows_memcpy.patch (large patch, by oCert)
  • 51_overflows.patch
  • 60_gcc-4.6.patch
    • incorrectly replaces printf(.) by puts(.) (newline added)

• possibly security:

  • 52_wordnet3.0_lib_search_c_memory_patch

• other bugs in code:

  • 30_src_grind.patch
    • the summary is wrong, this does fix two bugs

• bugs in the data:

  • 20_adj.all_fix.patch
  • 20_verb.social_fix.patch

• man pages:

  • 20_doc_man_wninput.patch - man page section names
  • 40_doc_man_fix_names.patch - man page NAMEs
  • 41_doc_man_fix_names.patch - man page formatting

• other (likely unneeded):

  • 01_tcltk8.6.patch
    • i.a., adds -DUSE_INTERP_RESULT to Makefile.am
  • 20_include_wn.h.patch
  • 90_prevent_parallel_build.patch
    • @Stebalien Did you do something to make your PKGBUILD work with `-jN', N > 1?
    • Does not affect Makefile.am.

@respiranto any specific patches? Debian has a pretty terrible track record. They tend to:

1. Run a bunch of static analyzers.
2. Apply any suggested fixes without thinking.

(introducing security vulnerabilities in the process)

The few patches I sampled were things like "make this thing const".

I'd like to suggest using some of the patches provided by Debian [0], some of which address security issues. See also the dict-wn PKGBUILD [1] (which I just adapted to use the Debian patches).

[0] https://packages.debian.org/sid/wordnet

[1] https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=dict-wn

Thanks for reporting the issue.

The error's cause is actually in general serious. However, the affected files were only built, but not used, previously.

I have uploaded a new version where the issues are fixed, and the files not built anymore (See also `git log').

Btw, there should not have been a need for `sudo' in your command.